urlscan.io logo urlscan.io
SecurityTrails logo

www.hk88casino.com Open in urlscan Pro
104.221.132.71  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://s1sx6.pwl919.com/
Effective URL: https://www.hk88casino.com/
Submission: On April 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 5 countries across 15 domains to perform 107 HTTP transactions. The main IP is 104.221.132.71, located in and belongs to . The main domain is www.hk88casino.com.
TLS certificate: Issued by R3 on April 27th 2024. Valid for: 3 months.
This is the only time www.hk88casino.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
48 172.67.201.163 13335 (CLOUDFLAR...)
1 163.181.92.237 24429 (TAOBAO Zh...)
1 18.172.112.52 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:206... 16509 (AMAZON-02)
1 3.72.164.216 16509 (AMAZON-02)
1 203.107.86.226 37963 (ALIBABA-C...)
6 2a00:1450:400... 15169 (GOOGLE)
1 104.221.132.71 ()
1 3 52.214.77.117 16509 (AMAZON-02)
3 2600:9000:235... 16509 (AMAZON-02)
1 176.34.167.98 16509 (AMAZON-02)
1 63.140.62.222 15224 (OMNITURE)
1 1 52.16.30.197 16509 (AMAZON-02)
1 63.140.62.17 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
107 19
48    172.67.201.163 (United States)

ASN13335 (CLOUDFLARENET, US)
s1sx6.pwl919.com
1    163.181.92.237 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
sdk.51.la
1    18.172.112.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-52.fra60.r.cloudfront.net
tags.benarnews.org
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:206f:2a00:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)
buttons-config.sharethis.com
1    3.72.164.216 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-72-164-216.eu-central-1.compute.amazonaws.com
l.sharethis.com
1    203.107.86.226 (China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
collect-v6.51.la
6    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    104.221.132.71 (None, )

ASN- ()
www.hk88casino.com
3    52.214.77.117 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-77-117.eu-west-1.compute.amazonaws.com
dpm.demdex.net
3    2600:9000:235a:7000:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.tiqcdn.com
1    176.34.167.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-167-98.eu-west-1.compute.amazonaws.com
bbg.demdex.net
1    63.140.62.222 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-222.data.adobedc.net
bbg.sc.omtrdc.net
1    52.16.30.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-30-197.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    63.140.62.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-17.data.adobedc.net
ssc.benarnews.org
3    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
48 pwl919.com
s1sx6.pwl919.com
450 KB
6 gstatic.com
fonts.gstatic.com
143 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
region1.google-analytics.com — Cisco Umbrella Rank: 2404
22 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 233
bbg.demdex.net — Cisco Umbrella Rank: 128234
2 KB
3 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1272
29 KB
2 sharethis.com
buttons-config.sharethis.com — Cisco Umbrella Rank: 5071
l.sharethis.com — Cisco Umbrella Rank: 4715
1 KB
2 benarnews.org
tags.benarnews.org
ssc.benarnews.org
30 KB
2 51.la
sdk.51.la — Cisco Umbrella Rank: 78995
collect-v6.51.la — Cisco Umbrella Rank: 63196
14 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
93 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
347 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1310
517 B
1 omtrdc.net
bbg.sc.omtrdc.net — Cisco Umbrella Rank: 161874
268 B
1 hk88casino.com
www.hk88casino.com
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
1 KB
0 hk88game.com Failed
www.hk88game.com Failed
107 15
Domain Requested by
48 s1sx6.pwl919.com s1sx6.pwl919.com
6 fonts.gstatic.com fonts.googleapis.com
3 www.google-analytics.com tags.benarnews.org
www.google-analytics.com
3 tags.tiqcdn.com tags.benarnews.org
3 dpm.demdex.net 1 redirects
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.google-analytics.com
1 stats.g.doubleclick.net www.google-analytics.com
1 ssc.benarnews.org
1 cm.everesttech.net 1 redirects
1 bbg.sc.omtrdc.net tags.benarnews.org
1 bbg.demdex.net tags.benarnews.org
1 www.hk88casino.com s1sx6.pwl919.com
1 collect-v6.51.la sdk.51.la
1 l.sharethis.com s1sx6.pwl919.com
1 buttons-config.sharethis.com s1sx6.pwl919.com
1 fonts.googleapis.com s1sx6.pwl919.com
1 tags.benarnews.org s1sx6.pwl919.com
1 sdk.51.la s1sx6.pwl919.com
www.hk88casino.com
0 www.hk88game.com Failed www.hk88casino.com
107 20

This site contains no links.

Subject Issuer Validity Valid
pwl919.com
GTS CA 1P5		 2024-04-21 -
2024-07-20		 3 months crt.sh
*.51.la
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-20 -
2024-05-21		 a year crt.sh
tags.voatibetan.com
Amazon RSA 2048 M03		 2023-12-07 -
2025-01-04		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
sharethis.com
Amazon RSA 2048 M03		 2024-04-19 -
2025-05-17		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
www.hk88casino.com
R3		 2024-04-27 -
2024-07-26		 3 months crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M02		 2024-03-19 -
2025-04-17		 a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
*.sc.omtrdc.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-07 -
2025-03-09		 a year crt.sh
ssc.benarnews.org
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-09 -
2025-03-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.hk88casino.com/
Frame ID: 77338245BE91332CA0071B4CC73512C2
Requests: 106 HTTP requests in this frame

Frame: https://bbg.demdex.net/dest5.html?d_nsid=0
Frame ID: CCF128A49C353313AC3CC740F2520760
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://s1sx6.pwl919.com/ Page URL
  2. https://s1sx6.pwl919.com/?btwaf=53997723 Page URL
  3. https://www.hk88casino.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

107
Requests

68 %
HTTPS

42 %
IPv6

15
Domains

20
Subdomains

19
IPs

5
Countries

785 kB
Transfer

2097 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://s1sx6.pwl919.com/ Page URL
  2. https://s1sx6.pwl919.com/?btwaf=53997723 Page URL
  3. https://www.hk88casino.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66
  • https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1714349726848 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1714349726848
Request Chain 71
  • https://cm.everesttech.net/cm/dd?d_uuid=01588518022339153894005676152987656898 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zi7mnwAAAGTqaAO-

107 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
s1sx6.pwl919.com/ 		143 B
639 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s1sx6.pwl919.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
87bb18588e8018c5-FRA
content-encoding
br
content-type
text/html;charset=utf8
date
Mon, 29 Apr 2024 00:15:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WPESd8hrnplsF1MEZrywjwqy%2FQs68ejWjY4GsKYNqmVFS0zLx1uvMVeOxBD1K5nV3OhGlbAV%2B941CorYE4GGuCmQGrt%2FdWxb4IK0TG1Z%2BjW1EVFWyasP0HG5GPx8asze%2FXa2"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
s1sx6.pwl919.com/ 		36 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s1sx6.pwl919.com/?btwaf=53997723
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d57486a5b0dac2a4d562cf3288ab72767c4ae9756d5a76ac28b343d16b717b7e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://s1sx6.pwl919.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87bb185affdf18c5-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 29 Apr 2024 00:15:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gulgb7v88jD56pCB5DZsktOHewKiA1KMfs7D9Cw2AeN%2B9YPeZcc8IFUOik5ruH1dwzUyLzMKRCtneWmxT8O4CfrpBU2iJGRSy1EwZhNwu8GFq2AlWy%2BNLKH3DFGF67%2Bp9fjL"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
default.js
s1sx6.pwl919.com/template/Brasil/a3/js/ 		610 KB
180 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1sx6.pwl919.com/template/Brasil/a3/js/default.js
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df083a053146d36f99daea6b5d3348ef38e9955487c5f223f09daf613b38d771

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:16 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Jan 2024 04:31:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"659ccc3c-98882"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qrC9rEDb9gfd%2FTMUlTP0ZPF%2Bz2%2FJjIe%2Br25N%2FTbKBDjpcj1Geid0qz%2B9QBJQz3%2FxG0I8igEXD0hPzJvp9dTTTCNrAM7efQ544wXy7%2BsGRWdosDQVvMVFPvmH0Z9WhvqVHRiM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
87bb18bbae5d18c5-FRA
alt-svc
h3=":443"; ma=86400
default.css
s1sx6.pwl919.com/template/Brasil/a3/css/ 		206 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1sx6.pwl919.com/template/Brasil/a3/css/default.css
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d5325062a4bcbc105515fc1f50831ad509422aaa9aebd0fc63154e3f1177999

