urlscan.io logo urlscan.io
SecurityTrails logo

ad.gem88.win Open in urlscan Pro
2606:4700:3032::ac43:adae  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm...
Effective URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm...
Submission: On February 07 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 85 HTTP transactions. The main IP is 2606:4700:3032::ac43:adae, located in United States and belongs to CLOUDFLARENET, US. The main domain is ad.gem88.win. The Cisco Umbrella rank of the primary domain is 202230.
TLS certificate: Issued by GTS CA 1P5 on December 28th 2023. Valid for: 3 months.
This is the only time ad.gem88.win was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
62 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 209.97.168.10 14061 (DIGITALOC...)
1 2400:6180:0:d... 14061 (DIGITALOC...)
4 23.48.224.70 20940 (AKAMAI-ASN1)
1 2a03:2880:f01... 32934 (FACEBOOK)
2 2607:f8b0:400... 15169 (GOOGLE)
5 23.209.72.202 20940 (AKAMAI-ASN1)
85 11
1    2606:4700:3031::6815:5025 (United States)

ASN13335 (CLOUDFLARENET, US)
ad.gem88.win
62    2606:4700:3032::ac43:adae (United States)

ASN13335 (CLOUDFLARENET, US)
ad.gem88.win
1    2607:f8b0:4006:817::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2607:f8b0:4006:81c::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    209.97.168.10 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
api4.storeip-shopify.com
1    2400:6180:0:d1::61a:e001 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
api6.storeip-shopify.com
4    23.48.224.70 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-224-70.deploy.static.akamaitechnologies.com
cdn.livechatinc.com
1    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2607:f8b0:4006:809::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    23.209.72.202 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-209-72-202.deploy.static.akamaitechnologies.com
api.livechatinc.com
secure.livechatinc.com
accounts.livechatinc.com
Apex Domain
Subdomains		 Transfer
63 gem88.win
ad.gem88.win — Cisco Umbrella Rank: 202230
1 MB
9 livechatinc.com
cdn.livechatinc.com — Cisco Umbrella Rank: 5963
api.livechatinc.com — Cisco Umbrella Rank: 5415
secure.livechatinc.com — Cisco Umbrella Rank: 6663
accounts.livechatinc.com — Cisco Umbrella Rank: 7278
339 KB
3 gstatic.com
fonts.gstatic.com
70 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
306 B
2 storeip-shopify.com
api4.storeip-shopify.com — Cisco Umbrella Rank: 303905 Failed
api6.storeip-shopify.com — Cisco Umbrella Rank: 271266 Failed
521 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
163 KB
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
58 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
1 KB
0 gmwin.io Failed
gmwin.io Failed
85 9
Domain Requested by
63 ad.gem88.win 1 redirects ad.gem88.win
4 cdn.livechatinc.com ad.gem88.win
secure.livechatinc.com
3 api.livechatinc.com cdn.livechatinc.com
3 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com www.googletagmanager.com
2 www.googletagmanager.com ad.gem88.win
www.googletagmanager.com
1 accounts.livechatinc.com cdn.livechatinc.com
1 secure.livechatinc.com cdn.livechatinc.com
1 connect.facebook.net ad.gem88.win
1 api6.storeip-shopify.com ad.gem88.win
1 api4.storeip-shopify.com ad.gem88.win
1 fonts.googleapis.com ad.gem88.win
0 gmwin.io Failed ad.gem88.win
85 13

This site contains links to these domains. Also see Links.

Domain
web.gem88.win
Subject Issuer Validity Valid
gem88.win
GTS CA 1P5		 2023-12-28 -
2024-03-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.storeip-shopify.com
Sectigo RSA Domain Validation Secure Server CA		 2023-08-02 -
2024-08-02		 a year crt.sh
livechat.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-01-31 -
2025-01-31		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-16 -
2024-02-14		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Frame ID: DE6A8304942ACEAA0C0D4CF111426EBC
Requests: 80 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=16649625&group=1&embedded=1&widget_version=3&unique_groups=0
Frame ID: 8F00A6ED04E1991F2FA76F0A091877A3
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm... HTTP 301
    https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.livechatinc\.com/.*tracking\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

85
Requests

96 %
HTTPS

73 %
IPv6

9
Domains

13
Subdomains

11
IPs

2
Countries

1913 kB
Transfer

3655 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046 HTTP 301
    https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

85 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ad.gem88.win/
Redirect Chain
  • http://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
  • https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.18
Resource Hash
11d188ebe8ed8427b89034e36efc935553dc81e9564de36e0ddf1a8238fe7595

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
851788629f2b2577-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 07 Feb 2024 00:31:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ruycIkzHwQslr3iC2jFujGYe1Z7QL3yI02M3vFtmkxlfQfXbcJQoB%2BiiFmEDNR8jm7Wewspv%2B2XhxcHPfJ0aVJjTQx2s05YrKLpAi4XJEyRPAe7U6A%2FkZA3Etz0q49tNCXJqqnrPcbwya88%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.1.18

Redirect headers

CF-RAY
85178861dbf18dfd-MIA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Wed, 07 Feb 2024 00:31:55 GMT
Expires
Wed, 07 Feb 2024 01:31:55 GMT
Location
https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LS4QaQNWMmqP9ZyLiiOXGd7Eak5lribVBJDqeVzWCz4oRhfWdnq8zAmGlnBOSw70kv3y5lriqGR538VF5ZFX%2F1almrFYSFaenuBTtDN5nSaRJ3lq0T2o16GggFp3KRWtVVkiDkkf7UQXc7M%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:100,300,400,700,900
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6bb18753865e24b64d4ffdc33cf87d83ef112d23fe18adafab4dc99939f6e0c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 07 Feb 2024 00:31:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 07 Feb 2024 00:31:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 07 Feb 2024 00:31:55 GMT
style.min.css
ad.gem88.win/build/ 		225 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.gem88.win/build/style.min.css?v=1.0.8
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a5dabcd9588c0e8c628952107c2c0bd572087ee84a8ea75ffddcda87d063a7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 24 May 2023 09:43:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"646ddc3f-383f9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NqWB0VvQwi5AxF2GpOImvqyNkeXQo%2FVG%2BB38opl3mwGae%2FFnwZ5fnPLhR5spv8KLeWQmHHNKxscmv73hv9u62pz%2Fb0A1IVgrt%2F200Pq%2FpXnhRGScxOZa4RmsgAuZJEGG6a%2BBWfWi56HRbZs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
85178865ac872577-MIA
alt-svc
h3=":443"; ma=86400
apphd.min.js
ad.gem88.win/build/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.gem88.win/build/apphd.min.js?v=1.0.0
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fddeffd4b4a71238d91e4d88e216ef4c20d77ab9010017d559c1c48220b1d69f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 28 Jan 2024 08:36:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65b61217-15544"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zpaw0KVwKx8Q5yPQ0lUM8RZobXEkM99%2Be%2FIKoDz8c35kyEGMbZze%2B1iUu6Nsq4QWy784p%2B7GPSwpcefU67oUkrE6PmNAQikRfK5gFDOtaIZJ9nfX0pS7rPnM%2BGX99Ec1SINQCBs5KnVZmBQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
85178865ac882577-MIA
alt-svc
h3=":443"; ma=86400
thumb-header-lazy.png
ad.gem88.win/images/ 		199 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-header-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
595eb22f555f9317ce271066d3536a64b5628d8d99c22e8844c48297b770fce4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:56 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-c7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhENQ%2FHMLVVEgPggKevxX2EIcPHX6n0hX8SBUGfrwdmah3IWa%2BFKiXFg1t2%2FEixrbYnNt6fFGSu9pIDhCRKp0wr7qCQNsf7m7bXMLKE6Uy61BPgUn9v%2FKliDDtjOpmE2ZMmqsoD8QGKrgvY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85178865ac892577-MIA
alt-svc
h3=":443"; ma=86400
content-length
199
thumb-header-mb-lazy.png
ad.gem88.win/images/ 		189 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-header-mb-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab11db15dbc833f5586d15f59fa66b8cb1aa7d1086985d8c8b82b4b7d91f078c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:56 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-bd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ra2Iahy%2FkE9qEdN3XdR5iRKMw%2Fr0pde2oyLulM7kEPtd0amu7H%2B2SvYKQhvgCiIiorGIFmxnDUIQJS7lmvLsWt4hwUdyVtJBbguoPE0HfUilFRekSQKVMWYpLu4DhmgBCGXCkMeSZ8TPH7o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85178865ac8a2577-MIA
alt-svc
h3=":443"; ma=86400
content-length
189
jack-top-lazy.png
ad.gem88.win/images/ 		112 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/jack-top-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64e213916d9877bca7d7dae986f5f87c6fe7699316371c948913c216b93c41f2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:56 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-70"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rdcsqw6Cd9uMaLJJgsNBT8kHK2zMsaxN7l5Tx1GGUztNY3iTPQsrljs7I1Fw1jFDRKqvq1LOFYeikQtB5ezSg1cUS5vk%2FLX%2B6yO83GWoqjtL3Cp2K7GHXd4XW7azu%2B%2BlZmGMn4fyAw5fn5g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85178868bb867439-MIA
alt-svc
h3=":443"; ma=86400
content-length
112
tab-lazy.png
ad.gem88.win/images/ 		110 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa715f294b6d9b97487327a36ebd9038d88d3832a31e35bc65d1f2e84d1cee2f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:56 GMT
cf-cache-status
MISS
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-6e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t536KStQ%2By%2BgJ5%2FuQGcDArJdpPasBG%2BiNg4V3uYXssXD%2BLjesw%2Fhfv43Cq%2B%2FVEiB4m2oQnIirPvCX3YdWbxuKd8C7qx%2F2Jtr5rLlmgxOv4NlHPRTtXicbqDmUyK5lvrCWTpz3W%2BMFMUlHak%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85178868cba87439-MIA
alt-svc
h3=":443"; ma=86400
content-length
110
tab-active-lazy.png
ad.gem88.win/images/ 		110 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-active-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45e64a2d90de9f35073296ea108245328541ba68b6553bbeb5ed5cb6a8528176

