urlscan.io logo urlscan.io
SecurityTrails logo

m.medaliemas129.xyz Open in urlscan Pro
2606:4700:3034::ac43:c2eb  Public Scan

Go To Rescan Add Verdict Report
URL: https://m.medaliemas129.xyz/
Submission: On June 10 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 5 countries across 9 domains to perform 178 HTTP transactions. The main IP is 2606:4700:3034::ac43:c2eb, located in United States and belongs to CLOUDFLARENET, US. The main domain is m.medaliemas129.xyz.
TLS certificate: Issued by GTS CA 1P5 on May 25th 2024. Valid for: 3 months.
This is the only time m.medaliemas129.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
129 172.67.194.235 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 95.101.23.96 20940 (AKAMAI-ASN1)
3 92.123.103.67 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
9 157.240.251.9 32934 (FACEBOOK)
4 2a03:2880:f17... 32934 (FACEBOOK)
1 188.114.96.3 13335 (CLOUDFLAR...)
16 157.240.251.35 32934 (FACEBOOK)
1 92.123.103.74 20940 (AKAMAI-ASN1)
1 172.67.186.140 13335 (CLOUDFLAR...)
178 14
8    2606:4700:3034::ac43:c2eb (United States)

ASN13335 (CLOUDFLARENET, US)
m.medaliemas129.xyz
1    2606:4700::6812:323 (United States)

ASN13335 (CLOUDFLARENET, US)
pub-1afacac1f4734757b0908784991abb88.r2.dev
129    172.67.194.235 (United States)

ASN13335 (CLOUDFLARENET, US)
m.medaliemas129.xyz
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    95.101.23.96 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-23-96.deploy.static.akamaitechnologies.com
cdn.livechatinc.com
cdn.livechat-files.com
3    92.123.103.67 (Bucharest, Romania)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-103-67.deploy.static.akamaitechnologies.com
api.livechatinc.com
1    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
blogger.googleusercontent.com
9    157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net
connect.facebook.net
4    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
capig.stape.us
16    157.240.251.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra5.facebook.com
www.facebook.com
1    92.123.103.74 (Bucharest, Romania)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-103-74.deploy.static.akamaitechnologies.com
secure.livechatinc.com
1    172.67.186.140 (United States)

ASN13335 (CLOUDFLARENET, US)
ap.stape.info
Apex Domain
Subdomains		 Transfer
137 medaliemas129.xyz
m.medaliemas129.xyz
2 MB
20 facebook.com
www.facebook.com — Cisco Umbrella Rank: 119
6 KB
11 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 205
179 KB
5 livechatinc.com
cdn.livechatinc.com — Cisco Umbrella Rank: 5581
api.livechatinc.com — Cisco Umbrella Rank: 5074
secure.livechatinc.com — Cisco Umbrella Rank: 6283
34 KB
1 livechat-files.com
cdn.livechat-files.com — Cisco Umbrella Rank: 16517
27 KB
1 stape.info
ap.stape.info — Cisco Umbrella Rank: 53281
669 B
1 stape.us
capig.stape.us — Cisco Umbrella Rank: 53724
643 B
1 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 9704
34 KB
1 r2.dev
pub-1afacac1f4734757b0908784991abb88.r2.dev — Cisco Umbrella Rank: 366782
8 KB
178 9
Domain Requested by
137 m.medaliemas129.xyz m.medaliemas129.xyz
20 www.facebook.com m.medaliemas129.xyz
11 connect.facebook.net m.medaliemas129.xyz
connect.facebook.net
3 api.livechatinc.com cdn.livechatinc.com
1 cdn.livechat-files.com
1 ap.stape.info connect.facebook.net
1 secure.livechatinc.com cdn.livechatinc.com
1 capig.stape.us connect.facebook.net
1 blogger.googleusercontent.com m.medaliemas129.xyz
1 cdn.livechatinc.com m.medaliemas129.xyz
1 pub-1afacac1f4734757b0908784991abb88.r2.dev m.medaliemas129.xyz
178 11

This site contains links to these domains. Also see Links.

Domain
secure.livechatenterprise.com
Subject Issuer Validity Valid
medaliemas129.xyz
GTS CA 1P5		 2024-05-25 -
2024-08-23		 3 months crt.sh
*.r2.dev
E1		 2024-06-03 -
2024-09-01		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-19 -
2024-06-17		 3 months crt.sh
livechat.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-01-31 -
2025-01-31		 a year crt.sh
*.googleusercontent.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
capig.stape.us
E1		 2024-05-04 -
2024-08-02		 3 months crt.sh
ap.stape.info
GTS CA 1P5		 2024-05-05 -
2024-08-03		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://m.medaliemas129.xyz/
Frame ID: 156EA697340E5C1DCEA34253A5C3EC70
Requests: 180 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=15852072&group=0&embedded=1&widget_version=3&unique_groups=0
Frame ID: 452056C5F71B9D9400BB7879E8B2CF8F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

JOS129 SITUS GAME ONLINE SLOT GACOR DAN CASINO SERVER RESMI INTERNASIONAL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • cdn\.livechatinc\.com/.*tracking\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

178
Requests

100 %
HTTPS

38 %
IPv6

9
Domains

11
Subdomains

14
IPs

5
Countries

1957 kB
Transfer

4319 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

178 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
m.medaliemas129.xyz/ 		279 KB
88 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.medaliemas129.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c2eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
81ff8783c414f90f9b9a9720b339b98cdbf2c4d7c1a962796dc547b69564a1f0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8917ab590fdc9be9-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 10 Jun 2024 07:32:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jm4%2Fs05jTx38foxF8vjG%2Fj5KBbwQkierTa%2Fi5THybwweYyRWU48RLx2btvPlMnTVvqbeR6%2BKT%2Fbdc5SxbVCBol4jLUSP6yuPc0TndsrryNAaRlcNY8jYKk5lY2aa1%2FI9TeQ9dIFie21YxDceCDy8599h"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
bootstrap.css
m.medaliemas129.xyz/assets/css/ 		144 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://m.medaliemas129.xyz/assets/css/bootstrap.css
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c2eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ef9c554bca3ce5b9f978b626ff8c3a441c0468af2599bdb4e9b6b32f6743f058

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 16 Jun 2015 08:12:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"0ed633cca8d01:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n3%2FSbS8DHYfMX23afRuYT%2FmmxwlgE3I9B%2BSXFK2PfyY5x9Ni28ZgWnmO1R4faRKHmfYrHSHhjvRVhHQHPqywMsfA%2BXTH9mbTsXlnqipKiR6Qlf7HFTXdlVf7llnts8ixdYntwUDYxpDn6hll9FWPx0Im"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8917ab5d9e649be9-FRA
alt-svc
h3=":443"; ma=86400
bootstrap-theme.css
m.medaliemas129.xyz/assets/css/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://m.medaliemas129.xyz/assets/css/bootstrap-theme.css
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c2eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
86d924c6845280bfd794e4c53be51ebcc8a284438061120dc86dfee8c84c0a53

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:46 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 10 Aug 2018 11:24:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"8215bdb09c30d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eO5457Vbm0N3U7LwaB93TQVz0bWMCTnrRVTCUOc5IsoqqwEegLc5Uxuunjj0D8LvViH4lyLANOsB3RhbV5A7pPrVfeTTWvsYBf3nZLLQM6UfuX2KA1e34d%2FNTznN1MGMUVAQQxyGh4u0EtMc92SffuCB"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8917ab5d9e669be9-FRA
alt-svc
h3=":443"; ma=86400
styles.css
m.medaliemas129.xyz/assets/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://m.medaliemas129.xyz/assets/css/styles.css
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c2eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
797018ada1b7b9f6fc5a1f6aec6fec2246c4e59f95fa1f993e1357cd62d2bf91

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 07 Jan 2019 02:22:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"e053b9d82fa6d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DYUSvQ8JS%2FB%2Bps0eyXS5PHq1tcQawwhQR%2B4gvyAG7lU3Ib%2BMUG6ZSy3oWaHXUkVfvvzDKkcT4UEhwhXQsvzUulWr1nQSizJN%2BV3MQdgdoUE08w6SyD3eUndNifpQQqF5gcy2aNyQSDY3Hq5CUxeBbV%2Bu"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8917ab5d9e679be9-FRA
alt-svc
h3=":443"; ma=86400
BlackBlue_v3_1.css
m.medaliemas129.xyz/assets/css/theme/t5/ 		74 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://m.medaliemas129.xyz/assets/css/theme/t5/BlackBlue_v3_1.css
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c2eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
560a1438c6fa3a0e72f137d3318ceb803226fa0a664a48a1407b3924875a92b0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 25 Oct 2023 04:20:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1324a49bfa6da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bbMMEIrs54ZZ1UNePfqj371xHMl5C5FeNktjw5YATuJDKJm%2BwgVszY9WvRnybMKqb39GyupoKihwG%2FA08Ma4ADpXcMyETNR%2Fhb79UoLWjP5oJGYegxqV99L7vcTseCXEIUJf7zgrN2EgcZh0%2Be4opg5o"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8917ab5d9e689be9-FRA
alt-svc
h3=":443"; ma=86400
qrisjos129min_20235332015332.png
m.medaliemas129.xyz/assets/banner/IND/ 		648 KB
649 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/banner/IND/qrisjos129min_20235332015332.png?V=1693990420
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c2eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
aab95f5cb6e6426a0e15c5f31118ab08f95275851e429c8116fabb94686e9eb3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
cf-cache-status
MISS
last-modified
Wed, 06 Sep 2023 01:53:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2a6c94f464e0d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lf%2F60aqvpXV6%2F7Ruee3X2Sgh0WswrJ1GV0d6MpvrLBrPm6q%2BiPXnFd%2B9utwJyDUtWZWf8uBHaQKSIWdqh1q5BzTh2zzKX5PZBMTUaQbr467UQHaZBbG5wkZMQn9A5dp0uI1Xky9%2BXd6bNfMhgTtPzw%2B%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab5d9e699be9-FRA
alt-svc
h3=":443"; ma=86400
content-length
663523
api.js
pub-1afacac1f4734757b0908784991abb88.r2.dev/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pub-1afacac1f4734757b0908784991abb88.r2.dev/api.js
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee11a6da733e3853a5d7308ee41a1587346a718c7c7b4984b3828bf7e8a249fa

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 10 Jun 2024 07:32:46 GMT
Last-Modified
Sun, 24 Dec 2023 14:34:58 GMT
Server
cloudflare
ETag
"93b61be3dc6d81627f658525a392054c"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
8917ab5f1ba7903d-FRA
Content-Length
7810
Color_blue_ID.png
m.medaliemas129.xyz/assets/brand/game/2/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/Color_blue_ID.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7514d4664a621dbecc507a79814e38a6c6ca3fb5f1cf58f1ec6818ede8b7a704

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
cf-cache-status
MISS
last-modified
Thu, 30 Jun 2022 14:27:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0e767808d8cd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FRk07%2FxYFt%2FPaq2gskxAk6Fdlek%2BI7gRKMoryzE0oVQyqgThZ2oacMP2ecWnAv08J9tVcFUMqnirodBob8w9qx3b5MxCgvM%2FDinXkPRKfUqpyABPwdNt4ECsfoUqx7oXHm%2Buj0CT"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab608ab3193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
3348
qrisjos129min_20235332015332.png
m.medaliemas129.xyz/assets/banner/IND/ 		648 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/banner/IND/qrisjos129min_20235332015332.png?V=1693990420
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c2eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
aab95f5cb6e6426a0e15c5f31118ab08f95275851e429c8116fabb94686e9eb3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
cf-cache-status
MISS
last-modified
Wed, 06 Sep 2023 01:53:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2a6c94f464e0d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lf%2F60aqvpXV6%2F7Ruee3X2Sgh0WswrJ1GV0d6MpvrLBrPm6q%2BiPXnFd%2B9utwJyDUtWZWf8uBHaQKSIWdqh1q5BzTh2zzKX5PZBMTUaQbr467UQHaZBbG5wkZMQn9A5dp0uI1Xky9%2BXd6bNfMhgTtPzw%2B%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab5d9e699be9-FRA
alt-svc
h3=":443"; ma=86400
content-length
663523
btnclose.png
m.medaliemas129.xyz/assets/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/images/btnclose.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
86701be5f4e1043bde4b8f54c2996f17380189f67d54a64c2ac87103641fb144

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
cf-cache-status
MISS
last-modified
Wed, 24 Aug 2016 06:46:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"07c4a49d3fdd11:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2cYr1i2HfeV%2FbDQRk8a8w4xFdn8vB5ciUkWJPYvaybL2HxMNF%2BJcIZfasTwANcV%2B8JxB2gIOL9k09RSo8OD%2FDsoB7%2BnchU99ZXtnKy2cpS6xFcfwAxqE3Q9YenM%2B45i1Vz%2BZR9%2BJ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab608ac4193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
6377
bca.png
m.medaliemas129.xyz/assets/bank/grey/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/bank/grey/bca.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4f7e208aa98c142735bc1ac6febbf05799fab5f6f76dfce217cc274f80c69f04

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
cf-cache-status
MISS
last-modified
Tue, 09 Feb 2021 10:12:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"10dcca14ccfed61:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lptdw8%2FDtUvbBatBbXmp%2BFY2onP9Hp8q2gMAQI90ikANf%2F3xBhD4m%2By3c%2B200IZdQBPa%2FCREsg28KGQJgAEH%2Bf4IpkIPb5Nj34f9XWzKdijWnuBA9062GYvvn0KHeOTqV%2FnPDiYl"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab608ac7193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
2215
bni.png
m.medaliemas129.xyz/assets/bank/grey/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/bank/grey/bni.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6bf74188011c99543ac6e80b300af8e4484fe947962236d7dddb0c8f0650767a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
cf-cache-status
MISS
last-modified
Tue, 09 Feb 2021 10:15:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"27b85381ccfed61:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dkk7gwvB4ZhcqbnsE70ugAS2xoDhn9XJpEDSZIkYve%2B%2BL6bHfYdjQ4ghUIqGjriKVIcMdNU0VnfzcEP3SVU%2Bu%2B095BkFaKM0oiV6xHOYEUcSVTcEw7fHKCRg%2F3WwIWGpDNrAVj2O"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab608acd193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
2065
bri.png
m.medaliemas129.xyz/assets/bank/grey/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/bank/grey/bri.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bd3ae02525bc29302433cac7b48db0ce44f281edea3abbd65dbf50f3aa67a851

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
cf-cache-status
MISS
last-modified
Tue, 09 Feb 2021 10:15:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"75d2cf78ccfed61:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jg2YqzAifoHJa5K1oRfzOS5aX9WJpXRzSoV%2FKxwMKyFdmd35kzD84un9rJ3T1YB%2FAafGbIDX8ykhQiNEGuYinPhVzBPP2VVjxO8W7HoxdjzRYvfN6B%2FJf7ZuBK6lnkb8CLIEeD6R"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab609acf193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
2173
dana.png
m.medaliemas129.xyz/assets/bank/grey/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/bank/grey/dana.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bc1ce9111070a7d392514d4a256aaedf170e87b44cd2b112acce103dc52f9015

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
cf-cache-status
MISS
last-modified
Tue, 09 Feb 2021 10:14:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"f198f96bccfed61:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c%2FltOeusouCcgNtAsF9jgzWYvYiqoL79zn2NMDCdEfWKYCDHb90pkJ2cKzIBXoL9uqRw9T%2Bzklja03tCFOHFecSsgI9IigJ5NnEkBtORIUzqgkZkgCMBG1Pm%2FKt7%2Bhy%2BGEO4iuWO"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab609ad5193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
1910
gopay.png
m.medaliemas129.xyz/assets/bank/grey/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/bank/grey/gopay.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
022c777bbc0fef728878ede6b17c0eaad74f4070269da38d9fdafb5c3fbf65e5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
cf-cache-status
MISS
last-modified
Tue, 09 Feb 2021 10:14:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"eacf9f61ccfed61:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iI%2FoaRPtEtfWvrozRmBH4%2BYBEo82AiJ8cU5D%2BgTTHqG5kBq9Fcifw4XoG%2BEOU3lesvHgg01%2FLle%2FhIiy6b5sqGmLWeiLwRzpzLSz6u2XNZw6J6daIIW9hjxbjyx3850bOkWBzqO0"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab609ad9193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
2563
linkaja.png
m.medaliemas129.xyz/assets/bank/grey/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/bank/grey/linkaja.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c391d2955f18f04e36661026af4410f44a3c72284f325a138df7d3e64c0a5190

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
cf-cache-status
MISS
last-modified
Tue, 09 Feb 2021 10:14:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3cc45a5accfed61:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FwIL2Cxep1iX%2B1hE%2B0%2Fj5tVzuDCscGyr8CHlQM3mV24MjDZbIttqOd8NvOl%2BN2x%2BiYI2XQ4ZEXgY4zVKmLS5pL%2BDDyhBm%2FGQDsyKMxVNSwK80luLJDtFi2T83x%2FQ%2Bsf5ivfLf8Om"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab609adb193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
1738
mandiri.png
m.medaliemas129.xyz/assets/bank/grey/ 		537 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/bank/grey/mandiri.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9dee79a8ecdf5575e2636416afbebd55d2d0e14ecf3a7f4540aec06685e142c8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
cf-cache-status
MISS
last-modified
Fri, 19 Jan 2024 15:41:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"67a3a8eced4ada1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gbUgv%2BRTU4%2BJOWM2mKJ38j38E47%2FjHK6yPCMjvbWOGx1J88E3XYJfppvxEhg%2BeUv6tyr66%2FjGw2kVe%2BJU3RFzTGJpYhOWYhbP5MSt63F0XeEi603bztL5vdWernPveoJNl3dJa0b"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab609adc193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
537
telkomsel.png
m.medaliemas129.xyz/assets/bank/grey/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/bank/grey/telkomsel.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7d5be582630338ef0f433174ac87197737617f061d0582bc5cd4562627bd361b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
cf-cache-status
MISS
last-modified
Tue, 09 Feb 2021 10:12:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"fdae2f22ccfed61:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TmmynbfiNa6QN%2Bhit4pym%2B78nWpiGNy1uz5gowiUHZyLrrHsA0jCFla409ASjkytQr%2BPRxjPoJvaocrnxr1KV1J0yI%2FEhUHpYE6lfEfgOuwHjnoSjIAhHLa3kUkSkSr4P79gtbKS"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab609ade193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
2216
home.svg
m.medaliemas129.xyz/assets/menuicon/white/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/menuicon/white/home.svg?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
089650b46c0acf567f7133b55ce71b03c1a7d11ff62b834623e16a717b60ae3c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 22 Jun 2022 06:02:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"c5f231a3fd85d81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M5VEv43VPoEoGKRoab2Qnhtr89%2FGEsrsHgkkD7KgboNw6EH4WxW%2FgTvkuLQiOYGhDwKQpAljY4sOxxkWsYPt%2FNi9NjVMim18D9hX1oMjVeqx9i5Y6X6m2R5il9zfti%2BdX5%2BHasl1"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8917ab609ae0193b-FRA
alt-svc
h3=":443"; ma=86400
android.svg
m.medaliemas129.xyz/assets/menuicon/white/ 		941 B
959 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/menuicon/white/android.svg?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d85114f7d2351ba510021d79f42c9b2fe1282ca9a061a13bde501b47677dae9d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 22 Jun 2022 06:03:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"52b5d1d8fd85d81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RYw4mH9VRFcwaDm7gTGH8sbhEsQtC1X94EaYghx3%2F%2FmE%2FesMG3P6armeJf%2BYELcuE%2BBUA5hmht8%2BB4SpfE%2FYyAOFTZ2NPeWsoOMe8smCNL3N3msLguqgDfAhCORNnNZb9mo28Lkd"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8917ab609ae3193b-FRA
alt-svc
h3=":443"; ma=86400
promo.svg
m.medaliemas129.xyz/assets/menuicon/white/ 		1008 B
997 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/menuicon/white/promo.svg?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ff32c7e333a0c8869e47cac252890c651543af3bea4df49b4e0f303f46d17e12