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:16 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 12 Oct 2023 04:41:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"652778fc-33879"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XXp6YlrjSS%2FWcRSA%2ByNcTsn43v%2F%2FrtonQrWAza4sr8mYRcNYzpkKkUmpZdQ8J9pY0tD8vi3uR%2Fm%2Fe7xEK9I4L5XZTh4DwyIZxJZpg%2Fa0SaNnmdkblE1lFtcRo0G49tb3KmyM"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
87bb18bbae6018c5-FRA
alt-svc
h3=":443"; ma=86400
custom.css
s1sx6.pwl919.com/template/Brasil/a3/css/ 		405 B
652 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1sx6.pwl919.com/template/Brasil/a3/css/custom.css?timestamp=2022-06-24%2018:14:15.614318
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b6b897ffcf23cc5ad4fd6f6a2b3e0075cc0fe8c3ddf1d228e6d4166698003dc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:16 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 12 Oct 2023 04:40:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"652778d0-195"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u7tHjrC0tbgvixS3TPK%2FRrNl7VphAdspILb98yyvHgIkeq9YkpQXrnO0lv7Z52atkJJVQYoxWQkQ0ppOX8sMDC46UV72soIBYXrEFi3vKeRnhpaigOcozcjIe9AtsH4neeiU"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
87bb18bbbe6118c5-FRA
alt-svc
h3=":443"; ma=86400
tealium.js
s1sx6.pwl919.com/template/Brasil/a3/js/ 		1 KB
923 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s1sx6.pwl919.com/template/Brasil/a3/js/tealium.js
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cb8e7e84820ea31dd4864d4498faad211103b7042b9b6cb35281a8527cebc8a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:16 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 12 Oct 2023 04:45:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"652779cc-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TP0ihZlk%2FmfWFN8kPta7QUkc7owCn%2BBlf62Qpndd39DHBmYt%2BXTR3tlH%2BPEmFQmGLUEDyDHJbgA53O9gl2bJbwWv%2FeBFDZ7%2BdOhVAnCDO382tP5Y1SUMrlIZEVy9vEYOv6dC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
87bb18bbbe6218c5-FRA
alt-svc
h3=":443"; ma=86400
modernizr-2.6.2.min.js
s1sx6.pwl919.com/template/Brasil/a3/js/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1sx6.pwl919.com/template/Brasil/a3/js/modernizr-2.6.2.min.js
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed8fb982cca8eef53eb358236213c23fbf11c5ea803d9e1ba23cc8f671b9c1ab

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:16 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 12 Oct 2023 04:45:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"652779d4-3c2e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CYycKZLwqRPTJ42tsvJ6aghNjOmZfXieu7CHqz8udo0e3I2dgM4da62KiTeGzvVck6LeRMQt80Bd27gd0y6B06yipSZHK2EJbgthOasiZoqOZCFUPH11z7Tr1jSb73XuX8kO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
87bb18bbbe6418c5-FRA
alt-svc
h3=":443"; ma=86400
utag.js
s1sx6.pwl919.com/template/Brasil/a3/js/ 		252 B
611 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s1sx6.pwl919.com/template/Brasil/a3/js/utag.js
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4301ded2563a0304c0daa4858238efc1c4174095c6bf2a244168e7381c2a3b0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:16 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 12 Oct 2023 04:45:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"652779e8-fc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dIAmfIVB00Zo%2FOQTSbKw2Ld%2BvSQMP1QLWGijYPMZ2NYFFqkZJkvepHY2LdivAB013WJsr9k46cGTsSFoEhAdZbjVa3JXLD9bRX1eG%2FE%2BbdFyXhM6CRsVFDo0hYByGqHc%2BK1%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
87bb18bbbe6518c5-FRA
alt-svc
h3=":443"; ma=86400
jquery.fancybox.min.js
s1sx6.pwl919.com/template/Brasil/a3/js/ 		67 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1sx6.pwl919.com/template/Brasil/a3/js/jquery.fancybox.min.js
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:16 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 12 Oct 2023 04:45:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"652779f4-10a9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wfNpIgMrrxRYBR815vIm1KKtDCdYPamnS84v4vAp1ypvMiAw3IPV5joHCa73m%2FqspQzZwIaVRW0tigYu%2BVQbk%2Bbeafj20G%2B%2FnpbZrUypdnhPGJOHEoQ0oPN0I1qAO3PbhxPC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
87bb18bbbe6718c5-FRA
alt-svc
h3=":443"; ma=86400
sharethis.js
s1sx6.pwl919.com/template/Brasil/a3/js/ 		203 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1sx6.pwl919.com/template/Brasil/a3/js/sharethis.js
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73118f58510f80a1610100bd3dd56ef7328382a477a0430004be5b76e9a724dd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 12 Oct 2023 04:45:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65277a04-32d37"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HUFmtIRqRIRguHbmuqDSRDglxLb3e5mzoddKGfJ2U3526cd0HI0yQCBTlMFpFF56BoRNYqxZfouN%2B6%2Fzh8RSRdj3e1OfBGzlGd%2BvfVXwp1O5ap80dCG2LnqMaPP6p3cJZiLx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
87bb18c52b6018c5-FRA
alt-svc
h3=":443"; ma=86400
trackingdata.js
s1sx6.pwl919.com/template/Brasil/a3/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1sx6.pwl919.com/template/Brasil/a3/js/trackingdata.js
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
992265ef5439b4925f0b0deeafb9061066e91515da7958f59bc399fc8e2f9b7a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:16 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 12 Oct 2023 04:46:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65277a10-733"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XgJqgEXlnGJbFJQog1X7gRuY6ZE2dLdWkiDJfjj%2BFMCN3qxHqhxMNOpvdhdA%2FVlA0gVUaEkYdPrgFl5tlE76vvGcHyXJKtF7KZneZQfWWm8SB2OMYtl%2FxrBwePfAhkBs6dJ3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
87bb18bbbe6818c5-FRA
alt-svc
h3=":443"; ma=86400
rfa_responsive.css
s1sx6.pwl919.com/template/Brasil/a3/css/ 		42 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1sx6.pwl919.com/template/Brasil/a3/css/rfa_responsive.css
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8af1b42afb95212800e87123d521a7154072e6d4e2ccaced3974d325b04d46e8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:16 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 12 Oct 2023 04:38:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65277842-a613"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1wBy42ABEBhGWZX7rCmAHNfTzfKXD3VMHKJnoQGVrU%2BvAuuDqyBlCHrs9t2vrcZTPu%2FOZpdlSyBsd01gtZBbQ5UTxXDdlbdgyK6IwQhhLRnIDgXDeBpZJKb1gMio6TRhV6Kf"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
87bb18bbbe6918c5-FRA
alt-svc
h3=":443"; ma=86400
jquery.sidr.dark.css
s1sx6.pwl919.com/template/Brasil/a3/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1sx6.pwl919.com/template/Brasil/a3/css/jquery.sidr.dark.css
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:16 GMT
referrer-policy
same-origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=68oTBrzwdom5Z7iXJzGxNBRspmDBBB1kAmCrPeIYtPfb0frtSvFIEhXfZjvwGr11T8Jt91Yz901pyJ%2FzIhteT0kK2Bq554KH0SkO2qC67Vu0R1ILfnhBKzaL88ccf9biZSzg"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
87bb18bbbe6a18c5-FRA
alt-svc
h3=":443"; ma=86400
content-length
6337
expires
Thu, 01 Jan 1970 00:00:01 GMT
jquery.sidr.min.js
s1sx6.pwl919.com/template/Brasil/a3/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1sx6.pwl919.com/template/Brasil/a3/js/jquery.sidr.min.js
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fbb7d0e3338e89ebead71b921eb04443793b56bbdd434e2e5cf58ecf5991b96

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:16 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 12 Oct 2023 04:46:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65277a1c-e59"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aNakYZWxLHl%2BmwmIDZlS7q0gqe5EgE8YWSYcbNGNlIP%2FFbT9hKTfOv0v9Xw%2FsKt0YfeD6ATB%2FC6pzPrC66sBIAQP7CGNcmEpF0KHpgmNqUo9Wli3b0xDKmcyCDSEsJffZsdA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
87bb18bbbe6b18c5-FRA
alt-svc
h3=":443"; ma=86400
benar.css
s1sx6.pwl919.com/template/Brasil/a3/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1sx6.pwl919.com/template/Brasil/a3/css/benar.css
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0123e3039dbf234d506b0774986ef08e75fcac3fe7c965e5bd8640a14f02290

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:16 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 12 Oct 2023 04:38:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65277856-1ae8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V7IFpqpXComGmb3jeDII7oi5eCEQoRZP0WfB0wQWbcCk2kkw9Y1B%2F6yW37nwjI4gfEp1NIATsgv4eXSDezoJecqu%2Fw0FKOl00y4eyJfdgtOUzW4eyrkKYcr%2Bk5nh1H3dJW67"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
87bb18bbbe6c18c5-FRA
alt-svc
h3=":443"; ma=86400
service.css
s1sx6.pwl919.com/template/Brasil/a3/css/ 		71 B
509 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1sx6.pwl919.com/template/Brasil/a3/css/service.css
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df8729ca85a298b83df80d745512a143f2460abe7848da74126b25e09d40f2d1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:16 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 12 Oct 2023 04:38:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65277862-47"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kOLYBdjq3sP2wCl1UWXIzq4fdMhZM8zDdbHbkv2lhbWJGN1Y63KXgh9ntdDmaqbZfQdN%2FdauY1tn8yEEZJqeHTlVqxrZqeJ3UlZnVEUgmu6qlCbQzPZ7ecyD58zZe%2FayxSUg"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
87bb18bbbe6d18c5-FRA
alt-svc
h3=":443"; ma=86400
kplayer.js
s1sx6.pwl919.com/template/Brasil/a3/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1sx6.pwl919.com/template/Brasil/a3/js/kplayer.js
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfd11f3d2f5af43d38cc7d2d61e0629909f1f1638cf5fef4a84fd4413465e644

