for882937.com Open in urlscan Pro
18.140.30.40  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://bbs.nwt4.com/ Page URL
2. https://for882937.com/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
44 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	404	/ Show response bbs.nwt4.com/	243 B 345 B	2113ms 161ms	Document text/html	104.224.245.108 ESITED
General Check archive.org Show headers Download Go to Full URL https://bbs.nwt4.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.224.245.108 , United States, ASN22552 (ESITED, US), Reverse DNS Software nginx / Resource Hash 656565cb1f4cdd525ad2a6e279af1115572b64f98f1539226b8837b1953a6d6d Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 23 May 2024 23:00:56 GMT server nginx vary Accept-Encoding
GET H2	200	zjs.js Show response bbs.nwt4.com/	622 B 835 B	156ms 155ms	Script application/javascript	104.224.245.108 ESITED
General Check archive.org Show headers Download Go to Full URL https://bbs.nwt4.com/zjs.js Requested by Host: bbs.nwt4.com URL: https://bbs.nwt4.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.224.245.108 , United States, ASN22552 (ESITED, US), Reverse DNS Software nginx / Resource Hash 47cee716773bc05cee32b38d099ce701538810a347b038efb8cca74f0c34a7b9 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://bbs.nwt4.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:00:56 GMT strict-transport-security max-age=31536000 last-modified Thu, 23 May 2024 07:24:09 GMT server nginx etag "664eef19-26e" content-type application/javascript cache-control max-age=43200 accept-ranges bytes content-length 622 expires Fri, 24 May 2024 11:00:56 GMT
GET H2	200	core.js Show response content.mql5.com/	34 KB 11 KB	49ms 13ms	Script text/javascript	78.140.180.86 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://content.mql5.com/core.js Requested by Host: bbs.nwt4.com URL: https://bbs.nwt4.com/zjs.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 78.140.180.86 Limassol, Cyprus, ASN35415 (WEBZILLA, NL), Reverse DNS Software / Resource Hash fa1f914041fbe287733ca99ae509b9b0fb10a3641a25f213403bdb5b0c0385da Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://bbs.nwt4.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br date Thu, 23 May 2024 23:00:56 GMT last-modified Wed, 22 May 2024 12:02:34 GMT content-type text/javascript; charset=UTF-8 cache-control max-age=259200,proxy-revalidate,public,immutable content-length 11161 expires Sun, 26 May 2024 23:00:56 GMT
GET H2	200	tr content.mql5.com/	70 B 252 B	14ms 13ms	Image image/png	78.140.180.86 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://content.mql5.com/tr?event=Visit&ref=https%3A%2F%2Fbbs.nwt4.com%2F&id=urbkzpywpuxtahieozccvosedummkmvhsz&ssn=1716505256923379338&ssn_dr=0&ssn_sr=10&ssn_start=1&fv_date=1716505256&title=Welcome%20for88&scr_res=1600x1200&ac=171650525665674237&sv=2552&fz_uniq=6406316035815455912&an=%7B%22vn%22%3A%22Google%20Inc.%22%2C%22cd%22%3A24%2C%22dm%22%3A8192%2C%22ln%22%3A%22de-DE%22%2C%22rn%22%3A%5B1600%2C1200%5D%2C%22ar%22%3A%5B1600%2C1200%5D%2C%22ss%22%3A1%2C%22lb%22%3A1%2C%22cb%22%3A1%2C%22ls%22%3A1%2C%22db%22%3A1%2C%22ax%22%3A0%2C%22pm%22%3A%22Win32%22%2C%22rp%22%3A%5B%22PDF%20Viewer%22%2C%22Chrome%20PDF%20Viewer%22%2C%22Chromium%20PDF%20Viewer%22%2C%22Microsoft%20Edge%20PDF%20Viewer%22%2C%22WebKit%20built-in%20PDF%22%5D%2C%22wv%22%3A%22Intel%20Inc.~Intel%20Iris%20OpenGL%20Engine%22%2C%22to%22%3A-120%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F125.0.0.0%20Safari%2F537.36%22%2C%22hc%22%3A14%2C%22ab%22%3A0%2C%22ts%22%3A0%2C%22ps%22%3A%2220030107%22%2C%22od%22%3A0%2C%22dr%22%3A0%2C%22bb%22%3A0%2C%22bo%22%3A0%2C%22bl%22%3A1%2C%22bs%22%3A0%2C%22dt%22%3A8%7D Requested by Host: bbs.nwt4.com URL: https://bbs.nwt4.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 78.140.180.86 Limassol, Cyprus, ASN35415 (WEBZILLA, NL), Reverse DNS Software / Resource Hash e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://bbs.nwt4.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-type image/png pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload cache-control no-cache date Thu, 23 May 2024 23:00:56 GMT content-length 70 expires -1