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-6e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OECj8p9m7kx2LFBBeGiRfey9AMSzWdJKc5uAUDCWjZChxKL04ZdtBC9ZKbHA6eiJFoOrDZZQI2QkiH98k73lrayhl1zGodisGbBvuojHGlf60TpExeCqgO8TBipBQybhiIOGIXB7bY%2FPMG8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8517886ba9487439-MIA
alt-svc
h3=":443"; ma=86400
content-length
110
tab-full-lazy.png
ad.gem88.win/images/ 		111 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-full-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08e1ffda33d81046bf53cb65a20acc3dd4249e3c0e4e14b0e39f85e04194e98a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
MISS
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-6f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mEs7o8MAOl25%2FmiB8MiQb6H6FXJ5DTJsHboUhrSE644SKdWdANgx9LPCvv3IACNms98eXX1yYvIkrTrZaDx3Rqin5Mk36h%2BZVCgxAeuYIy8%2BlG6BnHO31H4fc39z8rpbgODFDzzbahvFqeE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8517886e1f517439-MIA
alt-svc
h3=":443"; ma=86400
content-length
111
btn-lazy.png
ad.gem88.win/images/ 		116 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd67f2b53732ab3114169952b7564c7535f82d1bdc74dd1862520e521c9c25b9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
MISS
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-74"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iaBgl%2BDjfuCID2T5y1eHcz7hI3jyeUbFcOHTiSm4WvfW6Ir55IVBa7d9meqvXVtFl5PMmrjcdZepQIH6jBQjVduHH0GJu84O0wZfcmFCw2BDclxqJirk1V6994tlQkE4zq61o2gycsJvZqg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8517886e1f5d7439-MIA
alt-svc
h3=":443"; ma=86400
content-length
116
dacotaikhoan-lazy.png
ad.gem88.win/images/ 		110 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/dacotaikhoan-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8850ad2a073a4e12ff7984cdc1d8a1815020c76f2e7cd96656fe04d0e4e31f2a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
MISS
last-modified
Fri, 28 Apr 2023 14:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644bd254-6e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U892S2OwwZoscguDKNHfby2D%2B0oA%2BDL3MaohdPSchfhoGiGc2NyATshsP4zSo4RC8M%2FaE1wRwGsZQxYm5aBv856CrKe4Rs0Ztq7KQYy0yrBw9xqnTwManSd2c41ShJTvEBO3Kjy23tVx3y4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8517886e1f5f7439-MIA
alt-svc
h3=":443"; ma=86400
content-length
110
btn-dl.png
ad.gem88.win/images/ 		145 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-dl.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0342a64f0d2ab3c294b31ca7b129729f4128731f037a4201fcd6e12a184d7cdc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-91"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EHjMoBxbqqUAfQsFH8%2Bi1lS0WRfRArKFGdhroaeDLRxVBZAgLnK4LsTDw8izAuvXIDZJ2f0j0p%2FBZjx6WouCHsys6Kz5QIrSBj1Fu9Qu4HdZ3uK2bAdsRq10LZxOJBdFn8nlUos7QMAl%2FRk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8517886e1f617439-MIA
alt-svc
h3=":443"; ma=86400
content-length
145
thumb-thank-lazy.png
ad.gem88.win/images/ 		256 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-thank-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c91fd27f6f8293117478def18959bf5053f3dcf98ebb6347905974f6113f163

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-100"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y1PJK38oZ3wNcTrkdiNXavv%2B5A6u%2FwK%2FvnKy2JDvh0uFTdyt8NAGNiXuE5PZMWHp0vh5e1Cc07B57I8hrd8I7KktnHfI9oa71ID%2BmTP2v1G3E%2FNo2Bq4LYJvniXVgwWo8DUDagRfYb%2FDAsw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8517886e1f657439-MIA
alt-svc
h3=":443"; ma=86400
content-length
256
hoac-lazy.png
ad.gem88.win/images/ 		111 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/hoac-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de851a1267df76e4648aaa1059368f8156ab759db4ef70da4245dd6326e7cef8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
MISS
last-modified
Fri, 28 Apr 2023 14:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644bd254-6f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OfmWpZtyfpKMkLuEQZcX9NjSOFBf4byWeOlSeMbvLqdox7kX9PI5tkl4HBEZZ%2FOMR%2F79OsksGxBFV7iSYg51NbEc7eXLmJD3WNeHHjN0Fy8QMBTpUeALj%2Fqe7DN7lEgVU6gJmFNCb8VfHD0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8517886e1f687439-MIA
alt-svc
h3=":443"; ma=86400
content-length
111
game-lazy.png
ad.gem88.win/images/ 		117 B
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/game-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65c82fd39e63e481e8718fbc5507615e8d88331056eb7a3b5454ac94bd7faeab

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-75"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dfr%2B6GTmkBkYN7gFXwhXqO0Ao7oqgVGiR8YTD5oE%2BMrIFwZdzJMHAdYhACJNR4mlOTeNnzCW9PRJcgpy%2BnHisD5tOEv6bZuKrqdVvgDDH4TosxNQ%2BSD7zC7Bd6s%2Fi%2BQtpA9%2BIoIwjsdG0T4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8517886e1f6b7439-MIA
alt-svc
h3=":443"; ma=86400
content-length
117
thumb-adv2-lazy.png
ad.gem88.win/images/ 		121 B
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-adv2-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa49fbae9156dc680c02ec2554ef484426e2a98f0f0d16b3050c951f1a031d67

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-79"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xutNWIr4%2FKO33y85XrrceQUMZ2MhGsGnhGB0apoH%2Fap4En0SDhInJZcmbq%2Bkl4zUI9gYWKBpRIUd9NQLI5fkQlIn7Yr64hQElY0SKysKmRSDE%2FyUrI28qD9F9iArhzofb3z%2Biq4fjftJ3UI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8517886e1f6c7439-MIA
alt-svc
h3=":443"; ma=86400
content-length
121
loading-lazy.png
ad.gem88.win/images/ 		96 B
562 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/loading-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc3cade2468407b0311a0bb58b781b1ca93c01c1965c49e41ca133d694dfd316

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
MISS
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-60"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tKo1uyqa%2B3HeJaWmCwykUqgkJ%2BES%2FrjmfxULEIhGCQIBTEpXbGhj9fRNHVfrrPw%2BWt6xJ7F2ULzFM7C9AVgiHkwagV5i1%2BJMx%2FQnbPd3Ud564KZUBvKPl74rbR4g%2FvHODg%2FK3A0%2BvstYhfQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8517886e1f6e7439-MIA
alt-svc
h3=":443"; ma=86400
content-length
96
app.min.js
ad.gem88.win/build/ 		276 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.gem88.win/build/app.min.js?v=1.3.8
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb198f9953745a11bcc28a33224e282daef5dadf6f6e66634c282f1a57b7659a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sat, 03 Feb 2024 03:10:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65bdae8e-45024"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1BHmaydVnp8yfyap3HiHgq%2BXXIB8S%2FbplcHDRRwa9IhTbdn7cBHA8Fqcs2Qkp0OgCGutYOa5isLUWhcFa8sjSem40wkZvhaQsyvs6NlXhBwIXFb1CPstH8ZT6I2CZaln0f3X8XoKHJjiBM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8517886bc9957439-MIA
alt-svc
h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		195 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P4HXMRQ
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f28d0407b5129eea32f2d6913b56c4edd1eab933af3c94b7e8c902704068e147
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69081
x-xss-protection
0
last-modified
Wed, 07 Feb 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 07 Feb 2024 00:31:57 GMT
tab-lazy.png
ad.gem88.win/images/ 		110 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa715f294b6d9b97487327a36ebd9038d88d3832a31e35bc65d1f2e84d1cee2f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
alt-svc
h3=":443"; ma=86400
content-length
110
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
server
cloudflare
etag
"64452f19-6e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mSKZ8u3sOlJb%2F6k%2FKBdBM0EGobOnCy03wniqJUoSq2GqtsQAZtUhTxARRU%2BMUqbuJVpQmjuedDg3231YfNTw0dCzEbEGxaiH2voVFRpzhmLdJC5V8YGBuKDGYeBJBcjwOSYfOmVMGgQyNRY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8517886e1f717439-MIA
tab-active-lazy.png
ad.gem88.win/images/ 		110 B
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-active-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45e64a2d90de9f35073296ea108245328541ba68b6553bbeb5ed5cb6a8528176