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:16 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 12 Oct 2023 04:46:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65277a28-14ec"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BEa%2F9f%2B%2BPsaVINCxrvyIUCdKwAz2hVyWIiqn0l7zmo4VmPQnauCun0KdbVcKSygaFuFrrE74KzbHlKsY5oEA8xaShISmdn2UCDhhiYUnyq9Yc38wnIPJtt0%2FTMUpYCHiJhXG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
87bb18bbbe6e18c5-FRA
alt-svc
h3=":443"; ma=86400
orsxg5a.script
s1sx6.pwl919.com/js/ 		69 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s1sx6.pwl919.com/js/orsxg5a.script
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LqUQeBMd5zCNgEdZ2Eoe2ert38p5sqolFGu6leEcabp%2FOGH8jS3%2FA2iwgRluGY7bV4EQZWYsfzjzaNLD4T%2FvQf4ZuQkHRLTBfg0HcAGCw%2BOWHh7cCJ7JY4c2k3p1bIr8fUeu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
87bb18bbbe6f18c5-FRA
alt-svc
h3=":443"; ma=86400
slick.css
s1sx6.pwl919.com/template/Brasil/a3/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1sx6.pwl919.com/template/Brasil/a3/css/slick.css
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89a4a5eb4f7fedc4d946dd6fa5c1ee9be4bc396b592490385a605ecbb22ef141

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:16 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 12 Oct 2023 04:39:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6527787c-1352"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T692fh5yONgmjXsT2TnrSqAqwrGtbwEW3F1Ag9aUiyDueN2Y2s6XXChfaygXCRZM864W5Jj9J9tQU6rl9KhRllIryI%2BQQAubgKjSwRQ0mlq1%2FDpanWWy%2BWueF86pEi6JFn0%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
87bb18bbbe7018c5-FRA
alt-svc
h3=":443"; ma=86400
logo.png
s1sx6.pwl919.com/uploads/images/ 		1004 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1sx6.pwl919.com/uploads/images/logo.png?n=&w=180
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18d46950dd37823a5c9d0f13c36723cbf47aa8bd5d8d1547a4d05b04851815d4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:16 GMT
referrer-policy
same-origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FS8Yyu8AGHYByTFmajTo8emFa9FwI7rEz0EHuY1thWagzzmhcsAt36hRdZVIZe%2F8axP%2BmohnOR0nbPaYK9LaB2QppuMiD3bIg9I4pEy8EYnQ1K07WkbTwY%2F8NKVgFWsbG1N6"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
87bb18bbbe7118c5-FRA
alt-svc
h3=":443"; ma=86400
content-length
6337
expires
Thu, 01 Jan 1970 00:00:01 GMT
header_enlink_black.png
s1sx6.pwl919.com/template/Brasil/a3/image/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1sx6.pwl919.com/template/Brasil/a3/image/header_enlink_black.png
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08a346e9e53d6b54b5075053c3728817e6eff5a781c95c3ea7d64512a9d50400

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:16 GMT
cf-cache-status
MISS
last-modified
Thu, 12 Oct 2023 04:54:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65277bfa-1f82"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6L15qPPHt3g5bGwI15qCMZh6GUjcbBqfS5roZbnLuYVOwFOmCiAaedsOAlAonvjV1QiZEflGvhPDUbeJ9KLpawSF32w4lMdjMzfpC6IEm4MaYWli0Zr3lI506Q0VJeXOd5zf"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
87bb18bbbe7318c5-FRA
alt-svc
h3=":443"; ma=86400
header_idlink_black.png
s1sx6.pwl919.com/template/Brasil/a3/image/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1sx6.pwl919.com/template/Brasil/a3/image/header_idlink_black.png
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0c65e68f43ee3a26128e8c516a9de1bdcaa463ae97d6e3ec6f9ca7646b9aee

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:16 GMT
cf-cache-status
MISS
last-modified
Thu, 12 Oct 2023 04:54:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65277c00-2cbd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m%2BwUR%2Fc160Yw4c8kbqVB7J38Ys14czR59njE68DMcXYWNjSKeL28t95FajrfxqK9KL3Y0SqvxdFuN5b9rqOI3HJu%2B5%2Fv3CPW1uP24v6jPVfl8ALLhKoYr4hdffp62%2BqVTP6G"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
87bb18be681a18c5-FRA
alt-svc
h3=":443"; ma=86400
header_mslink_black.png
s1sx6.pwl919.com/template/Brasil/a3/image/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1sx6.pwl919.com/template/Brasil/a3/image/header_mslink_black.png
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab0b63987969ba7b2b8415f4c72ad9d8911ef888682a82971e1b6c3749f82e06

