urlscan.io logo urlscan.io
SecurityTrails logo

www.ph143ag1.com Open in urlscan Pro
2606:4700:3037::6815:172e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://lucky0018a.bingo/
Effective URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Submission: On June 25 via api from BE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 110 HTTP transactions. The main IP is 2606:4700:3037::6815:172e, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ph143ag1.com.
TLS certificate: Issued by GTS CA 1P5 on May 8th 2024. Valid for: 3 months.
This is the only time www.ph143ag1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
63 2606:4700:303... 13335 (CLOUDFLAR...)
3 104.17.25.14 13335 (CLOUDFLAR...)
13 52.195.86.179 16509 (AMAZON-02)
19 2606:4700:20:... 13335 (CLOUDFLAR...)
11 13.32.99.120 16509 (AMAZON-02)
1 13.115.148.249 16509 (AMAZON-02)
110 7
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
lucky0018a.bingo
63    2606:4700:3037::6815:172e (United States)

ASN13335 (CLOUDFLARENET, US)
www.ph143ag1.com
3    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
13    52.195.86.179 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-195-86-179.ap-northeast-1.compute.amazonaws.com
app.chatplus.jp
19    2606:4700:20::681a:113 (United States)

ASN13335 (CLOUDFLARENET, US)
images.11029984.com
11    13.32.99.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-120.fra60.r.cloudfront.net
appimg.chatplus.jp
1    13.115.148.249 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-148-249.ap-northeast-1.compute.amazonaws.com
app.chatplus.jp
Apex Domain
Subdomains		 Transfer
63 ph143ag1.com
www.ph143ag1.com
8 MB
25 chatplus.jp
app.chatplus.jp — Cisco Umbrella Rank: 299562
appimg.chatplus.jp — Cisco Umbrella Rank: 424465
387 KB
19 11029984.com
images.11029984.com — Cisco Umbrella Rank: 68580
3 MB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 268
49 KB
1 lucky0018a.bingo
lucky0018a.bingo
458 B
110 5
Domain Requested by
63 www.ph143ag1.com www.ph143ag1.com
19 images.11029984.com www.ph143ag1.com
14 app.chatplus.jp www.ph143ag1.com
app.chatplus.jp
appimg.chatplus.jp
11 appimg.chatplus.jp app.chatplus.jp
appimg.chatplus.jp
3 cdnjs.cloudflare.com www.ph143ag1.com
1 lucky0018a.bingo 1 redirects
110 6

This site contains links to these domains. Also see Links.

Domain
campaign.ybgaming777.net
Subject Issuer Validity Valid
ph143ag1.com
GTS CA 1P5		 2024-05-08 -
2024-08-06		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
*.chatplus.jp
FujiSSL Public Validation Authority - G3		 2024-03-22 -
2025-04-11		 a year crt.sh
11029984.com
WE1		 2024-06-22 -
2024-09-20		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Frame ID: 8BE4301E959DC12BF2ADA9212240ECEC
Requests: 113 HTTP requests in this frame

Frame: https://app.chatplus.jp/chat/visitor/573871f0_5/c?pt=ph143&pu=https%3A%2F%2Fwww.ph143ag1.com%2Fm%2Fhome%3FaffiliateCode%3Ddxin005&pr=&c=m3mmyv4l7i13vq2pzzlt573871f0
Frame ID: 07531E89D09064604A9E917CAAA97C63
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ph143

Page URL History Show full URLs

  1. https://lucky0018a.bingo/ HTTP 301
    http://www.ph143ag1.com/m/home?affiliateCode=dxin005 HTTP 307
    https://www.ph143ag1.com/m/home?affiliateCode=dxin005 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

110
Requests

100 %
HTTPS

43 %
IPv6

5
Domains

6
Subdomains

7
IPs

3
Countries

11397 kB
Transfer

17059 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://lucky0018a.bingo/ HTTP 301
    http://www.ph143ag1.com/m/home?affiliateCode=dxin005 HTTP 307
    https://www.ph143ag1.com/m/home?affiliateCode=dxin005 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

110 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request home
www.ph143ag1.com/m/
Redirect Chain
  • https://lucky0018a.bingo/
  • http://www.ph143ag1.com/m/home?affiliateCode=dxin005
  • https://www.ph143ag1.com/m/home?affiliateCode=dxin005
6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8a83837fa54f54c1b4b7fb80ce1a0dcd0d38ed6ee8c3a8e7be3cfe65ee8cfdc
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8992aa081c15b8ca-AMS
content-encoding
gzip
content-type
text/html
date
Tue, 25 Jun 2024 05:47:40 GMT
etag
W/"6673c2eb-18cc"
last-modified
Thu, 20 Jun 2024 05:49:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eR8uvUQbyqMhxcLN4fq1NNoxpyqAdSfHUHyQcpPBo5PGaWbpVeeg9BLSqewJeqhsrg%2BRg%2BvbgUx2f%2B7sSkIOonjvIpnkaKSJAQfAJUbQvuv41VJ%2FUGAvUdNklk%2BVY7UXP9TmRpKIYW6v12xeQntu"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

Location
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Non-Authoritative-Reason
HttpsUpgrades
chunk-common.04ac0e66.css
www.ph143ag1.com/m/ 		60 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/m/chunk-common.04ac0e66.css
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a9b137239a9f6c2b35e22dffad99dfea9387d7181fb01b199b084bea675b720
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
age
6843
last-modified
Thu, 20 Jun 2024 05:49:31 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
W/"6673c2eb-ee6d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xtK2izlFiOubHmuHcHHkTLylS5Lc%2FXo38gVkT7jrUxfBHcqT2KfAfj6fv3YFV3Gevoo%2FVNkMOJTEPecxowX9%2B05h6taSnEP1VWPubWfWPamXJYzgVwqh9UkPIzBt9GiNySf5EfGDcUD%2Bik72rapg"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
cf-ray
8992aa0acf1bb8ca-AMS
expires
Wed, 26 Jun 2024 03:53:37 GMT
app.bc173c92.css
www.ph143ag1.com/m/ 		243 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/m/app.bc173c92.css
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541900f224ddeb67b7c04b47993923c3209fb8fd93e36ca3635fc0a683dfc91a
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
age
34449
last-modified
Thu, 20 Jun 2024 05:49:32 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
W/"6673c2ec-3cbc8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q60SphQzmJHf6MFWh87ldzdgcOg%2FsGYnqUzZfqsp1P%2FZvsHG0XdNT16IyrT57YN6iBimNkGUAsBrBXDdtAsGb6r2VwPvXabqy34DD0KlzI7RJI0cNX6MArhm4Y%2Fa6nobvgBLIgZ8Fu0SKWWs%2FX0c"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
cf-ray
8992aa0acf1cb8ca-AMS
expires
Tue, 25 Jun 2024 20:13:30 GMT
splash.90aee5b7.css
www.ph143ag1.com/m/ 		403 KB
306 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/m/splash.90aee5b7.css
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d1d63e73c39222ae98edbb6569974ba9902f8c7db342b79b53c5749526e5f47
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
last-modified
Thu, 20 Jun 2024 05:49:31 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
W/"6673c2eb-64cef"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ig36Pig7G4NELmbyg7yEhsl3%2FCag8oKoz6My8pnKy38clC1g1IuWoQcdLe6h%2F%2FATnVWfIvY979CX5YGJpqyYp3WP2E0jqd2tDYMCpcpHDKeihqcKr10Lk9HhNNNmR8AbOrKB4qcWuXlu7e%2FYnxgS"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
cf-ray
8992aa0acf1eb8ca-AMS
expires
Wed, 26 Jun 2024 05:47:40 GMT
vendor.encrypt.v2.dll.js
www.ph143ag1.com/m/ 		873 KB
243 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/m/vendor.encrypt.v2.dll.js
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b8d20a503efa0296c8142c5c085b769fe95b69ae27c723647285211259c665e
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
age
34449
last-modified
Thu, 20 Jun 2024 05:49:32 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
W/"6673c2ec-da232"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BRSmcm7%2F%2FfrW3sRZc%2FJ994aZNHGj3zQ8oKY9h93ejWRYBLaO8V7sNI1NyvcEYne2eBSl5seolVSHAblPVFgpnATg%2BpPzWJGU62brFaxRLK7dXjOi%2BRz3JpeSizhrLBYyLsx4UwFhAorC%2BQOrjizC"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
cf-ray
8992aa0acf20b8ca-AMS
expires
Tue, 25 Jun 2024 20:13:31 GMT
chunk-common.327118a2.js
www.ph143ag1.com/m/ 		494 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/m/chunk-common.327118a2.js
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1577a7d9228b6e2daabd27e570099eb12358de59bd46c29f5b0f517c9c61664
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
age
34449
last-modified
Thu, 20 Jun 2024 05:49:32 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
W/"6673c2ec-7b969"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tdd2YJPre6IctFSRmgB4cR1BJx5oRkjcYkESnkux7QzlxhlKVOb7vwBgzS4r12JR1%2BxWe1ku8EU7YNZxrk5VfdxnEc5E1xZ7ke0ixCwp80rzr5ayKH0srj6utHPGQCfk05TQoIEbFG6%2BpWFH3DPn"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
cf-ray
8992aa0acf22b8ca-AMS
expires
Tue, 25 Jun 2024 20:13:31 GMT
app.5c902b96.js
www.ph143ag1.com/m/ 		879 KB
292 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/m/app.5c902b96.js
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27f66f85fb75d2b3b548bc60d01d6aa323b5463f60259b2617c3445c7fee684b
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
age
34449
last-modified
Thu, 20 Jun 2024 05:49:31 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
W/"6673c2eb-dbcce"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Fx3Pe%2Fqz0kBUvB7jfYkXzAyJDm1rWcKAx5v%2FiNoga6jfjxzHUeq9tj9PC7GnutKKbEcPo%2BV%2BqNFJDYG%2FIMRGCH45%2F23KXB1Z0ANeQuJiVRR%2FUkRXDABC1YPCyRpxkZ6Q70LIXWNkiiC243rPfqC"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
cf-ray
8992aa0acf23b8ca-AMS
expires
Tue, 25 Jun 2024 20:13:31 GMT
loadMemberCenter.js
www.ph143ag1.com/mobile/mc/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/mobile/mc/loadMemberCenter.js?v=1719294460708
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b52d83c838950e246a848c78cf7d453709fe344ecb3d4b987c4e3688f82a30b3
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
last-modified
Mon, 24 Jun 2024 06:28:59 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
W/"6679122b-4b66"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rd8mnxXk0IEuBDscruiH%2BMb%2BpQdMkTR8w3SBfsFauH5K6sieuKIxVfsVei5TMQDxN6%2F1UoFdbbs4XJfc0MPr%2FTMhGr0dTwTvnzH%2FZ7v7lribJKxaB%2FUbOEUeQnVq8%2BM3rgIPPWT5j6VgyMDhtT5q"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
x-frame-options
SAMEORIGIN
cf-ray
8992aa0b781eb8ca-AMS
expires
Wed, 26 Jun 2024 05:47:41 GMT
memberCenter.7beb669f.css
www.ph143ag1.com/mobile/mc/ 		946 KB
196 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/mobile/mc/memberCenter.7beb669f.css
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/mobile/mc/loadMemberCenter.js?v=1719294460708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7417ff69c20e0cdb511b5f191fcb79b41ca5080255623b64732251085d969f5f
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
age
79902
last-modified
Mon, 24 Jun 2024 06:28:58 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
W/"6679122a-ec673"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dV6DjfI2sn2HwTrMWXS%2BgdwjlhLQeXRh7239m0t9Fagztr9gYnVHAF8FrExYU1hL9SPPZ4l4lt2iH6i0k%2Fr8tJQyc%2FW9RGwdCy1sGJQrXhnSHL9DtFT%2F8%2B7MuL0jJypF4RbzfSJS4Gn54OHtWeJ8"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
x-frame-options
SAMEORIGIN
cf-ray
8992aa0e1ad5b8ca-AMS
expires
Tue, 25 Jun 2024 07:35:59 GMT
memberCenter.7beb669f.js
www.ph143ag1.com/mobile/mc/ 		1 MB
420 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/mobile/mc/memberCenter.7beb669f.js
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/mobile/mc/loadMemberCenter.js?v=1719294460708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7166e93cb70260b8099f86558aff4e8ba82b46f57609e81e944951e01cc97239
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
text/javascript
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
age
79902
last-modified
Mon, 24 Jun 2024 06:28:59 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
W/"6679122b-15d874"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oeSvltA%2BXfqUW804uPDaUCb5reC17ztQ2XSNrab%2BrI4Hl0Q0xVoKj%2BpFKQ6kSlTHOq%2BHs21QSNNvhcZqTim8RhTBJbK8wib5E7sbomfwpsafP2Tmq16J7eTHbM9kas9%2BnfwU91NMyJxKOt3jW6rw"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
x-frame-options
SAMEORIGIN
cf-ray
8992aa0e1ad8b8ca-AMS
expires
Tue, 25 Jun 2024 07:35:59 GMT
7.c4bb91cb.chunk.js
www.ph143ag1.com/mobile/mc/ 		69 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/mobile/mc/7.c4bb91cb.chunk.js
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3737b9d58fe936ffd50c3b683939bdfca0c0795e930afc187d6e79fce99251d
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
age
7151
last-modified
Mon, 24 Jun 2024 06:28:59 GMT
server
cloudflare
tl-proxy-cache-tier2
HIT
etag
W/"6679122b-114f9"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cr0Wp1ppbJl706KKQTavRzukPlrh7psBrQ1dbgiihMbQz3g2EOB1Cv4JSlyqrBKZI7ydm5M65%2FKJ0AwN6R1yJNn%2FbUoYwbtwCyTb2v9AsH7g2GYdIL5VJqS%2FK4hW6sPbCFA%2BaerbjqZKwtMhDlC7"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
x-frame-options
SAMEORIGIN
cf-ray
8992aa0efbbab8ca-AMS
expires
Wed, 26 Jun 2024 03:48:30 GMT
html2canvas.min.js
cdnjs.cloudflare.com/ajax/libs/html2canvas/1.4.1/ 		194 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/html2canvas/1.4.1/html2canvas.min.js
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e87e550794322e574a1fda0c1549a3c70dae5a93d9113417a429016838eab8cb
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
153
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
37629
last-modified
Sat, 22 Jan 2022 18:00:32 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"61ec4640-92fd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kSMgXGIFv2KUorzE%2BHgZMXxjAkXw7WIZlFiYVBpFCRmWlqulxEGCFeRFIs%2BbHDHhbIvt9i76ELH5ZkRDsDE%2BM%2FHZtwx8EYzLXzuNNVLQV2AjdufKvNExRqr%2BeScWYGhfZb7nAVuJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8992aa14aa4666f0-AMS
expires
Sun, 15 Jun 2025 05:47:42 GMT
compressor.min.js
cdnjs.cloudflare.com/ajax/libs/compressorjs/1.2.1/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/compressorjs/1.2.1/compressor.min.js
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd1b40a1808fb4901bb33f0905305af2e435442ada7afc74f81b0a96f0242f03
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
986749
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3943
last-modified
Tue, 28 Feb 2023 22:35:14 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"63fe81a2-f67"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YJwhqs2MSb%2BOT68M2%2BFZQjRVSsDBWt7Lryi1zBzOx9w8956Zx06HPA84gRA56yVxrDCxlmnYY6t%2BGGhTHdp8NlgrWLAClnF27IiUZsWo1oJbSG2nVC3d%2F8pqZw5c9vXryrwMoNkP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8992aa14aa4566f0-AMS
expires
Sun, 15 Jun 2025 05:47:42 GMT
NoSleep.min.js
cdnjs.cloudflare.com/ajax/libs/nosleep/0.12.0/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/nosleep/0.12.0/NoSleep.min.js
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
887b763e53ecaeba7bdddcacb29f7ffaf9da8a3576c2cca7ea4a1ecd14ff731c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
988409
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6604
last-modified
Wed, 16 Dec 2020 00:34:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fd9562b-415c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BIQKDCF6m%2BZowh1G4Gqdf7w1xJ7PHdplLyvozwrGRFZUvsIdVdjN94FWkoRKUKVY3j6fJc1LQGsFvFhCN%2FY0%2Bq3aPDFGj6SZ1YKCc9hge0mKIofuUbeC1TaTesWrt2bz3p6wbWaN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8992aa14aa4366f0-AMS
expires
Sun, 15 Jun 2025 05:47:42 GMT
lott-js.js
www.ph143ag1.com/lotto/lott-common/ 		574 B
719 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/lotto/lott-common/lott-js.js?t=1719294462158
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff5cdfddeb7284756b0354521e6f1770cfdd89a1fee7273b7cc8a9a360712c37
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
last-modified
Wed, 05 Jun 2024 09:22:58 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
W/"66602e72-23e"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST,PUT,DELETE
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AI9dnh7dfPbVR5XLumT93HuVEZMfYx19upF51EBpXA830I61%2B%2FDMfcHgt8eDk7hOgqIkTOEgi7Z0pKjsCic1doo2hAS%2FPO0aR%2BDSxDiBbSI%2BYnILdax8g5goD595ssjIDOap3iPvDFpYElarV0lW"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
vary
Accept-Encoding
cf-ray
8992aa148a5cb8ca-AMS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 26 Jun 2024 05:47:42 GMT
asset-manifest.json
www.ph143ag1.com/mobile/mc/ 		26 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/mobile/mc/asset-manifest.json?v=7beb669f
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/mobile/mc/loadMemberCenter.js?v=1719294460708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
674bcd0fc09836e6cbf23fb15c6744a5820d9d0b37decc71ec9379fca62bb23f
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
last-modified
Mon, 24 Jun 2024 06:28:58 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
W/"6679122a-6786"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ajy%2FkcsXSAEc5t3ozm66Q1kQprpqvZYlEnJ8e4u9KVf2Pmcd3psgeIxF0ubqDVP2c0KuQv0qHxAq3EvwB%2BPyrnQQCrowizkKTOO2Oa5tEAXqS4LZrwnmmSNzD6Pgujc5O9tfVqwyrIk1%2BrnwmSHA"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
x-frame-options
SAMEORIGIN
cf-ray
8992aa14ead6b8ca-AMS
expires
Wed, 26 Jun 2024 05:47:42 GMT
cp.js
app.chatplus.jp/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.chatplus.jp/cp.js
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.195.86.179 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-195-86-179.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
34fbd5d5f78cc56dbd81df32c3fc767d84c67f253f86e9b6fced760300a1d3af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
content-length
4404
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 01 May 2024 11:51:29 GMT
server
Apache
etag
"39de-617631b63f240-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
expires
Tue, 25 Jun 2024 05:47:42 GMT
ping
www.ph143ag1.com/wps/system/test/ 		222 B
753 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/wps/system/test/ping?
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/chunk-common.327118a2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6652f41cf5c49d62a02522fc5fec11f62ee4e0fe1b50cc6db298bd974a542434
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Merchant
ph143f3