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 22 Jun 2022 07:18:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"4b2e6341886d81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P8cPOGqhehDe1cOcVJ12Isw7Y%2FuDqToqzIgevTZMl5GV4e5Od%2FVlY5dWQzIrkmn7xh6A3yQf8B%2ByfBGJ8oBFe5i3EWh5UJA59G4n%2FKs5tFBLUnibTGXxMTU0H093LZ84vkz8BDqO"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8917ab609ae6193b-FRA
alt-svc
h3=":443"; ma=86400
livechat.svg
m.medaliemas129.xyz/assets/menuicon/white/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/menuicon/white/livechat.svg?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5deee0615e7d28131c2a7cdc2198a082d167f3fae7753f96bfff9f5d19998d55

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 22 Jun 2022 07:22:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"c5b3c5e2886d81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LZnU73ElCzRRYRQM8MZrwRNNBnJ8pe6Fy%2B6Ma3Ny60TM71MsLrvPA%2BeuoK9B0m8wp4GiQsAtZmeAmRyqNkYqP2WB7plsttW5TLeRfYU0hu3C7GkjdxAhvTDMqmv0oBBkY5TRg4sw"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8917ab609ae8193b-FRA
alt-svc
h3=":443"; ma=86400
jquery-1.11.3.min.js
m.medaliemas129.xyz/assets/js/ 		94 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.medaliemas129.xyz/assets/js/jquery-1.11.3.min.js
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 19 Oct 2015 07:47:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"0dab05f42ad11:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N3QMBUu5c9YB12kh8ZtDaNubJlneZ%2FcpVDtkwU8iYla34VfOZkIlTMl9BCAzi5JwXas7DtbJw4WnxbsnOFlFTKDjYnogfwkWhYzrQJTwcHbGmw0ar523aLcFW7sIkh1vhx1elZOf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8917ab609aec193b-FRA
alt-svc
h3=":443"; ma=86400
jquery.touchSwipe.min.js
m.medaliemas129.xyz/assets/js/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.medaliemas129.xyz/assets/js/jquery.touchSwipe.min.js
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f3d38ac4a48d76a15a2096e22361711c0efbd096c1a28bc8e013c11a6b83e24b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sun, 26 Jan 2020 02:09:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1a48d5b5edd3d51:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iD%2Be%2BvjovPtHpua1gS7Ave6zb9ckhGm1V7ejktK4vyTip9G0aRgMW6TfzPtb7d73CbiT43eCmBLMPwazMfvySZnLopNce2LpO7d0lhO14eY8zMnt78K3mWlD1UewA5IomLVzZUOT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8917ab609aed193b-FRA
alt-svc
h3=":443"; ma=86400
jquery-marquee.js
m.medaliemas129.xyz/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.medaliemas129.xyz/assets/js/jquery-marquee.js
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
256c1405a4906babd2193470fa5b7cff86526257ce44a77d8ace030623e5ae84

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 02 Feb 2022 03:39:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6bc82786e617d81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=drLRfA9BBGVjXU6PYcnC%2FRz1hUxnk2JQELv1xOWfbEIzTOUmW1Lqp3IRlztesWQE4CPBOuaq4WutxzlgnX6P5mLyGw9g6xubDF%2F3IRO0rNchP8HnLw9sYUWuX69N%2FTC%2BGv3p4zZl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8917ab609aee193b-FRA
alt-svc
h3=":443"; ma=86400
bootstrap.min.js
m.medaliemas129.xyz/assets/js/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.medaliemas129.xyz/assets/js/bootstrap.min.js
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 20 Oct 2018 00:22:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"ab1b6eca68d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uV8WUj2ugJNpOGV2Zdc%2Bmc7L9%2Flj7oH%2FgKExvjdNonRCqRkA6CDH2bdYOwqFeFUYHfLxB%2FLvet%2FvrnYrUp52KYyaE395rQXrpzj%2F1mNSX9XrbLIrOpBwDkAQOZsQp4yQ6eWgtUkb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8917ab609af0193b-FRA
alt-svc
h3=":443"; ma=86400
ie10-viewport-bug-workaround.js
m.medaliemas129.xyz/assets/js/ 		641 B
829 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.medaliemas129.xyz/assets/js/ie10-viewport-bug-workaround.js
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f663fd5d5698e04a8e56de60c13c54abcb6943adcb21c3d5e80866d0eda0604d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 19 Oct 2015 07:37:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"0ee22d41ad11:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mkd0gH2fIXUfM4tZDRQ98x6vYajQIvgjaES2im6PJscdre1%2BEMm1SoSAXm7Zg1GEEmdBJvptCo78syRyfd7czqF3%2BdeKVtqdCrHHYpQqm%2Fiq1gdG2Lsnu3OBnEJsfmvwJ3R3ixs8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8917ab609af1193b-FRA
alt-svc
h3=":443"; ma=86400
WebResource.axd
m.medaliemas129.xyz/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.medaliemas129.xyz/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZOXPk7jVFG1wWV4GdpEhIg66r9yor632SP5CY-q6aOyovNe5ySCo_3cNqCWavROjgQ2&t=637814653746327080
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Sat, 26 Feb 2022 09:42:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YAtCFAQEl73hMcB8rAiFTXUGljRYnGENcXcigBns6cdL3UIguVCOdmprRpASCC2hYgvzzFkRJ7k8XVfW2yA2L%2FozMvZCeeCYzxcKRe3sMAFOkH8%2FT739HrNxpxct%2BB7l3HYyH6Dv"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public
cf-ray
8917ab60bb0d193b-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 10 Jun 2025 02:06:13 GMT
fbevents.js
connect.facebook.net/en_US/ 		219 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 10 Jun 2024 07:32:47 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57975
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2787, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
vqd8nNasyk3Llj/wdFNuiULlQkOA5jB91aFmwfrxvVTXHF1GHTA1iO6O0t0vEaKpjfUN2S3yD83h28MIDT68Ug==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
tracking.js
cdn.livechatinc.com/ 		90 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/tracking.js
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.96 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-96.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ecb5d5ec96a80a51f5857b503265cc1a3b181b4fb2f46d18a0d648704e4df2c1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
YAUJmmb0RNGrlsljjURGVfTNkmHxelHW
content-encoding
br
date
Mon, 10 Jun 2024 07:32:47 GMT
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
cross-origin-resource-policy
cross-origin
content-length
27741
last-modified
Fri, 07 Jun 2024 07:23:57 GMT
server
AmazonS3
etag
W/"4d2ed1c5630b412ceabadff6f7be9c3a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=28800
x-amz-cf-id
3M2wA0dC_3U2egX6iz5-NS0Z1hF1CytCtWdzAhP0lJ0pxIJ9pssXaA==
expires
Mon, 10 Jun 2024 15:32:47 GMT
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
Color_blue_ID.png
m.medaliemas129.xyz/assets/brand/game/2/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/Color_blue_ID.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7514d4664a621dbecc507a79814e38a6c6ca3fb5f1cf58f1ec6818ede8b7a704

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
cf-cache-status
MISS
last-modified
Thu, 30 Jun 2022 14:27:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0e767808d8cd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FRk07%2FxYFt%2FPaq2gskxAk6Fdlek%2BI7gRKMoryzE0oVQyqgThZ2oacMP2ecWnAv08J9tVcFUMqnirodBob8w9qx3b5MxCgvM%2FDinXkPRKfUqpyABPwdNt4ECsfoUqx7oXHm%2Buj0CT"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab608ab3193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
3348
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7bae3d0f94539fa400a4d52c68754c3afc195385e5f44bab0cea2caf76eca4a0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpg
qrisjos129min_20235332015332.png
m.medaliemas129.xyz/assets/banner/IND/ 		648 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/banner/IND/qrisjos129min_20235332015332.png?V=1693990420
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c2eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
aab95f5cb6e6426a0e15c5f31118ab08f95275851e429c8116fabb94686e9eb3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
cf-cache-status
MISS
last-modified
Wed, 06 Sep 2023 01:53:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2a6c94f464e0d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lf%2F60aqvpXV6%2F7Ruee3X2Sgh0WswrJ1GV0d6MpvrLBrPm6q%2BiPXnFd%2B9utwJyDUtWZWf8uBHaQKSIWdqh1q5BzTh2zzKX5PZBMTUaQbr467UQHaZBbG5wkZMQn9A5dp0uI1Xky9%2BXd6bNfMhgTtPzw%2B%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab5d9e699be9-FRA
alt-svc
h3=":443"; ma=86400
content-length
663523
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6807e26a913e12e5edb6679c05391d12bbec3fbd0c67eca3484088175f0690b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpg
android3.png
m.medaliemas129.xyz/assets/images/theme/5_BlackBlue/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/images/theme/5_BlackBlue/android3.png
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/assets/css/theme/t5/BlackBlue_v3_1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
667ee9a0e27c1d92ac0a053fe51876a73f217322ce55835cc9e8afaeffdcac8c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/assets/css/theme/t5/BlackBlue_v3_1.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
cf-cache-status
MISS
last-modified
Tue, 31 Jan 2023 08:55:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"cb4984d45135d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vEPeMj3XPDAov6b8mLD2qPEt8jPFQRfGOq65pdvNFSa7j2a6o6X6KGmwpW1%2FUFaIpxvLNffeeuRW%2BI8CQ%2Bo14KayQb6WnyaTs7kWpUkUbqOw7pWH4P06h9hxsP03y%2F%2BKA7mH3hdZ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab631ef9193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
1291
icon-6.png
m.medaliemas129.xyz/assets/images/theme/5_BlackBlue/gameicon-60/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/images/theme/5_BlackBlue/gameicon-60/icon-6.png
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/assets/css/theme/t5/BlackBlue_v3_1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8e65509f3f6b8978b7e8b0408b206aac5536662d115da12ff0ce9e5fbee0a9f3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/assets/css/theme/t5/BlackBlue_v3_1.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
cf-cache-status
MISS
last-modified
Tue, 31 Jan 2023 08:55:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"c0f39dd45135d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4lCGu03pTIhRQonzk1H%2F0yap06s7zkp9e1dT7HJxwoOIO%2FLYGXLS%2FZd4vCzKhTpCvm6q8XJFE89F8NguYIzq0H5QVRxosRDGCfRrg7WH%2FgvmLQUM2d%2B6h4Ao5hdX0BUHzYWZuDJv"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab632f00193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
1974
icon-3.png
m.medaliemas129.xyz/assets/images/theme/5_BlackBlue/gameicon-60/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/images/theme/5_BlackBlue/gameicon-60/icon-3.png
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/assets/css/theme/t5/BlackBlue_v3_1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d1aafc3e162aedd727e8f5209914649bd62b9cdece85052014f871dd1ed0e64a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/assets/css/theme/t5/BlackBlue_v3_1.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
cf-cache-status
MISS
last-modified
Tue, 31 Jan 2023 08:55:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64309dd45135d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ocYwoDavGAzwDUELqOjoFpwOkAo%2Fi9fTK7BHbBnEcyXgLhj%2FYvO9BqBfwx5F67G7yQotU%2B9xtXVO6sf8d3kMiSgQRUxStPTFj1XvOvHQCx2%2BeNVfJIxq5obDTQ74%2B%2F3ZkgDHxJ6f"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab632f06193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
1978
icon-10.png
m.medaliemas129.xyz/assets/images/theme/5_BlackBlue/gameicon-60/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/images/theme/5_BlackBlue/gameicon-60/icon-10.png
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/assets/css/theme/t5/BlackBlue_v3_1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
213b0b6f7f5051d5842e8b8a052eb76759f8f90c84ae17e031bf1e69c36627c4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/assets/css/theme/t5/BlackBlue_v3_1.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
cf-cache-status
MISS
last-modified
Tue, 31 Jan 2023 08:55:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"fd6c9cd45135d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XAAyDx56dqtirkhX0eLDuo%2FFuXwVhi0e63wwJCgLqKfktDJaUb8EG2X6cuUGTMJfgn%2Fq9olVLz9dFFqzYb4Dg4wdxFd0i29zBZOyTBrFvGdUIPJYl485dj9kWViWsXx8mZ6o34Uf"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab632f07193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
3282
icon-1.png
m.medaliemas129.xyz/assets/images/theme/5_BlackBlue/gameicon-60/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/images/theme/5_BlackBlue/gameicon-60/icon-1.png
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/assets/css/theme/t5/BlackBlue_v3_1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
05cbaa6de8afd11c26c52fffe58d24e6d19c50495df8f76aedf34562de661419

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/assets/css/theme/t5/BlackBlue_v3_1.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
cf-cache-status
MISS
last-modified
Tue, 31 Jan 2023 08:55:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"e579bd45135d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m%2Ba7Wi1wsSbAQiulNfkeneM6IurmqCy4G6c7cPHzPgKhE6sp2xFGaVRUMnPiXmE%2BxiCWegnqjlGyi7VrDxTfsB6rQdKTon%2FBwtJNtkobcE2OpnO8bdEfCnv7Q2LVLTt9HdZH4wb0"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab632f0b193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
2661
icon-12.png
m.medaliemas129.xyz/assets/images/theme/5_BlackBlue/gameicon-60/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/images/theme/5_BlackBlue/gameicon-60/icon-12.png
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/assets/css/theme/t5/BlackBlue_v3_1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9a4587f7f7cea162351f5d65a73596e2e8e48730cc89c1c206f721eeb88ab0ce

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/assets/css/theme/t5/BlackBlue_v3_1.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
cf-cache-status
MISS
last-modified
Tue, 31 Jan 2023 08:55:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"20949cd45135d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DXvCVmXnmPLNmsGf%2FdBPEbixtjqytK4s73w0nwzhijI35DbEw4QNyp%2F%2B%2F4Y83kMRaVeiHSZLEYiUWbAIBDfBBEEwMlPljPMaKD5pyCwyjTxCF%2Ff7Em%2BeZ8F7okD8vAqyFnsszdS2"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab632f0d193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
2951
icon-2.png
m.medaliemas129.xyz/assets/images/theme/5_BlackBlue/gameicon-60/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/images/theme/5_BlackBlue/gameicon-60/icon-2.png
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/assets/css/theme/t5/BlackBlue_v3_1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2ffdc6bc70f799635a1dd76441fbc999b42596f42a91618dd898ce019e50f946

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/assets/css/theme/t5/BlackBlue_v3_1.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
cf-cache-status
MISS
last-modified
Tue, 31 Jan 2023 08:55:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2cbb9cd45135d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FERzNgS%2FeUAa5Zb1kI4818C%2FxvX1%2B5UMVP68w4NHIr5yMnUVayqTAoUkm6X1s7tYRsF4QZHzOYgRSPUnSSU5IfMSBDCdAlRbkZik2DRpJZmeWx31MSQB67odVYYyuGyD5u%2FRGk2x"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab632f10193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
2692
icon-5.png
m.medaliemas129.xyz/assets/images/theme/5_BlackBlue/gameicon-60/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/images/theme/5_BlackBlue/gameicon-60/icon-5.png
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/assets/css/theme/t5/BlackBlue_v3_1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
0531d275b84505259f11c4761f3b67eb9ddfede7dcde53444cfe84985279a7b4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/assets/css/theme/t5/BlackBlue_v3_1.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
cf-cache-status
MISS
last-modified
Tue, 31 Jan 2023 08:55:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"76579dd45135d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dQrYH4QTUA4fC%2BO3dugE1TT0OdLjy7os%2Fb0lW9LcGl7sa1vmMtVwRUF7knrzofWssICZG2W%2FpNmXPEaHeLbtJHGKulzzscXKoBml4koFy%2FuL%2ByAZAfkDuwe22jP8Ccr%2BjRr9U5i3"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab632f13193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
2422
icon-13.png
m.medaliemas129.xyz/assets/images/theme/5_BlackBlue/gameicon-60/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/images/theme/5_BlackBlue/gameicon-60/icon-13.png
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/assets/css/theme/t5/BlackBlue_v3_1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
24d547c136ff69aab168b8b2bb931ed77f263ba17cf635411fc8b84bcc2696c2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/assets/css/theme/t5/BlackBlue_v3_1.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
cf-cache-status
MISS
last-modified
Fri, 13 Oct 2023 08:40:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1e8f41f0b0fdd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BrPgOVBxgvW6p%2BJkw3W80WJcixCBFJJn86V5coAz%2Fd9WRffpwzZDn%2B1dRWOTcR%2F1JA2VP96yQ7o4q3UwyHy9bagGqdQnzSZq%2BdNuw7vJiHu5BkrcP7rJhiAfPUt8c7ryJSgHI87N"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab632f16193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
2229
icon-9.png
m.medaliemas129.xyz/assets/images/theme/5_BlackBlue/gameicon-60/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/images/theme/5_BlackBlue/gameicon-60/icon-9.png
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/assets/css/theme/t5/BlackBlue_v3_1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
cb2b5684b951967d0d60dc642ad8cebf04ef19dae61af7bdf463bf928adf1c5f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/assets/css/theme/t5/BlackBlue_v3_1.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
cf-cache-status
MISS
last-modified
Tue, 31 Jan 2023 08:55:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"9cc89ed45135d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xFKDuzhSp%2FoMnQ3tADkGds7glJzKTSVD%2BvJEGpzUfu8dP24jxg6YfSr8bDP2XqndzSetOV2QM1xXNBWnpDln5HdRs0S6QuitOigkmWYwIfDD1QDrmCjT7YtTAG%2FhROPUyRJ8KtOG"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab632f1a193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
1772
icon-7.png
m.medaliemas129.xyz/assets/images/theme/5_BlackBlue/gameicon-60/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/images/theme/5_BlackBlue/gameicon-60/icon-7.png
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/assets/css/theme/t5/BlackBlue_v3_1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
84bc67a130692ad1178fe9518a37832b81ec7a640df86b299c26c247f8f18250