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:16 GMT
cf-cache-status
MISS
last-modified
Thu, 12 Oct 2023 04:54:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65277c06-2f8e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=25hsC6wWLaWimb2Y0gFs13tnes7Nynxso2DCNJfr%2FqIqR1jjqIh61H4QkUHW8KiFWBlHOZOPsuvEf4SCt%2BN%2Fl2IygSvMTPa%2FMwyS%2B9E6HRBdrPj3DO4RKVQn7iFQflcNYoyc"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
87bb18be681b18c5-FRA
alt-svc
h3=":443"; ma=86400
header_thlink_black.png
s1sx6.pwl919.com/template/Brasil/a3/image/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1sx6.pwl919.com/template/Brasil/a3/image/header_thlink_black.png
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c52364aa5bb36383e699d5bab6646c1a6e2ff7f000bd99ff4f13184b6714a7e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:16 GMT
cf-cache-status
MISS
last-modified
Thu, 12 Oct 2023 04:54:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65277c08-1afb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o%2BJxkIy41ZsejJpd92j8eC%2FJOeKf4Ynq3hcSZ05Ux3891Om%2BHrFxUg9mpefOJoInbI8Rk8Mk9J64W20v5CX%2FW9MF0V88c80IT%2F4XjqcK68Z2VzxSNRPodj6Iyi224s6UIoTl"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
87bb18c0992518c5-FRA
alt-svc
h3=":443"; ma=86400
header_bnlink_black.png
s1sx6.pwl919.com/template/Brasil/a3/image/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1sx6.pwl919.com/template/Brasil/a3/image/header_bnlink_black.png
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e6767cdb9a1dfa8d499e29f3224bfb56f7b2aa5f3e6c919a92fab4ac585139f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:18 GMT
cf-cache-status
MISS
last-modified
Thu, 12 Oct 2023 04:54:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65277c0c-1cb4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=djmFT7zO8qM%2BqHY8Azob9KLJynCEizzt2OQD9Mi3RtU4uOvmMfEV7luTW7QPAFDGUxzJQuhP1hlSzmuDKSphqgW%2Fpw2dNElrqLG3BPF2%2FOYdIIs9OitgfgUFNT6y5bKYeFiH"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
87bb18c92dab18c5-FRA
alt-svc
h3=":443"; ma=86400
ITwuh4ZtqTuuolOJnGR
s1sx6.pwl919.com/uploads/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1sx6.pwl919.com/uploads/images/ITwuh4ZtqTuuolOJnGR
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Server
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Mon, 29 Apr 2024 00:15:28 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 29 Apr 2024 00:15:28 +0000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Server
etag
"fad6f4e614a212e80c67249a666d2b09"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=13JYUTEz5C6d3PYk%2F%2FALalKJAJl39HGCPehDNNQAdxPGi9t8GXX751M7GUy%2BPSpTGCXrxvcOYlc0cnKSpT%2FBZGxCASvZOmBIja7lcJ1yljl0GZ3%2Bpkk3obD0MMK%2F0%2F%2FIasf4"}],"group":"cf-nel","max_age":604800}
content-type
image/jpg
cache-control
max-age=3600
cf-ray
87bb18cb6eab18c5-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 29 Apr 2024 01:15:28 +0000
j5EhMlOGnTyhVSEuZD
s1sx6.pwl919.com/uploads/images/ 		0
0
DKWmMJ5uoPOwnBT7xGR
s1sx6.pwl919.com/uploads/images/ 		0
0
kWOHVRwQbT4tHKKuh5SwZD
s1sx6.pwl919.com/uploads/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1sx6.pwl919.com/uploads/images/kWOHVRwQbT4tHKKuh5SwZD
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:26 GMT
referrer-policy
same-origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9j0KCSAznkEulhl1KPAbRyQKJEXAEH7Er6izUaGo0cHledYWauXgRtLjv%2BvXcpDUUSWpryAIhf0DRk6g941Jfc59D6Kj8hy272B1MuGwZ%2BCRGYI%2BxO20Euv5dZWhlGTEKJha"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
87bb18ff9c8a18c5-FRA
alt-svc
h3=":443"; ma=86400
content-length
6337
expires
Thu, 01 Jan 1970 00:00:01 GMT
GTyhnlO4MJ0tqUVk
s1sx6.pwl919.com/uploads/images/ 		0
0
EBT7d25aVTYTfBT7z2ZtowR
s1sx6.pwl919.com/uploads/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1sx6.pwl919.com/uploads/images/EBT7d25aVTYTfBT7z2ZtowR
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:26 GMT
referrer-policy
same-origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M9zNwZszG%2BZNAOd0TRyaZ1n3A8OyS6Xl3lHpHJDBiS6BOdgpX1WPPbHP7pAjRPXoD5lVhJwyFCftMXjGg0m6R%2FNlb5j8DoI1zoKxKetlutsRAWX4Oy4cIQzBOUVtIEG61cwm"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
87bb18ff9c8e18c5-FRA
alt-svc
h3=":443"; ma=86400
content-length
6337
expires
Thu, 01 Jan 1970 00:00:01 GMT
Gzuc4ohUoFO24ohyVT7uhepk
s1sx6.pwl919.com/uploads/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1sx6.pwl919.com/uploads/images/Gzuc4ohUoFO24ohyVT7uhepk
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:26 GMT
referrer-policy
same-origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=89KnsDSlZc%2BXMyF%2Firyo2Z243WGEpAZzWc5N7mfUdcbLts%2B0%2Fmkizgx0N%2FaEP8CjPwS35cXnXEC6GIbQrfX%2Fc2dx6tEQeebxZMTHgVvnuNUtBMVLPgFZvNbY0tzH1FmoTF3L"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
87bb18ff9c8f18c5-FRA
alt-svc
h3=":443"; ma=86400
content-length
6337
expires
Thu, 01 Jan 1970 00:00:01 GMT
FRkJVRy3LJ1up2Rk
s1sx6.pwl919.com/uploads/images/ 		665 B
665 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1sx6.pwl919.com/uploads/images/FRkJVRy3LJ1up2Rk
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:26 GMT
referrer-policy
same-origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9MQ%2Bg3M2gtKfU6iIRFqxEgvRAXrsgssJYvSrZFeFa9VMdZ3hg%2Fp6ILfBjdRQQllrHnneKtTdntaaIeve3p%2Bv%2Fd6CQppV1oImwxtNji2FdXgnR5lIEjvVLAQ1ezbytNKkSjWd"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
87bb18ff9c9018c5-FRA
alt-svc
h3=":443"; ma=86400
content-length
6337
expires
Thu, 01 Jan 1970 00:00:01 GMT
GzsQgTxtp2SiVRylZD
s1sx6.pwl919.com/uploads/images/ 		0
0
kWQQbaxuVREuozttpmR
s1sx6.pwl919.com/uploads/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1sx6.pwl919.com/uploads/images/kWQQbaxuVREuozttpmR
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:26 GMT
referrer-policy
same-origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SLOrQJc2qJEIELMgnD89%2BaGviW8Kd9bOUiWpipgWIlgv7wK5%2B%2B%2B5a0mzyBkqjLLStLS5tB%2B77v3LHq54a5UPuqAGLgt3Gpl5LrZms3%2FzlrFLPa4g9o8HpqdvtE0CIXQGZiC6"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
87bb18ff9c9318c5-FRA
alt-svc
h3=":443"; ma=86400
content-length
6337
expires
Thu, 01 Jan 1970 00:00:01 GMT
GZB9VTEiVRcioz55ZD
s1sx6.pwl919.com/uploads/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1sx6.pwl919.com/uploads/images/GZB9VTEiVRcioz55ZD
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:26 GMT
referrer-policy
same-origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S6UX%2FB53h%2BVK%2B10ZKJ1HTPqvaat5vnx5uwXNmKysHiSOwBQsKsHq%2B3J2nN9%2FbICL6CTFViNIMISByOwToiiZvSB%2FoNXXJ2kmknLmCwDO6GoX%2BLDhIFpWYytTaypii9tl5OZr"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
87bb18ff9c9418c5-FRA
alt-svc
h3=":443"; ma=86400
content-length
6337
expires
Thu, 01 Jan 1970 00:00:01 GMT
IUYuh7SwVUEc4od-pPOJZD
s1sx6.pwl919.com/uploads/images/ 		658 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1sx6.pwl919.com/uploads/images/IUYuh7SwVUEc4od-pPOJZD
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:26 GMT
referrer-policy
same-origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G6D%2Bksgr2bhM5w%2Bvs526R7zZLxyNRJs8jjvD%2BdiyUjj6DjtG88Cd%2BeSx6%2FmPdYLWZhhutQUegCY%2F7qs0QxVs9O6j0KFuDezSLCHmPwGN3Xyi0gfNSxe%2BC%2FI0tKTXVSn6KQc0"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
87bb18ff9c9618c5-FRA
alt-svc
h3=":443"; ma=86400
content-length
6337
expires
Thu, 01 Jan 1970 00:00:01 GMT
FaIxMFOPMJkfnJ4k
s1sx6.pwl919.com/uploads/images/ 		0
0
FRkJVSAbMJMznJHk
s1sx6.pwl919.com/uploads/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1sx6.pwl919.com/uploads/images/FRkJVSAbMJMznJHk
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:26 GMT
referrer-policy
same-origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jCBHwjIYp1WRdfTy15Y3zh6FWfSWzJN2cSG5g%2BZqhK2I1bLGGXkevBTtpH6LQct%2FvjCl2qtrM37DTTGTwrKpDO8S%2BrL%2FRE6SdVm9TUs8QpsYETI4SP8qoqq7jIpEPandet5x"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
87bb18ff9c9818c5-FRA
alt-svc
h3=":443"; ma=86400
content-length
6337
expires
Thu, 01 Jan 1970 00:00:01 GMT
ITwQgT5aVUEcovOYZD
s1sx6.pwl919.com/uploads/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1sx6.pwl919.com/uploads/images/ITwQgT5aVUEcovOYZD
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:26 GMT
referrer-policy
same-origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VagQOeub%2FGc%2FQ9Rkw6YDw%2FPrpGRMpX0aceovXGlaSB2x7p1MbYx1shwi%2BJpDpaY%2BtNRgEGOuFMlg%2BFtVcg4JmptNVZsVjPC5PITFzgQ2a0I%2FpzF5bPJ92yuJ7a6LgLHHlJ27"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
87bb18ff9c9918c5-FRA
alt-svc
h3=":443"; ma=86400
content-length
6337
expires
Thu, 01 Jan 1970 00:00:01 GMT
JzyhMJEcozHtJzxk
s1sx6.pwl919.com/uploads/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1sx6.pwl919.com/uploads/images/JzyhMJEcozHtJzxk
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:26 GMT
referrer-policy
same-origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=awR4xyKwyTw2BeijGF0%2F%2FhCUtrclThF5WPcrSlEpH1WbJ3ZJnKi3f6CpaNrKGmt5e57PoMH4auqS%2FIXNpzigqRH2TTIqkGtYKnBqTH9RqqvwkbVgKIdLjPHcMwdZ49Qv4fYU"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
87bb18ff9c9a18c5-FRA
alt-svc
h3=":443"; ma=86400
content-length
6337
expires
Thu, 01 Jan 1970 00:00:01 GMT
FRkJVSHlZlOWpzRk
s1sx6.pwl919.com/uploads/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1sx6.pwl919.com/uploads/images/FRkJVSHlZlOWpzRk
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:26 GMT
referrer-policy
same-origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=csTUz2v0WPAoQ0FwsrheTR%2FtbfESXXaes%2BK553FQl9VXk%2BlKhkb6kPNphrb9RtbbTJ7C5JHe9KRkbeX%2B5NO0f3oeV1aSCQjJCqVhqFD%2FmYv6zp4by%2BGhzwagpRHkKPKiynLC"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
87bb18ff9c9b18c5-FRA
alt-svc
h3=":443"; ma=86400
content-length
6337
expires
Thu, 01 Jan 1970 00:00:01 GMT
5e23e62a-42cf-4f77-89b2-5dfdb7cabf73.png
s1sx6.pwl919.com/template/Brasil/a3/image/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1sx6.pwl919.com/template/Brasil/a3/image/5e23e62a-42cf-4f77-89b2-5dfdb7cabf73.png
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:26 GMT
cf-cache-status
MISS
last-modified
Thu, 12 Oct 2023 05:41:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6527871e-3bf3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NVPTKNGn7YZYKJNSxEZKqeP0zDOGfyMOS9S4o8QmOL9XAEBaezU5S4jv5us%2FTzjZ9IyelsX8%2F263Lka3opxQ8O3Ze9CjwvwIlqdH8QPgOuOvokEO8eH2Afp9R6WAG9sIoIbh"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
87bb18ff9c9c18c5-FRA
alt-svc
h3=":443"; ma=86400
email-decode.min.js
s1sx6.pwl919.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1sx6.pwl919.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Apr 2024 20:54:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6622d9ef-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cyZBS6bbFPsyFWBPGJO1OPdnAvqiEPSF%2Fvm86bNu497b%2Fw8EcIwUVBtTDT9MIGKCt71iy4gI6OOLJdkUjiC7d3hpTLSxqu4T28rzYpoq5V6n5IRqPu9mQ7B2gOqoVJP5xX%2F4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
87bb18c0a92918c5-FRA
expires
Wed, 01 May 2024 00:15:16 GMT
js-sdk-pro.min.js
sdk.51.la/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.51.la/js-sdk-pro.min.js
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.237 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 05:53:19 GMT
via
cache15.l2de2[899,899,304-0,H], cache1.l2de2[902,0], ens-cache5.de5[0,0,200-0,H], ens-cache7.de5[1,0]
content-encoding
gzip
x-oss-request-id
661F63CF68CDBA3836F78025
content-md5
JLtSDpUX8u0+2Ye0aur3Iw==
age
1016517
x-swift-cachetime
1296000
x-cache
HIT TCP_MEM_HIT dirn:10:639477166
x-oss-cdn-auth
success
x-swift-savetime
Wed, 17 Apr 2024 05:53:19 GMT
content-length
12846
x-oss-object-type
Normal
last-modified
Thu, 08 Jun 2023 02:24:34 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1713333199
content-type
application/javascript
access-control-allow-origin
*
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
5143829838470429443
eagleid
a3b55c9b17143497167071990e
x-oss-server-time
3
juxtapose.min.js
s1sx6.pwl919.com/template/Brasil/a3/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1sx6.pwl919.com/template/Brasil/a3/js/juxtapose.min.js
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daf4c69e49acbeea24c42417dd9c4d6fa1d837d79470f02f3ec4f908ea676dec