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-6e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zPVtbXnPlUYj8eqpwqPiI3XQVyMK8TQdmRblxWchTY5qlhkwN%2B1zi4ip3yjZQTmh6Qy3whM1xQTdSewVFhpTHV%2F3daQkHLEyn5%2Bbimp9srOQqSwQL1KUlL8wLWIKqM2%2BlK0bfZRQOHeJyxI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8517886e1f747439-MIA
alt-svc
h3=":443"; ma=86400
content-length
110
btn-lazy.png
ad.gem88.win/images/ 		116 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd67f2b53732ab3114169952b7564c7535f82d1bdc74dd1862520e521c9c25b9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
alt-svc
h3=":443"; ma=86400
content-length
116
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
server
cloudflare
etag
"64452f19-74"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vD88qZKgg5Tso21RUXhIJG53h7DaexKsPlocCOkygRda4%2BpksEiHONudmpNnsTXLQmk0w3MIa%2FIbuiW0i5uPBVvwLeJnIxfWlJ%2FSMuFvUfDokZm9t9OuS1SN1CTbgFIKzIEkFXac4A7rD%2Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8517886e1f797439-MIA
dacotaikhoan-lazy.png
ad.gem88.win/images/ 		110 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/dacotaikhoan-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8850ad2a073a4e12ff7984cdc1d8a1815020c76f2e7cd96656fe04d0e4e31f2a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
alt-svc
h3=":443"; ma=86400
content-length
110
last-modified
Fri, 28 Apr 2023 14:04:04 GMT
server
cloudflare
etag
"644bd254-6e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vP9Y90N3Xikw9tYyqcqctt4Urgxr%2FK%2Bt24jiPlQr0A9hJr%2FoRbOnogr3e0seNT0%2B18V9XAybzwhzXIT9rghg2%2FYjr8n%2FhTFafIW1X8TLz2JFMJoJzVa4TW1h4VzbPsHV0MyJ%2BWlDcaIfkYo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8517886e1f7b7439-MIA
btn-dl.png
ad.gem88.win/images/ 		145 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-dl.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0342a64f0d2ab3c294b31ca7b129729f4128731f037a4201fcd6e12a184d7cdc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-91"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uNje%2BHlchk0xoQPIJn8%2F4Oz4hoir9e9bYjyQpW80z%2BPw8uSuTtzTamJ7yKdxocPkQDqA%2FtUcB5GSthXGxJzZBGEi%2F2AgmqvNiXQy9pdjhQDCJcBQtfOAIt44ZFhgXjvmLQa4rIiYitDpqbM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8517886e1f7d7439-MIA
alt-svc
h3=":443"; ma=86400
content-length
145
game-lazy.png
ad.gem88.win/images/ 		117 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/game-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65c82fd39e63e481e8718fbc5507615e8d88331056eb7a3b5454ac94bd7faeab

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-75"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ibxOu7qNSZDibMLGbKc%2BaQfY%2BXbUn%2BWhGMO5A%2BSbHicnesyuK4gVTEnq0a0Trm3E2YGLw7Pclj8nJ%2B10LY1gnkQkIOLVGnRy1JNPopv3Qddp0fADlfvMWEnL7EDhHcNJ4laelgp1UQSLgdc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8517886e1f7f7439-MIA
alt-svc
h3=":443"; ma=86400
content-length
117
bg.jpg
ad.gem88.win/images/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/bg.jpg?v=1.1
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd7fe97d8b0b2a686e232ef2a8b711f5195bc543f5b660e684685c7e66b8f2f0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-f17e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=41rFZ9KRbpm3BB5KHn%2FdKFF9anq0n3DBqQItjWda6a1l8OUuUh9vtOcHxmFePs%2FYWUBuvDPr7%2BsOooYrB18IXlNgIsmPBkWjdA1j%2F7Pm%2BN8a1%2BI%2BtrenTUDnzNBq22H5x%2BuknaKwe9nVwp0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8517886e1f827439-MIA
alt-svc
h3=":443"; ma=86400
content-length
61822
bg-jack.png
ad.gem88.win/images/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/bg-jack.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
762ead9dbd6081f969db272c17bb280daa359f45e2f82519531a2392ca4fcaf1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-cb3e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sJuwz9zf%2BLLK%2FtwmjvPJ2CeSFP4CHVyUdLKRdc3UA4pOyPydcLhWHQzzKPj%2BgLpRoEg8ZvTx0xcHj%2BX4n4TwD0TgYFH4QVWHv0PGD3ViYI6yclZlEoDsKjAMEuLEgW4pfqYHHNm%2F7MLxj9k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8517886e1f837439-MIA
alt-svc
h3=":443"; ma=86400
content-length
52030
bg-form.png
ad.gem88.win/images/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/bg-form.png?v=1.0
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3ba98f60481267b1d7e20f2743d93ed2bba4daf00c9104801d8f51f4d7bf77c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
MISS
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-73f5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WY0QDFidIECmVVSX3AjxYHk2EcfZGIzsovMlUx9skyPxji5H8GIpHitK0tOqhMTfQKCx5Wz7qtJK5tWvajbcYFyymYvdOpf%2FITCwhRhkPnDSy2laTYOi5uBlW2v9OIVXykjOPwBZ0UHvNa8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8517886e1f847439-MIA
alt-svc
h3=":443"; ma=86400
content-length
29685
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ad.gem88.win
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:22:00 GMT
x-content-type-options
nosniff
age
486597
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 31 Jan 2025 09:22:00 GMT
collect
api4.storeip-shopify.com/sw/ 		0
0
collect
api6.storeip-shopify.com/sw/ 		0
0
res
api4.storeip-shopify.com/ca/ 		57 B
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api4.storeip-shopify.com/ca/res?command=storeClientIP&affId=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_source=clickadu&utm_medium=popunder&utm_campaign=anw&utm_term=1979046
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/app.min.js?v=1.3.8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.97.168.10 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
857a1275d3a68e3e8794392a25ffb2436c174747fa3971ea7281dff852102ad1

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 07 Feb 2024 00:31:58 GMT
server
nginx/1.16.1
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Authorization
access-control-allow-methods
GET, POST, OPTIONS
res
api6.storeip-shopify.com/ca/ 		12 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api6.storeip-shopify.com/ca/res?command=storeClientIP&affId=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_source=clickadu&utm_medium=popunder&utm_campaign=anw&utm_term=1979046
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/app.min.js?v=1.3.8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2400:6180:0:d1::61a:e001 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 07 Feb 2024 00:31:58 GMT
server
nginx/1.16.1
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Authorization
access-control-allow-methods
GET, POST, OPTIONS
collect
gmwin.io/sw/ 		0
0
get-rank.html
ad.gem88.win/ 		2 KB
861 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.gem88.win/get-rank.html?t=1707265917000
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/app.min.js?v=1.3.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.18
Resource Hash
ed1b64fefb558ebd626131cd8b330074c8f41636d601f4f65bf9fdb95ce30c47

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
X-CSRF-TOKEN
fcf7e8c1188f4398a0cb4956d9628321
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.1.18
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yxMXSBufSjY3GMion6AmsbH4VCyuEa7%2FC9BW%2F0sQetRFe328mLqwkQZ%2Bp8G2b9RR038k%2FFy%2F86Ahml1RcJ%2BZ8Jlpsme8rlIli4cizxeJSoOmPC8lpL%2F4wSwiXHDIAWTgjmnHMqAfLHx9Tvg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
8517886ffb737439-MIA
alt-svc
h3=":443"; ma=86400
notifications.html
ad.gem88.win/ 		2 KB
766 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.gem88.win/notifications.html
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/app.min.js?v=1.3.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.18
Resource Hash
5cd461b726fa52d76d7a85822647ba428a955b4b4a695a641899d9f40bac9d5a