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
x-module-id
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
content-length
222
server
cloudflare
x-app-trace-id
8m973x9344
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2BNjoa1f4qoR2H8v6jsfZjrkcCfLKdQ2synt87A%2BD0o7TA26sZEN67uq43E1ULURhrYW4yVsvHJJRfQALSdUVVeYZHGwmNIBlN%2FtQJOw2YxlNXztR4YsmCFVl6wI%2Bkej026Gm7e2QCUvNW015u3V"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache
cf-ray
8992aa155b39b8ca-AMS
x-robots-tag
noindex,nofollow
access-control-allow-headers
Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-elapsed-time
1
asset-manifest.json
www.ph143ag1.com/m/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/m/asset-manifest.json?t=1719294462291
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/vendor.encrypt.v2.dll.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
546d2701ca082d126fe12f180214b79cf3e1f7f4b599e3b189e05c942797df4d
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Language
EN
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json;charset=utf-8
Merchant
ph143f3
Accept
application/json, text/plain, */*
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
last-modified
Thu, 20 Jun 2024 05:49:32 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
W/"6673c2ec-227d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BV8egNv42lFMnUQIg2NVuufeY5DZfopYjWtX8zA0zbYTQxbAdzw1UVIzFoOknKSZ%2FlA3WsOMZe9VZlRCLnHujMc5UkyqOwgNZCGkc7hET9IvV%2BSaPp92BakMTKvJvuFyw%2Fex8dSB0JsXGX7EwjbP"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
cf-ray
8992aa156b3eb8ca-AMS
expires
Wed, 26 Jun 2024 05:47:42 GMT
asset-manifest.json
www.ph143ag1.com/mobile/mc/ 		26 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/mobile/mc/asset-manifest.json?t=1719294462291
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/vendor.encrypt.v2.dll.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
674bcd0fc09836e6cbf23fb15c6744a5820d9d0b37decc71ec9379fca62bb23f
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Language
EN
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json;charset=utf-8
Merchant
ph143f3
Accept
application/json, text/plain, */*
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
last-modified
Mon, 24 Jun 2024 06:28:58 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
W/"6679122a-6786"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nDYRstXCLIEGOWpLEt8N5REiTy11JA92WRmH4dSFe6XH0IxoMXNPBFVV3lgBeU0QIfOQN1zcO8spv93Bhc2R4L3IrhbXjKmilUOAo1w72JEjtWGmkfvoD8SUOW%2BqRZv8T6ZnZ04A24x9QdwtTZ4U"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
x-frame-options
SAMEORIGIN
cf-ray
8992aa156b3fb8ca-AMS
expires
Wed, 26 Jun 2024 05:47:42 GMT
WPSCORE_getCustomerServiceScript
www.ph143ag1.com/wps/relay/ 		16 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/wps/relay/WPSCORE_getCustomerServiceScript
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/vendor.encrypt.v2.dll.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Language
EN
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json;charset=utf-8
Merchant
ph143f3
Accept
application/json, text/plain, */*
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
x-module-id
COMM3
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
content-length
16
server
cloudflare
x-app-trace-id
56htpx7344
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JwU1fOsJFnQMUVB8od7geGyHCRvKuGpuADw1dCMJJ7I81gQesD%2FvcVtN0aL7LWyMMzUKsI8fXtsHNhv4rTm%2FXADxFzInk9aVbTn9IGZSUY%2B7TvmfWcpaScS2wVhgKGm0L1%2Bil66LbLQN6D7OgBy5"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache
cf-ray
8992aa156b40b8ca-AMS
x-robots-tag
noindex,nofollow
access-control-allow-headers
Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-elapsed-time
4
status
www.ph143ag1.com/wps/system/ 		33 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/wps/system/status?device=MOBILE&originalDomain=dxin005.ph143ag1.com&url=www.ph143ag1.com
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/vendor.encrypt.v2.dll.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f107645bdcdadb23a735aea6e45a8661cd1402484c0d0568ebfad759d9b6dda3
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Language
EN
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json;charset=utf-8
Merchant
ph143f3
Accept
application/json, text/plain, */*
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
x-module-id
COMM3
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
strict-transport-security
max-age=0
server
cloudflare
x-app-trace-id
ehezbx6344
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rRASBA2lh6NYVlD9%2BZdQiUJZ5mB%2FDxCRVJsr88w4ubpka%2FEAUq4lHihemg83uX9Nqj93y681iiNGVU0BWX5VuzbCH6x2rVq1xuO9wqKAZMQL%2B6CkA0fG%2FJ3LobDD9B6RoqVSJtgfMiG6GgPgjRCw"}],"group":"cf-nel","max_age":604800}
x-frame-options
SAMEORIGIN
cache-control
no-cache
cf-ray
8992aa156b41b8ca-AMS
x-robots-tag
noindex,nofollow
access-control-allow-headers
Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-elapsed-time
16
truncated
/ 		302 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76c67498183ab03e6bcb9c70cdc55e4f63fc5089862ad7b7b40b1e833f782d7f