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 12 Oct 2023 04:47:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65277a52-42e3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sP0XVKyvdPeMJsccZ%2F43CaI79PbKVUtME2RXy40AwLk8YQ%2BE6gcoc%2B65m2JHrPkWleZ%2B%2FmrW2Bvq1Qi1qkH55g8KoYdD0ZZ3NVEYxgg38vRoi1SOcsgucNCGSq%2FWX3DYcSP1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
87bb18c1f9d818c5-FRA
alt-svc
h3=":443"; ma=86400
rwd-display.js
s1sx6.pwl919.com/template/Brasil/a3/js/ 		1 KB
885 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s1sx6.pwl919.com/template/Brasil/a3/js/rwd-display.js
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c54dffee88bf675c0aa8628675dbd4380d737d959604d9f43faca7a965503718

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 12 Oct 2023 04:47:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65277a58-412"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FpjO8mlhIqp1%2FxCQg1RCA7QdkjNQL8Q9zkU8nv61qy%2FiJWtd28cUsQO2R1Xwx8nOe%2FicIq8VLCMw7oYeIfre1Kk3pW7pYyoAkMEzjsbdHQLENjzKjqzkxocUPT%2BhPFwY1Zem"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
87bb18c2ca3f18c5-FRA
alt-svc
h3=":443"; ma=86400
rfa_print.css
s1sx6.pwl919.com/template/Brasil/a3/css/ 		1006 B
934 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1sx6.pwl919.com/template/Brasil/a3/css/rfa_print.css
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 12 Oct 2023 04:37:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65277808-3ee"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FnB%2BX5wfUZRlsOG7XcBRNoM%2BgfaJqHGM9Qz95nEi5UsGkSxn8i%2B0VtM%2FnyhM7qsq3IWbu%2FQyPkHdOuKvq%2FLEkCPi%2BqRA1GNNVA2Splt9aH0gIO3N51OYHoJXKB8dC2H5ntR3"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
87bb18ff9c9d18c5-FRA
alt-svc
h3=":443"; ma=86400
utag.js
tags.benarnews.org/rfa-plone/prod/ 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.benarnews.org/rfa-plone/prod/utag.js
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/template/Brasil/a3/js/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
JOQazSUnbMVbWPLYQoU9RJcSZs5AkUqu
content-encoding
br
via
1.1 9bd2938ceb90e1a35f549d1165e84676.cloudfront.net (CloudFront), 1.1 10f6ed997c15c1439b3ae1db258c7d16.cloudfront.net (CloudFront)
date
Mon, 29 Apr 2024 00:10:47 GMT
last-modified
Fri, 08 Mar 2024 16:08:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9, FRA60-P8
age
280
x-amz-server-side-encryption
AES256
etag
W/"27334865ec501af8b61bd5a048336611"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
_dMOEykkZshMVsMZNyQ9_mX2IxpXudRus0a3ma55Y40OMX0kiboCFw==
css2
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Libre+Franklin:ital,wght@0,400;0,800;1,400;1,800&family=Raleway:ital,wght@0,300;0,400;1,300;1,400&display=swap
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/template/Brasil/a3/css/benar.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a1121a68aa344b2860cf8c684dbb61ff0f8e5e8006bca6afcde4af7ae66e8e74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 29 Apr 2024 00:15:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 29 Apr 2024 00:15:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 29 Apr 2024 00:15:16 GMT
64a839b20f9156001a291819.js
buttons-config.sharethis.com/js/ 		601 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/64a839b20f9156001a291819.js
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/template/Brasil/a3/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:2a00:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:28 GMT
via
1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 16 Aug 2023 15:47:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
etag
"370bea9f6125866f5613be2d1df7fc31"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
601
x-amz-cf-id
ekGeOBQ67ku13u9vSc6u88YWPyt4AsdXWBjyohFDUJJk9VojtZTKdw==
pview
l.sharethis.com/ 		0
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&hostname=s1sx6.pwl919.com&location=%2F&product=sop&url=https%3A%2F%2Fs1sx6.pwl919.com%2F%3Fbtwaf%3D53997723&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Lucky88%20Slot%20Game%20Online(Vi%E1%BB%87t%20Nam)%20Website%20ch%C3%ADnh%20th%E1%BB%A9c%20Phi%C3%AAn%20b%E1%BA%A3n%20ph%E1%BB%95%20th%C3%B4ng%20iOS%2FAndroid%2FMobile%20App&refDomain=s1sx6.pwl919.com&cms=unknown&publisher=64a839b20f9156001a291819&sop=true&version=st_sop.js&lang=en&ua=%22Google%20Chrome%22%3Bv%3D%22124%22%2C%20%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%20%22Chromium%22%3Bv%3D%22124%22&ua_mobile=false&ua_platform=Win32&ua_full_version_list=%22Chromium%22%3Bv%3D%22124.0.6367.78%22%2C%20%22Google%20Chrome%22%3Bv%3D%22124.0.6367.78%22%2C%20%22Not-A.Brand%22%3Bv%3D%2299.0.0.0%22&ua_platform_version=10.0.0&uuid=93482293-28cc-428e-9fba-088b89fa9846
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/template/Brasil/a3/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.164.216 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-164-216.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 29 Apr 2024 00:15:18 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://s1sx6.pwl919.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
header_enlink_black.png
s1sx6.pwl919.com/template/Brasil/a3/image/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1sx6.pwl919.com/template/Brasil/a3/image/header_enlink_black.png
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:16 GMT
cf-cache-status
MISS
last-modified
Thu, 12 Oct 2023 04:54:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65277bfa-1f82"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6L15qPPHt3g5bGwI15qCMZh6GUjcbBqfS5roZbnLuYVOwFOmCiAaedsOAlAonvjV1QiZEflGvhPDUbeJ9KLpawSF32w4lMdjMzfpC6IEm4MaYWli0Zr3lI506Q0VJeXOd5zf"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
87bb18bbbe7318c5-FRA
alt-svc
h3=":443"; ma=86400
header_idlink_black.png
s1sx6.pwl919.com/template/Brasil/a3/image/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1sx6.pwl919.com/template/Brasil/a3/image/header_idlink_black.png
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:16 GMT
cf-cache-status
MISS
last-modified
Thu, 12 Oct 2023 04:54:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65277c00-2cbd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m%2BwUR%2Fc160Yw4c8kbqVB7J38Ys14czR59njE68DMcXYWNjSKeL28t95FajrfxqK9KL3Y0SqvxdFuN5b9rqOI3HJu%2B5%2Fv3CPW1uP24v6jPVfl8ALLhKoYr4hdffp62%2BqVTP6G"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
87bb18be681a18c5-FRA
alt-svc
h3=":443"; ma=86400
header_mslink_black.png
s1sx6.pwl919.com/template/Brasil/a3/image/ 		12 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1sx6.pwl919.com/template/Brasil/a3/image/header_mslink_black.png
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:16 GMT
cf-cache-status
MISS
last-modified
Thu, 12 Oct 2023 04:54:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65277c06-2f8e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=25hsC6wWLaWimb2Y0gFs13tnes7Nynxso2DCNJfr%2FqIqR1jjqIh61H4QkUHW8KiFWBlHOZOPsuvEf4SCt%2BN%2Fl2IygSvMTPa%2FMwyS%2B9E6HRBdrPj3DO4RKVQn7iFQflcNYoyc"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
87bb18be681b18c5-FRA
alt-svc
h3=":443"; ma=86400
header_thlink_black.png
s1sx6.pwl919.com/template/Brasil/a3/image/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1sx6.pwl919.com/template/Brasil/a3/image/header_thlink_black.png
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:16 GMT
cf-cache-status
MISS
last-modified
Thu, 12 Oct 2023 04:54:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65277c08-1afb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o%2BJxkIy41ZsejJpd92j8eC%2FJOeKf4Ynq3hcSZ05Ux3891Om%2BHrFxUg9mpefOJoInbI8Rk8Mk9J64W20v5CX%2FW9MF0V88c80IT%2F4XjqcK68Z2VzxSNRPodj6Iyi224s6UIoTl"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
87bb18c0992518c5-FRA
alt-svc
h3=":443"; ma=86400
header_bnlink_black.png
s1sx6.pwl919.com/template/Brasil/a3/image/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1sx6.pwl919.com/template/Brasil/a3/image/header_bnlink_black.png
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/?btwaf=53997723
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/?btwaf=53997723
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:18 GMT
cf-cache-status
MISS
last-modified
Thu, 12 Oct 2023 04:54:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65277c0c-1cb4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=djmFT7zO8qM%2BqHY8Azob9KLJynCEizzt2OQD9Mi3RtU4uOvmMfEV7luTW7QPAFDGUxzJQuhP1hlSzmuDKSphqgW%2Fpw2dNElrqLG3BPF2%2FOYdIIs9OitgfgUFNT6y5bKYeFiH"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
87bb18c92dab18c5-FRA
alt-svc
h3=":443"; ma=86400
EBT7d25aVTYTfBT7z2ZtowR
s1sx6.pwl919.com/uploads/images/ 		0
0
collect
collect-v6.51.la/v6/ 		0
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect-v6.51.la/v6/collect?dt=4
Requested by
Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://s1sx6.pwl919.com
Date
Mon, 29 Apr 2024 00:15:27 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
search-icon-white.svg
s1sx6.pwl919.com/++theme++benar/ 		649 B
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1sx6.pwl919.com/++theme++benar/search-icon-white.svg