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
X-CSRF-TOKEN
fcf7e8c1188f4398a0cb4956d9628321
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.1.18
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3qHRcc9zGFvGlYj91urcLZEQMwCoQXpoJss5USPjeC5WZz4SnVWy6Yp92qE2vvh56R4hsnmLxeW3r12%2Byc9f%2BhSNGZeEf6xb3wrj1cbegi16YrMQThsBZ44GeAZz74v%2B1ZKrkuLM5%2FPDCU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
8517886ffb757439-MIA
alt-svc
h3=":443"; ma=86400
thumb-header.webp
ad.gem88.win/images/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-header.webp?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
637bc10ddc6784ea531a496255c1d649b56800f5e26dcdc2f41c31c244353761

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 16 May 2023 09:46:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64635110-108d6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1tzqrlupIKq0LAnZeHBjnrc%2FlutrWHEpNc%2FvoGftbm5zFRYmwrwZfs37zjsb0G6P%2Fn0DiD5db4ABsu2K0wZHypfyin2zFr3LJmpOA4mwsHmhL2iCrFpcUfX6i6DSsBSRw29L8FlKmS58Lpw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8517886ffb787439-MIA
alt-svc
h3=":443"; ma=86400
content-length
67798
thumb-header-mb.webp
ad.gem88.win/images/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-header-mb.webp?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698a7dd29e741793552da6fd4cc98192ad6da8478aeaa0443e27f57f4e9481b4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:58 GMT
cf-cache-status
MISS
last-modified
Fri, 28 Apr 2023 09:37:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b93de-e102"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vUaYsn5pW9Mn4SB7aa%2BU8E1heaouvEaYaMTaBsB%2FYzYFOcnwPwOc7l8MLwprwcwDdIaMhqEoXzPBwPcziwQy7kuM4TK79O3W%2BjV0%2Bio%2Fbm9AoKQvm7iNHiVvLnolQNNTJUKXfyZl5IcsPEQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
851788700b947439-MIA
alt-svc
h3=":443"; ma=86400
content-length
57602
jack-top.png
ad.gem88.win/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/jack-top.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
150e991344277d2ed02609b431389e719a7133fc719ad8caf9e5b24740e8d694

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
MISS
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-2101"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYYHTVJdX70cTmgggggmWjkHsGjsgG25i7rTT7tyzKe47p872ZjGPgMxaUTmuoP2AVefSwI1dcd7EaVG84ajXgmYtqLgbXxLRIi1%2FGFxcWka6uX3cZyg8wevFe6CFJh4Q%2BcKwTnljhw4qUk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
851788700b967439-MIA
alt-svc
h3=":443"; ma=86400
content-length
8449
tab-dangky.png
ad.gem88.win/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-dangky.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3717be19007b1fd3ccc6c03c33d310ea8e7d3e4d51bc8ba27e617b5f5b477403

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-187a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7t%2FqrZKWnH1lgLmDqC4yiRx2nWotB8P1bAiY34GB3OYI%2FYuS6tcgT67b%2BKpZgEiVXzVATu4aIInmNrFH%2FbhOTVwRl3joTqr94DolnRQHb9kJZg8oll%2FCCMhUdlsrr4Ld%2BsRwt0Br64Q%2BH9Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
851788700b987439-MIA
alt-svc
h3=":443"; ma=86400
content-length
6266
tab-dangky-active.png
ad.gem88.win/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-dangky-active.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40e20d0623dba65f3a7be919bd1b4213c5759ea7d362598e2fffcd03ecb72ade

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-1e90"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=86CqZabo6aAdH1%2FP3OhhHT5b7mPe5wRsclk77Z5Dv2AYZxiD9%2FZU005kJtM6DvJa9RqbBGkBc8iozrmnY39VRX4JhOprEsKnNsUIv6DQMKN3pb%2FSiA4O8VIaTJ5qaU47cd0IEX05rM4pssQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
851788700b997439-MIA
alt-svc
h3=":443"; ma=86400
content-length
7824
tab-dangky-full.png
ad.gem88.win/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-dangky-full.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6658297a10eb33e2d3d139f9cea73e2885635495fa475cc4f1fdf41c2ebac72

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
MISS
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-2723"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NAsqHKgBWhLCQxcVM1zCnS%2BDA1qA1yM7%2BzThS%2BaMVR5I%2Fmtr%2FvB0TZd09dKZe3R%2BFW0XbqW4CbPuGqaE1upWQlT0YAKm7HTRO9Toe7F%2BM2Ea3dsMpluIWN5U%2FVK7GplVTaD4fFzVx%2F57FcA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
851788700b9b7439-MIA
alt-svc
h3=":443"; ma=86400
content-length
10019
tab-dangnhap.png
ad.gem88.win/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-dangnhap.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a82b32ea4fcf428a441750c401b3a4752f501995403538889c6d697db4e265e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-1947"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q4wZ2wRFKgk0pY2vjnDbXvLbeoxqDWVAgMq%2FGO4N42JZcqycY2JMWSdTk7rmASrkw%2BT4A%2BFJrjnBjZrhzIRQe4ctdqXCmmDGv7C267OQRzmBvifb0NrqmCiz8tfQN7kNNRemWY6oW50c%2BGw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
851788700b9d7439-MIA
alt-svc
h3=":443"; ma=86400
content-length
6471
tab-dangnhap-active.png
ad.gem88.win/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-dangnhap-active.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e66619ac22c40ebb4b8ac9284325bb301e77423dee32a5bf091a8d0e8894ff45

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
MISS
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-1fb5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WuRFRKmWUxipHzHUc8K1hbhmkAPjBSlXtfjegyQdpBNtf9%2FzuWjhG2T86XtxBZfSZGygFdYdu1IftB35%2BdNhiVioF%2Bn2Ezr867MjD%2BOwTRZfI4czGA%2BRUdoGJOF8m5HPs16AeE9Luh1pd0c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
851788700ba07439-MIA
alt-svc
h3=":443"; ma=86400
content-length
8117
tab-choinhanhweb.png
ad.gem88.win/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-choinhanhweb.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df4c4d50f9082a8d502245115432b004535b78dfc6dcc5d4f206e875fabc5575

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-20e9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=59cXN5qOovlzkZWTxLzPN7GhW3bwpoU7mEeFurGPsACiiFwjTAYX0rrFIf6dNOUbIgDIMCESjEGS5Vn69ezWIkRf1mAijTB7T0iKrLGikZ3klT9j2uQvpzIJ5d6L78lVNT1ADt2UHrd9nrU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
851788700ba57439-MIA
alt-svc
h3=":443"; ma=86400
content-length
8425
btn-dangky.png
ad.gem88.win/images/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-dangky.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3c6d54c27cb6f6eb3986a10b70080fce7c6378d873340cb9856a7d41e556127

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-61c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h5%2BW8ZXG7OhMnqIWtQAkdZwFyirBiR8q%2FrPHWKjzEgXXSzP15LaKyyVQwUgu%2FVerSB5q9X3q8BRIZ1rGclGXXRcjy3rK%2Bwx5x16AYLtiusBNcZZlB5gfQZ61PRDqnW6Hbp%2BySx5BTy1QNqw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
851788700ba87439-MIA
alt-svc
h3=":443"; ma=86400
content-length
25026
btn-dangnhap.png
ad.gem88.win/images/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-dangnhap.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36c64ee60a979a9056c04de2092ff68c0744e24029d7add30fc6c7342d3e47fb

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:58 GMT
cf-cache-status
MISS
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-599c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g6YlzKHlBfrkPoZBqtJRe94KLe7%2Blq1o5J%2BDw%2BjeHJEIdRCzq6ZKKHrnTNupLZHhHQVH6YLaixlWK6P3OdVLjXfE41yjqtGrey%2BT40A4Xnppc7rHmGHpJEmh6TnnYoBCAWEOwfxRSNXf1KM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
851788700baa7439-MIA
alt-svc
h3=":443"; ma=86400
content-length
22940
dacotaikhoan-v2.png
ad.gem88.win/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/dacotaikhoan-v2.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1334fc4f83d8709a632ab9fd8d22c4e2868b30534f58d11f8a029456666dcc71