GET H2	200	st content.mql5.com/	70 B 129 B	14ms 13ms	Image image/png	78.140.180.86 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://content.mql5.com/st?id=urbkzpywpuxtahieozccvosedummkmvhsz&p_di=2277&p_dcl_s=2277&p_dcl_e=2277&p_dc=2357&p_dns_s=1637&p_dns_e=1637&p_tcp_s=1637&p_tcp_e=1952&p_req=1952&p_res_s=2113&p_res_e=2114&r_script_s=2118&r_script_e=2327&ssn=1716505256923379338&ssn_dr=0&ssn_sr=0&fv_date=1716505256&ref=https%3A%2F%2Fbbs.nwt4.com%2F&title=Welcome%20for88&scr_res=1600x1200&ac=171650525668282399&sv=2552&fz_uniq=6406316035815455912&an=%7B%22vn%22%3A%22Google%20Inc.%22%2C%22cd%22%3A24%2C%22dm%22%3A8192%2C%22ln%22%3A%22de-DE%22%2C%22rn%22%3A%5B1600%2C1200%5D%2C%22ar%22%3A%5B1600%2C1200%5D%2C%22ss%22%3A1%2C%22lb%22%3A1%2C%22cb%22%3A1%2C%22ls%22%3A1%2C%22db%22%3A1%2C%22ax%22%3A0%2C%22pm%22%3A%22Win32%22%2C%22rp%22%3A%5B%22PDF%20Viewer%22%2C%22Chrome%20PDF%20Viewer%22%2C%22Chromium%20PDF%20Viewer%22%2C%22Microsoft%20Edge%20PDF%20Viewer%22%2C%22WebKit%20built-in%20PDF%22%5D%2C%22wv%22%3A%22Intel%20Inc.~Intel%20Iris%20OpenGL%20Engine%22%2C%22to%22%3A-120%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F125.0.0.0%20Safari%2F537.36%22%2C%22hc%22%3A14%2C%22ab%22%3A0%2C%22ts%22%3A0%2C%22ps%22%3A%2220030107%22%2C%22od%22%3A0%2C%22dr%22%3A0%2C%22bb%22%3A0%2C%22bo%22%3A0%2C%22bl%22%3A1%2C%22bs%22%3A0%2C%22dt%22%3A26%2C%22at%22%3A%7B%22kd%22%3A0%2C%22ku%22%3A0%2C%22md%22%3A0%2C%22mm%22%3A0%2C%22mu%22%3A0%2C%22fc%22%3A0%2C%22br%22%3A0%2C%22ts%22%3A0%2C%22tm%22%3A0%2C%22te%22%3A0%2C%22sc%22%3A0%2C%22sw%22%3A0%2C%22ge%22%3A0%2C%22gy%22%3A0%2C%22dm%22%3A0%2C%22do%22%3A0%7D%2C%22sg%22%3A0%2C%22jc%22%3A0%2C%22bd%22%3A50%7D Protocol H2 Security TLS 1.3, , AES_256_GCM Server 78.140.180.86 Limassol, Cyprus, ASN35415 (WEBZILLA, NL), Reverse DNS Software / Resource Hash e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://bbs.nwt4.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-type image/png pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload cache-control no-cache date Thu, 23 May 2024 23:00:56 GMT content-length 70 expires -1
GET H2	200	favicon.ico bbs.nwt4.com/	121 KB 121 KB	311ms 311ms	Other image/x-icon	104.224.245.108 ESITED
General Check archive.org Show headers Download Go to Full URL https://bbs.nwt4.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.224.245.108 , United States, ASN22552 (ESITED, US), Reverse DNS Software nginx / Resource Hash 910ba548bce6ffe369b3c66e259c275d109f560b4e2b4a3bb74eccb0153b37ff Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://bbs.nwt4.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:00:56 GMT strict-transport-security max-age=31536000 last-modified Wed, 22 Nov 2023 06:12:12 GMT server nginx etag "655d9bbc-1e35d" content-type image/x-icon accept-ranges bytes content-length 123741
GET H2	200	Primary Request / Show response for882937.com/	5 KB 3 KB	570ms 187ms	Document text/html	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/ Requested by Host: bbs.nwt4.com URL: https://bbs.nwt4.com/zjs.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 37ada6cc32d3059f523f39ecf51bbab2896a16aa70bd0dc9b937a6ad9d951a85 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://bbs.nwt4.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control no-cache, no-store content-encoding gzip content-type text/html; charset=utf-8 date Thu, 23 May 2024 23:00:58 GMT etag W/"664edc7e-1596" last-modified Thu, 23 May 2024 06:04:46 GMT server openresty/1.25.3.1