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
splash.90aee5b7.css
www.ph143ag1.com/m/ 		403 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/m/splash.90aee5b7.css
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d1d63e73c39222ae98edbb6569974ba9902f8c7db342b79b53c5749526e5f47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified
Thu, 20 Jun 2024 05:49:31 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
W/"6673c2eb-64cef"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ig36Pig7G4NELmbyg7yEhsl3%2FCag8oKoz6My8pnKy38clC1g1IuWoQcdLe6h%2F%2FATnVWfIvY979CX5YGJpqyYp3WP2E0jqd2tDYMCpcpHDKeihqcKr10Lk9HhNNNmR8AbOrKB4qcWuXlu7e%2FYnxgS"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
cf-ray
8992aa0acf1eb8ca-AMS
expires
Wed, 26 Jun 2024 05:47:40 GMT
lottTranslator.110aeac3.js
www.ph143ag1.com/lotto/lott-common/ 		1 MB
215 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/lotto/lott-common/lottTranslator.110aeac3.js
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/lotto/lott-common/lott-js.js?t=1719294462158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b56e5b39e079583cb009bcb5df27b2c1aa1193f3e9b112a8fe9e0cdfcc938e5
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
age
57574
tl-standard-proxy-cache-tier2
MISS
last-modified
Wed, 05 Jun 2024 09:22:58 GMT
server
cloudflare
etag
W/"66602e72-10fa13"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h8flfWF8ZVgNshPqVe2HK4VO1P8GIcQ%2FCA0f1%2FzNl%2FiMgPLDGyfnXmiGQPIpRWkJN8rgS6KmzpL0gUa0IqLV7SSlVcusjDFZHiAQJj1xgQ1N2FSHMy9pNjUbapes51Fyiuqwr6%2BAbT%2BZhFOFrNs4"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
x-frame-options
SAMEORIGIN
cf-ray
8992aa161bf0b8ca-AMS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Tue, 25 Jun 2024 13:48:08 GMT
bettingCompress.1ab3f580.js
www.ph143ag1.com/lotto/lott-common/ 		863 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/lotto/lott-common/bettingCompress.1ab3f580.js
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/lotto/lott-common/lott-js.js?t=1719294462158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7c2b77ab05cf5420f27a27bf032a33e41319da2610deed796eb32f930ba2070
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
57574
tl-standard-proxy-cache-tier2
MISS
content-encoding
br
last-modified
Wed, 05 Jun 2024 09:22:58 GMT
server
cloudflare
etag
W/"66602e72-35f"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST,PUT,DELETE
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hTtdkMjLQjpKvgh8cys568%2FOmF34%2Bw968h3zs9zRS2vtBTyDvq3hzQKZJBlrC1981NysYQ8FoBh8vFLhwoEGlXu0tEgvTlRxZx%2FW0UKAlmaAukwpZ%2BO3e3QHfy1S5D4mw%2BPWV3D%2Ffpn3tkXGC0B7"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
vary
Accept-Encoding
cf-ray
8992aa161bf2b8ca-AMS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Tue, 25 Jun 2024 13:48:08 GMT
chunk-vendor-app.dfb91469.chunk.js
www.ph143ag1.com/mobile/mc/ 		0
344 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/mobile/mc/chunk-vendor-app.dfb91469.chunk.js
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/mobile/mc/loadMemberCenter.js?v=1719294460708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
age
57574
last-modified
Mon, 24 Jun 2024 06:28:59 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
W/"6679122b-11d401"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QLvAZZ%2Fi7BUr2CEmvbZ1y%2FSVayXj4Ow6VaoJIXobD770n2G8S1UHPOeU4xTuo8AQhEQwnIizYYbyb%2F1SH6TO9eauHjpIwbXbsznlHWjTlCWDOL1huDY5xVPCDLBkPVq9mR7pGseB9%2Ft20H2iWa0p"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
x-frame-options
SAMEORIGIN
cf-ray
8992aa165c35b8ca-AMS
expires
Tue, 25 Jun 2024 13:48:08 GMT
embeddedLaunch.a45b990c.chunk.js
www.ph143ag1.com/mobile/mc/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/mobile/mc/embeddedLaunch.a45b990c.chunk.js
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/mobile/mc/loadMemberCenter.js?v=1719294460708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
age
6842
last-modified
Mon, 24 Jun 2024 06:28:58 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
W/"6679122a-11fe"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F5hXp5H9UEUoVUZX24joklM5dTKqVqLLMyD5T2ZZLXrRDyl0UEiE1yjnUMTAWQkON%2B2JLPwZIb5OxklRWXTuBHbIcEfS%2FQhPDLHeY%2BEa%2BpnHCmdwSwd7EuCpOyN9OEYGGF32cV4I3vDVAjr4FqgW"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
x-frame-options
SAMEORIGIN
cf-ray
8992aa165c36b8ca-AMS
expires
Wed, 26 Jun 2024 03:53:40 GMT
gameRecord.8137d986.chunk.js
www.ph143ag1.com/mobile/mc/ 		0
13 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/mobile/mc/gameRecord.8137d986.chunk.js
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/mobile/mc/loadMemberCenter.js?v=1719294460708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
age
6842
last-modified
Mon, 24 Jun 2024 06:28:58 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
W/"6679122a-fe31"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=96EHVDOdYZsVZ%2FFqJgdMZJcpaVJPY9WI6XVNF5u9j9XUay5vSHGC0mApXjqTEDoowIOgtbqFGDxOaxxzEuKNV15WYUYQh8QmuW7QNsXo9sU8A9ne4tHrAOBMBlZpLwuyES0q0yfJhu%2BiUsBZgYR5"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
x-frame-options
SAMEORIGIN
cf-ray
8992aa165c37b8ca-AMS
expires
Wed, 26 Jun 2024 03:53:40 GMT
launchGame.7ca62769.chunk.js
www.ph143ag1.com/mobile/mc/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/mobile/mc/launchGame.7ca62769.chunk.js
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/mobile/mc/loadMemberCenter.js?v=1719294460708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
age
6842
last-modified
Mon, 24 Jun 2024 06:28:59 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
W/"6679122b-1116"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bIwVlabA19YUVqqDIMaxivXiEotBvAxdcwFTN%2FGehVlDwohE38BQGs2xfkSrpEU4ZaUgH82an9hF%2BePXq89GJVMlaNhqDg2dDdFypRv0d96ZgjJkTc0mKdlQOwAEhEAi1gdyQWntJ22kBgKAMMMG"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
x-frame-options
SAMEORIGIN
cf-ray
8992aa165c38b8ca-AMS
expires
Wed, 26 Jun 2024 03:53:40 GMT
mcMain.48a3d0da.chunk.js
www.ph143ag1.com/mobile/mc/ 		0
55 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/mobile/mc/mcMain.48a3d0da.chunk.js
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/mobile/mc/loadMemberCenter.js?v=1719294460708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
age
6842
last-modified
Mon, 24 Jun 2024 06:28:59 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
W/"6679122b-24e9e"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9IZW69Byjb5Xv1FLGtnZF52AmaDZYjFKEVG8qoHRW2Ks3WRGyJ9OOD3nvo%2BBJ0q1SJjf9WKaF%2BlJIn9w7nhbFUoemCjaSaPDmrESoEdpokOyrhcYUPARzee7jf8EL7A66qwagH71AKiMp75dzaRI"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
x-frame-options
SAMEORIGIN
cf-ray
8992aa165c39b8ca-AMS
expires
Wed, 26 Jun 2024 03:53:40 GMT
profitAndLoss.97071aff.chunk.js
www.ph143ag1.com/mobile/mc/ 		0
16 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/mobile/mc/profitAndLoss.97071aff.chunk.js
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/mobile/mc/loadMemberCenter.js?v=1719294460708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
age
57574
last-modified
Mon, 24 Jun 2024 06:28:59 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
W/"6679122b-cebf"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hzq0I%2FW5pToYd2RV8OjVXYOC1Sn2JxmxWNVMHPgR886KUMuIVKKX1vuho8yC5qpgjUYcgoVmgn7npIQqVjYAeZmUnV1i0xpIqFuSq4qcEPWI79DLH4WFu9Pf3azNiZncQr%2B8xWZe9mZ%2FOuOaeCY%2F"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
x-frame-options
SAMEORIGIN
cf-ray
8992aa165c3ab8ca-AMS
expires
Tue, 25 Jun 2024 13:48:08 GMT
securityCenter.92eef916.chunk.js
www.ph143ag1.com/mobile/mc/ 		0
11 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/mobile/mc/securityCenter.92eef916.chunk.js
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/mobile/mc/loadMemberCenter.js?v=1719294460708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
age
6842
last-modified
Mon, 24 Jun 2024 06:28:58 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
W/"6679122a-a1dc"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2qTqg6Lmr%2FgFupdXZ6pOkFf%2FA%2B1op7AD69n9xvYPOLRLH5Z0oKV2olM7CEiM%2FIV0bkJoBluJTq34vWLbJWx%2FCjVek5LPjFN02NIfwtu4vvGogmKmMYNL%2BPq2eqUT7QpgfCmcmPIdIJagss5nJm0P"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
x-frame-options
SAMEORIGIN
cf-ray
8992aa165c3bb8ca-AMS
expires
Wed, 26 Jun 2024 03:53:40 GMT
voucherHOC.9197d406.chunk.js
www.ph143ag1.com/mobile/mc/ 		0
61 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/mobile/mc/voucherHOC.9197d406.chunk.js
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/mobile/mc/loadMemberCenter.js?v=1719294460708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
age
79864
last-modified
Mon, 24 Jun 2024 06:28:59 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
W/"6679122b-43ffb"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OoijeFPeuSpKHmJJVSh8pMqLvxAKLo5xgpYPHJ1p9gqdmgJA1AWHzrtbt%2BUvqpm86B5LcDQuw1%2BLWkT5Aaityj9kc5JYqpRo6X4LTJDWQX8mb%2F2ZmEXHm7nJDhwxrgPfBpF5tj00J%2BbmyczgpCcN"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
x-frame-options
SAMEORIGIN
cf-ray
8992aa165c3cb8ca-AMS
expires
Tue, 25 Jun 2024 07:36:38 GMT
country
www.ph143ag1.com/wps/system/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/wps/system/country?_=ph143f3
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/vendor.encrypt.v2.dll.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
facc55b1088c49c20e20c44ffd96a6f87df2655c94e3e13cf4e564e8a0a53c35
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Language
EN
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json;charset=utf-8
Merchant
ph143f3
Accept
application/json, text/plain, */*
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
x-module-id
COMM3
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
strict-transport-security
max-age=0
server
cloudflare
x-app-trace-id
eiwcpjh344
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fmA8dBq40s9AA7xl2wv00gvcGQPRpD1f5oQqp6DzycR86I%2BsZLqyfCYei%2FLWpeN2upMhiFOuTqk6tlktF88jyOX47%2BnxrdNjDiJeh1rV3Sitr7%2BoGkTZOJ79u%2ByTUVxD0uNALOYhQA305y%2B6l5C4"}],"group":"cf-nel","max_age":604800}
x-frame-options
SAMEORIGIN
cache-control
no-cache
cf-ray
8992aa183e2db8ca-AMS
x-robots-tag
noindex,nofollow
access-control-allow-headers
Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-elapsed-time
2
icon-news.9b63e562.png
www.ph143ag1.com/m/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ph143ag1.com/m/icon-news.9b63e562.png
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/app.bc173c92.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
349130ef3d0acfe9d4d0234b2a93530cf79ccb42811facc709e6d10ee0ad61cb
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/app.bc173c92.css
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7142
content-length
2884
last-modified
Thu, 20 Jun 2024 05:49:32 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
"6673c2ec-b44"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6lmmvGLOEnrHswVr2DMOR0Xnf%2Fob54TbL7exXTG%2BzN5WKiBmtvStDn9sIIHs5S9mAk3f2xivMJ%2BywWXvT9kvZkdt7guKZ0lns%2B6DV2P8H%2BHsJSPe6Uqom4N73KeqcHD2c0BKy6kNJqi8wph0N3uV"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=86400, public
accept-ranges
bytes
cf-ray
8992aa189e81b8ca-AMS
expires
Wed, 26 Jun 2024 03:48:40 GMT
jackpot-bg.8f7f7e7f.png
www.ph143ag1.com/m/ 		439 KB
439 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ph143ag1.com/m/jackpot-bg.8f7f7e7f.png
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/app.bc173c92.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
661ed6c9db5c1df32c85e2c201648796b6774611e4527decf5d07f44bfeeb7c2
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/app.bc173c92.css
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7142
content-length
449160
last-modified
Thu, 20 Jun 2024 05:49:31 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
"6673c2eb-6da88"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cfjd%2FWPJwN4%2BPWY%2B6Xc0SL5SR6DWEC7J2fjsJI83WIty3XfxR%2Fh7txbRupv3GxcbQts%2BhTHQ%2BCeGuEehl42LrNMBS%2B5oilA0zVxBc43lx%2FA2wuD2xwszzYLDTSJBdjEFtMpZ77v8qdy591j0QMzs"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=86400, public
accept-ranges
bytes
cf-ray
8992aa189e82b8ca-AMS
expires
Wed, 26 Jun 2024 03:48:40 GMT
bg.0e8415ef.jpg
www.ph143ag1.com/m/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ph143ag1.com/m/bg.0e8415ef.jpg
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/app.bc173c92.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf370844158c1902d5a9923a423e56e7985addca380fa7d92a7d18564fa41e08
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/app.bc173c92.css
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7142
content-length
16906
last-modified
Thu, 20 Jun 2024 05:49:32 GMT
server
cloudflare
tl-proxy-cache-tier2
HIT
etag
"6673c2ec-420a"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aD%2F2iwQJenEU7xmJEnR7whTz%2Bx5Jl%2BLIndMzKLZcWC5aliZZmitZDkT06nsKX%2FNW6vGch%2BHfex21RklujwPb%2F840TeUQ%2B2taViFf0inl2QhjqvlPSGletlE6JWN9dlOkcdFbpxlW1uX3NwHc2HUq"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=86400, public
accept-ranges
bytes
cf-ray
8992aa189e84b8ca-AMS
expires
Wed, 26 Jun 2024 03:48:40 GMT
icon-home.e709a72d.png
www.ph143ag1.com/m/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ph143ag1.com/m/icon-home.e709a72d.png
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/app.bc173c92.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
136ffb30701c6488dad4746137391ee3c2b4676c904a3a597c9dded2ef769d6c
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/app.bc173c92.css
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7142
content-length
34533
last-modified
Thu, 20 Jun 2024 05:49:32 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
"6673c2ec-86e5"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oBVWSFijZDtEtWHpqL45wHdYJ5C%2FTnGQhZRHGQaYNMQMwQsFJ9ZdlNE419ZcGusfBmlhCHD7Aq4lGEzNuUk%2Bc49Djn0%2B8gFDu7SSczr2FMEgR7EUG7%2FEV8TJeRm2eri1Tms4TaPt4i9TR%2BkQsiLV"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=86400, public
accept-ranges
bytes
cf-ray
8992aa189e86b8ca-AMS
expires
Wed, 26 Jun 2024 03:48:40 GMT
sidemenu-gift.961d5a82.png
www.ph143ag1.com/m/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ph143ag1.com/m/sidemenu-gift.961d5a82.png
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/app.bc173c92.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2982287293a5b644b8c1b857015e64739f8ea93a6ce3493da0347a9c9b2abe4
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/app.bc173c92.css
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7142
content-length
5015
last-modified
Thu, 20 Jun 2024 05:49:32 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
"6673c2ec-1397"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wzfc%2BIoeHl0NbyCTWR1l5ALt7lW1%2FjQDWvBmJ4HxcvL9jQptqG20yKGOQoMouj3xRBHEW%2FmtfeqVg1j8L5Ul719fMSryyqwg2cxLj6cJrauA1y7Q8w72mMqdezjoEfTez%2BFuqweoKrdHVPTFFVQ2"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=86400, public
accept-ranges
bytes
cf-ray
8992aa189e88b8ca-AMS
expires
Wed, 26 Jun 2024 03:48:40 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca22ea2d3e63dccce76d9a5fe15f2f3f3c90b308f0c47eeaa14e085c8931bd06

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2fe2e59f035729cfcc187c98b69bbba11998e5795af21afb64dc06c41ae1b066

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
logo.4853a45b.png
www.ph143ag1.com/m/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ph143ag1.com/m/logo.4853a45b.png
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99cef92aa6295701b3cf20997f2580600dfc2b5f112b713014ec4288717b8c46
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7142
content-length
15707
last-modified
Thu, 20 Jun 2024 05:49:32 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
"6673c2ec-3d5b"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SbMx0SzNg4Ki8H66Q79r4wQvhlSUjGXb5eQh5Glh37ruISAP38xgk9eYZ8u8WgBVLXlUqPFn%2F0zbrV1hGL4DJ8UWLJb9ralPDeqQxFC1%2FJrhRHeYz0ZZ%2BvBCVzvK6KSZ0BO2jmegXBIC3TbZzEv3"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=86400, public
accept-ranges
bytes
cf-ray
8992aa191f2cb8ca-AMS
expires
Wed, 26 Jun 2024 03:48:40 GMT
icon-hot.7f5be5d7.png
www.ph143ag1.com/m/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ph143ag1.com/m/icon-hot.7f5be5d7.png
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3d643545a62695911755c082324a08b3d46e27ce211875f2e240b36168e1fad
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7142
content-length
9740
last-modified
Thu, 20 Jun 2024 05:49:32 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
"6673c2ec-260c"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tbS%2Bs4GB5DcmJ8A8mdKRarwRkPbIsQEXer%2ByaWG%2FkvyoMKRm4jMtiVtv%2BaQPnd0a7YQ4lYcT0X7VoYvFGZTZWXhOaa1NmRDr%2BdcGHAq4T5tHJA5sCncOxmeDmzV2JkgafzBotjHWnojIG%2FM2p6OB"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=86400, public
accept-ranges
bytes
cf-ray
8992aa191f2eb8ca-AMS
expires
Wed, 26 Jun 2024 03:48:40 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d3ddbc416b2628a98282f7da3fdadb4e8a6498f4e26df469e89a9d27638ac74c