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 16 May 2023 09:46:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64635110-157b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FmyXosOHc59B9o67W9G2NenfrtOU5i8bZGdd8XFlStNJoL%2Fa%2FAEYxyTPOgh92dyT81xZl4aHns9ttDwNk7EkcRZgUHd8%2B8e%2FxK0K%2FxF5tdtQtvOtGmthYJ8qbCPVpivDvi6m34QSpA%2BkG3o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
851788700bac7439-MIA
alt-svc
h3=":443"; ma=86400
content-length
5499
btn-playweb.png
ad.gem88.win/images/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-playweb.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbcad0512f42296a7388501662662ef64652a9daa3fb39147352b657b61acb9c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-f69b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPQcodomVO1V9qBZTHtrq3OvhbHC9mYLzLO9pw8OBVl%2FODYkxX1C2icS36FkSuDEdNUzGgraWaO2TLFzURFAi27AZd0iYEZbXeKXGayYydGEj0bopxIjclq9UPC5Wb%2F4c0XJBH%2BEihwVvWs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
851788700baf7439-MIA
alt-svc
h3=":443"; ma=86400
content-length
63131
thumb-thank.png
ad.gem88.win/images/ 		225 KB
225 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-thank.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c9d6b9b0ae9bc6c9c0059e96e8d679b82a868c59ec1e9bee350bc6e2edf2186

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-38349"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UALvxqUwhLW46wJTI%2BVxvcZpemRNO2s0cMgvkTo20HgUIAvTxM70Jhg7qJCmYnMrd%2BQNXt%2FyTLOr4WX55cQfKuGdn8r7CSBQ273VmuqY4pjrchMQ88KUTulxd1AovxaIxjYO3W%2Fit4oGG%2BI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
851788700bb17439-MIA
alt-svc
h3=":443"; ma=86400
content-length
230217
dacotaikhoan.png
ad.gem88.win/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/dacotaikhoan.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c5da9fa4f696362b6832648e51af1420004535e4e8267bf0dbbf289dbb51669

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 14:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644bd254-2d24"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ML%2BXM%2BSv5nTn4dFRqtFU5m249brdB7jXYBK8u%2BqMdmHHkDOvQ5saTBTNiE04dWw0o%2FVgaoI3nXdnax6DBIkZra4jwQe6QB%2FBqxVbGtWIi7eEyVMFnuFfTtj%2Fau49hEchxGcpkBUJPkokefU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
851788700bb57439-MIA
alt-svc
h3=":443"; ma=86400
content-length
11556
btn-android.png
ad.gem88.win/images/ 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-android.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0210b490fceb299ba4561c1fc0a13f330191f5ee0aa4a17a4e700abe1037b85

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:58 GMT
cf-cache-status
MISS
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-1c1c8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YwB8Q52QWu4He8m%2ByDYmiQHSZH6PQOCrbeUjKYk2%2BqBx8AH%2FFc1wR11PaOZUHqmuMhUOFXTySPjy%2BRIg6HKwdUMeEvznTv6CewEMMbE27FnbMmqNesdQlnjDgAThPrm8SVvr7RyRhABm5Hc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
851788700bb97439-MIA
alt-svc
h3=":443"; ma=86400
content-length
115144
btn-ios.png
ad.gem88.win/images/ 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-ios.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9ce5a276819119f1b6223228d236ffdf3d8d83014b08a4e1c909310fd261f3d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-1c02e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFNK%2BozmDuz%2BA626VIJkplutwHrhiTvzQ9ZkkyrofTXR0JvXkmcDyVFUXuMtbl49zUEAiGcREwKn%2B9RXbdM8M0AUZwBGWuiNIA%2F7WrRZ132C5BPHRkfqVUJU2vY3S2sN%2BJV%2BTs7%2BlUQ3w3E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
851788700bbc7439-MIA
alt-svc
h3=":443"; ma=86400
content-length
114734
hoac.png
ad.gem88.win/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/hoac.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae34e2543ec92b8c440339855cf1829b8107fdecb3280d43ba905b59715f6fc0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
MISS
last-modified
Fri, 28 Apr 2023 14:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644bd254-fd8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wb4%2BT8y%2FwoSANGyStJ9X6z0aVPj5HJqJ7vwFRc3gwe3bVTL%2BLnxVZ5i4Wf6b2wuK%2F%2FZO2gZriGWBJkJRw%2BMWhSkqIpQ9%2B%2FLO09gs1nlEwhzErMAZhm9iNIXn%2B%2FVfV9a8Gws0EfPWIKnUtYk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
851788700bbf7439-MIA
alt-svc
h3=":443"; ma=86400
content-length
4056
game1.png
ad.gem88.win/images/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/game1.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bc27df30f2056611a375e141bbd6ed4de7f7574a0acc2f265cd52fa8a7d72e6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-8ac6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6wl8FCeD4Zg18TamOxknxuLrbA1E9eqldqTq04zEQD1L40N0bjSkDjbYGRkpezo%2BYdNxMI7AmRQHkRPCvNWrGLIxgWjvZGq43xVf%2FeUnYn1GV2syTsB7xHDsqfqr2m5oxfeDBNR4RCCipfs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
851788700bc17439-MIA
alt-svc
h3=":443"; ma=86400
content-length
35526
game2.png
ad.gem88.win/images/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/game2.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9d251e4fae4ce41096ac504dcc8277b13509f3b21716fa6bf2bbbf248299428

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:58 GMT
cf-cache-status
MISS
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-83a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F8HVVx4sUj5g4pXai8OTGNiZnkSeTBWcwsO%2FuBYlyFYVuH%2BBfqk8WY16kZ6fHzVHM%2B35ZuBA6g1xcV%2BUhPEMVRmBt5Dp%2BSWna5OxLbe%2FiNFWidZnD3Tf%2FcY%2BLCY%2F2AoziXNPoE0gBxxsdLo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
851788700bc37439-MIA
alt-svc
h3=":443"; ma=86400
content-length
33705
game3.png
ad.gem88.win/images/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/game3.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a914ae4cdbc9c034bb19398eee3bff1effe990f4f934cd704842fd4b79ab01

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-8898"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRhYq30uPZO8upIqYhx4xpeSweZ3%2FA4l8BvuIr%2FPusfHRwx2U6kCE26cFNFZcL%2BmHxKuNFLbFhgL%2BEbicfiN%2FcjtRWSA9rFeVVQRhTyHQCpmjoG2mkXQ0BEJ96txCVe29w2n7ogDNV4tW%2B8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
851788700bc67439-MIA
alt-svc
h3=":443"; ma=86400
content-length
34968
game4.png
ad.gem88.win/images/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/game4.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb2489c0eeffa420686b1bb54575790cadfeb3344d2063ac26bb38d4e1ee9c5b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-5a8c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wPN8CO5yP0m1Ll40K2c%2B8895Iy%2FY%2BE7IJsRkIyjAPRMQ%2F2NwE3hhYRlQTMjGmJmamP4slS%2BY0r6eu6N1es1SIN40PY60iez9d9j46ZiigTnnCXfPjBbw%2F6QjtGcTUVxjJ%2B%2F1jRN5RCSyB5Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
851788700bc77439-MIA
alt-svc
h3=":443"; ma=86400
content-length
23180
thumb-adv2.png
ad.gem88.win/images/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-adv2.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bca08b5abefcb969515978e1a62cdc71eedb282539de0a93da72ef604ddfb905

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-8eed"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1qLkpsHmfYhl9Fq42kIQSKpsJwBKATyCOk2SGXVhb7%2BiiHK%2FlhOSQ8XnOQcziArFFEaWHT5R9HVrKPD%2BBngIeKdX9mZFuwCZ0xcL52JkaC6o%2Fs8i54BYFNM7JBY21nR9tNH8jtaYWQe3Vc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
851788700bc97439-MIA
alt-svc
h3=":443"; ma=86400
content-length
36589
loading.gif
ad.gem88.win/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/loading.gif?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ade47c7bfe9cb00a16c8b4fa265aa07e8fa676f051e23d1d8a4fbfdb86fef1b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-663"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v6jMooHd7DDywAQKRVP6uFLj2%2FQkFk1oR4czXVj6govaUIczRYOOg8D%2BQgcgmCni22BRWx71eDn2tzHddsQseklU6QOR4QKfavZz%2FBKgiq7REzctKtGBvRP%2BPJG1gZestpzcu3lju48qwTQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
851788700bca7439-MIA
alt-svc
h3=":443"; ma=86400
content-length
1635
tracking.js
cdn.livechatinc.com/ 		89 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/tracking.js
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/app.min.js?v=1.3.8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.70 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-70.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0aada0bb607ba8185307a3100f36deed7720a074b61c3a946bd606e4ae3f805d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
cC7ZLdWg5QVGqVQa1wZqC7VYjv6qArGh
content-encoding
br
date
Wed, 07 Feb 2024 00:31:57 GMT
last-modified
Tue, 06 Feb 2024 15:07:29 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
x-amz-server-side-encryption
AES256
etag
W/"eee07d0babf5d68cdef5c7661526f9ba"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=28800
x-amz-cf-id
JvQ9xvvJ2EyuYWtiv0VAAQSShq6tSqTentIlv_aVhcfgAcP3TT4fZg==
content-length
27405
expires
Wed, 07 Feb 2024 08:31:57 GMT
icon-user.png
ad.gem88.win/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/icon-user.png?v=1.0
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25adcb5829f4e373982ac7be939819c77761f28132c5728725638d766d49b06b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-784"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2FhXCydrPvJ4hAhQ2dsovjUoF%2BGxeGha3ktfnRPDc3PZ%2F8eRHhDnm1HUclRV8U09RYiAbBlWMGO92u1slSI9bRuOFqN6Zgc%2B%2BvSM0RIs6g5vTChKopgrhiCldRCNThYenxOb20Re5msA8jA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
851788700bcd7439-MIA
alt-svc
h3=":443"; ma=86400
content-length
1924
bg-input.png
ad.gem88.win/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/bg-input.png?v=1.0
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b7d1a33f8a26fadb03580db340f76f5fed5e5b765d0563048687638f7a0269b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-b45"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmqSBHV3NeYYvPvFcIVS0TUhXf55jszpaSmdMfETCEg5RYdAuLJaZ%2FJTmcrnNhTADXU693WRElWnPQW4nvVdjj8BwnNoJDod3cnOyYPie83RgpEnbq782n3oKmlgyREkeDawzScayk6jNW4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
851788700bcf7439-MIA
alt-svc
h3=":443"; ma=86400
content-length
2885
icon-lock.png
ad.gem88.win/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/icon-lock.png?v=1.0
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41841244ce6ed4f465cfb868c420edeb0f64c532c5a31329bcdacf8c7841d852