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/assets/css/theme/t5/BlackBlue_v3_1.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:47 GMT
cf-cache-status
MISS
last-modified
Tue, 31 Jan 2023 08:55:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"c1169fd45135d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Wapx4OemqOuwxoXEUR5kuOqP8VvI4SytkPjuEM7D0But37h4WHG68MWvfJAq4FKtx9%2FXfixhl8YtdZtrs5lunpYdfAtnHB%2F4izPMu4u%2F2XYtTDsd5dkjNPSlULkTy%2BBBBhT%2BqsM"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab632f20193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
2174
progressivejackpotbg_hrz.gif
m.medaliemas129.xyz/assets/images/theme/5_BlackBlue/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/images/theme/5_BlackBlue/progressivejackpotbg_hrz.gif?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/assets/css/theme/t5/BlackBlue_v3_1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3ec4f4208db3f0257d648862e0377d1f7333937196a2872e8a529b3372aeac34

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/assets/css/theme/t5/BlackBlue_v3_1.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Mon, 16 Oct 2023 11:29:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2af342b240da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EP%2FkmHS5OqYsQXEpDJ2BM0PDNEayXg%2BefvpENrNetfrYQDk4wViuk37NOdTd%2FC9QK6RqbrmkdFW9GUuArcWxGGTCpot4%2Fmn1okoxfzdbRErcYwMnmzcUCx45m5Nss3w5lcpV%2BFk8"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab632f27193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
22296
glyphicons-halflings-regular.woff2
m.medaliemas129.xyz/assets/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://m.medaliemas129.xyz/assets/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/assets/css/bootstrap.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/assets/css/bootstrap.css
Origin
https://m.medaliemas129.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Tue, 16 Jun 2015 07:56:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0bd1ced9a8d01:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2V%2BjNOOFdXY9PZzAo2vXCApjTz8wEUWdEkr2kBEsA6BXCgO8U2%2Fcb9%2FjwnjGJnjJcHwDS60HJwFTC%2BTxKH4gHxVLur5uqQAPvwZVdH%2BVnvtmvLdgWbTHbaLofKKzqNMZ9pjO4Eup"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab634f37193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
18028
1160798005301842
connect.facebook.net/signals/config/ 		65 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1160798005301842?v=2.9.157&r=stable&domain=m.medaliemas129.xyz&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
367aeb7e2f6060a8cdbcff516545a1235250b404c397189610ddae2042562a5d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 10 Jun 2024 07:32:47 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=44, rtx=0, c=64, mss=1297, tbw=63516, tp=-1, tpl=-1, uplat=125, ullat=0
pragma
public
x-fb-debug
PSxrSRN7KeK12orO458gD353IoQ8jYnABpLkHHFi8ESXncre8eknXR28q7FpGZ5dXoJ5e/y/rZCySM+AkDcggg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
get_dynamic_configuration
api.livechatinc.com/v3.6/customer/action/ 		384 B
607 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=15852072&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fm.medaliemas129.xyz%2F&channel_type=code&origin=livechat&implementation_type=manual_channels&jsonp=__ta6b70sk2ni
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.103.67 Bucharest, Romania, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-103-67.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c5273ff0a5f3569bc1479b7128f4c482f6d87b57aa7dcbcbea5523a65893fca1
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://m.medaliemas129.xyz/;
X-Frame-Options allow-from https://m.medaliemas129.xyz/

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors https://m.medaliemas129.xyz/;
date
Mon, 10 Jun 2024 07:32:48 GMT
cross-origin-resource-policy
cross-origin
content-length
384
vary
Accept-Encoding
x-frame-options
allow-from https://m.medaliemas129.xyz/
content-type
application/javascript; charset=UTF-8
UpdateServerTime
m.medaliemas129.xyz/Default.aspx/ 		56 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.medaliemas129.xyz/Default.aspx/UpdateServerTime
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/assets/js/jquery-1.11.3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
601c5b925fee3fdbd22a522e4db946e51bca6de92b41b8d995c0c98a5cf50743

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json; charset=utf-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://m.medaliemas129.xyz/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0UD9KYldtQJa0fEOMB1B56ldVOvpBwrABQXWVQVPn5zlxCHS2fcD4ja9d4sf6spdiT8s21jSNZV%2BGeSAu9ptJ%2BT3oA8ibVkokK%2FDjRt4V1teBXewLW4qWFnngrfqSgvWzPh5n515"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
cf-ray
8917ab676c3d193b-FRA
alt-svc
h3=":443"; ma=86400
UpdateJackpot
m.medaliemas129.xyz/Default.aspx/ 		56 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.medaliemas129.xyz/Default.aspx/UpdateJackpot
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/assets/js/jquery-1.11.3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
108b5fe6f539af2450c82ba0b35f0472b23ea7f20cd0e5b939c9cf5daf492d0d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json; charset=utf-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://m.medaliemas129.xyz/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=meH0zH%2FVr%2BQUpBdcxQBaBFn4EhtqhW8ZbwMQuBeotMQzE77oDPeswJhy4HtO7eoyXmL708nyV2%2FAkyV%2BlM5xOoYdFqXaab5wW5N8VeR0Id35n5zbhIAjaXQIdcGO43K3Xdc9YgXU"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
cf-ray
8917ab67eccf193b-FRA
alt-svc
h3=":443"; ma=86400
6-Togel.png
m.medaliemas129.xyz/assets/brand/game/2/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/6-Togel.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
68a53fd0b812aaa1897a491b7570ceffe30f23308a8f6ec07efb259aadec1f68

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Mon, 22 Aug 2022 01:22:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"05829b5c5b5d81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BP1bGPAhz8ujFGHdOnxWpupAnVDFNOksWcOgYvTOfwXoqPeREzNV1G%2BIqQ6zagD7gOyaVqG%2BuqMSt4BLGLZvojPXChgmC5mxJeEmSwVlwhiePfGsXIkRj7wInymujx2imaqVO1aY"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab67ecd1193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
8983
3-PragmaticPlay.png
m.medaliemas129.xyz/assets/brand/game/2/ 		158 KB
159 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/3-PragmaticPlay.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b76092f0e5680d696107fcea0894014fa42c7887036776895cb23a7fba553252

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Wed, 24 Apr 2024 08:35:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5b03a582296da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qr%2B0LLU5yX%2FtxqgjE%2Fke51nxp6952xKtOJ5wqfhwKVPStdWEL%2FlGcm%2BjoPcIphTq%2FZe%2F0xOhXxaiVs7sVP88Kojsn8YuEtypRjk5WURoDE2eQI676xLLeMioItRgx9IvjACq3kjA"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab67ecd5193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
162181
3-Habanero.png
m.medaliemas129.xyz/assets/brand/game/2/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/3-Habanero.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
021c35050873b42751f8977b9c5fadb3122a37b925b8dd26a764414366c7aac7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Thu, 30 Jun 2022 14:13:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0b69b9d8b8cd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WWT4Na9ieOEvEgjIGs4r0jGpEyNHg3dZRKjXKwGz%2FwU0U36cPO%2FVWxECzUuSSC7tI1ZtvIXdU2toH5dFC8sXp1VgC95JMn7VDqyzKs%2Ft1IyTFSwbxG%2BR%2FnfK0ckHYfUEof%2FzR0Nv"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab67ecda193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
6894
3-PGSoft.png
m.medaliemas129.xyz/assets/brand/game/2/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/3-PGSoft.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
96e84a20ecbe9ca46964d9c35b7e6ee7b178f7c5c09c151068d893056756792d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Thu, 30 Jun 2022 14:13:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0b69b9d8b8cd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=imHgz2i%2BrcIyQHoli%2F0k2Dwuwt%2BhmT%2FF9DZgGQkfxUknG08g9KKAzQAFE1n9xDAaH6NlIUjyJv3Ot3FXhYQoxBmuHvYEW4dB3qUxVHZOvhP40c9AZsFJ%2FjXVVxfccnSdMdinuyC1"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab67fcdd193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
8898
3-Joker.png
m.medaliemas129.xyz/assets/brand/game/2/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/3-Joker.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
854a590e2fb238f0ff31da2e959062c59f1176a11b1d27ad70fe919af518e9b0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Thu, 30 Jun 2022 14:13:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0b69b9d8b8cd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nD%2FkuAYhjcNSZ8etfAwIHIqi4Lj%2BA9lsayxOjT9L7WhQwyKsQ1bSpK1sc3L2YYNhretzywRpJ1vJ7IeM23UhnoItDdB05Q0Dvmnx%2BMPitSIF%2BMj%2Bi4rT7zzLIfRFqy1hM%2Fc%2Fntnu"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab67fce1193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
9116
3-PlayStar.png
m.medaliemas129.xyz/assets/brand/game/2/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/3-PlayStar.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
55ab8959fdde6e1cd4f851ab6c5efacedffd56a8982c35f0eb66ccd762c4ccbf

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Mon, 04 Mar 2024 05:19:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5f32396f36dda1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ae0JcMWnNoeexdxixrDj7fZ6oSZnc0a82FjUl9Q68Ku9scJ1m7XJh8KzXNw3eR7NFLFBeGBCA43yeZoGT%2BUwMZluOMwyIl%2FZk0dnOZr6HGarWkoDvCh%2F1quL4AfNgSCZo2a%2BV1xV"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab67fce5193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
8450
3-SpadeGaming.png
m.medaliemas129.xyz/assets/brand/game/2/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/3-SpadeGaming.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b13313b2c5036841a9dab0c8553aef324a12a68819e0aec110626b3820500721

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Thu, 30 Jun 2022 14:18:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0e73a4f8c8cd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2QZCYBGaS44InDt6424PaEAi%2BAoAE%2FKH6fZSWEm7FG0ddogkI5FaN0URgTr%2Fq64GYotvoHRL5mtB4gBzR7taJje%2BY0JeF6Xg3zVKa6YCTbDEljVGf5mlD08tVWqSycudx1iOC95e"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab67fce6193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
9857
3-FastSpin.png
m.medaliemas129.xyz/assets/brand/game/2/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/3-FastSpin.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7a8745f88cbec95be9f40e95f5753bde29cb69abaf05e379be22d6112f3607c9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Mon, 08 May 2023 18:48:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"09fc2a9dd81d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IDfvm66SCM6gBbIH4wpnwOB98aC2Tt%2FO1IPrd7RUuCZqAp0%2BWuyoIrovhdgibaYUTgQQLKZDonw8tXBXaf2buroOgDVcmL3j5nbNiBAobQFblQu0Hmu64sWiHJ5lmrJ54oAbM82y"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab67fce8193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
8647
3-NLC.png
m.medaliemas129.xyz/assets/brand/game/2/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/3-NLC.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bb7b92cc1ce48b47d48c6a51356e01b221346d4bd30986eae7e98cbbe6ab167b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Wed, 09 Aug 2023 09:01:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"42717f14a0cad91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KU4iBfbdWlZ8Ba6l%2FIiVrIKD3o%2B3Kl6ObzeUKRe9czQiJLV4kKnq6fEtT15cJ4U8Ya%2BN02uHgxMd7tIRjGqHJvqkcSL%2FJN5It8Mj8WGaVHgfYDayU5iKvvRre72uN%2FpCUD1QmBL1"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab67fcec193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
8796
3-Dodo.png
m.medaliemas129.xyz/assets/brand/game/2/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/3-Dodo.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
55a4af782c29dd2f60a39fe1cd0adecb5b61da529e304a48e6bd67dc92107b44

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Wed, 19 Jul 2023 04:47:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2e22832afcb9d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fCDqZW4e9VldHGWqayhMNqKvix%2FMbqTxs3DU%2B6MzPJPmZP%2FPMybLomJxdO61SZ6H4%2B0KPdG9MVDUUbgrlogsAQax%2BaTdTZbZywQpRxSrOwkwCPvFkWEYyZjtowmOMhXCsQ4fHQMS"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab67fcf3193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
9574
3-CQ9.png
m.medaliemas129.xyz/assets/brand/game/2/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/3-CQ9.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d30f8587ce68c5be29ffb5007bcaf7c8c00a635d0f0bd4148e3b992e3819c9be

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Thu, 30 Jun 2022 14:06:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"05694928a8cd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ph928%2F8FYlHFE3%2BjvbFiec7xukYUq4lAN32MM%2Bwv%2FPMS9yLkHlBO5sWCqL922FSg%2FzUd7G%2BE71%2BNa00X6KzeQ%2B9o1mfr8ObpLAufEP2w8lHaB%2BzQHyIIzdmv1tVQYZSSt3oryMs7"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab67fcf4193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
10167
3-Hacksaw.png
m.medaliemas129.xyz/assets/brand/game/2/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/3-Hacksaw.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d5e130277cc112fe65239d8816ebf3aa1de5f2ece2117598acca6117ecb89446

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Dec 2023 00:00:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0d9269cd732da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BLogX6YWHK9KuaXnxt9iGT5vBOp1orn5QrEPedAjByBh%2FEeX%2BsALfsjAc7Ia12Uo9tIIdSG28AXpG0qJr63jkFrUyDrPhXxyP19cI5U6JTHh6rnFZgdLEJZ4414MWt5H3iCzdti2"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab67fcf5193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
9376
3-KAGaming.png
m.medaliemas129.xyz/assets/brand/game/2/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/3-KAGaming.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
59c83d0944775926d022d86867516abd9c89ba0f1d6d077d6ed09925274fe987

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Thu, 30 Jun 2022 14:13:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0b69b9d8b8cd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TPLNXD%2B8O6QYBwLQNQxWc2xYmmSumoIPfR2slWXB1ZTWCRfqvqc53AHJiPbM316e2JnSxNBBtxiglIPxZTeK5J082VQlXkhSu3J8vpowiIVXBwoXU9gmd%2FZuPCItfDphEURireiI"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab67fcf8193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
9119
3-OneGame.png
m.medaliemas129.xyz/assets/brand/game/2/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/3-OneGame.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b9ee132a1d9b9ac2ff5a6c89656165a7528d0204f9166901a84b55d5647b3795

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Thu, 30 Jun 2022 14:13:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0b69b9d8b8cd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PlD%2B74vfVQb3KAK6OoOIumwyEhyr3hiQc6gU2P7yy%2FeDvZfcagbWkyk8jp%2B31BALVYqON9lbZqyAumphbviMhv%2BtTii8GTQx8ss2yZewk6q9sGcgVNBZqsBOcKZyQVVQBpkPrm9A"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab680d01193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
9253
3-Spinix.png
m.medaliemas129.xyz/assets/brand/game/2/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/3-Spinix.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bde71d92224252bf0c45476f6b2075331a7a34d90a1e4d42628fcfa0f5f30f68

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Tue, 05 Sep 2023 07:07:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"44739a1c7dfd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iBzCLvC7eYRUmyqase1ITScGbwJNFebUas854AZ8ItqYFMxbhGjWTEwwdMgjFVR14KnAiVBh0elNJ2kvWD7Avmo0Gx%2FOw3sxFzWmDA8%2FgECLNovZHib2sIibgSNmr4xDKnR0oAuT"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab680d05193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
9640
3-JILI.png
m.medaliemas129.xyz/assets/brand/game/2/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/3-JILI.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e2970c7519ed3e9d36cd147b261e3e3d7ad1a69c02fec298f761fcb28add0d8d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Mon, 08 May 2023 18:48:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"09fc2a9dd81d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fvLXSmjtZB3449%2Fa3EiSpc0XGuwZFJoZfTx5SpVniqiEPiygicCO4G1ddNdw2PmQcoFmRhPthu8WW8P1s%2BCLHUpz16yuoJKId3d1lR8skuSiPHYFcZKWKt5J2oXq5lmRbFsyXmK2"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab681d0a193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
10896
3-JDB.png
m.medaliemas129.xyz/assets/brand/game/2/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/3-JDB.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
73660b0db7ce4861fc50bad3bb764c48940443a89291f8c43e477ff5ce65683d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Thu, 30 Jun 2022 14:13:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0b69b9d8b8cd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZzZVd0sHMnRAmMxqh0i7mqUbDJRF%2FnM%2FaV3%2FVgcFKjdQjoQL9AlnZST2%2FXNm3oZEG7lT1qT8h6a6G5Mp3EDEbUZgFIKCGPfz0Q%2FmJo2ccV%2Bndpnay8Sunb50qIJJubh636Nc0KL9"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab681d0b193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
9211
3-LGD.png
m.medaliemas129.xyz/assets/brand/game/2/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/3-LGD.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c10796463a4abe0615cd2e33e354669713a52ce9338080e75ea81088cb20fa49

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Tue, 06 Sep 2022 09:00:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"04a419cfc1d81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I7vYM5Vs6xm6ipg%2BXAciO8ZPpENMGppwCjv4bEiz5o2rN1sx%2B5JEwOUcOZ%2Fbg9zS6UT8gcAqbSuZkoMZ%2Fut4DIyKHr3dRVXdZSWeyIo6eDeeBDmhfN7jp3ViRL46dOzWlWkSNsOb"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab682d21193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
8385
3-Ameba.png
m.medaliemas129.xyz/assets/brand/game/2/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/3-Ameba.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bc076fbb451112aabf6805c88d0ca0f12c51f0ca20f9b70f515553dd2829f290