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
US.svg
images.11029984.com//TCG_PROD_IMAGES/COUNTRY_FLAG/CIRCLE/ 		723 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.11029984.com//TCG_PROD_IMAGES/COUNTRY_FLAG/CIRCLE/US.svg
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f3012f520e4aefcff6acbb8cc7198fee604f3f806fd228f59c94077437bda82
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
75826
content-encoding
br
img-proxy-cache-tier2
HIT
last-modified
Mon, 17 Apr 2023 07:21:45 GMT
server
cloudflare
etag
W/"643cf389-2d3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ww8EdJa91hhVzyAtuXDOZkG8VmkKScG89Fs%2Fy4OrqgTEmeQ4nrRY1sF9u4A%2Fluioor4K1n3l2zeQqCCQOzoxyphITiqxbJmLS4VG9rcMdY2BKBk0pPRX7xHqpnkttSd8Fry6wd4kS8aaQYjEqmYCug0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400, public
cf-ray
8992aa195cac9f82-AMS
expires
Tue, 25 Jun 2024 08:43:56 GMT
TLG.svg
images.11029984.com//TCG_PROD_IMAGES/COUNTRY_FLAG/CIRCLE/ 		725 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.11029984.com//TCG_PROD_IMAGES/COUNTRY_FLAG/CIRCLE/TLG.svg
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
578d8002d750bbf7b90f801cde62b0e9dfe575766c3de6fa61e097eef5b710ad
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
76071
content-encoding
br
img-proxy-cache-tier2
HIT
last-modified
Wed, 08 Jun 2022 11:45:15 GMT
server
cloudflare
etag
W/"62a08bcb-2d5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Er3jKQ86a3XhpJnohFeKSb0hVT%2F0NfbjnEJ6lby1nBuIgb7G8gai2%2FlVgRYH55kXw9Sx%2FLdjl%2FCtDQlNJRNAypeiYA10eEDWibaXlAKUmMCdybn0K2%2BAr91ktnONVz1g6Mgx%2Bx4%2FvbsdXYW9el6Yq5w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400, public
cf-ray
8992aa195caf9f82-AMS
expires
Tue, 25 Jun 2024 08:39:51 GMT
head.7f17990d.png
www.ph143ag1.com/mobile/mc/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ph143ag1.com/mobile/mc/head.7f17990d.png
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36b982cf2de4e54a66a105053a09c7b85786058ddebb4d629a230b3a582ab292
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7141
content-length
39968
last-modified
Mon, 24 Jun 2024 06:28:59 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
"6679122b-9c20"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ffy4w42gst4kMlVdflaQQ8ngW1H2%2BZsRWUCkijRDm8aPCjSHGWTexJvBsqFdw5FVueGawFWOOQS3Nx6coqw5HGsYf0vqHoGHOLF%2BrQPnqOU0J8b4JrGvEMHW5eMCXIfQIbXnFSRgq3o6kKEHUhQw"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8992aa191f2fb8ca-AMS
expires
Wed, 26 Jun 2024 03:48:41 GMT
REGISTER.b064adb0.webp
www.ph143ag1.com/mobile/mc/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ph143ag1.com/mobile/mc/REGISTER.b064adb0.webp
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1de90c771aeb59a35c624728beb0bd2e25195d8fb2ff52abd9112c55a0ebd16
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7141
content-length
1118824
last-modified
Mon, 24 Jun 2024 06:28:58 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
"6679122a-111268"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7BsfXtgQIEzch5wGNgrQVEceGl3s4FkLFsfvLjIYJ%2FQXZymw3dek2d0bzBvgL9elMpuo%2F5dcYi7muwJ79pkB7UdIhWfWqOY2DM82e1epISnDXL0swKnJw48jV1fNt2FyooQEuO792hpW7qETb8T1"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8992aa191f31b8ca-AMS
expires
Wed, 26 Jun 2024 03:48:41 GMT
red_bag.13ec57c3.png
www.ph143ag1.com/mobile/mc/ 		201 KB
202 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ph143ag1.com/mobile/mc/red_bag.13ec57c3.png
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cec69059d2a7bf217cacede43132c2d79c1546ba063dce5eaabb2b99868d313
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7141
content-length
206188
last-modified
Mon, 24 Jun 2024 06:28:58 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
"6679122a-3256c"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xnnht47HqAFFbWrB9THWlPV4G4%2BZGgqhsue5tS9xP52h8rEOqNGp1TdRpc%2BncWhUmoKmkfNrVUIoO7ViKXjNqMFLBqqKxWU6T1q5fvrEX%2BBpJyII2y8F0dvhOr9PR0c9Atgg0l%2BDJ43hhVfYAfT%2F"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8992aa191f32b8ca-AMS
expires
Wed, 26 Jun 2024 03:48:41 GMT
LOGIN.fce37e44.webp
www.ph143ag1.com/mobile/mc/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ph143ag1.com/mobile/mc/LOGIN.fce37e44.webp
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25975fa73991b8d67f0b9852c3dd200a5997c10b977ab2ab605ad5b5a7b31a05
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7140
content-length
1475482
last-modified
Mon, 24 Jun 2024 06:28:59 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
"6679122b-16839a"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FIoYe88Hw%2F8Su2tqBl8n7b2PHJ43A4Go1f0MXj%2B5t3B48e3J8zqEdJ36R5cg9rD584%2BYHOFpu6AAOvtitVrsIMJ2ITR40h2YATaV4r4Fy1%2FuuQsH2go4bcqT0vdCH1dU2ze%2BN%2Fa6aeyki%2F3Fwdx8"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8992aa191f33b8ca-AMS
expires
Wed, 26 Jun 2024 03:48:42 GMT
CASH_VOUCHER.3f027438.gif
www.ph143ag1.com/mobile/mc/ 		474 KB
475 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ph143ag1.com/mobile/mc/CASH_VOUCHER.3f027438.gif
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26f0484bcec299ac7bdac1e3d6d2237ba48bdd388061e528a287b35a684e05df
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7140
content-length
485496
last-modified
Mon, 24 Jun 2024 06:28:59 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
"6679122b-76878"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=erD%2BysYHX3TFOj30xSYOvIQXk9cFMMtwzbAad5BXjA8110HxDTtc3GZl5xJYTu%2FJuo8G2KXcv2bkINxUx2kbLWxojnt2dNfiprqsrSaqWe5Dp9OdpBBWR8enA8Zmzj5YufDdKrzhXp3AGvAO%2BolI"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8992aa191f35b8ca-AMS
expires
Wed, 26 Jun 2024 03:48:42 GMT
ticket-type-redenvelope.4170bcbf.webp
www.ph143ag1.com/mobile/mc/ 		145 KB
145 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ph143ag1.com/mobile/mc/ticket-type-redenvelope.4170bcbf.webp
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed3eae6b13606d6c931f1f7eca852b74d04a16348a2b5de238a5bffe5dddc6a3
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7140
content-length
148102
last-modified
Mon, 24 Jun 2024 06:28:58 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
"6679122a-24286"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VllSDaQbQD%2BWJl9uTJR9OnnyA4wYtOlM1tRwoP1wqZgyrDGmKxckKjE%2FhmiLVGUHQcSbrCZYayBjUrr9GOmyEsyAvj8Xm6i2n2UKj4VsksuWKEOAvPLp4jhy39SbjrB8jCsOS9qwzfjfDsaATild"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8992aa192f4db8ca-AMS
expires
Wed, 26 Jun 2024 03:48:42 GMT
invite-qr-bg.9d2ffb82.png
www.ph143ag1.com/mobile/mc/ 		326 KB
327 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ph143ag1.com/mobile/mc/invite-qr-bg.9d2ffb82.png
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06bd581de568c6d041f8166463f08feea5fa6d26ce3831ae24b7a0356c03aa86
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7140
content-length
334047
last-modified
Mon, 24 Jun 2024 06:28:59 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
"6679122b-518df"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WheZqyvg30v2WGetZQUFK2RLdLgzobXAWxH8H6qzBfMtZ%2FWlYm397ZK%2BMDynUn8J4TGsJN6xjcj0FgvoBDzl5bqrNo89dSfj1xhvz8%2FN5t2EIA5TDq%2FkT3n1eeXgP0pf0COwGptreW7QxsgeZk84"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8992aa192f50b8ca-AMS
expires
Wed, 26 Jun 2024 03:48:42 GMT
cash-box-open.1545ea8a.webp
www.ph143ag1.com/mobile/mc/ 		468 KB
469 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ph143ag1.com/mobile/mc/cash-box-open.1545ea8a.webp
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eeebe9df9e099cb39dbefeff40be9f74018816270eda6b9217f8dcabecc5efa
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7138
content-length
479738
last-modified
Mon, 24 Jun 2024 06:28:58 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
"6679122a-751fa"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Eax%2FxxvOYTs%2FbpekFNNJyDk8ydguCFuj5%2BCdaWP9rdBf86Fg9AvERj9X0KmpeaW8jn9xtPy6EsRZFezSjjkXx0AsUkhe4UcGygwaD%2BA9J7J%2FHNhH6ImsnElfXClh7o3DwvnPFb9sFe%2BtTOVHIxUs"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8992aa192f51b8ca-AMS
expires
Wed, 26 Jun 2024 03:48:44 GMT
cash-box.a7b29b48.webp
www.ph143ag1.com/mobile/mc/ 		304 KB
305 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ph143ag1.com/mobile/mc/cash-box.a7b29b48.webp
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7458730f050fed87cec12c9a8f15b3cb3cb696b39fdab0f21ca19142b1c807a
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7137
content-length
311122
last-modified
Mon, 24 Jun 2024 06:28:59 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
"6679122b-4bf52"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RIBnqm3uSK2NIS6T32FqgmohlskdgaotnIfhuNPssZji7VblMex%2BJqyjGYv%2FMIFoNkMR7yjAY2H8OhRm03GGmpueOK%2BSQnT7MNhR2hxYOnaBstZJ8zEOSxsbO2nNQDeRWWDyoBzvV76SqW00mOlJ"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8992aa192f54b8ca-AMS
expires
Wed, 26 Jun 2024 03:48:45 GMT
cash-box-open-stop.ec9522fd.png
www.ph143ag1.com/mobile/mc/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ph143ag1.com/mobile/mc/cash-box-open-stop.ec9522fd.png
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cb4364fb2402cb31c3c6cba0f4d891dc6753bd1090f6479e9b1604cb5b7784a
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7137
content-length
80185
last-modified
Mon, 24 Jun 2024 06:28:59 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
"6679122b-13939"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F5FnNDQkgMmZndb3SeKUya8oXVCEXiKtMtejHiCjix86RYg7NkSifMgPxnXwRw%2B0u9LqM3CjZPLVEcaLWZpUzIKD2gxOAmTwbLkxBJzNVFMIjMpEP4hcHbxKQaiUPZolJkbcKN1CGe3rImINNzUW"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400, public
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8992aa192f55b8ca-AMS
expires
Wed, 26 Jun 2024 03:48:45 GMT
app_download_icon_ph143f3_20240618101616.png
images.11029984.com/wsd-images-prod/ph143f3/merchant_resource/appdownloadicon/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.11029984.com/wsd-images-prod/ph143f3/merchant_resource/appdownloadicon/app_download_icon_ph143f3_20240618101616.png
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3ae29a842edc382c11533e281044320967887eebf5832a8f823c81aac77e6f2
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:42 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
85465
content-length
3098
img-proxy-cache-tier2
HIT
last-modified
Tue, 18 Jun 2024 02:16:16 GMT
server
cloudflare
etag
"6670edf0-c1a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lPC47Dzgj1L3K3hlJ3Yl9kkg9e2MODsFec9W%2Bm99Y5pjdaNE0ylPrHVewxyXJ5XHSK6t%2Fk%2FSJVYPqHN2a5u5I4wg86m448sO71N5zb%2Bb%2FzUxFkiDlPwdrkXuGmmHYZK34dDljQrcb1fdfxTsMn7zTFI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400, public
accept-ranges
bytes
cf-ray
8992aa195ca89f82-AMS
expires
Tue, 25 Jun 2024 06:03:17 GMT
MCSFE_getMerchantAvailablePromotions
www.ph143ag1.com/wps/relay/ 		87 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/wps/relay/MCSFE_getMerchantAvailablePromotions
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/vendor.encrypt.v2.dll.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e36e490a37c8149cb1e4fdad4fd53d481f1258f2e4026396405d91f56d406c6
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Language
EN
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json;charset=utf-8
Merchant
ph143f3
Accept
application/json, text/plain, */*
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:43 GMT
x-module-id
REWCEN3
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
content-encoding
br
server
cloudflare
x-app-trace-id
jq6z3ev344
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ksX0JhrpAKtlF8Jz30JgVCSOrW3h5lPVwO9Pu6BSddJOz2EvZtEghmg1vaC3C73PpZECUf6da%2FTFWdFeCqHiufF%2BbSUpEg7uhLMZrqMQdRCze4aCi9rVOOsu5eQQezuQXJGiPXCdzB8ga6VDMqc%2B"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache
cf-ray
8992aa191f23b8ca-AMS
x-robots-tag
noindex,nofollow
access-control-allow-headers
Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-elapsed-time
2
GCSGAME_gameVendor
www.ph143ag1.com/wps/relay/ 		79 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/wps/relay/GCSGAME_gameVendor?merchantCode=ph143f3
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/vendor.encrypt.v2.dll.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9c171652f84ba3191ab27c6172ae858a4f23672f75734fe890c8b42212e1a0b
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

X-Gateway-Version
3
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Language
EN
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json;charset=utf-8
Merchant
ph143f3
Accept
application/json, text/plain, */*
X-Timestamp
1719294462864
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
ModuleId
COMM3
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:43 GMT
x-module-id
FREEPLAY3, COMM3
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
strict-transport-security
max-age=0
server
cloudflare
x-app-trace-id
jkmi9nq344
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tmpK5RzUpdnS%2F9yvBljYR8wgq2%2FIDdMSpU6LIV0rXl5KmZe9pgHM0KkTrA%2BTScIu3A5CsfwrM3JFJ%2FBghvsJMwhjNNEet6CF78AMwKinadySob6KKuMLlfF3xYsNGbrymxeL2chPIQjz2Ws%2BQv9H"}],"group":"cf-nel","max_age":604800}
x-frame-options
SAMEORIGIN
cache-control
no-cache
cf-ray
8992aa191f25b8ca-AMS
x-robots-tag
noindex,nofollow
access-control-allow-headers
Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-elapsed-time
16
GCSGAME_hotGamesV2
www.ph143ag1.com/wps/relay/ 		20 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/wps/relay/GCSGAME_hotGamesV2?merchantCode=ph143f3&isPlatform=2&language=EN&platform=html5
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/vendor.encrypt.v2.dll.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ed5fb4db4dc9e449478b9f701890799f23c2a31a806b6b66165903f6a30305b
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Language
EN
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json;charset=utf-8
Merchant
ph143f3
Accept
application/json, text/plain, */*
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:43 GMT
x-module-id
GAMELOHOT3, FREEPLAY3
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
strict-transport-security
max-age=0
server
cloudflare
x-app-trace-id
ysavj9r344
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0XL%2B0%2BoM3%2BU5XiJJ5ZlQfe4fUHbb6y0huZnfVDziE334y7yO0MiIzmiO6B4YPT8mBDLLmPfUBLi6dnwXX6THsKkPGQainSlhkpZKU7o986KgHra8tC0SVtqeR8659haOv%2F9DssXQeagzNuuS9LtW"}],"group":"cf-nel","max_age":604800}
x-frame-options
SAMEORIGIN
cache-control
no-cache
cf-ray
8992aa191f27b8ca-AMS
x-robots-tag
noindex,nofollow
access-control-allow-headers
Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-elapsed-time
5
MCSFE_getListAnnouncements
www.ph143ag1.com/wps/relay/ 		17 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/wps/relay/MCSFE_getListAnnouncements?types=B%2CPL%2CPU&groupName=&platform=M&merchantCode=ph143f3&token=
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/vendor.encrypt.v2.dll.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67fa2bb9a69409c8e9ca781a1c5711d455be09f1e7d28ae8a533b52f14833151
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Language
EN
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json;charset=utf-8
Merchant
ph143f3
Accept
application/json, text/plain, */*
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:43 GMT
x-module-id
FREEPLAY3, COMM3
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
strict-transport-security
max-age=0
server
cloudflare
x-app-trace-id
4hkzu5f344
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zvoqE6f36Lp5HCQA5zpBaPEgAfF8JekCI2gpoaIiWCimGRqBwpsLbdFnaFKa4FvAf3WFJCd66kCd%2BlvvAgZUAsrc%2BC7YWD75YKJia%2FsuiAERqQMYlSytb1uLhdIa6dke1iZYNhuG0WJay3GniWS3"}],"group":"cf-nel","max_age":604800}
x-frame-options
SAMEORIGIN
cache-control
no-cache
cf-ray
8992aa191f28b8ca-AMS
x-robots-tag
noindex,nofollow
access-control-allow-headers
Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-elapsed-time
5
GCS_merchantWallet
www.ph143ag1.com/wps/relay/ 		39 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/wps/relay/GCS_merchantWallet?merchantCode=ph143f3
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/vendor.encrypt.v2.dll.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2ccf7b4106e81339a0204916f3ff80ec80e622efe2bd779cf5407dea7201ff8
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