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
cf-cache-status
MISS
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-6d3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HGSQgB6fHDTQ2088QWugiDWz0gfh24OL7e7n0pmODVbiEk7FXLi%2Bk%2B9dmkIndH%2BDK63HEJdXNcqbnQ2Sk3G%2BDvEJvbHTtvuzmH%2BZogv753RsuK8CgYdpshZz1SGv4F7VfuzwDwlEghGHUmQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
851788700bd17439-MIA
alt-svc
h3=":443"; ma=86400
content-length
1747
fa-regular-400.woff2
ad.gem88.win/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ad.gem88.win/webfonts/fa-regular-400.woff2
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9

Request headers

Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
Origin
https://ad.gem88.win
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:58 GMT
cf-cache-status
MISS
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-350c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FpqbMtaWe6hxoIXtwUb7KAwXGFfUOlmqIY9KIVXNgTawd3QNvyZKDc8kUvXf2oY78%2FVI%2Byj3bwwnVgp3F5s1JUkvmrxsnNZeHlXQuQD1ZXJV5UyBXvlgfTQZBLW2ydjDBDF%2FpuZWeHfDrcI%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
851788700bd27439-MIA
alt-svc
h3=":443"; ma=86400
content-length
13580
JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ad.gem88.win
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 18:11:48 GMT
x-content-type-options
nosniff
age
22809
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27812
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:37:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Feb 2025 18:11:48 GMT
JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26a448d7f02e7b021d15ba5d546ce57d822e6c7728420eb089a23adf10ea26ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ad.gem88.win
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 01:52:03 GMT
x-content-type-options
nosniff
age
599994
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9512
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:58:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jan 2025 01:52:03 GMT
js
www.googletagmanager.com/gtag/ 		290 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R9056WVBMG&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4HXMRQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c9dc6de9d57c142af5273fe4b5a34734afd513deb4537c72a498add7176e3df3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97249
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 07 Feb 2024 00:31:57 GMT
fbevents.js
connect.facebook.net/en_US/ 		214 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bca51ed2fe251488a1b150edf560d43880f1486740f34d24120ede486f99676b
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 07 Feb 2024 00:31:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57257
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
FCLml/+GWxZYcwipUCpNkIOKjuly5hyQ0KtSsXqjn8um0lRyxWAtFZqVYg6ff1AMQb7v2xFR88IDhxf3rdgoog==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-R9056WVBMG&gtm=45je4250v9118954187z89118949234za200&_p=1707265917116&gcd=13l3l3l3l1&npa=0&dma=0&cid=1469811685.1707265918&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707265917&sct=1&seg=0&dl=https%3A%2F%2Fad.gem88.win%2F%3Fa%3D0b08d04b25bcd0ad4484c0f9dbd56c4e%26utm_campaign%3Danw%26utm_source%3Dclickadu%26utm_medium%3Dpopunder%26utm_term%3D1979046&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2625
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R9056WVBMG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Feb 2024 00:31:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ad.gem88.win
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
get_dynamic_configuration
api.livechatinc.com/v3.6/customer/action/ 		402 B
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=16649625&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fad.gem88.win%2F%3Fa%3D0b08d04b25bcd0ad4484c0f9dbd56c4e%26utm_campaign%3Danw%26utm_source%3Dclickadu%26utm_medium%3Dpopunder%26utm_term%3D1979046&channel_type=code&jsonp=__181cnatvzpz
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.72.202 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-209-72-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e79edd6560b35fff8d15e4193ea19cd2dfe31a845a4c7790d3d830259c858c61
Security Headers
Name Value
Content-Security-Policy frame-ancestors ;
X-Frame-Options allow-from

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy
frame-ancestors ;
date
Wed, 07 Feb 2024 00:31:58 GMT
content-length
402
vary
Accept-Encoding
x-frame-options
allow-from
content-type
application/javascript; charset=UTF-8
icon-jacktop1.png
ad.gem88.win/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/icon-jacktop1.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eed0f9e2fc88385306cc4d2aa8bcd1fc329e7354a29a265809094ba409045ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:58 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-b71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZhHAZPPd1m%2BLAdE64v%2B7D2CTqhZT4SsiEnagC%2F%2FWjEoRnxTT7kfQYfxj3LFl0VjQpm9efNCippbtxVjJvfHuJaC8BBRZZlX8uSQ6Ri66jOC1q%2FTtDDoi%2FirV%2BguBSerQ6aVRf1XNRYgHJA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8517887319f27439-MIA
alt-svc
h3=":443"; ma=86400
content-length
2929
icon-jacktop2.png
ad.gem88.win/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/icon-jacktop2.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed522d1bf5b935ecb33a5896bbf3d84e910104318a5b41c9b9f1e5ab3f72dc01

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:58 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-950"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D5sQGWQ2rShEXBA1u3LiuuUKtjuToz4dm3oFh7AMdn429idGjyZu%2F8VmaMpxUi4R%2FPajXnjQPqwcDkzjEJ%2FeU0ETxg9hL83lFPe7SMVLib0bueSPq3IRfL8ggt1091k0loNNAEYFB8no7q8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8517887319f77439-MIA
alt-svc
h3=":443"; ma=86400
content-length
2384
icon-jacktop3.png
ad.gem88.win/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/icon-jacktop3.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6155fdbd8360064763e6e9eba26ee73353d2fe4754b58ae921a9541ccb40ca6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:58 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-874"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uW6nfLfumSm9mPy%2FpE50NAbNXCCKTklbrnJ9HqbGt27UI9D5rmrXzVyjOmoJU5qyJvRP3smw25m0TvVkz85555%2FTT%2BxcOHVIjvzGEu3JV0cx%2BB%2FhsdjublHX5dB%2FGHYlaF9qxWLZP%2FcSJSE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8517887319fc7439-MIA
alt-svc
h3=":443"; ma=86400
content-length
2164
icon-jacktop4.png
ad.gem88.win/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/icon-jacktop4.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
647be14a6401e00f3d516ae4415fcd53940ce6602d4efa9594a3572e949e6a8c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:58 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-5fe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dLeK7%2FAUaH0%2B7mk3vKixTahUSYMJe2XXk3AU3TSvM5x8qP8zZIyA7xYSb4b8BlXkeQ23%2F6wnWp%2FwChBIEqoJOtP%2BLDzRFLe8mZPE7C5hjg2Si%2F9UWTySeyWYRNQNa9gi8oNAdUFQCW0EMBY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
851788731a007439-MIA
alt-svc
h3=":443"; ma=86400
content-length
1534
icon-jacktop5.png
ad.gem88.win/images/ 		934 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/icon-jacktop5.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
306b373301556d58c2ea00c4b5a45e65f61859ee5f4f812e4708b74c41af1d48