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Thu, 30 Jun 2022 14:06:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"02963918a8cd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jhs8RGJPE5C9JWH3Gbpf3VlkwueMzYfRcst0n1B5bYiY6QSPUBQ%2FIxjIkzyUicE6RdNV72svQ1XXYmw5dkrC6G%2FUXwhWKL41hD4dhsXbYuJnCH5EUR1%2BxNiSA9%2F7alDMrI6ht8tk"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab682d29193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
8830
3-Microgaming.png
m.medaliemas129.xyz/assets/brand/game/2/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/3-Microgaming.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
461f186c311f1addebba39a02b66158123933ed2d8e336fcb782387d04d24876

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Thu, 30 Jun 2022 14:13:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0b69b9d8b8cd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MS7c4jcKW2DWrfTmfTs5FB5cqJG7S0g%2FAIftgtsUtEu%2Bv95BfNh4ZFpxtg3M39PeN0WmuM3IbnAEqf9YPsXVVAKk0WvYmEl%2BxIiOzu5kycTOQeV3rkrhnp3GVlhgENN1zeT%2FNYyL"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab683d43193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
8136
3-BP.png
m.medaliemas129.xyz/assets/brand/game/2/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/3-BP.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
83eeb64fb84b8d24a3eea1c7d422528b827de083ca5c66c094bd0d7b5221230c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Thu, 29 Sep 2022 07:50:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0b83518d8d3d81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x9uDdBrkCWys69qTSgPIOFD77RQtcAoMiOofIG%2BiwJsnLpr%2BH3n1dXI0TIayNITFgyeN9EcywDdTDkcIm%2FTlny3C5pSeSKlPrD3GQoMX9btcgwBUawcMBMJxAlnZVOCvb7ZiGejf"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab683d45193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
7742
10-SV388.png
m.medaliemas129.xyz/assets/brand/game/2/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/10-SV388.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b76320cbd5bf9e2b719d894eb549a59cc5f4b5ea9464b35437825535064ae9c9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Thu, 30 Jun 2022 14:20:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0b1d58a8c8cd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m7zWCM36O1TBGmuxUggSnYYdvqD1A5TUAsIioZcoW6hwMJ6vYfvp90TWomgPjFyj3JV2yfX6OKg0Qtv35b3kROEN7shvWtQkUkRbIKksQZ0C9I0oztryNOZQsJwhwebLpm%2BEUIO3"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab683d48193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
9396
1-SBO.png
m.medaliemas129.xyz/assets/brand/game/2/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/1-SBO.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c6bfa0da728b89a28cecec7e56cbea62e20b9ba963a05095183a2720890531c6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Sun, 08 Jan 2023 19:12:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"07bba1d9523d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M57hWOt4AtgHqBjPThzy2%2FAOHB3HdalNKaVlLrg8jVaRFTBdhsf%2FaBSty8BLVuuTu%2FmbfNzRmsN99Zjgn8WuTL1W2KySuzn5YTB04vjc1%2BXAyesi%2BDoEj6cuivjwX9FGSb%2Bnu3Z3"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab683d49193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
9542
1-CMD.png
m.medaliemas129.xyz/assets/brand/game/2/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/1-CMD.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
aa846a72dd1eda2979a83db72b57d8ea97163e838f33f156ea73c65fbee76477

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Sun, 08 Jan 2023 19:12:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"07bba1d9523d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kWOkaS05ETxalLWz%2BrYZIMWo4vcK5qdSJMgiZsvbNxyuvK5PthRmWjLd9nPNfwkPH4J%2FW%2Fd0rm1Wed0BHcAYVqdpth7uTEebZQvUjMwvIVTrzuSXYNeiX64tZXPMiAlNLMsBrm8i"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab683d4a193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
9371
1-Saba.png
m.medaliemas129.xyz/assets/brand/game/2/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/1-Saba.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b5dacb4036b8b147cf6007dc43e87053dc625b544e3e53627279f1af6a06bed9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Sun, 08 Jan 2023 19:12:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"07bba1d9523d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PK68ULQdNQscDZ%2Bd1zKY6zqf%2BqEc9Pxz9mM8dPOzZV63Pv7cnlMYioQtQ3EmBETpa%2B6WnPdxAT1QrQFJePUMWmXRQybVjQvowkW8959h6BjeG4fTlWUVwvni8nJbL7NYGeENx0e%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab683d4c193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
8078
11-TFGaming.png
m.medaliemas129.xyz/assets/brand/game/2/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/11-TFGaming.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
23a64297e5e9ebbd299311a75c4d9f6f14d09f5e07af6f0830bc9240b7ca1aa4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Thu, 30 Jun 2022 14:20:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0b1d58a8c8cd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fEjfvhDNghbZ5xpiZ21SQ6IPbrixDkTK85IEF55JyN%2FFeYdITxLVuyKURnyULIgWhKvFEd18%2FC0XxrkdGYL3sz8nFS9Ahh%2FvhwfFPfX8R4SjU8n5Ha0ODxiW4U5ad1DL95UZ6CLK"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab683d4f193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
11009
2-PragmaticPlay.png
m.medaliemas129.xyz/assets/brand/game/2/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/2-PragmaticPlay.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
908134991fd6bd2dc68181c491f513bfa817bab67bfcd40ba4a322dc25ffc545

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Wed, 24 Apr 2024 08:35:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"623134582296da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s5P5u24wLaQEQgDcZlhPd%2B1lPj4ezCwv1RFh%2F2BEt5pEClohtIwH77QLCeSqo5GBKi97%2BT2p2qgpKPqaMdPoSr7dsInBMdVdB31DxxA0agZhO9Po3buOUWsIEsWbFkiB4mCOFHsZ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab683d52193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
7240
2-Trillion.png
m.medaliemas129.xyz/assets/brand/game/2/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/2-Trillion.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
09c3dcae1d69fb8829e3d3386984da6c780289c94e19dcb340d0a2893757ff94

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Thu, 30 Jun 2022 14:06:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"02963918a8cd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T769viTRm1DeUb6G72vwvd%2Fsxn0gyjAJKveX9xd208rGtzB3dZaTh4TTgV%2Fbd4Ix04SXNvJgLMjrTnI31z9OY0FmSRSWl%2FCV8FaGkPPRtiXPDIDDdA20wJseOKZPq%2BBF6Y%2BBAB78"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab683d53193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
8525
2-Miki.png
m.medaliemas129.xyz/assets/brand/game/2/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/2-Miki.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c7d0d04acfc50c1965d6ff8c8bb968a0c833b6caee551b7442ebbb767c630f44

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Mon, 10 Jul 2023 01:37:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0b7451ecfb2d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B%2FS30ywlgWQ%2FGe0xpg%2BFB86xAA0UcOnkyLHtUXBdL%2Fd1Xr0asWZB4hhoQohbGDT%2FQ6gK%2F1ZXFfURmgiChFTuN5xTDHCvvG4RSncOklejsGs8ZTOarIH70e%2FoKjLcS6rbyKe38%2BSA"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab683d55193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
8668
2-WE.png
m.medaliemas129.xyz/assets/brand/game/2/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/2-WE.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f10d3609b2eb81a4f3f768c6b0aac774ec82b813729ba5879ba39e8689cad221

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Thu, 01 Jun 2023 09:12:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"dfb77a226994d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eQcisJsxhAQ9o4EWtywxyJgJtoIxVBk73CAeRIvn%2Bw4AYulYq4ntv9r6H7AsSm1WB7foLUmBI7jNt0sVSKvXtCSK8HN3%2FywsxMOXKhsLjckrqR84RuSlrDZ8KWeJqN60%2FPinOiiN"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab683d58193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
8499
2-AESexy.png
m.medaliemas129.xyz/assets/brand/game/2/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/2-AESexy.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
0b88efcc2322c63f57f6b35f2ec6e3192e0b97a7efdb1cc5a0fb61093bf8df70

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Thu, 30 Jun 2022 14:06:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"02963918a8cd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pl1UrgGJHCeoNZt2I2P7N2WEpUFNVBr3dqybx32tj9DTMue8QRka3dfgqRk1jXNnRfpjotkjyuavZOIKVH7E9kAv%2Fy8TylrtR0nPi4lYifZhbeSRiSMgfdaPSeuOH25q7C1hu0NJ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab683d5b193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
9010
2-SA.png
m.medaliemas129.xyz/assets/brand/game/2/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/2-SA.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b2141d841ce0842b6c4e011342a6302b67fb81b3b518b6fdca39d5c2ac8bcf4e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 08:41:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"02cb480149cd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yrLsuAez1IaUqDAre4%2FefmCdSZBwPHkU5BvOhTSbfR4HWl9eefmiCk9K%2F%2FzOAAsvFi2ivYvS%2BomCw%2BAEt3n73LyttOF1GZ7FjQoMR1GJ4%2BG3VqqbNz%2BJmwCJXNgU63LrzZveMb1I"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab683d5c193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
8055
2-WM.png
m.medaliemas129.xyz/assets/brand/game/2/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/2-WM.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a8db8f36ed606cc178c5970ec66ddd84a5372c8ab582793aaf597114c06d60b2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Thu, 30 Jun 2022 14:06:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"02963918a8cd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QO7SXdwSG6SfFEZeVQYDXFkDKtIRWzlCDfk7aeS1ahG9O9yp9%2F2zl8sRRVvZRWHr5%2B%2Fw1GcRzyAeTfW3FDTc32498lCvCxO9yrk0XpqRLXUcg5MZBsuZTwgHJ36tR50NJ%2BJdhR9a"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab683d5f193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
8150
2-DreamGaming.png
m.medaliemas129.xyz/assets/brand/game/2/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/2-DreamGaming.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4431100d6d667bc5108349ae38c7a5270795d1bbf7349b13a85157c66c9325e4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Thu, 30 Jun 2022 14:06:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"02963918a8cd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kpj6xBzVgG0eUgiNh6%2BhKgnU5RNt%2F9qnb727ffJPWlEVeiaVbFXqmQuNLDNdbzCv7Qjyk49m8bgnNUJoMkaXmAhVRMfogiYLZbvr0TG8LcmvkTSCU%2FA0GimKwHzdjCEfuI7kMkw8"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab684d67193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
8892
2-LG88.png
m.medaliemas129.xyz/assets/brand/game/2/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/2-LG88.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d5e00fe09f76015751057801b3df73c2a201da5d0cb768c46af523611b8cf4ee

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Thu, 30 Jun 2022 14:06:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"02963918a8cd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0AuaJcNVoS0kysvkKqDOiJGBomIpVlGVKQ6m9rN1pBDhoddIVUkjrve6Sy%2FgTJCXrEmg4iIL%2Bgy2C%2FBd5xjoSPDIEHwqRNY4zKCbVCVZ12Iv%2FmC7589KIS5FCjWoaM%2BHUr1zi9Ei"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab685d79193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
10149
2-OG.png
m.medaliemas129.xyz/assets/brand/game/2/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/2-OG.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6eb28791ecbb1b58eb914203e71e7d921b67508991ab632b9ca742eb2aa27804

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Mon, 11 Mar 2024 04:31:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1b1b4fa6c73da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XhH0AqORTZfGbIJO2ftwVf8kOko5%2Fo4tZqnYePge1AdPVbdt2ISDFRo5zYGhuaLUvs5FI63uDnILRoDzcn3%2BiM3q8VVwyhx7fmXOlyijWrhmafVGfRIMFsxw7ZyKaU9CuurGusgm"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab686d89193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
7919
4-Joker.png
m.medaliemas129.xyz/assets/brand/game/2/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/4-Joker.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2a4afbacde4c93f60eff6b506753ceb37df52156e8271221bad488c9512c6d68

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Thu, 30 Jun 2022 14:18:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0e73a4f8c8cd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uq%2B1DQLQ7ms0veowv09lN1GQ0Guw4o2W%2BazOJ0CmhpahKri9nN5KBvxCXqI%2BFIvY7usY8yzfgdnPr1Ncv0H5tvvHCOan3qnBX4lT%2F2MYMKJbF3cjvwTe1q%2B8MyAYgKgFoZCIj8sx"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab687d97193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
8810
4-PlayStar.png
m.medaliemas129.xyz/assets/brand/game/2/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/4-PlayStar.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
10092c96d9fb86557fad2abb3216859d407e55565e2492ac9377acd3b34af383

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Sat, 29 Jul 2023 09:49:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"4b1addf71c2d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rTasVYCUvkit8y6Hdl%2F2VCyBc2vyOE7uYF1T%2B734GbIhH9Xyq4rgm6yfjDZwBXp57RpIEl8s3H%2BZQWAzRvZufMeyv59se1e1QZD6AF%2B%2BYmcKVOcTK6JO6um3buY%2FaGZUZhmdjR0e"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab687da2193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
8829
4-SpadeGaming.png
m.medaliemas129.xyz/assets/brand/game/2/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/4-SpadeGaming.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9ee594069e225adb92b9353f09c656a91e9a81e8d9c99b858b2250e8fb0c3790

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Thu, 30 Jun 2022 14:18:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0e73a4f8c8cd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bw%2FBpowbxpJoJpiPxswz%2FVthuArSNN8kM4MjuhXGCoaJEot4h7eYLwAB%2BGCZ0%2F1dLnOR%2FvFTAtyfMe1oaKPV83XQaRwroTDvc6LeqcEQ8WemVwR2XsmuszqzDanUncAuq6Mh0sqg"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab688dab193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
8136
4-FastSpin.png
m.medaliemas129.xyz/assets/brand/game/2/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/4-FastSpin.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3b29d871abe0f72db5c17c01ee88e6b69f1c5be608122966c2aed0cb6ff22f90

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Thu, 22 Feb 2024 02:17:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"4480aa493565da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xyO9Fst3puDO1yhFdrhw97Ud%2FCp6K266SMPHNOlDR3YOHKp7Hp3FnKERcFXlYWE1eq946KQ5sdX4W5U1Uvn5WB9pLm9MxrZDirNbFvSTBltNiJ4k%2FwHTTEMLwy0auGmPWr4W3Y2T"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab689dc3193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
8917
4-CQ9.png
m.medaliemas129.xyz/assets/brand/game/2/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/4-CQ9.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
fb83edf2b9029c7a2525f7b1728344cecc0db7e5aa6e45c693192329e2a16c34

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Thu, 30 Jun 2022 14:18:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0e73a4f8c8cd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oKEQIdxqzlkCBn9RZa4lGywfyKFKTQz4hk7t1F1PCyfU37%2Fx7vIRmAYvbiSjlZvxENISGfti2n3fIdfl7wJC19zr7Lof7Xu7CQCAqsElD1TMEuM5I%2FFvAzOt09AaIDhWA%2FLtzqm6"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68adda193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
8548
4-KAGaming.png
m.medaliemas129.xyz/assets/brand/game/2/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/4-KAGaming.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e6d8523b4b5333437937105088c319904d569ff61fd8440d8b2dc8f585996da3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Thu, 30 Jun 2022 14:18:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0e73a4f8c8cd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q1dIqbM2r4etiR%2FHbZtoBc9Yh9JfmcwDNN83xO31jL7tRerk24u6O%2BqO8zBCdgsi%2BAxu%2F4RK9Wmk2iLjbcn%2BOs0UqkKDRws9QS%2BmibrTbWwBrIxo4LxE3RzLysJ%2FNGbjo1oRYbVu"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68bdf4193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
7933
4-Spinix.png
m.medaliemas129.xyz/assets/brand/game/2/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/4-Spinix.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
aa2bc1a8315d97e330636852d79535437e78d10e7721a84951bdcf96506f0427

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Tue, 05 Sep 2023 07:07:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"30423ca1c7dfd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s2w%2FClXGGfyitGc6ylaTlZpuk3EFJeRwPW40wGhgaHy8R41jdAFkoBPM4ecLebgLbU29OLZsYAXmKgVD45%2FPlmBErz1kyZylaBZCKJEBJV7BYUsevWl%2FcASC%2FTrvke6uqrbmtmRs"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68bdf7193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
8508
4-JILI.png
m.medaliemas129.xyz/assets/brand/game/2/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/4-JILI.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f516021a091bbbf0572bed1454922588c9a27f5be53654286f7b95b2ba3e0997

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Mon, 08 May 2023 18:48:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"09fc2a9dd81d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K9Ckk9fCOMSX58fGMct1ssPJjCYzlIoqSiu5vIRbY9kXgB%2Fq%2FJFzB05xo%2FdBrJ%2BC8jHqR4sulyoms%2BMKFI8bECISNfO%2Fbf4wpNjH1V6rxqwcQgCm3NCmOFH5QmHza8DpUyDLoORd"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68bdfa193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
9487
4-JDB.png
m.medaliemas129.xyz/assets/brand/game/2/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/4-JDB.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
0c82b8b578751bdc7437b70969881522573656a13bf55852f91f4caccd128723

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Thu, 30 Jun 2022 14:18:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0e73a4f8c8cd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wfxYhB9sgU1ZIYRQTI3Lj2wbcUFHY1uXGLQUYB6dNanPxQdZuoFIilxREJ%2FSe5zny6CK%2F5IFoIC%2BV6tuV7huWq%2BGWuQzsLWJeXHbgValR9f3oecttNSSyEuPmzrh%2FC74WS%2BBxHwR"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68bdfc193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
8018
13-PragmaticPlay.png
m.medaliemas129.xyz/assets/brand/game/2/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/13-PragmaticPlay.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2f8736b28405e66db58eb4a2218ffaca2827a438aa9fb743dc73aa7b295f9097

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Wed, 24 Apr 2024 08:35:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"12a82e582296da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CRgQgk9OkrMS1S2mD%2BUFuWhQVoQpst2m4qqkQzL%2BGQrMWExEI9vchMkUcK6tpdoHYmDAOlnf7Ula3ZYpeQqs2ORGzHZAZU1RtfbmkdgJ4Sl3L%2BdBM9J73Q2YWrVWbuYdnka5x5Hk"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68bdfd193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
7119
13-Joker.png
m.medaliemas129.xyz/assets/brand/game/2/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/13-Joker.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f5a8df63979fbc0d5d5981c8c69c01f8ddee0d7986d1dd9036d283453c794faf