X-Gateway-Version
3
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Language
EN
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json;charset=utf-8
Merchant
ph143f3
Accept
application/json, text/plain, */*
X-Timestamp
1719294462865
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:43 GMT
x-module-id
COMM3
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
content-length
39
server
cloudflare
x-app-trace-id
vwdjw70344
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1tOSfy%2Fs11uXLvuEYpF%2FmA%2FOSgUxR7a8n1Or68OM8wpA3ET3rpEnKbFcJkLdpTIxdjLsUKz8KbBypBlv2Ftvif%2B2HgIyYUfoVxSdPiE6%2FV0A3ZI%2FpnkibdBkq51RFYxge%2BcmyDogZys97LQGIdWD"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache
cf-ray
8992aa191f2ab8ca-AMS
x-robots-tag
noindex,nofollow
access-control-allow-headers
Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-elapsed-time
5
chatplusscript.min.js
app.chatplus.jp/assets/js/app/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.chatplus.jp/assets/js/app/chatplusscript.min.js?v=1910327
Requested by
Host: app.chatplus.jp
URL: https://app.chatplus.jp/cp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.195.86.179 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-195-86-179.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
af4d9b972723248d4d8c95998a1366bf4f369e85a16516ac61eca7b8423e5010
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 18 Dec 2023 05:13:31 GMT
server
Apache
etag
"24c0-60cc1cf92f4c0-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
p3p
CP="CAO PSA OUR"
cache-control
max-age=900
accept-ranges
bytes
content-length
2322
x-xss-protection
1; mode=block
expires
Tue, 25 Jun 2024 06:02:43 GMT
jqueryc.min.js
appimg.chatplus.jp/app/s/lib/ 		83 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appimg.chatplus.jp/app/s/lib/jqueryc.min.js
Requested by
Host: app.chatplus.jp
URL: https://app.chatplus.jp/cp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4149aa5806d51f12fa8cd7101eecceaff9250cc68d4baffcb8ba70b32956a271

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:04:01 GMT
content-encoding
gzip
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 26 Mar 2019 06:02:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
2627
etag
W/"a4a6e1d55782a906a2d8844f3f6bf3c2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
R71cRp0FeKlAvN7At5XIy4VBlQMd1rr29WduyulTxExXpau-SX6RYg==
riot%2Bcompiler_2.min.js
appimg.chatplus.jp/app/s/lib/riot/3.13.2/ 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appimg.chatplus.jp/app/s/lib/riot/3.13.2/riot%2Bcompiler_2.min.js
Requested by
Host: app.chatplus.jp
URL: https://app.chatplus.jp/cp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b8a884688194823f2d8253680bf86f980bc8cf63431a55ff115dc5486b6cb6c5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 04:59:54 GMT
content-encoding
gzip
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 20 Oct 2020 05:57:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
2872
etag
W/"a4dba98d91284d51ea4e8a358ca5bb44"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-id
IG0vsJvkIrTB0gQBw44IUtOZhSI4gbe2TrCBsMaIW4uUjdQzwzpc7g==
underscorec.min.js
appimg.chatplus.jp/app/s/lib/underscore/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appimg.chatplus.jp/app/s/lib/underscore/underscorec.min.js
Requested by
Host: app.chatplus.jp
URL: https://app.chatplus.jp/cp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a011ce06e3a02184879870c1ae63ba3f798b50c1dfa69dfbeab7b7323cf54b06