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:58 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-3a6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8szk%2B9KZeBtLxMUwQxQxV04JuPf7hIQzODqEXJD%2BTDrnDc7LnwYohqbbkkZl9c83z8Nh2%2BwzroCJfIvTUcyf5ALr7pk6rqPCVU9FqJe7pzXmuNtpDybM53COBS6QgKsa3hIjObdj6PtQE4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
851788731a027439-MIA
alt-svc
h3=":443"; ma=86400
content-length
934
get_configuration
api.livechatinc.com/v3.4/customer/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=ef2f11e4-1091-4034-ac21-61891ac28f7e&version=135.0.2.50.156.93.2.3.4.31.3.4.1087&group_id=1&jsonp=__lc_static_config
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.72.202 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-209-72-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7ab62ac9726a557f01fb403751cf3befb3a47b312dd24c9a2ea93fcf638fd43e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 07 Feb 2024 00:31:58 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
legacy
2024-05-31
cache-control
public, max-age=600
content-length
1740
expires
Wed, 07 Feb 2024 00:41:58 GMT
open_chat
secure.livechatinc.com/customer/action/ Frame 8F00 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.livechatinc.com/customer/action/open_chat?license_id=16649625&group=1&embedded=1&widget_version=3&unique_groups=0
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.72.202 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-209-72-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
abeea25658628dc6eee34b96898103f73e9de2e757f90d59b15acde0919038f4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-length
2613
content-type
text/html; charset=utf-8
date
Wed, 07 Feb 2024 00:31:58 GMT
vary
Accept-Encoding
get_localization
api.livechatinc.com/v3.4/customer/action/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=ef2f11e4-1091-4034-ac21-61891ac28f7e&version=075b79d72a19c7c515c01775c17428ae_280255cebfb378fb1b940cc57366633a&language=vi&group_id=1&jsonp=__lc_localization
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.72.202 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-209-72-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
20fe76e9a86514a99ecd09e63a268f5c7492efea04cbefdd611d3e737ef5c9d3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-type
application/javascript; charset=UTF-8
legacy
2024-05-31
content-encoding
gzip
cache-control
public, max-age=600
date
Wed, 07 Feb 2024 00:31:58 GMT
vary
Accept-Encoding
expires
Wed, 07 Feb 2024 00:41:58 GMT
0.8edb486d.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 8F00 		210 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/widget/static/js/0.8edb486d.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=16649625&group=1&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.70 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-70.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4268fd3a9a8083a9724fda763379e07129cec27094ee1c9326eeee53423adf63

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
hSCdgFK2B2KKyOhDftwxdfcLkgieJoCI
content-encoding
br
date
Wed, 07 Feb 2024 00:31:58 GMT
last-modified
Wed, 31 Jan 2024 13:52:58 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
etag
W/"811da62b09673b7ce2d816040f78e0fd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
FXa6gEWOSCEwTWW1zWo8Jk2VeKwHhzGlOFr4MJv7Db7gab4nf5qATQ==
content-length
66360
expires
Thu, 06 Feb 2025 00:31:58 GMT
1.1435a1c6.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 8F00 		328 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/widget/static/js/1.1435a1c6.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=16649625&group=1&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.70 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-70.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c14f3ce9a7a854598ec1bcc7e1d9c7418ffa360099ca44416f8040600192a639

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
aC8LtcF_SKwtuTRufSuKIOOWMkdSFhaG
content-encoding
br
date
Wed, 07 Feb 2024 00:31:58 GMT
last-modified
Mon, 05 Feb 2024 09:12:28 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
x-amz-server-side-encryption
AES256
etag
W/"0c04c867674814a63399f20a0a41ef32"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
m3-rFTo81TXs7MoOHadqiKGVkK1PMrf7JCwkIYZyzxDHj3mo5Qi-Cw==
content-length
94498
expires
Thu, 06 Feb 2025 00:31:58 GMT
iframe.24ead538.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 8F00 		530 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/widget/static/js/iframe.24ead538.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=16649625&group=1&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.70 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-70.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7ff40a3d8d8db2c2da8ea2b6d1ca9b28645e01068b690efa6673444745b888f6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
IQm7AMOO5hPxytJyct0JzfB_zIBldrp9
content-encoding
br
date
Wed, 07 Feb 2024 00:31:58 GMT
last-modified
Mon, 05 Feb 2024 09:12:29 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
etag
W/"2505a7254a814dd7a200ca17b544f0ab"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
wmOp0cJYXzEXwCtglcFzsKD0j7tW5Bnxvd1yyYlQPeorVf30owc7sQ==
content-length
146109
expires
Thu, 06 Feb 2025 00:31:58 GMT
token
accounts.livechatinc.com/v2/customer/ Frame 8F00 		195 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.livechatinc.com/v2/customer/token
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/widget/static/js/0.8edb486d.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.72.202 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-209-72-202.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e72e8d99b95452826dd0b9dd46b036f063e35905252900120f280002cf5c9009

Request headers

Referer
https://secure.livechatinc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 07 Feb 2024 00:31:58 GMT
content-type
application/json
access-control-allow-origin
https://secure.livechatinc.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
195
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-R9056WVBMG&gtm=45je4250v9118954187za200&_p=1707265917116&gcd=13l3l3l3l1&npa=0&dma=0&cid=1469811685.1707265918&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1707265917&sct=1&seg=0&dl=https%3A%2F%2Fad.gem88.win%2F%3Fa%3D0b08d04b25bcd0ad4484c0f9dbd56c4e%26utm_campaign%3Danw%26utm_source%3Dclickadu%26utm_medium%3Dpopunder%26utm_term%3D1979046&dt=&en=scroll&epn.percent_scrolled=90&_et=22&tfd=7652
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R9056WVBMG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Feb 2024 00:32:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ad.gem88.win
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api4.storeip-shopify.com
URL
https://api4.storeip-shopify.com/sw/collect?aff_id=0b08d04b25bcd0ad4484c0f9dbd56c4e
Domain
api6.storeip-shopify.com
URL
https://api6.storeip-shopify.com/sw/collect?aff_id=0b08d04b25bcd0ad4484c0f9dbd56c4e
Domain
gmwin.io
URL
https://gmwin.io/sw/collect?aff_id=0b08d04b25bcd0ad4484c0f9dbd56c4e

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 string| aff_id function| setCookiesLogIpv4 function| setCookiesLogIpv6 function| $ function| jQuery object| dataLayer boolean| isCHPlay boolean| isAppStore boolean| isApk boolean| isIpa number| isAction boolean| isRegis string| v object| iv object| key object| conf string| affId string| userAgent object| urlParams boolean| openCHplay boolean| ipv4Res boolean| ipv6Res string| query_string function| checkResp function| logIps function| parseUTM string| app_id object| session object| refresh_token function| onRegFrmSubmit function| onLoginFrmSubmit function| onLogin function| onRegister boolean| isMobile object| notifications boolean| isIPadPro boolean| autofill object| idgame object| totaljackpot number| total object| namegames function| lazyLoading function| onPlayWeb boolean| jackpotRunning function| onJackpot number| notificationTimer boolean| notificationInit boolean| notificationCall boolean| notificationRunning function| onNotifications function| showInfo function| setEncrypt function| onDownloadAndroid function| onDownloadIos function| setCookiesTracking boolean| ipv4 boolean| ipv6 object| LC_API number| t function| getIP object| bootstrap function| Fingerprint2 object| CryptoJS function| UAParser object| __lc object| google_tag_manager object| google_tag_data string| myDomainPV string| idPixelPV string| srcPV function| fbq function| _fbq function| onYouTubeIframeAPIReady object| gaGlobal boolean| __lc_inited object| notijackpot

7 Cookies

Domain/Path Name / Value
.accounts.livechatinc.com/v2/customer/token Name: __lc_cid
Value: 1a821326-af10-43bd-b752-ed972bfe1a02
.accounts.livechatinc.com/v2/customer/token Name: __lc_cst
Value: 4d3acec23829cdcfa962fcab211d6f6eff87b116426e2beb03bcdf4085bc1677a745a57fb6b477cba2767000f27ce337cba8e5d5bdc7443a5843cbef4da4
.accounts.livechatinc.com/customer/token Name: __lc_cid
Value: 1a821326-af10-43bd-b752-ed972bfe1a02
.accounts.livechatinc.com/customer/token Name: __lc_cst
Value: 4d3acec23829cdcfa962fcab211d6f6eff87b116426e2beb03bcdf4085bc1677a745a57fb6b477cba2767000f27ce337cba8e5d5bdc7443a5843cbef4da4
.gem88.win/ Name: _ga
Value: GA1.1.1469811685.1707265918
.gem88.win/ Name: _ga_R9056WVBMG
Value: GS1.1.1707265917.1.0.1707265917.0.0.0
accounts.livechatinc.com/ Name: __oauth_redirect_detector
Value: counter=1&t=1707265948&tag=5a9564e91167358baecc966c9c1a87002e4f0f37