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Mon, 16 Oct 2023 02:11:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"c51babad6ffd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Qx4uPdYbE8Dq17Geod7IQU4RgNyT8r4xA8UgM1eRS01bGyGM%2FKm7WjPxF5yFREAAepQ3imcs4i3RIcd9VQMP1T%2FDzCUfJ2vWMjGDNPRGKOaV8cT%2B5tBeQPefkRO8nz9FWKcKNtZ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68bdff193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
6473
13-Spinix.png
m.medaliemas129.xyz/assets/brand/game/2/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/13-Spinix.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
0c65ce6b4e238f1a0e59fe7e3e2478985446a28761cb1531126363729f719bed

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Mon, 16 Oct 2023 02:11:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"517b3ad6ffd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ez9OHStdxzOA0wy9NACqbRi93qdKqVN5GH00sfKRRj1mQgNTHbFBIj1r5Xk2fOFg84WdooUNY3MHJrYDIdm%2FFviBl9V8%2FJbR3Dbf3c80zMxNejVGPX6qGvtaanMGxa%2F1kEgv13SX"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68be01193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
9657
13-JILI.png
m.medaliemas129.xyz/assets/brand/game/2/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/13-JILI.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
11d123e5ca69cfab421e0c3bf970a8c1fa2b316c740f87832cabae9c92535acd

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Mon, 16 Oct 2023 02:11:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"247ca8ad6ffd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mp3oAgxTXUBvcTRffsnXwZdShPv%2Fv%2BgsdzIbmeELStZKHo7pspoxfC4zMKk5oKN3xhUXtmUBRb4tlV7LedMotV0hQd5UrDujmPdop71QeRlb%2FbPAFTJO5v%2BfGwOdbRkH6bR%2FHB5n"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68be02193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
6230
13-Microgaming.png
m.medaliemas129.xyz/assets/brand/game/2/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/13-Microgaming.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1b9b3fe648e389e0cc33f8a212ab6aad907755afec2d36d9ab3bf1556c4ec686

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Mon, 16 Oct 2023 02:11:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3caeadad6ffd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nIf0kEkOMqSyW%2BlijCEUiSi77N5mkzXSVKJm8t8SfNH%2BMKBktKYQuU%2BWJbVK0UCoA0rqMiPHVrQpvnfeJyB%2Bm2lVLmaoswMxoV840%2Bj0kQg5DgdYqVViWso2cZxSD6APgkbfoT0E"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68be04193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
7370
9-Poker.png
m.medaliemas129.xyz/assets/brand/game/2/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/9-Poker.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f5b8eefd87e98a36f343177e9dbd1a5291c96448ec17b2b0d205b94a7b64eda1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Mon, 22 Aug 2022 01:22:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"05829b5c5b5d81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gclBZVmCSaCIESCz%2FZYZElSsMk5bdSCSlLQr7fPhXAWKBlz6oRjVnYAuceZ8vxO9hoTEfNO%2BS17xHd6%2FK8Ljil4Qr5zRtORsJKFuzgMSv8MbhncKof52k8UEs9VB0Kgs%2BOEJQXni"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68be05193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
8195
7-KingMidas.png
m.medaliemas129.xyz/assets/brand/game/2/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/7-KingMidas.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e7dc1ca673727c6ad3e2b7a31b1e6de379bf1960ed8a86e603327e5c9d3701ab

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Wed, 31 Jan 2024 02:03:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3dfa40b4e953da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zGKu2tjepRXikcoXIbCk7ET6UQCHw6Pa2wGrP82Yw7YHTLmkTiGXHbLvbY19GjICgynL1fJmNKGnQUYFFYTd6%2F3gu67tWyR%2FWKmg4V8Rhr5V51tdxTdaFfr5bLv%2FQTHElGja0EZt"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68be09193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
9466
7-Miki.png
m.medaliemas129.xyz/assets/brand/game/2/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/7-Miki.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3abe2865ec2d6652901785dac07268714a43dd21f864fd8fdd4cd1c794375ab4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Mon, 10 Jul 2023 05:09:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0c1aaaecb2d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jo7VH0euQFy2zX17EQpp7jRsT6RK3pkD9g7dSTz1jIMnT9fmMGJYF5Ib7zOBl1JmbthcuJFEu5%2BTQiLQX8WOk6Iht0fFxDMmSo5MLqBpafIm%2BywjNa4kr4YmMilPNR9Hv4AlYIi%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68be0a193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
8720
7-JILI.png
m.medaliemas129.xyz/assets/brand/game/2/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/game/2/7-JILI.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
fa955b794555470ce039ea1d4136692d3613a82fbe49fbd629933941aaaf8b40

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Mon, 08 May 2023 18:48:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"09fc2a9dd81d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PRKgwhUusZ7UiogGAlUXgM2s4LwfR%2FqWfJMHk0eHinTzNij2pMpSlOxIIcT40yfPmdqcxZBuvhDuNzlTvqUA0R5BbW0foyeaaFgNmuAU1%2BJVNfQb4RF8PaOLaTTXxkJRCBo4Khvi"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68be0b193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
8634
6-Togel.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		998 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/6-Togel.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2241253dd5fe4be1d501192c3446ee3cd4bab32f284ef5d6236c57852d94e82d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Mon, 22 Aug 2022 01:05:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"05b8b3ec3b5d81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mVU2exJTTf%2FekYOdBys9HujIMffyisH7xfYA3InYw1s9Mws4yK918bcODScKpXpECpnkRFQiq6uYcFerwpxVYNm7zYEOzof2Yy8Kg%2F5EFx0JJxCdg23EZllGcxoGwUKS6%2FMNy2BT"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68be0c193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
998
3-PragmaticPlay.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		546 B
1017 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/3-PragmaticPlay.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
284abe87d87cb780493410d10d66d7781291e37424ce86e73a4c314990e6f394

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Wed, 24 Apr 2024 08:35:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"59f080592296da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RaB37nknSiVYA59GbljLSePZUZOm7YGfqJAiB4nrtR4YGn%2B44128stlj7yC8B1uHxymkllggZKxIFw16b65omogOZ6TYSeTwzqYsVW2ww%2B%2BO5SYlFxmVE0HYA7q2q0e%2FdpJBGqDT"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68be0e193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
546
3-Habanero.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/3-Habanero.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e1eff54b06bc14ca8b9100bd9e0cd041f423cc2237371cea412aed2e21e7a0c4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Tue, 09 Feb 2021 11:06:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7b79f08fd3fed61:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OketusAr%2BzaPfNfyCZSSe44XZWWvS%2FCkS3BmondirKRuW%2BxDZq34As3%2BTGWhG7t6TtINj6CqIC4n%2FgsVXhGFN8bMh0e12E6s3fM%2FmXyq3N9nr0XMJP4tO1e1yd6ANcOduWX7IIQL"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68be0f193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
1300
3-PGSoft.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		966 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/3-PGSoft.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
08e34a7d8a96021e44a631c5b836c50fb894ada9b8b18565686cbab045e2c976

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Tue, 09 Feb 2021 11:06:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"e7eaf28fd3fed61:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yQjBFKja%2BJVhTqHINFH3a7wb1N2JJVR6EAxjoYcXSPPhuvKuWpGrWl4SZVnKsOjTLDWFO428E2NDZXSDVdepVZRdRuC0Wjk1bL%2F1BYNXyYNIoyaDLgGeM9uiWpGAtQwFW0XrbKrq"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68be11193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
966
3-Joker.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/3-Joker.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
80a2efdd3ab588c91f0b1ad453fa3ca9613b89be6ea5e50d9316d78192e9635c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Tue, 09 Feb 2021 11:06:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7b79f08fd3fed61:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iqaAoJc7taPnz4mDOBeTlx6f0vog67ODnFqPE78tYUXHTvBaP0re5Kh1WTNny2%2BuFgqfDZ%2Bc3BhEdRCsE%2BxrBLVBQPMpldH0oHlHdGr7alwmfZyzNhukr6QXu6W%2B08J90MJp8o9E"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68be13193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
1285
3-PlayStar.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		647 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/3-PlayStar.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3383331c4d259756d6db8398de3084f9f77c3f5e92997ca6ebefeb5483334cb2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Sat, 29 Jul 2023 09:49:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"91793cf81c2d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RATf7H3AkK0kjZIE6mVrLxIcFQzP4qS3OtqucwAuPEV5z1VhhSAC%2BvAhvuPpHx%2B5o5I3B9PrTrDTBGKznmpvsXmdHQbHIk%2BH8jF0rVPZoFBcyyjqgrNt9xoWqz5dSlDYys1EWy84"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68de2e193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
647
3-SpadeGaming.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/3-SpadeGaming.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f89577e21f7e3ce8e2ef790f44e072e781a181f2b8f1e40b610fc88c9fd41a17

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Tue, 09 Feb 2021 11:06:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"a521a392d3fed61:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nXgNFQygY07eNg%2FDdwaztynydrRb0TEZpVmTJej%2BrnbNq1%2FAeCZac%2BGH7HCWA%2FB8AK%2FdlSgsTH2NWxnmtoEW8rxsYK%2F8yTIVFYOQlYbH1BASPUHmS7Mm0%2B0GCwkszAnAYVGFhupu"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68de32193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
1495
3-FastSpin.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/3-FastSpin.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2ba510aa26ba4f4dfd31c671808283a117bc030a4f76e4fc1f5835a943a81c98

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Tue, 09 May 2023 23:58:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"06c2232d282d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q59JCVl059Ju8uAjDOzqI5js1zadolU%2Fr0yRQ02yl5xzL2OKxxBN4lVmwcmNy95k4DB8hjO3usBDbwfJuPAmBnMJT7I2yv2ChFFEmd3prVy5lfXHpEu5GgqeRAGVgXbz9B%2BwJA%2BT"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68de37193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
1481
3-NLC.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		824 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/3-NLC.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f9a91bc80992ffbdb286a73fd9a2621a4c6bb7defe398bf4c5503792f4fa7a81

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Wed, 09 Aug 2023 09:01:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1531a414a0cad91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ob%2BVQjFoOw4FPx5i7SfGPLw76Pwt05HLpvfhFevv7Ghl2WHnSzBvdKDaHgVq1ULENxZRIclq0%2BmQdQgP%2BmS6JrdkmRaXoNiwbwmcrZsha5b%2Bycoj2UexgOBu9ir1HrXF7ZklRQPo"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68de39193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
824
3-Dodo.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		906 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/3-Dodo.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e6a59918373d3313f9225e39d489359d604c1a7324fa777185e75d14bcdb880e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Wed, 19 Jul 2023 04:47:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6854e52afcb9d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GTu%2BwDmU6V%2FsXT7zHkXXCYYznhlTyYYae4g18qS4AH5M7swBFHvDp0FVaVQzE6VGeBLuIRSOAt2Vbr%2FeIBGrKWFj%2Fo%2F2N3rPd9G%2BQPg9%2F5ZuqTcrwlehcVJgSOccVY2giZuma4ha"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68de3c193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
906
3-CQ9.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		867 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/3-CQ9.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9dfaf0e0cfc45fc79bfef9eeb03def577f2ebff43eb45bf8a14f93914e6bf1a5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Tue, 09 Feb 2021 11:06:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5c18ee8fd3fed61:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=31MpWXhCZDDRJpsroOqjNX08DHTodP4aKfjhtPiYtQeuKA36QprABpAoQ%2BYkWqYBBgLMtUj2hZBUu24Wbbj1qLHUKvDH2%2FkLaCwwtEGKJ%2FVaJKBJP%2FYbiNz1CFOdHYi1APbSxW4q"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68de3e193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
867
3-Hacksaw.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/3-Hacksaw.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
28fffeb24f561ff0c118a692068696ce7f6868a17401f5bdc0e0b70a442b1e7e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Fri, 27 Oct 2023 04:03:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"c2a38f8d8a8da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ua9W8hlUynOpmY6TV9%2BBlCTaiU5UE6D1eTzTxg0xjY62SpfsPpUoRBe%2B8IuGs9ftf4WAnnG6Yyx2pXcPvDQpto6Ju6QXngNAUsV%2BpGDyjaA3t3tVcL0%2BjwWkdEVrYJPpbYPWDE2b"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68ee42193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
1367
3-KAGaming.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/3-KAGaming.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2cd52986d38de86b079bf1d9b4922fc22afb31a0389f00d161afcf80a6f9aa3c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Mon, 30 Aug 2021 08:24:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"32656362789dd71:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YjUFQOkng31gLK16t375DCW9MYyVVC%2Fu%2FVGfP0lyCNSpOevZhAbv67K9SjveN7pZGxDRzXNfVt5JaffeQu34wqmd9uh4DaVULZ76tNhXz%2FErJB58EAOGB%2BJbNvHAK%2FzyJfEXRDmh"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68ee50193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
2827
3-OneGame.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		1018 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/3-OneGame.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2e9cb025897e52fdbf5f804cd73ba52e6031cfc0b41df1457ed44506c1c411eb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Tue, 09 Feb 2021 11:06:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"e7eaf28fd3fed61:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YTszN%2FGWmQ1YintcM1Ex3%2BU3uaJHER5DCo8aCWXJCg%2BfIy4pSPK3iB0qXgRhLGFWxT%2FfQEczIhsN7CRUZRpRfmAvsV7hgSL6Zd%2BpLTnRwSb5FEQ9vlLJ3WmNfMwpTavAdvLap1oz"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68ee52193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
1018
3-Spinix.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/3-Spinix.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
570ccc6b5390ac12d8eb812546532a8d856d11d9daa437fc72cadc9a59a093b3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Tue, 05 Sep 2023 07:07:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7c8680a1c7dfd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8mkX4HaHucV4m%2Bk0GtvE1dyLv7wHqVmRP3qn1p%2BrYzC3GqOiwk9rQUKEu7gGi0%2BxIVfpGDV6mi8CbebVkKq4ToykSNgmMQOSaK3PEVeOjHl0qp90KzqJkB0l%2Bjg0riEoMXKGfrcu"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68ee55193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
1214
3-JILI.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		371 B
838 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/3-JILI.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5b28781a56cc62e87e52f4f44e27c3e13e3f462ce52d2097170a5952fcfadf52

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Tue, 09 May 2023 09:57:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0e1e6aa5c82d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=34D8UbCSp5J9oOMaIDrIZwgVSyKSbugfUF40Z13vLwaKiMWUfOONMLqG53Ql3%2F35vZRdyF4hJIAhRZATmA09fEmrVoTLWPcVeAzFtANC628jEmFRSdKmHJtk7doW7fuHZhiz9cvG"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68ee56193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
371
3-JDB.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		581 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/3-JDB.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
361ae0040a96d4934c6bb900aec548a01482c94d1048d701c0c065710af92b5c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Tue, 09 Feb 2021 11:06:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7b79f08fd3fed61:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SUjmLoKyuKZJY8Awa4Y%2BQoJy29V4z0TZMikO1bTDh70xcADwDDxzN4XiO4dSBYfJJIWTOk8Ilb9kp2G5Q5VjSbngZfaU7feFAv1vbLtp6q0ygyIox0iXgEiE1E2B88%2Br6hCMQ9KF"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68ee58193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
581
3-LGD.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		736 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/3-LGD.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
830e7ec8a64799c51f7dae5f746efcc7a54ee5d7b9a5bdb4363883f52ac78927

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Tue, 06 Sep 2022 09:59:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"064b94bd7c1d81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z3hsPMuQjLw0VFXri%2B2EX2S2NYrxDfAk37t0UDLqX7POL41eWhwjBNmD0l3LWL%2FD1k4ybL10VxM2XqE7vUZnaT7dX5r1UA7cPFAtm%2FIrb0kKM5FZFctVasDKNElrm54PLRFROldW"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68ee5a193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
736
3-Ameba.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/3-Ameba.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
336a5cf377168550cbfbce469c60807e0238d67ea13511941e7051c340212701

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Tue, 09 Feb 2021 11:06:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5c18ee8fd3fed61:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ja40Gk3t5JFj9vrvyMFMEd2d49wJAEjFGxytcDghZDw5EoUTo%2Bd8tggEXD9FH9nS7QVH0AThig6VyAK1AhFAft1tNuKidqwt%2BQilh73nRkZs650o%2FxBgHFBU0oOyUGGN8a2puFgp"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68fe5e193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
1183
3-Microgaming.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/3-Microgaming.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
17307d7339bdc7f8d2170f57a55d3dfa8f59422bd27856dedeab9acd9f74f319

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Tue, 09 Feb 2021 11:06:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7b79f08fd3fed61:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eIKw0TSEo%2FIeeSIEVO6Z9KvzKBrHXE7DG3fD82MuxV7BX7z%2FwLYXzji8YfhEKGlX%2Fa5bQL8RlqskCAc94OXPHNjsK5KS9nwBt5Fehv0fnqdIWprInAzXui0clzEAGv1wcWHQmJST"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68fe5f193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
1216
3-BP.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/3-BP.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
385c8df85842a2b6e7374ed117006a38800fdf5e69f20ce9de3956e2bca5384a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Thu, 29 Sep 2022 08:50:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0f1787e0d3d81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aAQnWYWCBo0MC9knfT8brikzlH9oNensHcI3kkkOnL4DmclyTsIS9Nn6vDbpnUBsdrhUX7Kx99pofI7nADGbyxcZECnLI5HDR%2BjVqa29ziRD5DcXLl4wsfcZz5SYbefwpYhX2Rje"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68fe62193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
1171
10-SV388.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		893 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/10-SV388.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e0b53483f27d479e5f113ff675de9be57eb12b79805683bd8c1e91228b14a956

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Tue, 09 Feb 2021 11:06:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"a521a392d3fed61:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UkdeKBGb43Eo%2FcOphodFp5yYqU312cEEBzrIkwzgHW%2BeFkfjEFuJDUIaXFZ1ytwx%2FpZIaNHCpXRyGiPS8zTcLvfW%2B%2F4FiWvJqjUXAAvNuSwFGcaH5XmOU01qBA3s3Gl6BuolmWo6"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68fe63193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
893
1-SBO.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/1-SBO.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2e37f3993bfa6d5cbf5039ce7741177381cf3c32bc2921cb5cd074b132c3d953