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:02:00 GMT
content-encoding
gzip
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Thu, 19 Aug 2021 07:16:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
2744
etag
W/"6e803b54a033fb77b25bcc562e3edac0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000,immutable
x-amz-cf-id
8Al5VHy9AOYEqubVQYYnAXiK_4p9ZBgbanHExomTMm4-VwQ4CCP7QA==
c
app.chatplus.jp/chat/visitor/573871f0_5/ Frame 0753 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://app.chatplus.jp/chat/visitor/573871f0_5/c?pt=ph143&pu=https%3A%2F%2Fwww.ph143ag1.com%2Fm%2Fhome%3FaffiliateCode%3Ddxin005&pr=&c=m3mmyv4l7i13vq2pzzlt573871f0
Requested by
Host: app.chatplus.jp
URL: https://app.chatplus.jp/cp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.115.148.249 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-115-148-249.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://www.ph143ag1.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
cache-control
no-store, max-age=60
content-encoding
gzip
content-length
1278
content-type
text/html; charset=UTF-8
date
Tue, 25 Jun 2024 05:47:43 GMT
expires
Tue, 25 Jun 2024 05:48:43 GMT
p3p
CP="CAO PSA OUR"
server
Apache
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
MCSFE_getListAnnouncements
www.ph143ag1.com/wps/relay/ 		41 B
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/wps/relay/MCSFE_getListAnnouncements?types=PR&platform=M&category=app_download
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/vendor.encrypt.v2.dll.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5438bf56d49185300877fd58f32fc7d5756caab62e1da79315a6a870842eab0e
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Language
EN
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json;charset=utf-8
Merchant
ph143f3
Accept
application/json, text/plain, */*
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:43 GMT
x-module-id
FREEPLAY3, COMM3
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
content-length
41
server
cloudflare
x-app-trace-id
dzaqzv9344
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eT0qhPw2G633Zq7agr%2FH3kfRT%2FpgRslhyKEbCVRUFhzUiqVPsZf3sDeRWyxSspIUp%2FNUxESHk0JrdgbrjZZoOiRqYt68x26faTnDvGcmLDNgNRRbd5W3SRhcsirYporccY2wmi3l8%2FrR7eYxeq8A"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache
cf-ray
8992aa1ba9d6b8ca-AMS
x-robots-tag
noindex,nofollow
access-control-allow-headers
Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-elapsed-time
5
DAILY%20VIP%20GOLDEN%20EGG_1715428854957.png
images.11029984.com/mcs-images/announcement/ph143f3/ 		361 KB
362 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.11029984.com/mcs-images/announcement/ph143f3/DAILY%20VIP%20GOLDEN%20EGG_1715428854957.png
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5cde78d2fbd16da9eaf566c97ee5306dc2e9c5ba45cd787e11c935486a065d1
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:43 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
61905
content-length
370003
img-proxy-cache-tier2
MISS
last-modified
Sat, 11 May 2024 12:00:55 GMT
server
cloudflare
etag
"663f5df7-5a553"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i0iaLfv3aQjlPzACntTM8eQGE8FD8MpMhc3p5ibZcVpkrdcv2uCRYSsLLSuYIJs6W%2Bw1HhY43fAIGV5%2Flt9TdjYdd86R89X%2BKaBREEQOLIc%2B4GzRXh6d2yK3uIQHAhe1Kg4Db5GjonU3yqyw%2Bsi%2F%2B1g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400, public
accept-ranges
bytes
cf-ray
8992aa1b7e859f82-AMS
expires
Tue, 25 Jun 2024 12:35:57 GMT
NOVICE%20MISSION_1715429009399.png
images.11029984.com/mcs-images/announcement/ph143f3/ 		346 KB
347 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.11029984.com/mcs-images/announcement/ph143f3/NOVICE%20MISSION_1715429009399.png
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39b96be88052ad5a337fe2fd123b326c737bc657903603ec9078bce0c89fecf7
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:43 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
79870
content-length
354544
img-proxy-cache-tier2
MISS
last-modified
Sat, 11 May 2024 12:03:29 GMT
server
cloudflare
etag
"663f5e91-568f0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2agBvUmXGH54YW6gKTrKcSaujSFQklzuviyRdTSX09XoTOI9wAl1zEToP2XBxkgAtKhrR%2FQaTbeEVPRoti7uoMVc6AH8Xab2B79WMIMjXYXEGqZAuWtqCRRmSyxXJkEXz76H8JwIU46CpPg6oC1qlX8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400, public
accept-ranges
bytes
cf-ray
8992aa1b7e869f82-AMS
expires
Tue, 25 Jun 2024 07:36:33 GMT
ORIENTATION%20FTD%20BONUS_1715605131908.png
images.11029984.com/mcs-images/announcement/ph143f3/ 		343 KB
344 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.11029984.com/mcs-images/announcement/ph143f3/ORIENTATION%20FTD%20BONUS_1715605131908.png
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f9f3e284b84e2cef61ef4c27d3dba821001bdfc814a3beccf1604efbd906911
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:43 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
79870
content-length
351430
img-proxy-cache-tier2
MISS
last-modified
Mon, 13 May 2024 12:58:52 GMT
server
cloudflare
etag
"66420e8c-55cc6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iPlI4A7%2FhBlRdZgPhUF6WRJrtEYClzh7YTG%2FjY%2FOfwUOeMpafwEuh9haSDisOvxk0mxKMDgTZUEvzNkeHff2%2Fr%2FslCVLNq38HiAuNVw1pFW9VgIZC78Z6JhiyTTMEBBLoEAhh%2FCQOapIeLXHvYicx4Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400, public
accept-ranges
bytes
cf-ray
8992aa1b7e879f82-AMS
expires
Tue, 25 Jun 2024 07:36:33 GMT
1716907069433_Recommends%20more%20deposit%20channel%20for%20you%20carousel%20mobile.jpeg
images.11029984.com/mcs-images/announcement/ph143f3/ 		130 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.11029984.com/mcs-images/announcement/ph143f3/1716907069433_Recommends%20more%20deposit%20channel%20for%20you%20carousel%20mobile.jpeg
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c84cbf7d26ba8be259f6bd8cf55249af79c63a5aaa790409def01a9696149439
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:43 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
79870
content-length
133431
img-proxy-cache-tier2
MISS
cf-bgj
h2pri
last-modified
Tue, 28 May 2024 14:37:49 GMT
server
cloudflare
etag
"6655ec3d-20937"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e1AkycNhXhPEIw%2Fr%2BZdxaAEYUeQn0QRuNQO2bhZY%2Bb7JiHOjYEE9xilINgvR13x3UzaSg8DXicQkDKaDyv4SN0L9Q4p9bVGIZS8rfhKP%2Fd3EkSeS6VFURTyvmr7s%2BZsP4NFMfCuoVLCiDKyFPueE78A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400, public
accept-ranges
bytes
cf-ray
8992aa1b7e889f82-AMS
expires
Tue, 25 Jun 2024 07:36:33 GMT
1718296926798_PH143%20PAYDAY%20POP-UP%20MOBILE.webp
images.11029984.com/mcs-images/announcement/ph143f3/ 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.11029984.com/mcs-images/announcement/ph143f3/1718296926798_PH143%20PAYDAY%20POP-UP%20MOBILE.webp
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b498d07107c9592eeb40d460c3a55309ed4b5e3d9d94f706ee13e8735de5f01a
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:43 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
51091
content-length
105306
img-proxy-cache-tier2
HIT
last-modified
Thu, 13 Jun 2024 16:42:06 GMT
server
cloudflare
etag
"666b215e-19b5a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a9gQqX0PfP7z%2Fq9t3vvRXASMuA0vDrvt%2F2FDSv%2FHrhlTnVS48OCHEC9yrvqU2vgy%2By0NZOIf9a4Z0wEb9E0Jju4fcfv%2BEL0pe%2B0DyLhMqPMmNWQp5jZVwwDxXT18blwQCdOjxpD5dXVAfpvqJ8OzQRA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400, public
accept-ranges
bytes
cf-ray
8992aa1b7e899f82-AMS
expires
Tue, 25 Jun 2024 15:36:12 GMT
1718632128902_Summer%20Big%20wins%20carousel%20690x260.png
images.11029984.com/mcs-images/announcement/ph143f3/ 		120 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.11029984.com/mcs-images/announcement/ph143f3/1718632128902_Summer%20Big%20wins%20carousel%20690x260.png
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9a115ec922bac7b00df1d93b0a02c93f6cf54c64cb9b2a3e250e3b756231ed9
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:43 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
51091
content-length
123128
img-proxy-cache-tier2
HIT
last-modified
Mon, 17 Jun 2024 13:48:49 GMT
server
cloudflare
etag
"66703ec1-1e0f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MFmkJNR1mRFRwFTU2mrwB%2BRfFeG19MGIEhQ19kIyV3RGmOTiymPJmJGQaBJig2N38dZAt6ehLPEOjdHAvSPCPtm9EYjj8fGEAgwyeN17mQgle%2BTRmQneuwuovxsMyWH8P3JqeD3J6lwTbBeLmisq4Dw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400, public
accept-ranges
bytes
cf-ray
8992aa1b7e8a9f82-AMS
expires
Tue, 25 Jun 2024 15:36:12 GMT
icon-rng.6fb513c6.png
www.ph143ag1.com/m/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ph143ag1.com/m/icon-rng.6fb513c6.png
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eb12b82b77ce45e1564f2b0a78bb632395cbc8e2ff5ab1aa45701ebc29d362e
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:43 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7141
content-length
16761
last-modified
Thu, 20 Jun 2024 05:49:32 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
"6673c2ec-4179"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TVbXVEGczZHSHij%2BqwFLffCBM0igbGyqCLb30sWXwxWLzE5BxqVrJM2sJ136AGA4ldOZnZPy7P6lX1b1%2BCvjz13WAvKfO%2BRy8lOwn9dtHUqevyuuxTdhz%2BlWfI0A6vLuccBi1Gi3zbuUsCr%2F3N90"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=86400, public
accept-ranges
bytes
cf-ray
8992aa1ba9d9b8ca-AMS
expires
Wed, 26 Jun 2024 03:48:42 GMT
icon-live.43457c20.png
www.ph143ag1.com/m/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ph143ag1.com/m/icon-live.43457c20.png
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
785a748bd1218adca308f1774954629f8236eb1acb320f0b31e2998d4c6a5ab5
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:43 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7141
content-length
15725
last-modified
Thu, 20 Jun 2024 05:49:31 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
"6673c2eb-3d6d"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KFiJc57FLQSfreGriLrnE9j1zXAPP35nVL8yY7Ixl5IeoD8OpVYtIkZtfOaZ30nQhwSBygkrIE%2F7PpfFsg1%2FGDgJ7qw2jxpINAw7ipU3vgRYDcBEABGYuj5ALUOcn014RxEpOzpl%2FTywfydX4ARo"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=86400, public
accept-ranges
bytes
cf-ray
8992aa1ba9dab8ca-AMS
expires
Wed, 26 Jun 2024 03:48:42 GMT
icon-fish.011a417f.png
www.ph143ag1.com/m/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ph143ag1.com/m/icon-fish.011a417f.png
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43b0a3dc0e2dc8bd706466142a168f0e87b1d744898bfca4632a9f78fe93e7f1
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:43 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7137
content-length
15755
last-modified
Thu, 20 Jun 2024 05:49:32 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
"6673c2ec-3d8b"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JhE9%2FbYXNarkA9FDz9Y%2BkjXieDSH72UPP87CG%2BJPbOobZihub5JFuEyRT4M0CuXsE%2Bni0S5EVAXP%2FPh4y88CtghBxXVkC%2F15EXyh57jGdT57Ofgi10Gc3Vxc736olaVdEBEcgaqHPTCbZaX7g2Ip"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=86400, public
accept-ranges
bytes
cf-ray
8992aa1ba9dbb8ca-AMS
expires
Wed, 26 Jun 2024 03:48:46 GMT
icon-bingo.f84f8460.png
www.ph143ag1.com/m/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ph143ag1.com/m/icon-bingo.f84f8460.png
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65f89a92d1497eb9865ec7b926561d172d52850220cfe442473c0d129c1092b3
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:43 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
4163
last-modified
Thu, 20 Jun 2024 05:49:31 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
"6673c2eb-1043"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SU42ju9cYw0JN5ZNSHxwATFsmVNuikDFlxwBU6AKyDj1zOU5ZaVwurHbffpblBGWkzH6PISCeUcQ8hgkijEvpLjFdjWBw61a99Ha3xwNT8rkpAdjWWBK6%2FhNJP4gCtiWSNDBSCcB7ewn1HyI8bsm"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=86400, public
accept-ranges
bytes
cf-ray
8992aa1ba9dcb8ca-AMS
expires
Wed, 26 Jun 2024 05:47:43 GMT
icon-cockfight.0bc4de35.png
www.ph143ag1.com/m/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ph143ag1.com/m/icon-cockfight.0bc4de35.png
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
065b6f7982cd784fdcd70637c2736666fdc68032743b829145acb07f2904a5fc
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:43 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7137
content-length
19577
last-modified
Thu, 20 Jun 2024 05:49:31 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
"6673c2eb-4c79"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1MAsvdbFTa6P%2F9wqBSfuDpRopbiuq7LjU18VfMKjn43t2o%2FbOczBmL3dL4Yne6b%2BCx6EyuJeoImQMWmZRDAMAOwYFFA0n0bb1wWe91cIZb8wvzAL0IOJBKEYEqzTmEhZ5zKx9g0Z4AFp8N0WAGS2"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=86400, public
accept-ranges
bytes
cf-ray
8992aa1ba9ddb8ca-AMS
expires
Wed, 26 Jun 2024 03:48:46 GMT
icon-pvp.b61bd5f8.png
www.ph143ag1.com/m/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ph143ag1.com/m/icon-pvp.b61bd5f8.png
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
844d81a148cbebde71e860c572b6446cfe683d69167f0ea18ea8b7e04cdbbcfb
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:43 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7137
content-length
13652
last-modified
Thu, 20 Jun 2024 05:49:31 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
"6673c2eb-3554"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nTn8Bi7LtPcD%2FQuB1m%2BrqQKyT3lDqKjwa7OcmiJf%2FopxsXcPtgu3V9K8QH7aWv0T22%2FkoB86MSqNjoSgbuwXoVSq6%2BRbJT9j%2F3T133FauYVqwyoIiMTQpCFW4EggrCufbayj0%2F0btayk2XXut2P%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=86400, public
accept-ranges
bytes
cf-ray
8992aa1ba9deb8ca-AMS
expires
Wed, 26 Jun 2024 03:48:46 GMT
icon-elott.0962f0e8.png
www.ph143ag1.com/m/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ph143ag1.com/m/icon-elott.0962f0e8.png
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a01fa050feec3ec15871155727ee29d8e5c5e61170115f3229eee577058b1bfe
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:43 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7137
content-length
11382
last-modified
Thu, 20 Jun 2024 05:49:32 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
"6673c2ec-2c76"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JfFlqnN7uDbvm8cAi%2F6028%2B%2FZJ2SQw3g4cwugdG3ja49qfIau2KdnDUdkWTBWEzroBYUvhPEe1OFFh%2F0rhLdQxnarsOf0CP%2Fhm7I0DbbN%2BapNj6eZ5S1iNdpC4tyPB3UbHg4Eq2v9%2Bg9Nuk2455b"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=86400, public
accept-ranges
bytes
cf-ray
8992aa1ba9e0b8ca-AMS
expires
Wed, 26 Jun 2024 03:48:46 GMT
icon-sports.bf6b005a.png
www.ph143ag1.com/m/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ph143ag1.com/m/icon-sports.bf6b005a.png
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fdf85d77111e14059150c36222932ab65f76b26d4066f4212e82c8e9cd59503
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:43 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7137
content-length
19533
last-modified
Thu, 20 Jun 2024 05:49:32 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
"6673c2ec-4c4d"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PL29CGMmk1MswK0f925OL1z5shbtWLRGRd3%2BDgvZ%2Bs3Jdw0vUm2tLVmfRu0izHBJOt1Ug4YzQkUZWdq5fWoxcs38U%2FB9XO30Ax1t5rchK5zWvgCpGhr%2Bq0I3NXhuFf75Mllv1DpH8VS4YTeO82Hv"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=86400, public
accept-ranges
bytes
cf-ray
8992aa1ba9e1b8ca-AMS
expires
Wed, 26 Jun 2024 03:48:46 GMT
icon-esports.29c78504.png
www.ph143ag1.com/m/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ph143ag1.com/m/icon-esports.29c78504.png
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c09960ebd807139ecb161e94c770414ff4a06d94d6e6143bd0778235cf63734
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:43 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6842
content-length
4936
last-modified
Thu, 20 Jun 2024 05:49:32 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
"6673c2ec-1348"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GHKRjhTGURclvbTy%2FwV9%2FXcRtOdFVBwlj8z8lce2yw8Vb7BRjIOFllRKcdzfIcy6dHDRiHgjlYP72%2FpR1E1rWzguTR8fw90yOo97hWNNcnoyY7zJWK0%2Fg%2FnjtXYoY3smoyaQr2lnS8EoyDQCbKZa"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=86400, public
accept-ranges
bytes
cf-ray
8992aa1ba9e2b8ca-AMS
expires
Wed, 26 Jun 2024 03:53:40 GMT
1719056503434_PH143%20PAYDAY%20POP-UP%20MOBILE.png
images.11029984.com/mcs-images/announcement/ph143f3/ 		130 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.11029984.com/mcs-images/announcement/ph143f3/1719056503434_PH143%20PAYDAY%20POP-UP%20MOBILE.png
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28acc9aa87208d7d8834b794f1f83dada055d1048801030759af542d68a0ebcd
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:43 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
61906
content-length
133267
img-proxy-cache-tier2
HIT
last-modified
Sat, 22 Jun 2024 11:42:25 GMT
server
cloudflare
etag
"6676b8a1-20893"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Up09ESAxy1%2BTNZzl6BLNU3ZNxQpoDQ9lmFqVjSYk%2FhQ5HFr93vCijJ8werilnaQtnpNBcumyIH3s1EzFCLpS6imMqqIgkVpGxN7UA360QvNkUIKuiGtUMzJszorTPT0Q2qNl9C27zuOeKhEN3MqkyMo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400, public
accept-ranges
bytes
cf-ray
8992aa1c9fae9f82-AMS
expires
Tue, 25 Jun 2024 12:35:57 GMT
1718299094555_Payday%20promo%20ph143.png
images.11029984.com/mcs-images/announcement/ph143f3/ 		149 KB
150 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.11029984.com/mcs-images/announcement/ph143f3/1718299094555_Payday%20promo%20ph143.png
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4099f93d93eb9ca1493918b22fc48ce2ed13f29aedc8934939e1361502702de
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:43 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
61906
content-length
153016
img-proxy-cache-tier2
HIT
last-modified
Thu, 13 Jun 2024 17:18:14 GMT
server
cloudflare
etag
"666b29d6-255b8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QGvk4rGfFoQJfAGGrfEbQmNCHzkO8ROskis5fSMKYXpm6zmJV67LC291DwaR03Bxlka3DNJoWVU1aKDRC%2BNEUR3irJ9FFgcIU4Z2OJt88bS3zwGzCNrFPe%2BuQrHf3bdF0NJae7w6fdGYQk4FrUNQfrw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400, public
accept-ranges
bytes
cf-ray
8992aa1c9fb09f82-AMS
expires
Tue, 25 Jun 2024 12:35:57 GMT
1718299105900_Payday%20example.png
images.11029984.com/mcs-images/announcement/ph143f3/ 		159 KB
160 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.11029984.com/mcs-images/announcement/ph143f3/1718299105900_Payday%20example.png
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dbbda1f988be41d006bc86bc7fed3934954db5b8173340e478326dc14c32f8a
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:43 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7139
content-length
163056
img-proxy-cache-tier2
MISS
last-modified
Thu, 13 Jun 2024 17:18:26 GMT
server
cloudflare
etag
"666b29e2-27cf0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z%2FswyDrbpueZWFu%2BpVqy%2BoEW5AmO6rkF2XsQnphkOcQ0DcyNwyMLmXZtbkvRFdVWWUQOLldX10dXoSTut7KeCUxf0CYriZFiUeYYxzONPQ3sV%2BKuFdqmYABTwAXynhnRmTsaoe7MHyGoTA4xU4A7kVU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400, public
accept-ranges
bytes
cf-ray
8992aa1c9fb39f82-AMS
expires
Wed, 26 Jun 2024 03:48:43 GMT
1718377760389_Add%20a%20little%20bit%20of%20body%20text.jpeg
images.11029984.com/mcs-images/announcement/ph143f3/ 		385 KB
385 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.11029984.com/mcs-images/announcement/ph143f3/1718377760389_Add%20a%20little%20bit%20of%20body%20text.jpeg
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8ec845ef3bf5895a09e4b9ba6b91063592b8f126f967783bb4434aeba7ec6db
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:43 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7140
content-length
393863
img-proxy-cache-tier2
HIT
cf-bgj
h2pri
last-modified
Fri, 14 Jun 2024 15:09:20 GMT
server
cloudflare
etag
"666c5d20-60287"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U0TY%2BlUlPgNqJvw8xqgbqaZqLNgutYk7tNAmhUnyjDIA6d3aQdF74o%2BGCDSHKkFTimZXptfzRCMeNH%2FL2L7PCsp0n3q8DdwowhClsiPKRIC5P6j7gfUB3q9w4DhTAfyucSGYIG0OSl0e1YUUc0PzaSw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400, public
accept-ranges
bytes
cf-ray
8992aa1c9fb49f82-AMS
expires
Wed, 26 Jun 2024 03:48:43 GMT
1716557242575_photo_2024-05-24_20-23-20.jpeg
images.11029984.com/mcs-images/announcement/ph143f3/ 		133 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.11029984.com/mcs-images/announcement/ph143f3/1716557242575_photo_2024-05-24_20-23-20.jpeg
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
662a088015d8a0df739e5b094967b9636757b54e28a126cd0b64d034ca882a87
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:43 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7135
content-length
136691
img-proxy-cache-tier2
MISS
cf-bgj
h2pri
last-modified
Fri, 24 May 2024 13:27:22 GMT
server
cloudflare
etag
"665095ba-215f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2FTfCQKv5c1lYIGqQiH3C%2F8M4ARlwOBnBvXqICQTaijLmpiwWJeyyYIoujFYVwwfgCP%2F3%2Brzq44Ca%2BzkRsvDa1%2F9HdNGgshV%2BeYl5i2jd%2FuDkk7VpiO7yYIdboR3tbLHWlVWW6FDmMApqQdHjqcU2pY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400, public
accept-ranges
bytes
cf-ray
8992aa1c9fb59f82-AMS
expires
Wed, 26 Jun 2024 03:48:47 GMT
ORIENTATION%20FTD%20BONUS%20carousel_1715673614890.jpeg
images.11029984.com/mcs-images/announcement/ph143f3/ 		348 KB
349 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.11029984.com/mcs-images/announcement/ph143f3/ORIENTATION%20FTD%20BONUS%20carousel_1715673614890.jpeg
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfad93810b619fcde33567d47452a6be190b0d5c660dc8716f836dd733998aa7
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:43 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
61904
content-length
356500
img-proxy-cache-tier2
MISS
cf-bgj
h2pri
last-modified
Tue, 14 May 2024 08:00:15 GMT
server
cloudflare
etag
"66431a0f-57094"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ctI2kCE9HlM2f9hJf%2FSVaTcN7arYV8K%2FfsIkkBOX3a3uv3aUnSQhbJc%2FzBpz%2BC57ywtGZuyXnvbGplgcgBmoo8n7qlB8p8XzClhfeG6wsf7kO6uj13sb5Va4EDl3BOObOlmVtqfIyuBKkLrHVfhSOQQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400, public
accept-ranges
bytes
cf-ray
8992aa1c9fb79f82-AMS
expires
Tue, 25 Jun 2024 12:35:59 GMT
1920129_1715260933716.png
images.11029984.com/mcs-images/announcement/ph143f3/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.11029984.com/mcs-images/announcement/ph143f3/1920129_1715260933716.png
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb5dc00cd4932ce03e3fcc262bc5df95d7799e15d6fe1e6d7f6400858c493d88
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:43 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
61904
content-length
52993
img-proxy-cache-tier2
MISS
last-modified
Thu, 09 May 2024 13:22:13 GMT
server
cloudflare
etag
"663cce05-cf01"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oBBhQw6O35DlssY%2FSgMoq5oXolWw4wu9uYPGlcK7NIKaCFq8Dxp1NeMHVmzcPar%2FQvZd29xUP%2F92qxAh3nsUIJu7wX1Xq5oI628%2BJQliMZ0XZFEXAT8FNKitkjcZhjl6tnmieakGle1v72vY3v0gxoE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400, public
accept-ranges
bytes
cf-ray
8992aa1c9fba9f82-AMS
expires
Tue, 25 Jun 2024 12:35:59 GMT
1672053_1703839481557_1715416189729.jpeg
images.11029984.com/mcs-images/announcement/ph143f3/ 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.11029984.com/mcs-images/announcement/ph143f3/1672053_1703839481557_1715416189729.jpeg
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
642a906b3afbbda0b17599710fa7edcd616d6e11deccfec4fa7a248075325c1d
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:43 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
61904
content-length
72183
img-proxy-cache-tier2
MISS
cf-bgj
h2pri
last-modified
Sat, 11 May 2024 08:29:50 GMT
server
cloudflare
etag
"663f2c7e-119f7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AOcDQ6sWCZFSnLAm0Ttssx40nTqge%2F6Xr%2BzhSKJuIyiVkr4e0Zuwl0BcT8q49pBZtzH7MRYD63jI8zAf2S5gRfBZlMzBE6DUmnodahA%2FK0zCsbj5S3PWlx0dwNZ6CXyORjM1%2B%2FSnJbLpH%2FWUQ7IL%2F18%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400, public
accept-ranges
bytes
cf-ray
8992aa1e19159f82-AMS
expires
Tue, 25 Jun 2024 12:35:59 GMT
1672053_1703520130996_1715416652299.jpeg
images.11029984.com/mcs-images/announcement/ph143f3/ 		176 KB
177 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.11029984.com/mcs-images/announcement/ph143f3/1672053_1703520130996_1715416652299.jpeg
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
410ebb6899ad66cc42895d1c5d9d95dc4b44899bc9245b258c52ad07a2b52a16
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:43 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
61904
content-length
180314
img-proxy-cache-tier2
MISS
cf-bgj
h2pri
last-modified
Sat, 11 May 2024 08:37:32 GMT
server
cloudflare
etag
"663f2e4c-2c05a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fundx8gyeH%2FR0CE8wdexOcXfBzX2rGFCVhF%2FZxSNfVo8ZycG%2Bz9s3WYaLbkPwr7iGjXlZtgHO%2F2IrftJUuYSvZxYusk36oEnHehx%2F2wx6ToSVb%2Fat%2BntxPZjlaVWYBw%2BboUefuHzktG7GOrlngz9nG8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400, public
accept-ranges
bytes
cf-ray
8992aa1e19169f82-AMS
expires
Tue, 25 Jun 2024 12:35:59 GMT
mcs_1693560422884_567x378%20(3)_1715417373448.jpeg
images.11029984.com/mcs-images/announcement/ph143f3/ 		235 KB
235 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.11029984.com/mcs-images/announcement/ph143f3/mcs_1693560422884_567x378%20(3)_1715417373448.jpeg
Requested by
Host: www.ph143ag1.com
URL: https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd3c28dceca9b805d3ecb945cb88b2e646fc77f74a738d2fb858216e7b991801
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:43 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
61904
content-length
240469
img-proxy-cache-tier2
MISS
cf-bgj
h2pri
last-modified
Sat, 11 May 2024 08:49:33 GMT
server
cloudflare
etag
"663f311d-3ab55"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iY%2F8K%2FI7JGXRjbGDkvgBKoZOLkGKv0GKPLuv6QyTQX8DFZqu9BBb5bPAvSX5FFuCP1r5Qy%2FW%2F32gualJEd58cg3rpeXNsTEmtFt8E9tyQU4VUHrVtIIrqJvxr%2BEsCHzdAz9JtB%2BCDuK%2FqqAHyKc0Okw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400, public
accept-ranges
bytes
cf-ray
8992aa1e19179f82-AMS
expires
Tue, 25 Jun 2024 12:35:59 GMT
573871f0_5
app.chatplus.jp/api/chat/design/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.chatplus.jp/api/chat/design/573871f0_5
Requested by
Host: app.chatplus.jp
URL: https://app.chatplus.jp/cp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.195.86.179 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-195-86-179.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
9fd2ea422582d5c7474dfeae3d1f47a457915311768fc403db26e3dbe6beaf7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 25 Jun 2024 05:47:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
p3p
CP="CAO PSA OUR"
cache-control
max-age=60
content-length
3157
x-xss-protection
1; mode=block
expires
Tue, 25 Jun 2024 05:48:44 GMT
favicon.png
www.ph143ag1.com/m/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.ph143ag1.com/m/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:172e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
557c15395974ebe3934299f24eadbbc429d731e7262826fd911e26a50457b3b9
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/m/home?affiliateCode=dxin005
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:43 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6842
content-length
1536
last-modified
Thu, 20 Jun 2024 05:49:32 GMT
server
cloudflare
tl-proxy-cache-tier2
MISS
etag
"6673c2ec-600"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oBSRX1Fdrk9YRB8toh9%2F4DRd6Lt69QJh7vnsrlovJQtph8UM33fA8BNduEwIb4NYgjSHNnxq4PBVwmzR3d5fcTl7rZjRZrIgS%2Bk9nQTmHRufmPmisDpvZ%2BArG5stu41KoY15R8NlL1yvruI5P9Ni"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=86400, public
accept-ranges
bytes
cf-ray
8992aa1f5e1eb8ca-AMS
expires
Wed, 26 Jun 2024 03:53:41 GMT
all-cp.min.css
appimg.chatplus.jp/app/s/lib/font-awesome-5.13.1/css/ 		123 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://appimg.chatplus.jp/app/s/lib/font-awesome-5.13.1/css/all-cp.min.css
Requested by
Host: app.chatplus.jp
URL: https://app.chatplus.jp/cp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
47530516183836299ec677b727ae8331d946ba8aa3fa37196bb9ca3b3df6ca47