11 Console Messages

Source Level URL
Text
javascript error URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Message:
Access to XMLHttpRequest at 'https://api6.storeip-shopify.com/sw/collect?aff_id=0b08d04b25bcd0ad4484c0f9dbd56c4e' from origin 'https://ad.gem88.win' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api6.storeip-shopify.com/sw/collect?aff_id=0b08d04b25bcd0ad4484c0f9dbd56c4e
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Message:
Access to XMLHttpRequest at 'https://api4.storeip-shopify.com/sw/collect?aff_id=0b08d04b25bcd0ad4484c0f9dbd56c4e' from origin 'https://ad.gem88.win' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api4.storeip-shopify.com/sw/collect?aff_id=0b08d04b25bcd0ad4484c0f9dbd56c4e
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1979046
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cdn.livechatinc.com/widget/static/js/iframe.24ead538.chunk.js
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other warning URL: https://cdn.livechatinc.com/tracking.js
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.livechatinc.com
ad.gem88.win
api.livechatinc.com
api4.storeip-shopify.com
api6.storeip-shopify.com
cdn.livechatinc.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
gmwin.io
secure.livechatinc.com
www.google-analytics.com
www.googletagmanager.com
api4.storeip-shopify.com
api6.storeip-shopify.com
gmwin.io
209.97.168.10
23.209.72.202
23.48.224.70
2400:6180:0:d1::61a:e001
2606:4700:3031::6815:5025
2606:4700:3032::ac43:adae
2607:f8b0:4006:809::200e
2607:f8b0:4006:80e::2008
2607:f8b0:4006:817::200a
2607:f8b0:4006:81c::2003
2a03:2880:f012:8:face:b00c:0:1
0342a64f0d2ab3c294b31ca7b129729f4128731f037a4201fcd6e12a184d7cdc
08e1ffda33d81046bf53cb65a20acc3dd4249e3c0e4e14b0e39f85e04194e98a
0aada0bb607ba8185307a3100f36deed7720a074b61c3a946bd606e4ae3f805d
11a5dabcd9588c0e8c628952107c2c0bd572087ee84a8ea75ffddcda87d063a7
11d188ebe8ed8427b89034e36efc935553dc81e9564de36e0ddf1a8238fe7595
1334fc4f83d8709a632ab9fd8d22c4e2868b30534f58d11f8a029456666dcc71
150e991344277d2ed02609b431389e719a7133fc719ad8caf9e5b24740e8d694
1c9d6b9b0ae9bc6c9c0059e96e8d679b82a868c59ec1e9bee350bc6e2edf2186
20fe76e9a86514a99ecd09e63a268f5c7492efea04cbefdd611d3e737ef5c9d3
25adcb5829f4e373982ac7be939819c77761f28132c5728725638d766d49b06b
26a448d7f02e7b021d15ba5d546ce57d822e6c7728420eb089a23adf10ea26ef
2bc27df30f2056611a375e141bbd6ed4de7f7574a0acc2f265cd52fa8a7d72e6
306b373301556d58c2ea00c4b5a45e65f61859ee5f4f812e4708b74c41af1d48
36c64ee60a979a9056c04de2092ff68c0744e24029d7add30fc6c7342d3e47fb
3717be19007b1fd3ccc6c03c33d310ea8e7d3e4d51bc8ba27e617b5f5b477403
3c5da9fa4f696362b6832648e51af1420004535e4e8267bf0dbbf289dbb51669
40e20d0623dba65f3a7be919bd1b4213c5759ea7d362598e2fffcd03ecb72ade
41841244ce6ed4f465cfb868c420edeb0f64c532c5a31329bcdacf8c7841d852
4268fd3a9a8083a9724fda763379e07129cec27094ee1c9326eeee53423adf63
45e64a2d90de9f35073296ea108245328541ba68b6553bbeb5ed5cb6a8528176
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e
595eb22f555f9317ce271066d3536a64b5628d8d99c22e8844c48297b770fce4
5ade47c7bfe9cb00a16c8b4fa265aa07e8fa676f051e23d1d8a4fbfdb86fef1b
5b7d1a33f8a26fadb03580db340f76f5fed5e5b765d0563048687638f7a0269b
5cd461b726fa52d76d7a85822647ba428a955b4b4a695a641899d9f40bac9d5a
5eed0f9e2fc88385306cc4d2aa8bcd1fc329e7354a29a265809094ba409045ce
637bc10ddc6784ea531a496255c1d649b56800f5e26dcdc2f41c31c244353761
647be14a6401e00f3d516ae4415fcd53940ce6602d4efa9594a3572e949e6a8c
64e213916d9877bca7d7dae986f5f87c6fe7699316371c948913c216b93c41f2
65c82fd39e63e481e8718fbc5507615e8d88331056eb7a3b5454ac94bd7faeab
698a7dd29e741793552da6fd4cc98192ad6da8478aeaa0443e27f57f4e9481b4
6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9
6bb18753865e24b64d4ffdc33cf87d83ef112d23fe18adafab4dc99939f6e0c6
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
762ead9dbd6081f969db272c17bb280daa359f45e2f82519531a2392ca4fcaf1
7a82b32ea4fcf428a441750c401b3a4752f501995403538889c6d697db4e265e
7ab62ac9726a557f01fb403751cf3befb3a47b312dd24c9a2ea93fcf638fd43e
7ff40a3d8d8db2c2da8ea2b6d1ca9b28645e01068b690efa6673444745b888f6
857a1275d3a68e3e8794392a25ffb2436c174747fa3971ea7281dff852102ad1
85a914ae4cdbc9c034bb19398eee3bff1effe990f4f934cd704842fd4b79ab01
8850ad2a073a4e12ff7984cdc1d8a1815020c76f2e7cd96656fe04d0e4e31f2a
9c91fd27f6f8293117478def18959bf5053f3dcf98ebb6347905974f6113f163
ab11db15dbc833f5586d15f59fa66b8cb1aa7d1086985d8c8b82b4b7d91f078c
abeea25658628dc6eee34b96898103f73e9de2e757f90d59b15acde0919038f4
ae34e2543ec92b8c440339855cf1829b8107fdecb3280d43ba905b59715f6fc0
b0210b490fceb299ba4561c1fc0a13f330191f5ee0aa4a17a4e700abe1037b85
b6658297a10eb33e2d3d139f9cea73e2885635495fa475cc4f1fdf41c2ebac72
bb2489c0eeffa420686b1bb54575790cadfeb3344d2063ac26bb38d4e1ee9c5b
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bca08b5abefcb969515978e1a62cdc71eedb282539de0a93da72ef604ddfb905
bca51ed2fe251488a1b150edf560d43880f1486740f34d24120ede486f99676b
c14f3ce9a7a854598ec1bcc7e1d9c7418ffa360099ca44416f8040600192a639
c3ba98f60481267b1d7e20f2743d93ed2bba4daf00c9104801d8f51f4d7bf77c
c9dc6de9d57c142af5273fe4b5a34734afd513deb4537c72a498add7176e3df3
cbcad0512f42296a7388501662662ef64652a9daa3fb39147352b657b61acb9c
dd7fe97d8b0b2a686e232ef2a8b711f5195bc543f5b660e684685c7e66b8f2f0
de851a1267df76e4648aaa1059368f8156ab759db4ef70da4245dd6326e7cef8
df4c4d50f9082a8d502245115432b004535b78dfc6dcc5d4f206e875fabc5575
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66619ac22c40ebb4b8ac9284325bb301e77423dee32a5bf091a8d0e8894ff45
e72e8d99b95452826dd0b9dd46b036f063e35905252900120f280002cf5c9009
e79edd6560b35fff8d15e4193ea19cd2dfe31a845a4c7790d3d830259c858c61
e9ce5a276819119f1b6223228d236ffdf3d8d83014b08a4e1c909310fd261f3d
ed1b64fefb558ebd626131cd8b330074c8f41636d601f4f65bf9fdb95ce30c47
ed522d1bf5b935ecb33a5896bbf3d84e910104318a5b41c9b9f1e5ab3f72dc01
f28d0407b5129eea32f2d6913b56c4edd1eab933af3c94b7e8c902704068e147
f3c6d54c27cb6f6eb3986a10b70080fce7c6378d873340cb9856a7d41e556127
f6155fdbd8360064763e6e9eba26ee73353d2fe4754b58ae921a9541ccb40ca6
f9d251e4fae4ce41096ac504dcc8277b13509f3b21716fa6bf2bbbf248299428
fa49fbae9156dc680c02ec2554ef484426e2a98f0f0d16b3050c951f1a031d67
fa715f294b6d9b97487327a36ebd9038d88d3832a31e35bc65d1f2e84d1cee2f
fb198f9953745a11bcc28a33224e282daef5dadf6f6e66634c282f1a57b7659a
fc3cade2468407b0311a0bb58b781b1ca93c01c1965c49e41ca133d694dfd316
fd67f2b53732ab3114169952b7564c7535f82d1bdc74dd1862520e521c9c25b9
fddeffd4b4a71238d91e4d88e216ef4c20d77ab9010017d559c1c48220b1d69f