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Tue, 09 Feb 2021 11:06:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7ca0f78fd3fed61:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h%2BXcRom7Tg0QOZ2LT0yDevwj2twtzlFPdrrKfmFL3pi%2Bkg3MsVteXhRM%2BWouZNlc9ic%2ByjvlYFEx1Kd%2BPWj%2FaswgBPqywTCDh9Uz1GvQO1hvCitG%2FvV6P3xSW42G8qVzCPzg3QjA"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68fe64193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
1077
1-CMD.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/1-CMD.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6d55b97236bbc626353c007ba4bcf75d40d82443cd4e728a40e4ec6ccade7e14

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Tue, 09 Feb 2021 11:06:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"223ef58fd3fed61:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pH4eSfeWIKH9RumBez63aNuld5hMaNytQXYnwdEcnkMI88El4cSq2Ter2ya1iYsv%2Fxms3D6pAPPMDyV%2FebCeyPhq4jnW8QvIAleVPnYI4VHBUnZ6JW9%2FEsbzbM3S7WWMZOiOUmL1"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68fe65193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
1382
1-Saba.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/1-Saba.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
72fe0c31591acb699b1f5f5beb5b05595556c65dca86cee04363e25e8a9d67c9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Wed, 02 Nov 2022 10:22:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"09b1f5a4eed81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x8G8p32XzulrArPEK%2FxIM%2FQFcEDC0g668xY3j6bo8UUiWaQBUFoao2Jg1AzRDjIOVpuSkw0RVCQYhNjjdGvST%2BNI0ZY3%2BlIUN2yyTiFjQsuNnomGYI%2FPK58PQwawIzAi1Pbwptme"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68fe67193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
1343
11-TFGaming.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/11-TFGaming.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bfac86eecd2f82ff00a192f48d9c0310506c3c126dc2d0b4054e1057299d9e74

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Wed, 22 Sep 2021 04:24:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0ccf1b869afd71:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TBGnTwviF6KYtXCGMsRN%2B5sJxEYsRFzuhxvsI5bUCD4ye76v5S9Ek4Jns2DZkEVlNjsFFN1P%2BzrnYAxD2xTIlYGVx7OFRzVKwLrR0J2xs8e6flRgPKgUoCs%2B2WTO5ZMQrR72wkx0"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68fe69193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
1317
2-Trillion.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/2-Trillion.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c0dd0fb593d94885f117e40ed4fadb359737aef1bf688c81ace365c299914eef

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Oct 2021 07:40:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"da7867a497b6d71:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HmNwwo31r%2BSLcps%2BxS%2BsWuJ6FKVLYa63vQCnvTUgyjH1HdjOflVHMpvXZNAJkAFrCv9qaSxacMus8bJd1IDVl3nKeb0y2baHQoEH8yFpoX4eZFFL4xWbdr%2BwYlPzzvFgdplHcMC1"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68fe6a193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
1501
2-Miki.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/2-Miki.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1006cc248f2f2e83510ec43f60f37f82f0721b3cb1e5428ef65533564237e719

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Mon, 10 Jul 2023 01:31:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0ca3238ceb2d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CIhvxxcZ7TSIjJ5tIWHuejffIU8VaN68ik231bCZfcXVocS1eZkHLXJ62SsmR1d8qOK7RuYzcKw0q7tz78NCQwQZKvvhmvcRd0ZfqVw4iADdxYo3xNoL8qrjOx2Q6duJp8Qwtv3X"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68fe6b193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
1283
2-WE.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/2-WE.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
aa2cf1184763edd37bf6f6efd23576bb25a328e990140efd651a5d79899ce4a2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Thu, 01 Jun 2023 09:12:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6ce94226994d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q1dIAZaRw2GW7AnU4oZmnQnqGI5vC3nGu%2BtQjm98cDy1N5vOHKSL5t8V3lah%2BwdQb0Je3eH3vCFZ6lixSG2zX8t9nLpAaILiuhMqhI0ed2zVWm08W5JfdNv43CNRlPu%2BGrOYw10l"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab68fe6d193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
3376
2-AESexy.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		818 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/2-AESexy.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b454be62db434fde39d337b85c4c98f435b395952f0f7ff1de36d18a2adbc8ad

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Tue, 09 Feb 2021 11:06:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7ca0f78fd3fed61:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HvNjs79LQJOxKD3TOq3jMRu4kyjnxczO7hAfI84atsJboxhu985mgI5HhyuvTfz5USf3a6Z%2FEWWwsoddlF97tFSVRmAUM6KYR6keisfv6aPZ2hjyJPkJyIgIVB%2F8%2Bbc5bFP%2BZ%2FpG"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab691e91193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
818
2-SA.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		561 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/2-SA.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2eecf4927dfe2b11fb19ba50409cf71873e2bae2c04df94422f05f6b23842de6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 08:26:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"088f378129cd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ljt1EW%2FrZU7zjAPmz2H1PFDd9ls42dg%2BqQJFbYeJK6PTr8Qr9XVGv1s%2BvdsuRzzLlX5WwpSq6hnUAgTCPRBFPHM7j6ou9cEDJzyAC%2FoFQMC%2Fy9ZmZhISyW7pKm2UcmjfxI3AkXNx"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab691e94193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
561
2-WM.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		974 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/2-WM.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
cf4b1967163a33d577b5eeaf4b056c8c5c6a44dd4a530c33ea81b235ead93d1a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Tue, 09 Feb 2021 11:06:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5c18ee8fd3fed61:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gDOmEjGXtmEs8d5EDWkVLpjiO3CQjMs3JOvhFDfU6yolBVp2y9XnrtXkzWxqb%2Fs9qv9zDFDDYANaTMN6%2BGScpozcn%2Bt264TOXro3ueU5L9CE2x0EB7EH3Xvw42oubpzYGKyGTSRA"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab691e95193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
974
2-DreamGaming.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		762 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/2-DreamGaming.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
887e6036a8835eff73a38bd237872fb87b66c411863a2d79ff703f67659a2355

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Tue, 09 Feb 2021 11:06:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"e00ed8fd3fed61:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cV8nxxzHM345CZ3B%2BAEAATqYCERt1Tx%2FnROKHJNmbmE6qn8u7E0rKhgiT5YMU97%2FnnaBSKhsdWAM9VbDqPok0EMS1GS979spQBKbPFd%2FU%2BSokM2jmBN6P%2B5gKxg6vixfU%2FYPMcL7"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab691e98193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
762
2-LG88.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/2-LG88.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
33132d3eb5822dc360f7eba610717542855d3c4f75e15a3b711030f7ed83419e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Wed, 30 Jun 2021 10:20:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1af2c89a996dd71:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pHHYKLH%2B8TiyF5gar3%2BsJkXi5T7VQhoi1xQJ%2FqBof7y63j7KK3DuBtEvoXkRs80d9VoSWtcEaUlL4Ph9LgL8XKwgRTs8A0CX73PFm7uCoRgy9JO0Gdy%2Ff1OoP1MohiddVp4pvXPv"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab691e9a193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
4481
2-OG.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		738 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/2-OG.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9b7f1c233286a3fa04e1453c8580e96f3b6c894aa5d2338ec089be186955328c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Mon, 11 Mar 2024 04:31:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"b6e82cfa6c73da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BbzxJpDs%2BC2yTPAgqanx9yct0%2BX0LRzotq7Nsy8iGjb43%2BxnZ7GcDBjLCF7RocoznFsiYEofrJlVwCU7SI9nkIQOC2Y9DcYirFIc%2FpbBP9QN2l1PsoRi3LWe9uXjquwVOu8L6Vkf"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab691e9c193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
738
9-Poker.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/9-Poker.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
0abc5d7bc7e7ba4eb666d174574549cfae8ace7b606c090824810ddc3abca1b1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Mon, 22 Aug 2022 01:05:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"05b8b3ec3b5d81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XrcoZJffPhMdAi6yKLPbZKbNurQX4wznurmmMU9cKiHfMtv47F6%2F%2FOIJjksGSdQFOWT12Cd2n7mt7%2BonzsfNs7NGGnhn0agC0SFL2kgLBegjUiVYmn%2BYUzt21SePol6NRy4bCjXQ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab691ea1193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
1039
7-KingMidas.png
m.medaliemas129.xyz/assets/brand/hrz/grey/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.medaliemas129.xyz/assets/brand/hrz/grey/7-KingMidas.png?v=1
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c9c55684dbb718172964fc2e1bd488631d405cccd7de04a2e093ef6e4ddb7c15

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
cf-cache-status
MISS
last-modified
Wed, 31 Jan 2024 02:03:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3b3a8eb4e953da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ooyLJRylPWjBzSC%2BohlH2GOz7zMij7wiUtf25e2KbehfN5Zxz4ZG4p1zFGW2qW6aBKQRpwNzKUVeocEbcWbmjmt2ZJZsphv00Ur5sz9ufMQjefnsa0NeM9zbTUnIUhpLss2U1mem"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab691ea3193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
1609
Hbz4Fwu.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgm8VKWAQuCcSxAe7B-FYuhOPNQd_JU22tYRZV00NK8nDSmZROYeTppB_8Sg-RxRy9qcMRk4jtzPpiUDHrwqHwT52LRwsvBHYp709SdLVBFnTYk17-usuceSRBBkbDjOI99CzM3y-i8O0RlooZu... 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgm8VKWAQuCcSxAe7B-FYuhOPNQd_JU22tYRZV00NK8nDSmZROYeTppB_8Sg-RxRy9qcMRk4jtzPpiUDHrwqHwT52LRwsvBHYp709SdLVBFnTYk17-usuceSRBBkbDjOI99CzM3y-i8O0RlooZutfe5PoJUrgMYDzhsC48I60hHVRJZXRIsAKOdFgymH9s/s1600/Hbz4Fwu.png
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
37a07e2b30fb3244fa2893c1fbea503b6c2dc60984d4db6be0d2e78b0edf62dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:48 GMT
x-content-type-options
nosniff
server
fife
etag
"v131"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Hbz4Fwu.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34165
x-xss-protection
0
expires
Tue, 11 Jun 2024 07:32:48 GMT
792165022283054
connect.facebook.net/signals/config/ 		255 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/792165022283054?v=2.9.157&r=stable&domain=m.medaliemas129.xyz&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C125%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C118%2C219%2C154%2C111%2C134%2C127%2C115
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
ecbb749100ad38862551940e4e878088f5efcee34d650d9f2f73d97644f44885
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 10 Jun 2024 07:32:48 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=55, rtx=0, c=23, mss=1232, tbw=4331, tp=9, tpl=0, uplat=281, ullat=0
pragma
public
x-fb-debug
vQT4Iq+kOTz/Q4Dtv9yGG4YQ40MAYS2qgXAa7N3kXuoZ2QlfqDq/FJBy0N6E2vOeZMPslKkAtRQr7H0wvZahVw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1160798005301842&ev=PageView&dl=https%3A%2F%2Fm.medaliemas129.xyz%2F&rl=&if=false&ts=1718004768189&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718004768186.554406011416054305&cs_est=true&ler=empty&cdl=API_unavailable&it=1718004767715&coo=false&rqm=GET
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=10, mss=1297, tbw=2837, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 10 Jun 2024 07:32:48 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1160798005301842&ev=PageView&dl=https%3A%2F%2Fm.medaliemas129.xyz%2F&rl=&if=false&ts=1718004768189&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718004768186.554406011416054305&cs_est=true&ler=empty&cdl=API_unavailable&it=1718004767715&coo=false&rqm=FGET
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x1f4ea99238469311","source_keys":["1","2"]},{"key_piece":"0x41951635ff8da3b2","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Mon, 10 Jun 2024 07:32:48 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=17, mss=1297, tbw=3155, tp=-1, tpl=-1, uplat=252, ullat=0
pragma
no-cache
x-fb-debug
rgaoQrNVO6x4ojF3y2aE5ScPPPTxYzMjAv4/yiC2fddZVUO8KtYlS7fq5TdVaygBZj7U2CuZg07D5xeuiV62WQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
advanced_dot_digital7.woff2
m.medaliemas129.xyz/assets/fonts/jackpot/ 		7 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://m.medaliemas129.xyz/assets/fonts/jackpot/advanced_dot_digital7.woff2
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/assets/css/theme/t5/BlackBlue_v3_1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6859917f17c0b4ccd4e0f7944f49bc9b2968fb61a4593428cfd176613922f81b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/assets/css/theme/t5/BlackBlue_v3_1.css
Origin
https://m.medaliemas129.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:49 GMT
cf-cache-status
MISS
last-modified
Mon, 18 Jan 2021 08:49:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"617d7dde76edd61:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QgwK0HEup4Uo0rWUPn7kFCMX1ckT2g38NHGP5a2InE3iD2ykkRw8R7Q39FxWKhTkTy8lXKxwgfF8kKO5M5Asqdh4toN9J49JHCnqJRC7cZcWzQphZsX2vymmJG1Ofb1H6h2s%2Brlu"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8917ab6bea9a193b-FRA
alt-svc
h3=":443"; ma=86400
content-length
7348
7485329928177714
connect.facebook.net/signals/config/ 		24 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/7485329928177714?v=2.9.157&r=stable&domain=m.medaliemas129.xyz&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C125%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C118%2C219%2C154%2C111%2C134%2C127%2C115%2C147%2C210%2C211%2C209%2C129
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
d9110fe4f99d6dd474d3d679b4967779720f64bb6f9188adbfbe5808e7632f02
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 10 Jun 2024 07:32:48 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=87, mss=1232, tbw=92155, tp=84, tpl=0, uplat=60, ullat=0
pragma
public
x-fb-debug
unY/Cmpy7h88Y8JvezGTMB8+wTt8WisnZfpMI2RxXAlAR7UZWj/zBIs1QlpRyZHdPlwazQhSCkVMsewpeX4hsg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
225c29b47113e25d2c8b7c1bbfbc933ead26986686cb584012412a0e5578da6b
capig.stape.us/events/ 		0
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capig.stape.us/events/225c29b47113e25d2c8b7c1bbfbc933ead26986686cb584012412a0e5578da6b
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/792165022283054?v=2.9.157&r=stable&domain=m.medaliemas129.xyz&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C125%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C118%2C219%2C154%2C111%2C134%2C127%2C115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 10 Jun 2024 07:32:49 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KPHMS0adN0lroaHdIh5wNIOZv7Ceecc9QwX7KpBFvpj3A6BT0NZNkgXyfWpD66NVdfsG6C1bXLkeyRaEnEWWGcP09x8uPLw6PgJHENnKz7eR49Dyw1C6MxIOucCi%2FxqUyg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://m.medaliemas129.xyz
access-control-allow-credentials
true
cf-ray
8917ab728ab565b8-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=792165022283054&ev=PageView&dl=https%3A%2F%2Fm.medaliemas129.xyz%2F&rl=&if=false&ts=1718004768760&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718004768186.554406011416054305&cs_est=true&ler=empty&cdl=API_unavailable&eid=ob3_plugin-set_b0cb4f091780efd7f08fe908fb3ad6a8ee47c4880fb599d825949dbe35da3152&it=1718004767715&coo=false&rqm=GET
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1297, tbw=6863, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 10 Jun 2024 07:32:48 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=792165022283054&ev=PageView&dl=https%3A%2F%2Fm.medaliemas129.xyz%2F&rl=&if=false&ts=1718004768760&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718004768186.554406011416054305&cs_est=true&ler=empty&cdl=API_unavailable&eid=ob3_plugin-set_b0cb4f091780efd7f08fe908fb3ad6a8ee47c4880fb599d825949dbe35da3152&it=1718004767715&coo=false&rqm=FGET
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x2aeefb9468185ce5","source_keys":["1","2"]},{"key_piece":"0xeb07ea97c5f63a6a","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Mon, 10 Jun 2024 07:32:48 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1297, tbw=7044, tp=-1, tpl=-1, uplat=29, ullat=0
pragma
no-cache
x-fb-debug
ViHZIgO8y6bmxl5s5QF8ZUkwkjytJiWhec7Q+CmpcrwK6AysS1J2jlnuxlH90xNXeZ/96wm49bId/QbfbvAwKg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
907314337839827
connect.facebook.net/signals/config/ 		25 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/907314337839827?v=2.9.157&r=stable&domain=m.medaliemas129.xyz&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C125%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C118%2C219%2C154%2C111%2C134%2C127%2C115%2C147%2C210%2C211%2C209%2C129
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
b97390a4d37973930f5b91748f5c2702f2284d186a9624925a4f9df037f0d25a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 10 Jun 2024 07:32:49 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=49, rtx=0, c=90, mss=1232, tbw=95563, tp=89, tpl=0, uplat=450, ullat=0
pragma
public
x-fb-debug
Bv0ZBbHjwwbQXfjHz5gONX2jMUxZnReD70DvEhvgT8PwVcMJbFj66wv6IWfGv1xoBmYRcdalFP9sTg0ZFpyuRg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=7485329928177714&ev=PageView&dl=https%3A%2F%2Fm.medaliemas129.xyz%2F&rl=&if=false&ts=1718004769032&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718004768186.554406011416054305&cs_est=true&ler=empty&cdl=API_unavailable&it=1718004767715&coo=false&rqm=GET
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=45, rtx=0, c=23, mss=1232, tbw=4380, tp=10, tpl=0, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 10 Jun 2024 07:32:49 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=7485329928177714&ev=PageView&dl=https%3A%2F%2Fm.medaliemas129.xyz%2F&rl=&if=false&ts=1718004769032&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718004768186.554406011416054305&cs_est=true&ler=empty&cdl=API_unavailable&it=1718004767715&coo=false&rqm=FGET
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x0742650db4bc917c","source_keys":["1","2"]},{"key_piece":"0x437baa397b5c2042","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Mon, 10 Jun 2024 07:32:49 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=45, rtx=0, c=23, mss=1232, tbw=4700, tp=12, tpl=0, uplat=30, ullat=0
pragma
no-cache
x-fb-debug
h5pQS34dNwsiJ0O/5j/xCDn1GjpRDj1SA9yxTa2NBE4Q7Os5kP9k2Gsz3q7jxeB6NoFSQTynr8SwwSrr6brzrQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
get_configuration
api.livechatinc.com/v3.4/customer/action/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=541d83d9-33af-4119-ae82-ec7268972f4c&version=327.0.1.8.88.101.2.1.1.1.1.13.3&group_id=0&jsonp=__lc_static_config
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.103.67 Bucharest, Romania, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-103-67.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d1831bcbb11fa5ce3abe0191d3e389e2b9bae9e2d742fbaea49c1034d65af4cd