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/template/Brasil/a3/css/benar.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/template/Brasil/a3/css/benar.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:26 GMT
referrer-policy
same-origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=76ArgJsDeEo4DS90%2Fd0j3%2BLStRGGvIY%2FyaksJVI%2FdrIpiY0ONK7rxBH40EERQRgA0qT3Te3gqFjl1IVQCnXxMKPZgvYA13oP4b0BdzznnjG9YDMlSrICDMFrlGvmq00Z5Mim"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
87bb18ffaca518c5-FRA
alt-svc
h3=":443"; ma=86400
content-length
6337
expires
Thu, 01 Jan 1970 00:00:01 GMT
jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v14/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librefranklin/v14/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Franklin:ital,wght@0,400;0,800;1,400;1,800&family=Raleway:ital,wght@0,300;0,400;1,300;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://s1sx6.pwl919.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 06:19:09 GMT
x-content-type-options
nosniff
age
496577
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28224
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:23:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Apr 2025 06:19:09 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Franklin:ital,wght@0,400;0,800;1,400;1,800&family=Raleway:ital,wght@0,300;0,400;1,300;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://s1sx6.pwl919.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 05:16:44 GMT
x-content-type-options
nosniff
age
154722
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48208
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Apr 2025 05:16:44 GMT
jizDREVItHgc8qDIbSTKq4XkRiUQ2zcLig.woff2
fonts.gstatic.com/s/librefranklin/v14/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librefranklin/v14/jizDREVItHgc8qDIbSTKq4XkRiUQ2zcLig.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Franklin:ital,wght@0,400;0,800;1,400;1,800&family=Raleway:ital,wght@0,300;0,400;1,300;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://s1sx6.pwl919.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 20:55:32 GMT
x-content-type-options
nosniff
age
184794
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7272
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:23:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Apr 2025 20:55:32 GMT
jizDREVItHgc8qDIbSTKq4XkRiUR2zcLig.woff2
fonts.gstatic.com/s/librefranklin/v14/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librefranklin/v14/jizDREVItHgc8qDIbSTKq4XkRiUR2zcLig.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Franklin:ital,wght@0,400;0,800;1,400;1,800&family=Raleway:ital,wght@0,300;0,400;1,300;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://s1sx6.pwl919.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 12:39:32 GMT
x-content-type-options
nosniff
age
214554
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19988
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:52:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Apr 2025 12:39:32 GMT
1Ptug8zYS_SKggPNyCIIT5lu.woff2
fonts.gstatic.com/s/raleway/v29/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyCIIT5lu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Franklin:ital,wght@0,400;0,800;1,400;1,800&family=Raleway:ital,wght@0,300;0,400;1,300;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://s1sx6.pwl919.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 16:40:44 GMT
x-content-type-options
nosniff
age
545682
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11176
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:31:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Apr 2025 16:40:44 GMT
1Ptug8zYS_SKggPNyCMIT5lu.woff2
fonts.gstatic.com/s/raleway/v29/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyCMIT5lu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Franklin:ital,wght@0,400;0,800;1,400;1,800&family=Raleway:ital,wght@0,300;0,400;1,300;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://s1sx6.pwl919.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 00:08:27 GMT
x-content-type-options
nosniff
age
173219
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30744
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:01:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Apr 2025 00:08:27 GMT
Primary Request /
www.hk88casino.com/ 		8 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hk88casino.com/
Requested by
Host: s1sx6.pwl919.com
URL: https://s1sx6.pwl919.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.221.132.71 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://s1sx6.pwl919.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
quic=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 29 Apr 2024 00:15:34 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1714349726848
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1714349726848
362 B
911 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1714349726848
Protocol
H2
Server
52.214.77.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-77-117.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://s1sx6.pwl919.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v060-0682d7c8d.edge-irl1.demdex.com 1 ms
pragma
no-cache
date
Mon, 29 Apr 2024 00:15:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
T+PtoJnuQQ0=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://s1sx6.pwl919.com
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
306
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-1-v060-008212a0d.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Mon, 29 Apr 2024 00:15:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
R/TcRJzXQs0=
vary
Origin
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1714349726848
access-control-allow-origin
https://s1sx6.pwl919.com
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
utag.12.js
tags.tiqcdn.com/utag/bbg/rfa-plone/prod/ 		75 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/bbg/rfa-plone/prod/utag.12.js?utv=ut4.46.202403081607
Requested by
Host: tags.benarnews.org
URL: https://tags.benarnews.org/rfa-plone/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:7000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Eyi6WrrI91phYnVkKNyeAQnpwsctMbvl
content-encoding
br
via
1.1 3e79abe3bfc4a431738eb9199cb216f6.cloudfront.net (CloudFront)
date
Mon, 29 Apr 2024 00:10:51 GMT
last-modified
Fri, 08 Mar 2024 16:08:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
276
x-amz-server-side-encryption
AES256
etag
W/"6f1d5a6fa255760546b71d3129dd689c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
1xcW-kYKZN4CMMGgVUh4DMn3l1xftQgLichNlDV-j5rsU-OK0KXvvA==
utag.10.js
tags.tiqcdn.com/utag/bbg/rfa-plone/prod/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/bbg/rfa-plone/prod/utag.10.js?utv=ut4.46.202312102359
Requested by
Host: tags.benarnews.org
URL: https://tags.benarnews.org/rfa-plone/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:7000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
vHCmvLhOVhbrlNDJK69BPPSlEYyq_Kbv
content-encoding
br
via
1.1 3e79abe3bfc4a431738eb9199cb216f6.cloudfront.net (CloudFront)
date
Mon, 29 Apr 2024 00:15:28 GMT
last-modified
Fri, 08 Mar 2024 16:08:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
etag
W/"de08c0452df43411d357980eeb2e2851"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
xHFEJ3Bw3gfgZ_xxeCyKcuBjDiZhL4609e4d005jTHfNjv2vo0krvA==
dest5.html
bbg.demdex.net/ Frame CCF1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bbg.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.benarnews.org
URL: https://tags.benarnews.org/rfa-plone/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.34.167.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-167-98.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://s1sx6.pwl919.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 29 Apr 2024 00:15:27 GMT
dcs
dcs-prod-irl1-1-v060-0bf20ded0.edge-irl1.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Tue, 9 Apr 2024 11:56:23 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
0tdp9ybTS7A=
id
bbg.sc.omtrdc.net/ 		2 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bbg.sc.omtrdc.net/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=518ABC7455E462B97F000101%40AdobeOrg&mid=01607828403292879744006067075000720409&ts=1714349727094
Requested by
Host: tags.benarnews.org
URL: https://tags.benarnews.org/rfa-plone/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.222 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-62-222.data.adobedc.net
Software
jag /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://s1sx6.pwl919.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 29 Apr 2024 00:15:27 GMT
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://s1sx6.pwl919.com
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=Zi7mnwAAAGTqaAO-
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=01588518022339153894005676152987656898
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zi7mnwAAAGTqaAO-
42 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zi7mnwAAAGTqaAO-
Protocol
H2
Server
52.214.77.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-77-117.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://s1sx6.pwl919.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