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:45:47 GMT
content-encoding
gzip
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Wed, 24 Jun 2020 02:41:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
118
etag
W/"7d4337131066191daa6afe7fd7570352"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
sYjCnNHRWoIpIUB_fxVNqjwQ6GCSi-VGoIM8leKWpWb8Ub9wu_j6ZQ==
chat_common.min.css
app.chatplus.jp/assets/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.chatplus.jp/assets/css/chat_common.min.css?v=20240624
Requested by
Host: app.chatplus.jp
URL: https://app.chatplus.jp/cp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.195.86.179 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-195-86-179.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
19e1a521ca04e1c2c2979c163c4f709362d6308115dde4d7759b013fccb97570
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 07 Jul 2023 02:26:37 GMT
server
Apache
etag
"1ac1-5ffdc5cb7f140-gzip"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
p3p
CP="CAO PSA OUR"
cache-control
max-age=900
accept-ranges
bytes
content-length
1874
x-xss-protection
1; mode=block
expires
Tue, 25 Jun 2024 06:02:44 GMT
chat.min.css
app.chatplus.jp/assets/css/ 		89 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.chatplus.jp/assets/css/chat.min.css?v=20240624
Requested by
Host: app.chatplus.jp
URL: https://app.chatplus.jp/cp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.195.86.179 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-195-86-179.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
5842acb42442308670b5641d8111c0c531f06f6bef7bb948968a0b2791c675bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 20 Jun 2024 00:22:33 GMT
server
Apache
etag
"1650e-61b474fa36440-gzip"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
p3p
CP="CAO PSA OUR"
cache-control
max-age=900
accept-ranges
bytes
content-length
14934
x-xss-protection
1; mode=block
expires
Tue, 25 Jun 2024 06:02:44 GMT
design.1719122085.css
appimg.chatplus.jp/app/22138/style/5/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://appimg.chatplus.jp/app/22138/style/5/design.1719122085.css
Requested by
Host: app.chatplus.jp
URL: https://app.chatplus.jp/cp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
05e037bda23a8779c8e2967a3b91398ebe7958d488cb00e898b1c51badee1fe8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:44 GMT
content-encoding
gzip
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Sun, 23 Jun 2024 05:54:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
354
x-amz-server-side-encryption
AES256
etag
W/"5c426d44d0a6488c0883ce1c265e4428"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000,immutable
x-amz-cf-id
1sInxVe3zkLmUeiPOw4fJWpVKM-Rrgs7l8vROm-86yH2kojC-3ARwA==
expires
Mon, 23 Jun 2025 05:54:45 GMT
custom.1718697538.css
appimg.chatplus.jp/app/22138/style/5/ 		206 B
640 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://appimg.chatplus.jp/app/22138/style/5/custom.1718697538.css
Requested by
Host: app.chatplus.jp
URL: https://app.chatplus.jp/cp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
030c74cbbc20a4a54b2e4c426a68e8fd4931407db1262a959d3e47d28966dd2f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 04:50:57 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
3408
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
206
last-modified
Tue, 18 Jun 2024 07:58:59 GMT
server
AmazonS3
etag
"9d17b196c4d825b8bf8702616f2fe3a0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
8UcynSCMXWERGVQpXRBUSY_tXFsaXAbGlTb1dZj9ZhQw0RJRPGIK1g==
expires
Wed, 18 Jun 2025 07:58:58 GMT
onerror.min.js
app.chatplus.jp/assets/js/app/ 		811 B
839 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.chatplus.jp/assets/js/app/onerror.min.js
Requested by
Host: app.chatplus.jp
URL: https://app.chatplus.jp/cp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.195.86.179 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-195-86-179.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
fe46dd6be5884ae213eb7606106fd8788b53989070f59e5942e673542079edba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 01 Nov 2021 08:55:19 GMT
server
Apache
etag
"32b-5cfb656188bc0-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
p3p
CP="CAO PSA OUR"
cache-control
max-age=900
accept-ranges
bytes
content-length
497
x-xss-protection
1; mode=block
expires
Tue, 25 Jun 2024 06:02:44 GMT
visitor-client.min.js
app.chatplus.jp/assets/js/app/ 		65 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.chatplus.jp/assets/js/app/visitor-client.min.js?v=20240624
Requested by
Host: app.chatplus.jp
URL: https://app.chatplus.jp/cp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.195.86.179 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-195-86-179.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
5127736c0d1d7dcc021234801a3f01d8e8046a9b645c25f529551440d2f2cacd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 20 Jun 2024 00:22:33 GMT
server
Apache
etag
"10326-61b474fa36440-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
p3p
CP="CAO PSA OUR"
cache-control
max-age=900
accept-ranges
bytes
content-length
14829
x-xss-protection
1; mode=block
expires
Tue, 25 Jun 2024 06:02:44 GMT
slick.min.js
appimg.chatplus.jp/app/s/lib/ 		43 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appimg.chatplus.jp/app/s/lib/slick.min.js
Requested by
Host: app.chatplus.jp
URL: https://app.chatplus.jp/cp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0b7302b6c1ee6eb398d537297a689e2f349b46b31cfa080d361e07c36c936869

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 04:58:39 GMT
content-encoding
gzip
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Wed, 21 Jun 2023 08:13:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
2965
x-amz-server-side-encryption
AES256
etag
W/"1490a64876b8b2b59847f82da6b7f3da"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
_5ugpouEMz_vM4_Wx6JCcn4RcsI8bbkXlEdmCJw4ApnTiNgeEgFoKQ==
startup
app.chatplus.jp/api/lead/ 		37 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.chatplus.jp/api/lead/startup?key=573871f0_5&page=https%253A%252F%252Fwww.ph143ag1.com%252Fm%252Fhome%253FaffiliateCode%253Ddxin005&a=241463
Requested by
Host: app.chatplus.jp
URL: https://app.chatplus.jp/cp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.195.86.179 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-195-86-179.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
9fb61b28f5156a1cc01fcfe415d74b70dd826dee64ab50afc0f8c97f2c813067
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:44 GMT
x-content-type-options
nosniff
server
Apache
content-type
application/json
access-control-allow-origin
*
p3p
CP="CAO PSA OUR"
cache-control
max-age=60
content-length
37
x-xss-protection
1; mode=block
expires
Tue, 25 Jun 2024 05:48:44 GMT
output.tag.js
app.chatplus.jp/assets/js/riot-tags/ 		23 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.chatplus.jp/assets/js/riot-tags/output.tag.js?v=20240624
Requested by
Host: appimg.chatplus.jp
URL: https://appimg.chatplus.jp/app/s/lib/riot/3.13.2/riot%2Bcompiler_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.195.86.179 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-195-86-179.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
f74d6f4a8155588aaec89416d31d6c73140ff4034da0a097a09eb6b0a7fa428b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 10 May 2024 04:37:01 GMT
server
Apache
etag
"5c3b-6181216303540-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
p3p
CP="CAO PSA OUR"
cache-control
max-age=900
accept-ranges
bytes
content-length
6886
x-xss-protection
1; mode=block
expires
Tue, 25 Jun 2024 06:02:45 GMT
chat.tag.js
app.chatplus.jp/assets/js/riot-tags/ 		246 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.chatplus.jp/assets/js/riot-tags/chat.tag.js?v=20240624
Requested by
Host: appimg.chatplus.jp
URL: https://appimg.chatplus.jp/app/s/lib/riot/3.13.2/riot%2Bcompiler_2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.195.86.179 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-195-86-179.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
27aba341550dcb4406775a76ca6e0e1f89c5da2915dd194f77f364817f3437ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 24 Jun 2024 09:20:49 GMT
server
Apache
etag
"3d73d-61b9f4c027b3a-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
p3p
CP="CAO PSA OUR"
cache-control
max-age=900
accept-ranges
bytes
content-length
47675
x-xss-protection
1; mode=block
expires
Tue, 25 Jun 2024 06:02:45 GMT
parts
app.chatplus.jp/api/chat/ 		65 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.chatplus.jp/api/chat/parts
Requested by
Host: appimg.chatplus.jp
URL: https://appimg.chatplus.jp/app/s/lib/jqueryc.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.195.86.179 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-195-86-179.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
442c2cfd91f07966782df95be874fb2cc92a0cc8f5db31df32b4f055524c4764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://www.ph143ag1.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:46 GMT
x-content-type-options
nosniff
server
Apache
content-type
application/json
access-control-allow-origin
*
p3p
CP="CAO PSA OUR"
cache-control
max-age=60
content-length
65
x-xss-protection
1; mode=block
expires
Tue, 25 Jun 2024 05:48:46 GMT
initialize
app.chatplus.jp/api/chat/ 		895 B
791 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.chatplus.jp/api/chat/initialize
Requested by
Host: appimg.chatplus.jp
URL: https://appimg.chatplus.jp/app/s/lib/jqueryc.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.195.86.179 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-195-86-179.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
7ef6e7f05d02f4b9d3f716adf7f4e8055b4cdf4ccea8e71b5704b870ff4bed37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://www.ph143ag1.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
p3p
CP="CAO PSA OUR"
cache-control
max-age=60
content-length
447
x-xss-protection
1; mode=block
expires
Tue, 25 Jun 2024 05:48:46 GMT
fa-solid-900.woff2
appimg.chatplus.jp/app/s/lib/font-awesome-5.13.1/webfonts/ 		138 KB
139 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://appimg.chatplus.jp/app/s/lib/font-awesome-5.13.1/webfonts/fa-solid-900.woff2
Requested by
Host: appimg.chatplus.jp
URL: https://appimg.chatplus.jp/app/s/lib/font-awesome-5.13.1/css/all-cp.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c4076badc540e6416c97b7202cfb69b7c9b4a5f9750cbf01a0bd3b0ad6fecc9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://appimg.chatplus.jp/app/s/lib/font-awesome-5.13.1/css/all-cp.min.css
Origin
https://www.ph143ag1.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:48 GMT
via
1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
RefreshHit from cloudfront
content-length
141672
last-modified
Wed, 24 Jun 2020 02:41:27 GMT
server
AmazonS3
etag
"727b77536bbffb67b6610e2a1674403c"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
ZJCkdNSE1xIo1ydv7FffxC1Us5q_q7O4YCqYgaWIeB0HXwW1rh93yg==
ping
app.chatplus.jp/api/chat/ 		119 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.chatplus.jp/api/chat/ping
Requested by
Host: appimg.chatplus.jp
URL: https://appimg.chatplus.jp/app/s/lib/jqueryc.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.195.86.179 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-195-86-179.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
452e319beb9942a0beb4319b5fd71f01a11595ffe6bf84d11f42539e6bc9ecab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://www.ph143ag1.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
p3p
CP="CAO PSA OUR"
cache-control
max-age=60
content-length
117
x-xss-protection
1; mode=block
expires
Tue, 25 Jun 2024 05:48:46 GMT
eyecatcher5.1718867431.png
appimg.chatplus.jp/app/22138/eyecatcher/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://appimg.chatplus.jp/app/22138/eyecatcher/eyecatcher5.1718867431.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5280d16d6eecb01f460c0403c1baefe3404df40fd582603f4ac86daed6ff6158

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ph143ag1.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 05:47:48 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Thu, 20 Jun 2024 07:10:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
x-amz-server-side-encryption
AES256
etag
"f34b274aaa27f5e8ed42c520ad581a59"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
40164
x-amz-cf-id
k50NmZjxLQB_9Plp0OnZd7-1WuEr3XiDadzDdaBZ4nw5JopQqTJe-A==
expires
Thu, 20 Jun 2024 07:10:32 GMT
message.mp3
appimg.chatplus.jp/app/s/sound/ 		8 KB
9 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://appimg.chatplus.jp/app/s/sound/message.mp3?2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f9b2d31183439f1dde3b83a9e32e46a33456e1daa2e0dfa83203ec32f80f89d6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer
https://www.ph143ag1.com/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 00:52:23 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Thu, 10 May 2018 02:03:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
449724
etag
"a6f39880154022c702b7422b72fdefb8"
x-cache
Hit from cloudfront
content-type
audio/mp3
Content-Range
bytes 0-8492/8493
cache-control
max-age=604800
accept-ranges
bytes
x-amz-cf-id
IXFVPHE6-OnPxjPVDnvSIaYB7btGaSKmpQO7v3kqNQCFj3W5FRtA1Q==
Content-Length
8493
start.mp3
appimg.chatplus.jp/app/s/sound/ 		16 KB
16 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://appimg.chatplus.jp/app/s/sound/start.mp3?2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2bf07f5817646f6a8a7446410fb1401924d1ee2973012955ee5516d4e1b91d44