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:49 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
deprecation
2024-11-30
cache-control
public, max-age=600
cross-origin-resource-policy
cross-origin
content-length
1851
expires
Mon, 10 Jun 2024 07:42:49 GMT
open_chat
secure.livechatinc.com/customer/action/ Frame 4520 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.livechatinc.com/customer/action/open_chat?license_id=15852072&group=0&embedded=1&widget_version=3&unique_groups=0
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.103.74 Bucharest, Romania, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-103-74.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://m.medaliemas129.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
2004
Content-Type
text/html; charset=utf-8
Date
Mon, 10 Jun 2024 07:32:50 GMT
Vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
get_localization
api.livechatinc.com/v3.4/customer/action/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=541d83d9-33af-4119-ae82-ec7268972f4c&version=470b74842e9d45ce9f156d1d5a957bad_df449591de1a9a5f3b825479b8f9e934&language=en&group_id=0&jsonp=__lc_localization
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.103.67 Bucharest, Romania, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-103-67.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c559e74d6323648a02f127e1a5b63ab0f0026ef276c5c748cfadf6526b6b3fbe

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:49 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
deprecation
2024-11-30
cache-control
public, max-age=600
cross-origin-resource-policy
cross-origin
content-length
4130
expires
Mon, 10 Jun 2024 07:42:49 GMT
1101054601159026
connect.facebook.net/signals/config/ 		26 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1101054601159026?v=2.9.157&r=stable&domain=m.medaliemas129.xyz&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C125%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C118%2C219%2C154%2C111%2C134%2C127%2C115%2C147%2C210%2C211%2C209%2C129
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
898aab0176105c5d087944591d4ff7fd21497aabe8ea77bc26c515d67162fbaa
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 10 Jun 2024 07:32:49 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=85, rtx=0, c=95, mss=1232, tbw=101647, tp=96, tpl=0, uplat=42, ullat=0
pragma
public
x-fb-debug
+lNHkGjxCAxg3QYPFkQA0tPXPEnKszGb6Gn5sstpptAwkp+lKHgCSNmS1PHykoHj1ztWZwBIk38ysWU4haEhEQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
225c29b47113e25d2c8b7c1bbfbc933ead26986686cb584012412a0e5578da6b
ap.stape.info/events/ 		0
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.stape.info/events/225c29b47113e25d2c8b7c1bbfbc933ead26986686cb584012412a0e5578da6b
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/792165022283054?v=2.9.157&r=stable&domain=m.medaliemas129.xyz&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C125%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C118%2C219%2C154%2C111%2C134%2C127%2C115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.186.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 10 Jun 2024 07:32:50 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wJ0NvZXafGmBU5FtsWbDWpaRCp73BIAfeIEtT9MBUp1iYCRwMYZXxmNYg5AUBoB4NNWmNi0sn3sdAsGxvy2JJB1kLS%2F5%2BmUpvbKigYWxBo1PA6C59ydf7xyTKPjnxJsf"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://m.medaliemas129.xyz
access-control-allow-credentials
true
cf-ray
8917ab7478e61bdb-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=907314337839827&ev=PageView&dl=https%3A%2F%2Fm.medaliemas129.xyz%2F&rl=&if=false&ts=1718004769799&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718004768186.554406011416054305&cs_est=true&ler=empty&cdl=API_unavailable&eid=ob3_plugin-set_fdef3e53d2e529068f34e0176b1bf5b78e7ed777aac4d336493c54c4eef50eee&it=1718004767715&coo=false&rqm=GET
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=44, rtx=0, c=26, mss=1232, tbw=8556, tp=19, tpl=0, uplat=1, ullat=1
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 10 Jun 2024 07:32:49 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=907314337839827&ev=PageView&dl=https%3A%2F%2Fm.medaliemas129.xyz%2F&rl=&if=false&ts=1718004769799&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718004768186.554406011416054305&cs_est=true&ler=empty&cdl=API_unavailable&eid=ob3_plugin-set_fdef3e53d2e529068f34e0176b1bf5b78e7ed777aac4d336493c54c4eef50eee&it=1718004767715&coo=false&rqm=FGET
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x155478e7df126523","source_keys":["1","2"]},{"key_piece":"0x919e499ea7f4a6a4","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Mon, 10 Jun 2024 07:32:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=27, mss=1232, tbw=9580, tp=27, tpl=0, uplat=156, ullat=0
pragma
no-cache
x-fb-debug
0RaA21qrqz7A1AU+0Y6KBobOE+AcNcMisazAUQHY9PPAsYQQCO2r3vVL91dmHtlZ+2S/VHLo6KHUocrmR0bGNg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
741335914653884
connect.facebook.net/signals/config/ 		25 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/741335914653884?v=2.9.157&r=stable&domain=m.medaliemas129.xyz&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C125%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C118%2C219%2C154%2C111%2C134%2C127%2C115%2C147%2C210%2C211%2C209%2C129%2C119
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
2d638c7b66aa5dfc1798c38584cca5a9310b37933f0975237a9c79632d7ea7b0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 10 Jun 2024 07:32:50 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=71, rtx=0, c=98, mss=1232, tbw=105375, tp=101, tpl=0, uplat=49, ullat=0
pragma
public
x-fb-debug
IizXY/XJLUNSdfKVklfW4Mahyzn0bdFrHJMdpws9V2jwkgVq3WXcCNf7mghddvyf/Wn2Dc5IXAo1VPgMEy6iWQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1101054601159026&ev=PageView&dl=https%3A%2F%2Fm.medaliemas129.xyz%2F&rl=&if=false&ts=1718004769951&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718004768186.554406011416054305&cs_est=true&ler=empty&cdl=API_unavailable&it=1718004767715&coo=false&rqm=GET
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=43, rtx=0, c=26, mss=1232, tbw=8892, tp=24, tpl=0, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 10 Jun 2024 07:32:49 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1101054601159026&ev=PageView&dl=https%3A%2F%2Fm.medaliemas129.xyz%2F&rl=&if=false&ts=1718004769951&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718004768186.554406011416054305&cs_est=true&ler=empty&cdl=API_unavailable&it=1718004767715&coo=false&rqm=FGET
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x5900959376d4802e","source_keys":["1","2"]},{"key_piece":"0x85d2db3c51e9de48","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Mon, 10 Jun 2024 07:32:49 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=43, rtx=0, c=26, mss=1232, tbw=9084, tp=26, tpl=0, uplat=29, ullat=0
pragma
no-cache
x-fb-debug
pWIPHws8eQd7bQnCkmbiI8YkQ0JB8CVZSh/4cIl/WGHk0NUFgKBGCQ00Qb0DIzKggfi5IjMRj7p4glE0LjkWXA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
928540605396196
connect.facebook.net/signals/config/ 		24 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/928540605396196?v=2.9.157&r=stable&domain=m.medaliemas129.xyz&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C125%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C118%2C219%2C154%2C111%2C134%2C127%2C115%2C147%2C210%2C211%2C209%2C129%2C119
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
9ab8b85579b475c7991657cb8521d16636babfbaefb8ada21e8b7372c72ed21b
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 10 Jun 2024 07:32:50 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=61, rtx=0, c=101, mss=1232, tbw=108879, tp=106, tpl=0, uplat=41, ullat=0
pragma
public
x-fb-debug
WHS6fE51o/ijMPl5JJ4eWdcTW0BOMrUy379OI6M1CnBLAY053CAXr1PMyxCeARAWfV4oUo9nNgyN4R3XWQCkIA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=741335914653884&ev=PageView&dl=https%3A%2F%2Fm.medaliemas129.xyz%2F&rl=&if=false&ts=1718004770065&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718004768186.554406011416054305&cs_est=true&ler=empty&cdl=API_unavailable&it=1718004767715&coo=false&rqm=GET
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=28, mss=1232, tbw=10252, tp=31, tpl=0, uplat=1, ullat=1
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 10 Jun 2024 07:32:50 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=741335914653884&ev=PageView&dl=https%3A%2F%2Fm.medaliemas129.xyz%2F&rl=&if=false&ts=1718004770065&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718004768186.554406011416054305&cs_est=true&ler=empty&cdl=API_unavailable&it=1718004767715&coo=false&rqm=FGET
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x08b62e231f1afcb1","source_keys":["1","2"]},{"key_piece":"0x8dcdb6a36b9e86f2","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Mon, 10 Jun 2024 07:32:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=28, mss=1232, tbw=10444, tp=33, tpl=0, uplat=54, ullat=0
pragma
no-cache
x-fb-debug
6uysOAuR/m4nhWTmB91+iIhfJWyi1LE47YuiQk0SNCpIw5ZW3Sg8laIbvZabGVmbCDjXFHfh3M0ek1xeQ7lzwQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
369372476096686
connect.facebook.net/signals/config/ 		24 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/369372476096686?v=2.9.157&r=stable&domain=m.medaliemas129.xyz&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C125%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C118%2C219%2C154%2C111%2C134%2C127%2C115%2C147%2C210%2C211%2C209%2C129%2C119
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
ad41ac85654922a402062ab35653d9c196a475d8b1e1bf8740367be603559afb
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 10 Jun 2024 07:32:50 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=123, rtx=0, c=103, mss=1232, tbw=112287, tp=111, tpl=0, uplat=53, ullat=1
pragma
public
x-fb-debug
GSQs7ISvYoKtp9QC3JGepK5ocKdzF3rYnW+DHaE2pOcoLJRXgUWrRBJHoW6F2EvZ699Q2pTTRD/2lF6v2N7PSA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=928540605396196&ev=PageView&dl=https%3A%2F%2Fm.medaliemas129.xyz%2F&rl=&if=false&ts=1718004770475&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718004768186.554406011416054305&cs_est=true&ler=empty&cdl=API_unavailable&it=1718004767715&coo=false&rqm=GET
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=127, rtx=0, c=28, mss=1232, tbw=11244, tp=41, tpl=0, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 10 Jun 2024 07:32:50 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=928540605396196&ev=PageView&dl=https%3A%2F%2Fm.medaliemas129.xyz%2F&rl=&if=false&ts=1718004770475&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718004768186.554406011416054305&cs_est=true&ler=empty&cdl=API_unavailable&it=1718004767715&coo=false&rqm=FGET
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xd880afbf619884cc","source_keys":["1","2"]},{"key_piece":"0x417cbbdc216621ad","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Mon, 10 Jun 2024 07:32:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=127, rtx=0, c=28, mss=1232, tbw=11404, tp=43, tpl=0, uplat=34, ullat=0
pragma
no-cache
x-fb-debug
btTG/NJOeMUocI6pOGhcypEyrSAMLm3PI7lt9DlbDyVnSfI2jTzEahduPFnqHn4dUxylLGOG3wsvHIJLTO6eDg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
949700820275735
connect.facebook.net/signals/config/ 		24 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/949700820275735?v=2.9.157&r=stable&domain=m.medaliemas129.xyz&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C125%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C118%2C219%2C154%2C111%2C134%2C127%2C115%2C147%2C210%2C211%2C209%2C129%2C119
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
1709ef9a4cffce3fed74e8ba94f8c5b9f0d8608960ca392953bbf091619ec1cf
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 10 Jun 2024 07:32:50 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=96, rtx=0, c=106, mss=1232, tbw=115679, tp=115, tpl=0, uplat=52, ullat=0
pragma
public
x-fb-debug
krLwvXA7gVuso/lre3i9Juz1Cn7+NRuhKBRHZMTTiRSuu0PQI8QLYDGNeDtx7DAtSq62VZtb+X75/GgSGNxg7w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=369372476096686&ev=PageView&dl=https%3A%2F%2Fm.medaliemas129.xyz%2F&rl=&if=false&ts=1718004770581&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718004768186.554406011416054305&cs_est=true&ler=empty&cdl=API_unavailable&it=1718004767715&coo=false&rqm=GET
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=91, rtx=2, c=4, mss=1232, tbw=12092, tp=48, tpl=2, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 10 Jun 2024 07:32:50 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=369372476096686&ev=PageView&dl=https%3A%2F%2Fm.medaliemas129.xyz%2F&rl=&if=false&ts=1718004770581&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718004768186.554406011416054305&cs_est=true&ler=empty&cdl=API_unavailable&it=1718004767715&coo=false&rqm=FGET
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x60a9c4b3d94861ba","source_keys":["1","2"]},{"key_piece":"0x809148c8d010d91f","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Mon, 10 Jun 2024 07:32:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=91, rtx=2, c=4, mss=1232, tbw=12252, tp=50, tpl=2, uplat=29, ullat=0
pragma
no-cache
x-fb-debug
klsTAf/E9MzA6lAiuShIn3pSg6eXWEi+Btw2jKVl5wkaPKbMhV7Azld22fllCEJ8HiDnJBiVPXWMUhxb8vaBnQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
768927778725936
connect.facebook.net/signals/config/ 		23 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/768927778725936?v=2.9.157&r=stable&domain=m.medaliemas129.xyz&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C125%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C118%2C219%2C154%2C111%2C134%2C127%2C115%2C147%2C210%2C211%2C209%2C129%2C119
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
9053e8a21c01739696058ea41adc907b079ce989f57678e3dbe3becd25c202a1
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 10 Jun 2024 07:32:50 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=77, rtx=0, c=109, mss=1232, tbw=119087, tp=120, tpl=0, uplat=51, ullat=0
pragma
public
x-fb-debug
smTt2EQZP3m+ieLo2CAW7iy/U2sBIqjet+1To56iMnMixY3h2TH8oKW++/cXo7Plhk9RbcLSOfiGI9479k3qPw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=949700820275735&ev=PageView&dl=https%3A%2F%2Fm.medaliemas129.xyz%2F&rl=&if=false&ts=1718004770713&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718004768186.554406011416054305&cs_est=true&ler=empty&cdl=API_unavailable&it=1718004767715&coo=false&rqm=GET
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=70, rtx=2, c=29, mss=1232, tbw=12892, tp=54, tpl=2, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 10 Jun 2024 07:32:50 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=949700820275735&ev=PageView&dl=https%3A%2F%2Fm.medaliemas129.xyz%2F&rl=&if=false&ts=1718004770713&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718004768186.554406011416054305&cs_est=true&ler=empty&cdl=API_unavailable&it=1718004767715&coo=false&rqm=FGET
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x1848232662eeb870","source_keys":["1","2"]},{"key_piece":"0xfcc6f31815b7b046","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Mon, 10 Jun 2024 07:32:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=70, rtx=2, c=29, mss=1232, tbw=13052, tp=56, tpl=2, uplat=31, ullat=0
pragma
no-cache
x-fb-debug
ssqCNrIjVd1U/swGSsA8tTt1vyXxpsphi5wmeQ8FD2RYK9J+lLwJLOptFVjyoJbQ0eXW0d22sXy4MLhK900VPQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=768927778725936&ev=PageView&dl=https%3A%2F%2Fm.medaliemas129.xyz%2F&rl=&if=false&ts=1718004770854&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718004768186.554406011416054305&cs_est=true&ler=empty&cdl=API_unavailable&it=1718004767715&coo=false&rqm=GET
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=63, rtx=2, c=30, mss=1232, tbw=13740, tp=61, tpl=2, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 10 Jun 2024 07:32:50 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=768927778725936&ev=PageView&dl=https%3A%2F%2Fm.medaliemas129.xyz%2F&rl=&if=false&ts=1718004770854&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718004768186.554406011416054305&cs_est=true&ler=empty&cdl=API_unavailable&it=1718004767715&coo=false&rqm=FGET
Requested by
Host: m.medaliemas129.xyz
URL: https://m.medaliemas129.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x4096f4966471a73d","source_keys":["1","2"]},{"key_piece":"0x9450c44920495410","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Mon, 10 Jun 2024 07:32:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=63, rtx=2, c=30, mss=1232, tbw=13900, tp=63, tpl=2, uplat=28, ullat=0
pragma
no-cache
x-fb-debug
KQU3m1KIg0meuFl33yI8crji2KyOz0yH9iOOD3tBFSYExdesbVcGr7mLsdP32Hx4IdKlTS+kg7dC/4NZT19ogQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
favicon.ico
m.medaliemas129.xyz/ 		15 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://m.medaliemas129.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8647833a1d0f6ffb1021e2d4436c0ba7ee62bbf5aeeb4eabae3ba20df7f69cb3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:32:51 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 07 Aug 2023 14:21:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"d855f4673ac9d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3nLmPHl1j4RBy%2FD5LC3VD%2BuOxGXTdOJjVJay%2BhNQF6GKFD576au3AZ%2FsMDHl9p2xHMaijj%2FP1b%2B7jWs5VYn0hje%2BJqJWyh%2F32ZWqlg1eXsnpDMIUPnTnk9NV1QqV2Xk9GizfUjrc"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
cf-ray
8917ab7b5ea3193b-FRA
alt-svc
h3=":443"; ma=86400
df4681cbfb8d0581d76588bb5059347d.png
cdn.livechat-files.com/api/file/lc/main/15852072/0/ec/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.livechat-files.com/api/file/lc/main/15852072/0/ec/df4681cbfb8d0581d76588bb5059347d.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.96 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-96.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d064bbe76dfaf05138323b045a5de73c3289fb06e689bc71d335135cfea0112c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.medaliemas129.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Mon, 10 Jun 2024 07:32:52 GMT
cache-control
private, max-age=84593
content-length
27797
content-type
image/png

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| loadlink string| randomtextnumber function| Fireworks function| fbq function| _fbq object| __lc object| LiveChatWidget boolean| __lc_inited object| LC_API function| $ function| jQuery object| jQuery11130651818427105207 function| removeSpace function| isAlphaNumeric function| isAlphaSpace function| isNumeric function| isEmail function| handleFocusOut number| submit function| CheckLoginRepeat boolean| isClickLiveChat number| timeClickLiveChat number| checkWidgetTime number| checkTawkTimeout function| checkWidgetTawk function| showHideLiveChat function| showLiveChat function| toggleSideBar boolean| isMobile function| loadImageContent object| timeDisplay function| refreshTime boolean| isShowDefault boolean| isAlwaysShow object| gameListMobileMenu number| currentGameGroupID function| showGameMenu function| scrollGameMenuLeft function| scrollGameMenuRight object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY object| $divMarquee object| regeneratorRuntime