dcs
dcs-prod-irl1-2-v060-05cf55f2d.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Mon, 29 Apr 2024 00:15:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
XAK9Gah6SOg=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zi7mnwAAAGTqaAO-
Date
Mon, 29 Apr 2024 00:15:27 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
s63295082350842
ssc.benarnews.org/b/ss/bbgprod,bbgentityrfa/1/JS-2.23.0/ 		43 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc.benarnews.org/b/ss/bbgprod,bbgentityrfa/1/JS-2.23.0/s63295082350842?AQB=1&ndh=1&pf=1&t=29%2F3%2F2024%202%3A15%3A27%201%20-120&sdid=2527D6B699939928-3031DDDAD2B88807&mid=01607828403292879744006067075000720409&aamlh=6&ce=UTF-8&ns=bbg&cdp=2&pageName=benarnews%3Aeng%3Ad%3Asection%3Abenarnews&g=https%3A%2F%2Fs1sx6.pwl919.com%2F%3Fbtwaf%3D53997723&r=https%3A%2F%2Fs1sx6.pwl919.com%2F&h.&architecture=x86&bitness=64&platformVersion=10.0.0&.h&cc=USD&ch=%2F&server=s1sx6.pwl919.com&events=event1%2Cevent10&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v1=https%3A%2F%2Fs1sx6.pwl919.com%2F&v4=section&v5=home&v6=benarnews&v10=01%2F27%2F2021&v11=15&v13=english&v14=062f5af91d2a4b8b801d01bd046c3774&v15=english&v16=benar%20english&v17=desktop&v20=yes&v21=nglish&v23=01607828403292879744006067075000720409&v24=018f2734dc7100092caa937761320506f002806700b08&v25=benarnews&v27=RFA-BN%20English%20Responsive&v29=s1sx6.pwl919.com%2F&v30=500&v31=https%3A%2F%2Fs1sx6.pwl919.com%2F%3Fbtwaf%3D53997723&v32=benarnews%3Aeng%3Ad%3Asection%3Abenarnews&v38=section&v39=home&v50=homepage%20view&v70=2.23.0&v71=bbgdev&v72=prod&v75=main_template.pt&v82=view&v100=2024-04-29%3A02.15%3A%2B02.00&v101=europe%2Fberlin&v102=en-us%3Aen%3Ade-de&v104=iq&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=518ABC7455E462B97F000101%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-62-17.data.adobedc.net
Software
jag /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 29 Apr 2024 00:15:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Tue, 30 Apr 2024 00:15:27 GMT
server
jag
etag
3681538007475847168-4618496097682266333
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 28 Apr 2024 00:15:27 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: tags.benarnews.org
URL: https://tags.benarnews.org/rfa-plone/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 28 Apr 2024 23:48:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1639
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 29 Apr 2024 01:48:08 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
432 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=bbg/rfa-plone/202403081607&cb=1714349727362
Requested by
Host: tags.benarnews.org
URL: https://tags.benarnews.org/rfa-plone/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:7000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Mon, 29 Apr 2024 00:09:43 GMT
via
1.1 3e79abe3bfc4a431738eb9199cb216f6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P9
age
344
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
bRGyupPLm0UBVwLZwbl2gjWa25NqsnJglb_hD-VqxOcLbf6FPRHBbA==
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:01:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
831
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 29 Apr 2024 01:01:36 GMT
collect
www.google-analytics.com/j/ 		15 B
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=375415066&t=pageview&_s=1&dl=https%3A%2F%2Fs1sx6.pwl919.com%2F%3Fbtwaf%3D53997723&ul=de-de&de=UTF-8&dt=Lucky88%20Slot%20Game%20Online(Vi%E1%BB%87t%20Nam)%20Website%20ch%C3%ADnh%20th%E1%BB%A9c%20Phi%C3%AAn%20b%E1%BA%A3n%20ph%E1%BB%95%20th%C3%B4ng%20iOS%2FAndroid%2FMobile%20App&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAiAAjBAAAACAAI~&jid=996264788&gjid=465538541&cid=628293916.1714349728&tid=UA-136743351-1&_gid=1045932529.1714349728&_slc=1&cd1=https%3A%2F%2Fs1sx6.pwl919.com%2F&cd2=s1sx6.pwl919.com&cd3=BenarNews&cd4=BenarNews%3AENG%3AD%3Asection%3ABenarNews&cd5=section&cd6=section&cd7=Home&cd8=062f5af91d2a4b8b801d01bd046c3774&cd9=nglish&cd10=BenarNews&cd11=English&cd12=Benar%20English&cd13=Desktop&cd14=500&cd15=RFA-BN%20English%20Responsive&cd16=prod&cd17=Yes&cd18=english&z=643844350
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://s1sx6.pwl919.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Apr 2024 00:15:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://s1sx6.pwl919.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-136743351-1&cid=628293916.1714349728&jid=996264788&gjid=465538541&_gid=1045932529.1714349728&_u=KGBAiAAjBAAAAGAAI~&z=59999303
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://s1sx6.pwl919.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 29 Apr 2024 00:15:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://s1sx6.pwl919.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		267 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-03YYQYPPKQ&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 00:15:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94340
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 29 Apr 2024 00:15:27 GMT
collect
region1.google-analytics.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-03YYQYPPKQ&gtm=45je44o0v9125773219za200&_p=1714349727595&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&ul=de-de&sr=1600x1200&cid=628293916.1714349728&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fs1sx6.pwl919.com%2F%3Fbtwaf%3D53997723&dt=Lucky88%20Slot%20Game%20Online(Vi%E1%BB%87t%20Nam)%20Website%20ch%C3%ADnh%20th%E1%BB%A9c%20Phi%C3%AAn%20b%E1%BA%A3n%20ph%E1%BB%95%20th%C3%B4ng%20iOS%2FAndroid%2FMobile%20App&sid=1714349727&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_1=https%3A%2F%2Fs1sx6.pwl919.com%2F&ep.ua_dimension_2=s1sx6.pwl919.com&ep.ua_dimension_3=BenarNews&ep.ua_dimension_4=BenarNews%3AENG%3AD%3Asection%3ABenarNews&ep.ua_dimension_5=section&ep.ua_dimension_6=section&ep.ua_dimension_7=Home&ep.ua_dimension_8=062f5af91d2a4b8b801d01bd046c3774&ep.ua_dimension_9=nglish&ep.ua_dimension_10=BenarNews&ep.ua_dimension_11=English&ep.ua_dimension_12=Benar%20English&ep.ua_dimension_13=Desktop&ep.ua_dimension_14=500&ep.ua_dimension_15=RFA-BN%20English%20Responsive&ep.ua_dimension_16=prod&ep.ua_dimension_17=Yes&ep.ua_dimension_18=english&tfd=27557
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-03YYQYPPKQ&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://s1sx6.pwl919.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 29 Apr 2024 00:15:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://s1sx6.pwl919.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lib.css
www.hk88game.com/css/ 		0
0
index.css
www.hk88game.com/css/ 		0
0
LOGOG.png
www.hk88game.com/img/pc/ 		0
0
headBg.png
www.hk88game.com/img/pc/ 		0
0
down.png
www.hk88game.com/img/pc/ 		0
0
mes.png
www.hk88game.com/img/pc/ 		0
0
game1.png
www.hk88game.com/img/pc/ 		0
0
game2.png
www.hk88game.com/img/pc/ 		0
0
game3.png
www.hk88game.com/img/pc/ 		0
0
game4.png
www.hk88game.com/img/pc/ 		0
0
game5.png
www.hk88game.com/img/pc/ 		0
0
game6.png
www.hk88game.com/img/pc/ 		0
0
resgiter.png
www.hk88game.com/img/pc/ 		0
0
newPron.png
www.hk88game.com/img/pc/ 		0
0
bannertitle.png
www.hk88game.com/img//pc/ 		0
0
banner1.jpg
www.hk88game.com/img/pc/ 		0
0
banner2.jpg
www.hk88game.com/img/pc/ 		0
0
banner3.jpg
www.hk88game.com/img/pc/ 		0
0
viptitle.png
www.hk88game.com/img/pc/ 		0
0
vipcont.png
www.hk88game.com/img/pc/ 		0
0
kefu.png
www.hk88game.com/img/pc/ 		0
0
jquery.min.js
www.hk88game.com/js/ 		0
0
swiper-bundle.min.js
www.hk88game.com/js/ 		0
0
lib.js
www.hk88game.com/js/ 		0
0
index.js
www.hk88game.com/js/ 		0
0
js-sdk-pro.min.js
sdk.51.la/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s1sx6.pwl919.com
URL
https://s1sx6.pwl919.com/uploads/images/j5EhMlOGnTyhVSEuZD
Domain
s1sx6.pwl919.com
URL
https://s1sx6.pwl919.com/uploads/images/DKWmMJ5uoPOwnBT7xGR
Domain
s1sx6.pwl919.com
URL
https://s1sx6.pwl919.com/uploads/images/GTyhnlO4MJ0tqUVk
Domain
s1sx6.pwl919.com
URL
https://s1sx6.pwl919.com/uploads/images/GzsQgTxtp2SiVRylZD
Domain
s1sx6.pwl919.com
URL
https://s1sx6.pwl919.com/uploads/images/FaIxMFOPMJkfnJ4k
Domain
s1sx6.pwl919.com
URL
https://s1sx6.pwl919.com/uploads/images/EBT7d25aVTYTfBT7z2ZtowR
Domain
www.hk88game.com
URL
https://www.hk88game.com/css/lib.css
Domain
www.hk88game.com
URL
https://www.hk88game.com/css/index.css
Domain
www.hk88game.com
URL
https://www.hk88game.com/img/pc/LOGOG.png
Domain
www.hk88game.com
URL
https://www.hk88game.com/img/pc/headBg.png
Domain
www.hk88game.com
URL
https://www.hk88game.com/img/pc/down.png
Domain
www.hk88game.com
URL
https://www.hk88game.com/img/pc/mes.png
Domain
www.hk88game.com
URL
https://www.hk88game.com/img/pc/game1.png
Domain
www.hk88game.com
URL
https://www.hk88game.com/img/pc/game2.png
Domain
www.hk88game.com
URL
https://www.hk88game.com/img/pc/game3.png
Domain
www.hk88game.com
URL
https://www.hk88game.com/img/pc/game4.png
Domain
www.hk88game.com
URL
https://www.hk88game.com/img/pc/game5.png
Domain
www.hk88game.com
URL
https://www.hk88game.com/img/pc/game6.png
Domain
www.hk88game.com
URL
https://www.hk88game.com/img/pc/resgiter.png
Domain
www.hk88game.com
URL
https://www.hk88game.com/img/pc/newPron.png
Domain
www.hk88game.com
URL
https://www.hk88game.com/img//pc/bannertitle.png
Domain
www.hk88game.com
URL
https://www.hk88game.com/img/pc/banner1.jpg
Domain
www.hk88game.com
URL
https://www.hk88game.com/img/pc/banner2.jpg
Domain
www.hk88game.com
URL
https://www.hk88game.com/img/pc/banner3.jpg
Domain
www.hk88game.com
URL
https://www.hk88game.com/img/pc/viptitle.png
Domain
www.hk88game.com
URL
https://www.hk88game.com/img/pc/vipcont.png
Domain
www.hk88game.com
URL
https://www.hk88game.com/img/pc/kefu.png
Domain
www.hk88game.com
URL
https://www.hk88game.com/js/jquery.min.js
Domain
www.hk88game.com
URL
https://www.hk88game.com/js/swiper-bundle.min.js
Domain
www.hk88game.com
URL
https://www.hk88game.com/js/lib.js
Domain
www.hk88game.com
URL
https://www.hk88game.com/js/index.js
Domain
sdk.51.la
URL
https://sdk.51.la/js-sdk-pro.min.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Domain/Path Name / Value
s1sx6.pwl919.com/ Name: a527b4b55f2929bb8fd3bdab704c5705
Value: a729f6d936ff5532277bf4e25c1db5bc
s1sx6.pwl919.com/ Name: __vtins__3HxKKpJCWQpulFxW
Value: %7B%22sid%22%3A%20%22fbe76a9e-896f-547f-8519-f71cdbf9d81a%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201714351526642%2C%20%22ct%22%3A%201714349726642%7D
s1sx6.pwl919.com/ Name: __51uvsct__3HxKKpJCWQpulFxW
Value: 1
s1sx6.pwl919.com/ Name: __51vcke__3HxKKpJCWQpulFxW
Value: d6237b48-62d6-5fbd-830a-5d3b17d43897
s1sx6.pwl919.com/ Name: __51vuft__3HxKKpJCWQpulFxW
Value: 1714349726646
.pwl919.com/ Name: utag_main
Value: v_id:018f2734dc7100092caa937761320506f002806700b08$_sn:1$_se:1$_ss:1$_st:1714351526840$ses_id:1714349726840%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:pwl919.com
.demdex.net/ Name: demdex
Value: 01588518022339153894005676152987656898
.pwl919.com/ Name: AMCVS_518ABC7455E462B97F000101%40AdobeOrg
Value: 1
.pwl919.com/ Name: s_cc
Value: true
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Zi7mnwAAAGTqaAO-
.dpm.demdex.net/ Name: dpm
Value: 01588518022339153894005676152987656898
.pwl919.com/ Name: AMCV_518ABC7455E462B97F000101%40AdobeOrg
Value: 1176715910%7CMCIDTS%7C19843%7CMCMID%7C01607828403292879744006067075000720409%7CMCAAMLH-1714954527%7C6%7CMCAAMB-1714954527%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1714356927s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19850%7CvVersion%7C5.4.0
.pwl919.com/ Name: _ga
Value: GA1.2.628293916.1714349728
.pwl919.com/ Name: _gid
Value: GA1.2.1045932529.1714349728
.pwl919.com/ Name: _gat_tealium_0
Value: 1
.pwl919.com/ Name: _ga_03YYQYPPKQ
Value: GS1.2.1714349727.1.0.1714349727.0.0.0