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer
https://www.ph143ag1.com/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 20:12:42 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Thu, 10 May 2018 02:03:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
34671
etag
"5a6abb6f1e4ba26cdfd25b2ae091fc23"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
audio/mp3
Content-Range
bytes 0-16344/16345
cache-control
max-age=604800
accept-ranges
bytes
x-amz-cf-id
2LTmO3wxdlmpsV7MGc9ydOIwLC4cGDc0AD70gv2miNCaGM2wxZya7w==
Content-Length
16345

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| BigInt object| event object| fence object| sharedStorage function| webpackJsonp object| CryptoJS function| RSAKeyPair function| twoDigit function| encryptedString number| biRadixBase number| biRadixBits number| bitsPerDigit number| biRadix number| biHalfRadix number| biRadixSquared number| maxDigitVal number| maxInteger number| maxDigits object| ZERO_ARRAY object| bigZero object| bigOne function| setMaxDigits number| dpl10 object| lr10 function| biFromDecimal function| biCopy function| biFromNumber function| reverseStr object| hexatrigesimalToChar function| biToString function| biToDecimal object| hexToChar function| digitToHex function| biToHex function| charToHex function| hexToDigit function| biFromHex function| biFromString function| biDump function| biAdd function| biSubtract function| biHighIndex function| biNumBits function| biMultiply function| biMultiplyDigit function| arrayCopy object| highBitMasks function| biShiftLeft object| lowBitMasks function| biShiftRight function| biMultiplyByRadixPower function| biDivideByRadixPower function| biModuloByRadixPower function| biCompare function| biDivideModulo function| biDivide function| biModulo function| biMultiplyMod function| biPow function| biPowMod function| BarrettMu function| BarrettMu_modulo function| BarrettMu_multiplyMod function| BarrettMu_powMod function| rndString string| publicRsa function| getSend function| _getI18n function| _t function| processResponse function| createXMLHttpRequest string| message boolean| success function| getPulicRsa function| rsaEncrypt function| rsaEncryptV2 function| desDecrypt function| reRsa function| reRsaV2 function| vendor_bfecf9835394b3979306 function| setImmediate function| clearImmediate function| _handleDebugError object| tcgmodulemc function| webpackJsonptcgmodulemc function| _ object| PubSub object| globalPubSub function| Hammer boolean| _IM_DEBUG object| globalHistory object| Base64 function| detectIncognito function| initBotion undefined| splashPrefix string| appIconKey string| a2hsTheme string| a2hsPreferWay function| showA2HS number| brand function| NoSleep function| Compressor function| html2canvas number| _lottJsCount function| _loadLottJs function| scriptOnLoad object| bettingCompress object| lottTranslator object| chatplus number| jp_chatplus_app_accessTime boolean| jpChatplusOnComplete string| __cp_c string| __cp_d undefined| __cp_t undefined| __cp_p undefined| __cp_f undefined| __cp_o object| __cp_tracker object| __cp_design string| __cp_vi function| __ object| riot function| jQueryPlus object| ChatplusScript object| _chatplusscript_updateUser_callback object| _chatplusscript_getLeadOne_callback object| ChatplusAppScript object| ChatplusAction string| access_key string| site_id string| va object| chatplusData

2 Cookies

Domain/Path Name / Value
www.ph143ag1.com/ Name: jp_chatplus_vtoken
Value: m3mmyv4l7i13vq2pzzlt573871f0
app.chatplus.jp/ Name: jp_chatplus_ctoken
Value: m3mmyv4l7i13vq2pzzlt573871f0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.chatplus.jp
appimg.chatplus.jp
cdnjs.cloudflare.com
images.11029984.com
lucky0018a.bingo
www.ph143ag1.com
104.17.25.14
13.115.148.249
13.32.99.120
2606:4700:20::681a:113
2606:4700:3037::6815:172e
2a06:98c1:3121::3
52.195.86.179
030c74cbbc20a4a54b2e4c426a68e8fd4931407db1262a959d3e47d28966dd2f
05e037bda23a8779c8e2967a3b91398ebe7958d488cb00e898b1c51badee1fe8
065b6f7982cd784fdcd70637c2736666fdc68032743b829145acb07f2904a5fc
06bd581de568c6d041f8166463f08feea5fa6d26ce3831ae24b7a0356c03aa86
0b7302b6c1ee6eb398d537297a689e2f349b46b31cfa080d361e07c36c936869
136ffb30701c6488dad4746137391ee3c2b4676c904a3a597c9dded2ef769d6c
19e1a521ca04e1c2c2979c163c4f709362d6308115dde4d7759b013fccb97570
1c4076badc540e6416c97b7202cfb69b7c9b4a5f9750cbf01a0bd3b0ad6fecc9
1cb4364fb2402cb31c3c6cba0f4d891dc6753bd1090f6479e9b1604cb5b7784a
1fdf85d77111e14059150c36222932ab65f76b26d4066f4212e82c8e9cd59503
25975fa73991b8d67f0b9852c3dd200a5997c10b977ab2ab605ad5b5a7b31a05
26f0484bcec299ac7bdac1e3d6d2237ba48bdd388061e528a287b35a684e05df
27aba341550dcb4406775a76ca6e0e1f89c5da2915dd194f77f364817f3437ee
27f66f85fb75d2b3b548bc60d01d6aa323b5463f60259b2617c3445c7fee684b
28acc9aa87208d7d8834b794f1f83dada055d1048801030759af542d68a0ebcd
2bf07f5817646f6a8a7446410fb1401924d1ee2973012955ee5516d4e1b91d44
2cec69059d2a7bf217cacede43132c2d79c1546ba063dce5eaabb2b99868d313
2eb12b82b77ce45e1564f2b0a78bb632395cbc8e2ff5ab1aa45701ebc29d362e
2fe2e59f035729cfcc187c98b69bbba11998e5795af21afb64dc06c41ae1b066
349130ef3d0acfe9d4d0234b2a93530cf79ccb42811facc709e6d10ee0ad61cb
34fbd5d5f78cc56dbd81df32c3fc767d84c67f253f86e9b6fced760300a1d3af
36b982cf2de4e54a66a105053a09c7b85786058ddebb4d629a230b3a582ab292
39b96be88052ad5a337fe2fd123b326c737bc657903603ec9078bce0c89fecf7
410ebb6899ad66cc42895d1c5d9d95dc4b44899bc9245b258c52ad07a2b52a16
4149aa5806d51f12fa8cd7101eecceaff9250cc68d4baffcb8ba70b32956a271
43b0a3dc0e2dc8bd706466142a168f0e87b1d744898bfca4632a9f78fe93e7f1
442c2cfd91f07966782df95be874fb2cc92a0cc8f5db31df32b4f055524c4764
452e319beb9942a0beb4319b5fd71f01a11595ffe6bf84d11f42539e6bc9ecab
47530516183836299ec677b727ae8331d946ba8aa3fa37196bb9ca3b3df6ca47
5127736c0d1d7dcc021234801a3f01d8e8046a9b645c25f529551440d2f2cacd
5280d16d6eecb01f460c0403c1baefe3404df40fd582603f4ac86daed6ff6158
541900f224ddeb67b7c04b47993923c3209fb8fd93e36ca3635fc0a683dfc91a
5438bf56d49185300877fd58f32fc7d5756caab62e1da79315a6a870842eab0e
546d2701ca082d126fe12f180214b79cf3e1f7f4b599e3b189e05c942797df4d
557c15395974ebe3934299f24eadbbc429d731e7262826fd911e26a50457b3b9
578d8002d750bbf7b90f801cde62b0e9dfe575766c3de6fa61e097eef5b710ad
5842acb42442308670b5641d8111c0c531f06f6bef7bb948968a0b2791c675bb
642a906b3afbbda0b17599710fa7edcd616d6e11deccfec4fa7a248075325c1d
65f89a92d1497eb9865ec7b926561d172d52850220cfe442473c0d129c1092b3
661ed6c9db5c1df32c85e2c201648796b6774611e4527decf5d07f44bfeeb7c2
662a088015d8a0df739e5b094967b9636757b54e28a126cd0b64d034ca882a87
6652f41cf5c49d62a02522fc5fec11f62ee4e0fe1b50cc6db298bd974a542434
674bcd0fc09836e6cbf23fb15c6744a5820d9d0b37decc71ec9379fca62bb23f
67fa2bb9a69409c8e9ca781a1c5711d455be09f1e7d28ae8a533b52f14833151
6ed5fb4db4dc9e449478b9f701890799f23c2a31a806b6b66165903f6a30305b
7166e93cb70260b8099f86558aff4e8ba82b46f57609e81e944951e01cc97239
7417ff69c20e0cdb511b5f191fcb79b41ca5080255623b64732251085d969f5f
76c67498183ab03e6bcb9c70cdc55e4f63fc5089862ad7b7b40b1e833f782d7f
785a748bd1218adca308f1774954629f8236eb1acb320f0b31e2998d4c6a5ab5
7eeebe9df9e099cb39dbefeff40be9f74018816270eda6b9217f8dcabecc5efa
7ef6e7f05d02f4b9d3f716adf7f4e8055b4cdf4ccea8e71b5704b870ff4bed37
7f3012f520e4aefcff6acbb8cc7198fee604f3f806fd228f59c94077437bda82
844d81a148cbebde71e860c572b6446cfe683d69167f0ea18ea8b7e04cdbbcfb
887b763e53ecaeba7bdddcacb29f7ffaf9da8a3576c2cca7ea4a1ecd14ff731c
8b56e5b39e079583cb009bcb5df27b2c1aa1193f3e9b112a8fe9e0cdfcc938e5
8d1d63e73c39222ae98edbb6569974ba9902f8c7db342b79b53c5749526e5f47
8dbbda1f988be41d006bc86bc7fed3934954db5b8173340e478326dc14c32f8a
8e36e490a37c8149cb1e4fdad4fd53d481f1258f2e4026396405d91f56d406c6
8f9f3e284b84e2cef61ef4c27d3dba821001bdfc814a3beccf1604efbd906911
99cef92aa6295701b3cf20997f2580600dfc2b5f112b713014ec4288717b8c46
9a9b137239a9f6c2b35e22dffad99dfea9387d7181fb01b199b084bea675b720
9b8d20a503efa0296c8142c5c085b769fe95b69ae27c723647285211259c665e
9c09960ebd807139ecb161e94c770414ff4a06d94d6e6143bd0778235cf63734
9fb61b28f5156a1cc01fcfe415d74b70dd826dee64ab50afc0f8c97f2c813067
9fd2ea422582d5c7474dfeae3d1f47a457915311768fc403db26e3dbe6beaf7c
a011ce06e3a02184879870c1ae63ba3f798b50c1dfa69dfbeab7b7323cf54b06
a01fa050feec3ec15871155727ee29d8e5c5e61170115f3229eee577058b1bfe
af4d9b972723248d4d8c95998a1366bf4f369e85a16516ac61eca7b8423e5010
b2ccf7b4106e81339a0204916f3ff80ec80e622efe2bd779cf5407dea7201ff8
b498d07107c9592eeb40d460c3a55309ed4b5e3d9d94f706ee13e8735de5f01a
b52d83c838950e246a848c78cf7d453709fe344ecb3d4b987c4e3688f82a30b3
b8a884688194823f2d8253680bf86f980bc8cf63431a55ff115dc5486b6cb6c5
bfad93810b619fcde33567d47452a6be190b0d5c660dc8716f836dd733998aa7
c7458730f050fed87cec12c9a8f15b3cb3cb696b39fdab0f21ca19142b1c807a
c7c2b77ab05cf5420f27a27bf032a33e41319da2610deed796eb32f930ba2070
c84cbf7d26ba8be259f6bd8cf55249af79c63a5aaa790409def01a9696149439
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9a115ec922bac7b00df1d93b0a02c93f6cf54c64cb9b2a3e250e3b756231ed9
ca22ea2d3e63dccce76d9a5fe15f2f3f3c90b308f0c47eeaa14e085c8931bd06
cb5dc00cd4932ce03e3fcc262bc5df95d7799e15d6fe1e6d7f6400858c493d88
cf370844158c1902d5a9923a423e56e7985addca380fa7d92a7d18564fa41e08
d3ae29a842edc382c11533e281044320967887eebf5832a8f823c81aac77e6f2
d3ddbc416b2628a98282f7da3fdadb4e8a6498f4e26df469e89a9d27638ac74c
d8a83837fa54f54c1b4b7fb80ce1a0dcd0d38ed6ee8c3a8e7be3cfe65ee8cfdc
d9c171652f84ba3191ab27c6172ae858a4f23672f75734fe890c8b42212e1a0b
e1577a7d9228b6e2daabd27e570099eb12358de59bd46c29f5b0f517c9c61664
e1de90c771aeb59a35c624728beb0bd2e25195d8fb2ff52abd9112c55a0ebd16
e3737b9d58fe936ffd50c3b683939bdfca0c0795e930afc187d6e79fce99251d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d643545a62695911755c082324a08b3d46e27ce211875f2e240b36168e1fad
e4099f93d93eb9ca1493918b22fc48ce2ed13f29aedc8934939e1361502702de
e5cde78d2fbd16da9eaf566c97ee5306dc2e9c5ba45cd787e11c935486a065d1
e87e550794322e574a1fda0c1549a3c70dae5a93d9113417a429016838eab8cb
e8ec845ef3bf5895a09e4b9ba6b91063592b8f126f967783bb4434aeba7ec6db
ed3eae6b13606d6c931f1f7eca852b74d04a16348a2b5de238a5bffe5dddc6a3
f107645bdcdadb23a735aea6e45a8661cd1402484c0d0568ebfad759d9b6dda3
f2982287293a5b644b8c1b857015e64739f8ea93a6ce3493da0347a9c9b2abe4
f74d6f4a8155588aaec89416d31d6c73140ff4034da0a097a09eb6b0a7fa428b
f9b2d31183439f1dde3b83a9e32e46a33456e1daa2e0dfa83203ec32f80f89d6
facc55b1088c49c20e20c44ffd96a6f87df2655c94e3e13cf4e564e8a0a53c35
fd1b40a1808fb4901bb33f0905305af2e435442ada7afc74f81b0a96f0242f03
fd3c28dceca9b805d3ecb945cb88b2e646fc77f74a738d2fb858216e7b991801
fe46dd6be5884ae213eb7606106fd8788b53989070f59e5942e673542079edba
ff5cdfddeb7284756b0354521e6f1770cfdd89a1fee7273b7cc8a9a360712c37