9 Cookies

Domain/Path Name / Value
.capig.stape.us/events/225c29b47113e25d2c8b7c1bbfbc933ead26986686cb584012412a0e5578da6b Name: cee
Value: ab61ERZMR0dz%2FCyzgeanZUP1uCAh%2BZEr7J8%2FrYVerfs%3D.%7B%7D
.ap.stape.info/events/225c29b47113e25d2c8b7c1bbfbc933ead26986686cb584012412a0e5578da6b Name: cee
Value: brkUwPuiIgXavujLvCQaysptL4p8n6ISkTTuGDM5HfA%3D.%7B%7D
.accounts.livechatinc.com/v2/customer/token Name: __lc_cid
Value: af08075b-8c73-4521-afe7-82a0a093fe8e
.accounts.livechatinc.com/v2/customer/token Name: __lc_cst
Value: 4c827413e91ddfc1529e0fabcb7b397c01a0e6886101075c967c81b56a65776ebba10ee7aa4e40e55785d26aed1a0daa6ee03ebaf624b3733c7c224f267c
.accounts.livechatinc.com/customer/token Name: __lc_cid
Value: af08075b-8c73-4521-afe7-82a0a093fe8e
.accounts.livechatinc.com/customer/token Name: __lc_cst
Value: 4c827413e91ddfc1529e0fabcb7b397c01a0e6886101075c967c81b56a65776ebba10ee7aa4e40e55785d26aed1a0daa6ee03ebaf624b3733c7c224f267c
m.medaliemas129.xyz/ Name: ASP.NET_SessionId
Value: 4ylpafm2w3mmku4mwqyhyuuk
.medaliemas129.xyz/ Name: _fbp
Value: fb.1.1718004768186.554406011416054305
accounts.livechatinc.com/ Name: __oauth_redirect_detector
Value: counter=1&t=1718004801&tag=e1321372be718210ed532bce0ee222e411c380d6

5 Console Messages

Source Level URL
Text
recommendation verbose URL: https://m.medaliemas129.xyz/
Message:
[DOM] Multiple forms should be contained in their own form elements; break up complex forms into ones that represent a single action: (More info: https://goo.gl/9p2vKq) %o
other warning URL: https://m.medaliemas129.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://m.medaliemas129.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://m.medaliemas129.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cdn.livechatinc.com/tracking.js
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ap.stape.info
api.livechatinc.com
blogger.googleusercontent.com
capig.stape.us
cdn.livechat-files.com
cdn.livechatinc.com
connect.facebook.net
m.medaliemas129.xyz
pub-1afacac1f4734757b0908784991abb88.r2.dev
secure.livechatinc.com
www.facebook.com
157.240.251.35
157.240.251.9
172.67.186.140
172.67.194.235
188.114.96.3
2606:4700:3034::ac43:c2eb
2606:4700::6812:323
2a00:1450:4001:82b::2001
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
92.123.103.67
92.123.103.74
95.101.23.96
021c35050873b42751f8977b9c5fadb3122a37b925b8dd26a764414366c7aac7
022c777bbc0fef728878ede6b17c0eaad74f4070269da38d9fdafb5c3fbf65e5
0531d275b84505259f11c4761f3b67eb9ddfede7dcde53444cfe84985279a7b4
05cbaa6de8afd11c26c52fffe58d24e6d19c50495df8f76aedf34562de661419
089650b46c0acf567f7133b55ce71b03c1a7d11ff62b834623e16a717b60ae3c
08e34a7d8a96021e44a631c5b836c50fb894ada9b8b18565686cbab045e2c976
09c3dcae1d69fb8829e3d3386984da6c780289c94e19dcb340d0a2893757ff94
0abc5d7bc7e7ba4eb666d174574549cfae8ace7b606c090824810ddc3abca1b1
0b88efcc2322c63f57f6b35f2ec6e3192e0b97a7efdb1cc5a0fb61093bf8df70
0c65ce6b4e238f1a0e59fe7e3e2478985446a28761cb1531126363729f719bed
0c82b8b578751bdc7437b70969881522573656a13bf55852f91f4caccd128723
1006cc248f2f2e83510ec43f60f37f82f0721b3cb1e5428ef65533564237e719
10092c96d9fb86557fad2abb3216859d407e55565e2492ac9377acd3b34af383
108b5fe6f539af2450c82ba0b35f0472b23ea7f20cd0e5b939c9cf5daf492d0d
11d123e5ca69cfab421e0c3bf970a8c1fa2b316c740f87832cabae9c92535acd
1709ef9a4cffce3fed74e8ba94f8c5b9f0d8608960ca392953bbf091619ec1cf
17307d7339bdc7f8d2170f57a55d3dfa8f59422bd27856dedeab9acd9f74f319
1b9b3fe648e389e0cc33f8a212ab6aad907755afec2d36d9ab3bf1556c4ec686
213b0b6f7f5051d5842e8b8a052eb76759f8f90c84ae17e031bf1e69c36627c4
2241253dd5fe4be1d501192c3446ee3cd4bab32f284ef5d6236c57852d94e82d
23a64297e5e9ebbd299311a75c4d9f6f14d09f5e07af6f0830bc9240b7ca1aa4
24d547c136ff69aab168b8b2bb931ed77f263ba17cf635411fc8b84bcc2696c2
256c1405a4906babd2193470fa5b7cff86526257ce44a77d8ace030623e5ae84
284abe87d87cb780493410d10d66d7781291e37424ce86e73a4c314990e6f394
28fffeb24f561ff0c118a692068696ce7f6868a17401f5bdc0e0b70a442b1e7e
2a4afbacde4c93f60eff6b506753ceb37df52156e8271221bad488c9512c6d68
2ba510aa26ba4f4dfd31c671808283a117bc030a4f76e4fc1f5835a943a81c98
2cd52986d38de86b079bf1d9b4922fc22afb31a0389f00d161afcf80a6f9aa3c
2d638c7b66aa5dfc1798c38584cca5a9310b37933f0975237a9c79632d7ea7b0
2e37f3993bfa6d5cbf5039ce7741177381cf3c32bc2921cb5cd074b132c3d953
2e9cb025897e52fdbf5f804cd73ba52e6031cfc0b41df1457ed44506c1c411eb
2eecf4927dfe2b11fb19ba50409cf71873e2bae2c04df94422f05f6b23842de6
2f8736b28405e66db58eb4a2218ffaca2827a438aa9fb743dc73aa7b295f9097
2ffdc6bc70f799635a1dd76441fbc999b42596f42a91618dd898ce019e50f946
33132d3eb5822dc360f7eba610717542855d3c4f75e15a3b711030f7ed83419e
336a5cf377168550cbfbce469c60807e0238d67ea13511941e7051c340212701
3383331c4d259756d6db8398de3084f9f77c3f5e92997ca6ebefeb5483334cb2
361ae0040a96d4934c6bb900aec548a01482c94d1048d701c0c065710af92b5c
367aeb7e2f6060a8cdbcff516545a1235250b404c397189610ddae2042562a5d
37a07e2b30fb3244fa2893c1fbea503b6c2dc60984d4db6be0d2e78b0edf62dc
385c8df85842a2b6e7374ed117006a38800fdf5e69f20ce9de3956e2bca5384a
3abe2865ec2d6652901785dac07268714a43dd21f864fd8fdd4cd1c794375ab4
3b29d871abe0f72db5c17c01ee88e6b69f1c5be608122966c2aed0cb6ff22f90
3ec4f4208db3f0257d648862e0377d1f7333937196a2872e8a529b3372aeac34
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
4431100d6d667bc5108349ae38c7a5270795d1bbf7349b13a85157c66c9325e4
461f186c311f1addebba39a02b66158123933ed2d8e336fcb782387d04d24876
4f7e208aa98c142735bc1ac6febbf05799fab5f6f76dfce217cc274f80c69f04
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
55a4af782c29dd2f60a39fe1cd0adecb5b61da529e304a48e6bd67dc92107b44
55ab8959fdde6e1cd4f851ab6c5efacedffd56a8982c35f0eb66ccd762c4ccbf
560a1438c6fa3a0e72f137d3318ceb803226fa0a664a48a1407b3924875a92b0
570ccc6b5390ac12d8eb812546532a8d856d11d9daa437fc72cadc9a59a093b3
59c83d0944775926d022d86867516abd9c89ba0f1d6d077d6ed09925274fe987
5b28781a56cc62e87e52f4f44e27c3e13e3f462ce52d2097170a5952fcfadf52
5deee0615e7d28131c2a7cdc2198a082d167f3fae7753f96bfff9f5d19998d55
601c5b925fee3fdbd22a522e4db946e51bca6de92b41b8d995c0c98a5cf50743
667ee9a0e27c1d92ac0a053fe51876a73f217322ce55835cc9e8afaeffdcac8c
6859917f17c0b4ccd4e0f7944f49bc9b2968fb61a4593428cfd176613922f81b
68a53fd0b812aaa1897a491b7570ceffe30f23308a8f6ec07efb259aadec1f68
6bf74188011c99543ac6e80b300af8e4484fe947962236d7dddb0c8f0650767a
6d55b97236bbc626353c007ba4bcf75d40d82443cd4e728a40e4ec6ccade7e14
6eb28791ecbb1b58eb914203e71e7d921b67508991ab632b9ca742eb2aa27804
72fe0c31591acb699b1f5f5beb5b05595556c65dca86cee04363e25e8a9d67c9
73660b0db7ce4861fc50bad3bb764c48940443a89291f8c43e477ff5ce65683d
7514d4664a621dbecc507a79814e38a6c6ca3fb5f1cf58f1ec6818ede8b7a704
797018ada1b7b9f6fc5a1f6aec6fec2246c4e59f95fa1f993e1357cd62d2bf91
7a8745f88cbec95be9f40e95f5753bde29cb69abaf05e379be22d6112f3607c9
7bae3d0f94539fa400a4d52c68754c3afc195385e5f44bab0cea2caf76eca4a0
7d5be582630338ef0f433174ac87197737617f061d0582bc5cd4562627bd361b
80a2efdd3ab588c91f0b1ad453fa3ca9613b89be6ea5e50d9316d78192e9635c
81ff8783c414f90f9b9a9720b339b98cdbf2c4d7c1a962796dc547b69564a1f0
830e7ec8a64799c51f7dae5f746efcc7a54ee5d7b9a5bdb4363883f52ac78927
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
83eeb64fb84b8d24a3eea1c7d422528b827de083ca5c66c094bd0d7b5221230c
84bc67a130692ad1178fe9518a37832b81ec7a640df86b299c26c247f8f18250
854a590e2fb238f0ff31da2e959062c59f1176a11b1d27ad70fe919af518e9b0
8647833a1d0f6ffb1021e2d4436c0ba7ee62bbf5aeeb4eabae3ba20df7f69cb3
86701be5f4e1043bde4b8f54c2996f17380189f67d54a64c2ac87103641fb144
86d924c6845280bfd794e4c53be51ebcc8a284438061120dc86dfee8c84c0a53
887e6036a8835eff73a38bd237872fb87b66c411863a2d79ff703f67659a2355
898aab0176105c5d087944591d4ff7fd21497aabe8ea77bc26c515d67162fbaa
8e65509f3f6b8978b7e8b0408b206aac5536662d115da12ff0ce9e5fbee0a9f3
9053e8a21c01739696058ea41adc907b079ce989f57678e3dbe3becd25c202a1
908134991fd6bd2dc68181c491f513bfa817bab67bfcd40ba4a322dc25ffc545
96e84a20ecbe9ca46964d9c35b7e6ee7b178f7c5c09c151068d893056756792d
9a4587f7f7cea162351f5d65a73596e2e8e48730cc89c1c206f721eeb88ab0ce
9ab8b85579b475c7991657cb8521d16636babfbaefb8ada21e8b7372c72ed21b
9b7f1c233286a3fa04e1453c8580e96f3b6c894aa5d2338ec089be186955328c
9dee79a8ecdf5575e2636416afbebd55d2d0e14ecf3a7f4540aec06685e142c8
9dfaf0e0cfc45fc79bfef9eeb03def577f2ebff43eb45bf8a14f93914e6bf1a5
9ee594069e225adb92b9353f09c656a91e9a81e8d9c99b858b2250e8fb0c3790
a8db8f36ed606cc178c5970ec66ddd84a5372c8ab582793aaf597114c06d60b2
aa2bc1a8315d97e330636852d79535437e78d10e7721a84951bdcf96506f0427
aa2cf1184763edd37bf6f6efd23576bb25a328e990140efd651a5d79899ce4a2
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aa846a72dd1eda2979a83db72b57d8ea97163e838f33f156ea73c65fbee76477
aab95f5cb6e6426a0e15c5f31118ab08f95275851e429c8116fabb94686e9eb3
ad41ac85654922a402062ab35653d9c196a475d8b1e1bf8740367be603559afb
b13313b2c5036841a9dab0c8553aef324a12a68819e0aec110626b3820500721
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2141d841ce0842b6c4e011342a6302b67fb81b3b518b6fdca39d5c2ac8bcf4e
b454be62db434fde39d337b85c4c98f435b395952f0f7ff1de36d18a2adbc8ad
b5dacb4036b8b147cf6007dc43e87053dc625b544e3e53627279f1af6a06bed9
b6807e26a913e12e5edb6679c05391d12bbec3fbd0c67eca3484088175f0690b
b76092f0e5680d696107fcea0894014fa42c7887036776895cb23a7fba553252
b76320cbd5bf9e2b719d894eb549a59cc5f4b5ea9464b35437825535064ae9c9
b97390a4d37973930f5b91748f5c2702f2284d186a9624925a4f9df037f0d25a
b9ee132a1d9b9ac2ff5a6c89656165a7528d0204f9166901a84b55d5647b3795
bb7b92cc1ce48b47d48c6a51356e01b221346d4bd30986eae7e98cbbe6ab167b
bc076fbb451112aabf6805c88d0ca0f12c51f0ca20f9b70f515553dd2829f290
bc1ce9111070a7d392514d4a256aaedf170e87b44cd2b112acce103dc52f9015
bd3ae02525bc29302433cac7b48db0ce44f281edea3abbd65dbf50f3aa67a851
bde71d92224252bf0c45476f6b2075331a7a34d90a1e4d42628fcfa0f5f30f68
bfac86eecd2f82ff00a192f48d9c0310506c3c126dc2d0b4054e1057299d9e74
c0dd0fb593d94885f117e40ed4fadb359737aef1bf688c81ace365c299914eef
c10796463a4abe0615cd2e33e354669713a52ce9338080e75ea81088cb20fa49
c391d2955f18f04e36661026af4410f44a3c72284f325a138df7d3e64c0a5190
c5273ff0a5f3569bc1479b7128f4c482f6d87b57aa7dcbcbea5523a65893fca1
c559e74d6323648a02f127e1a5b63ab0f0026ef276c5c748cfadf6526b6b3fbe
c6bfa0da728b89a28cecec7e56cbea62e20b9ba963a05095183a2720890531c6
c7d0d04acfc50c1965d6ff8c8bb968a0c833b6caee551b7442ebbb767c630f44
c9c55684dbb718172964fc2e1bd488631d405cccd7de04a2e093ef6e4ddb7c15
cb2b5684b951967d0d60dc642ad8cebf04ef19dae61af7bdf463bf928adf1c5f
cf4b1967163a33d577b5eeaf4b056c8c5c6a44dd4a530c33ea81b235ead93d1a
d064bbe76dfaf05138323b045a5de73c3289fb06e689bc71d335135cfea0112c
d1831bcbb11fa5ce3abe0191d3e389e2b9bae9e2d742fbaea49c1034d65af4cd
d1aafc3e162aedd727e8f5209914649bd62b9cdece85052014f871dd1ed0e64a
d30f8587ce68c5be29ffb5007bcaf7c8c00a635d0f0bd4148e3b992e3819c9be
d5e00fe09f76015751057801b3df73c2a201da5d0cb768c46af523611b8cf4ee
d5e130277cc112fe65239d8816ebf3aa1de5f2ece2117598acca6117ecb89446
d85114f7d2351ba510021d79f42c9b2fe1282ca9a061a13bde501b47677dae9d
d9110fe4f99d6dd474d3d679b4967779720f64bb6f9188adbfbe5808e7632f02
e0b53483f27d479e5f113ff675de9be57eb12b79805683bd8c1e91228b14a956
e1eff54b06bc14ca8b9100bd9e0cd041f423cc2237371cea412aed2e21e7a0c4
e2970c7519ed3e9d36cd147b261e3e3d7ad1a69c02fec298f761fcb28add0d8d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a59918373d3313f9225e39d489359d604c1a7324fa777185e75d14bcdb880e
e6d8523b4b5333437937105088c319904d569ff61fd8440d8b2dc8f585996da3
e7dc1ca673727c6ad3e2b7a31b1e6de379bf1960ed8a86e603327e5c9d3701ab
ecb5d5ec96a80a51f5857b503265cc1a3b181b4fb2f46d18a0d648704e4df2c1
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ecbb749100ad38862551940e4e878088f5efcee34d650d9f2f73d97644f44885
ee11a6da733e3853a5d7308ee41a1587346a718c7c7b4984b3828bf7e8a249fa
ef9c554bca3ce5b9f978b626ff8c3a441c0468af2599bdb4e9b6b32f6743f058
f10d3609b2eb81a4f3f768c6b0aac774ec82b813729ba5879ba39e8689cad221
f3d38ac4a48d76a15a2096e22361711c0efbd096c1a28bc8e013c11a6b83e24b
f516021a091bbbf0572bed1454922588c9a27f5be53654286f7b95b2ba3e0997
f5a8df63979fbc0d5d5981c8c69c01f8ddee0d7986d1dd9036d283453c794faf
f5b8eefd87e98a36f343177e9dbd1a5291c96448ec17b2b0d205b94a7b64eda1
f663fd5d5698e04a8e56de60c13c54abcb6943adcb21c3d5e80866d0eda0604d
f89577e21f7e3ce8e2ef790f44e072e781a181f2b8f1e40b610fc88c9fd41a17
f9a91bc80992ffbdb286a73fd9a2621a4c6bb7defe398bf4c5503792f4fa7a81
fa955b794555470ce039ea1d4136692d3613a82fbe49fbd629933941aaaf8b40
fb83edf2b9029c7a2525f7b1728344cecc0db7e5aa6e45c693192329e2a16c34
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
ff32c7e333a0c8869e47cac252890c651543af3bea4df49b4e0f303f46d17e12