26 Console Messages

Source Level URL
Text
network error URL: https://s1sx6.pwl919.com/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://s1sx6.pwl919.com/template/Brasil/a3/css/jquery.sidr.dark.css
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://s1sx6.pwl919.com/uploads/images/logo.png?n=&w=180
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://s1sx6.pwl919.com/uploads/images/kWQQbaxuVREuozttpmR
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://s1sx6.pwl919.com/uploads/images/ITwQgT5aVUEcovOYZD
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://s1sx6.pwl919.com/uploads/images/EBT7d25aVTYTfBT7z2ZtowR
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://s1sx6.pwl919.com/uploads/images/JzyhMJEcozHtJzxk
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://s1sx6.pwl919.com/uploads/images/FRkJVRy3LJ1up2Rk
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://s1sx6.pwl919.com/uploads/images/Gzuc4ohUoFO24ohyVT7uhepk
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://s1sx6.pwl919.com/uploads/images/kWOHVRwQbT4tHKKuh5SwZD
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://s1sx6.pwl919.com/uploads/images/IUYuh7SwVUEc4od-pPOJZD
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://s1sx6.pwl919.com/uploads/images/FRkJVSHlZlOWpzRk
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://s1sx6.pwl919.com/uploads/images/FRkJVSAbMJMznJHk
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://s1sx6.pwl919.com/uploads/images/GZB9VTEiVRcioz55ZD
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://s1sx6.pwl919.com/++theme++benar/search-icon-white.svg
Message:
Failed to load resource: the server responded with a status of 502 ()
other warning URL: https://s1sx6.pwl919.com/?btwaf=53997723
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://s1sx6.pwl919.com/?btwaf=53997723
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://s1sx6.pwl919.com/?btwaf=53997723
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://s1sx6.pwl919.com/?btwaf=53997723
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://s1sx6.pwl919.com/?btwaf=53997723
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://s1sx6.pwl919.com/?btwaf=53997723
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://s1sx6.pwl919.com/?btwaf=53997723
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://s1sx6.pwl919.com/?btwaf=53997723
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://s1sx6.pwl919.com/?btwaf=53997723
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://s1sx6.pwl919.com/?btwaf=53997723
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://s1sx6.pwl919.com/?btwaf=53997723
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bbg.demdex.net
bbg.sc.omtrdc.net
buttons-config.sharethis.com
cm.everesttech.net
collect-v6.51.la
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
l.sharethis.com
region1.google-analytics.com
s1sx6.pwl919.com
sdk.51.la
ssc.benarnews.org
stats.g.doubleclick.net
tags.benarnews.org
tags.tiqcdn.com
www.google-analytics.com
www.googletagmanager.com
www.hk88casino.com
www.hk88game.com
s1sx6.pwl919.com
sdk.51.la
www.hk88game.com
104.221.132.71
163.181.92.237
172.67.201.163
176.34.167.98
18.172.112.52
2001:4860:4802:32::36
203.107.86.226
2600:9000:206f:2a00:c:abe:f440:93a1
2600:9000:235a:7000:7:2bfb:7c00:93a1
2a00:1450:4001:810::200a
2a00:1450:4001:812::2003
2a00:1450:4001:827::200e
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9c
3.72.164.216
52.16.30.197
52.214.77.117
63.140.62.17
63.140.62.222
08a346e9e53d6b54b5075053c3728817e6eff5a781c95c3ea7d64512a9d50400
18d46950dd37823a5c9d0f13c36723cbf47aa8bd5d8d1547a4d05b04851815d4
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2b6b897ffcf23cc5ad4fd6f6a2b3e0075cc0fe8c3ddf1d228e6d4166698003dc
2c0c65e68f43ee3a26128e8c516a9de1bdcaa463ae97d6e3ec6f9ca7646b9aee
2cb8e7e84820ea31dd4864d4498faad211103b7042b9b6cb35281a8527cebc8a
3e6767cdb9a1dfa8d499e29f3224bfb56f7b2aa5f3e6c919a92fab4ac585139f
6d5325062a4bcbc105515fc1f50831ad509422aaa9aebd0fc63154e3f1177999
73118f58510f80a1610100bd3dd56ef7328382a477a0430004be5b76e9a724dd
7fbb7d0e3338e89ebead71b921eb04443793b56bbdd434e2e5cf58ecf5991b96
89a4a5eb4f7fedc4d946dd6fa5c1ee9be4bc396b592490385a605ecbb22ef141
8af1b42afb95212800e87123d521a7154072e6d4e2ccaced3974d325b04d46e8
992265ef5439b4925f0b0deeafb9061066e91515da7958f59bc399fc8e2f9b7a
9c52364aa5bb36383e699d5bab6646c1a6e2ff7f000bd99ff4f13184b6714a7e
a1121a68aa344b2860cf8c684dbb61ff0f8e5e8006bca6afcde4af7ae66e8e74
ab0b63987969ba7b2b8415f4c72ad9d8911ef888682a82971e1b6c3749f82e06
bfd11f3d2f5af43d38cc7d2d61e0629909f1f1638cf5fef4a84fd4413465e644
c54dffee88bf675c0aa8628675dbd4380d737d959604d9f43faca7a965503718
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
d4301ded2563a0304c0daa4858238efc1c4174095c6bf2a244168e7381c2a3b0
d57486a5b0dac2a4d562cf3288ab72767c4ae9756d5a76ac28b343d16b717b7e
daf4c69e49acbeea24c42417dd9c4d6fa1d837d79470f02f3ec4f908ea676dec
df083a053146d36f99daea6b5d3348ef38e9955487c5f223f09daf613b38d771
df8729ca85a298b83df80d745512a143f2460abe7848da74126b25e09d40f2d1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed8fb982cca8eef53eb358236213c23fbf11c5ea803d9e1ba23cc8f671b9c1ab
f0123e3039dbf234d506b0774986ef08e75fcac3fe7c965e5bd8640a14f02290