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	218 KB 59 KB	98ms 8ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 23 May 2024 23:00:58 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 57845 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1326, tbw=2766, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug crLqYNRdatlfL4LOBwDCD/hR3KkpLKM4xLPFk47ohnpnQ/taioEuzXHAlB6O1xUGHN4GHOD4LxVP5sP2j87hvA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H/1.1	200 OK	cityjson Show response pv.sohu.com/	72 B 309 B	469ms 6ms	Script application/json	43.175.65.95 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://pv.sohu.com/cityjson?ie=utf-8 Requested by Host: for882937.com URL: https://for882937.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.175.65.95 , Singapore, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software OverSea_E0 / Resource Hash f5d09365810dd11ef1204b35bfede3158a07d5592a9c9cfa449dd534f9964aa9 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 23 May 2024 23:00:59 GMT X-Cache-Lookup Return Directly Server OverSea_E0 Connection keep-alive X-NWS-LOG-UUID 16653990057430224241 Content-Length 72 Content-Type application/json;charset=utf-8
GET H2	200	common-api.30f3ccfbb034482b5e1c91b2dfaa7493.css for882937.com/static/css/	1 MB 519 KB	372ms 372ms	Stylesheet text/css	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/static/css/common-api.30f3ccfbb034482b5e1c91b2dfaa7493.css Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash f9f5603eefaee1f056828cce5d134875679780ec350cf2c21a57d53545af6c22 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:00:59 GMT content-encoding gzip last-modified Thu, 23 May 2024 06:04:46 GMT server openresty/1.25.3.1 etag W/"664edc7e-12525e" x-cache-status HIT content-type text/css cache-control max-age=10800 expires Fri, 24 May 2024 02:00:59 GMT
GET H2	200	build10.f43bedc5af6616df0568a666ecade10f.css for882937.com/static/css/	2 MB 829 KB	559ms 558ms	Stylesheet text/css	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/static/css/build10.f43bedc5af6616df0568a666ecade10f.css Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash ca95937c8281d90e8c60dfc7c43cdaf34fe83ab140f584e35348faa351f1a958 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:00:59 GMT content-encoding gzip last-modified Thu, 23 May 2024 06:04:46 GMT server openresty/1.25.3.1 etag W/"664edc7e-1ce8a1" x-cache-status HIT content-type text/css cache-control max-age=10800 expires Fri, 24 May 2024 02:00:59 GMT
GET H2	200	core.js Show response content.mql5.com/	34 KB 11 KB	42ms 13ms	Script text/javascript	78.140.180.86 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://content.mql5.com/core.js Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 78.140.180.86 Limassol, Cyprus, ASN35415 (WEBZILLA, NL), Reverse DNS Software / Resource Hash fa1f914041fbe287733ca99ae509b9b0fb10a3641a25f213403bdb5b0c0385da Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br date Thu, 23 May 2024 23:01:00 GMT last-modified Wed, 22 May 2024 12:02:34 GMT content-type text/javascript; charset=UTF-8 cache-control max-age=259200,proxy-revalidate,public,immutable content-length 11161 expires Sun, 26 May 2024 23:01:00 GMT
GET H2	200	manifest.126c41a047f2a19e071b.js Show response for882937.com/static/js/	4 KB 2 KB	187ms 187ms	Script application/javascript	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/static/js/manifest.126c41a047f2a19e071b.js Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash e7404a01404e333fb9354833845baf25e6d1e84b241c74288128ef0271f58490 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:00 GMT content-encoding gzip last-modified Thu, 23 May 2024 06:04:46 GMT server openresty/1.25.3.1 etag W/"664edc7e-ee5" x-cache-status HIT content-type application/javascript; charset=utf-8 cache-control max-age=10800 expires Fri, 24 May 2024 02:01:00 GMT
GET H2	200	tr content.mql5.com/	70 B 163 B	13ms 13ms	Image image/png	78.140.180.86 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://content.mql5.com/tr?event=Visit&ref=https%3A%2F%2Ffor882937.com%2F&id=pnwfsvievauzqnnucpojphmbnnacptuqbg&ssn=1716505260975570964&ssn_dr=0&ssn_sr=10&ssn_start=1&fv_date=1716505260&back_ref=https%3A%2F%2Fbbs.nwt4.com%2F&title=For88%2010%20N%C4%83m%20ho%E1%BA%A1t%20%C4%91%E1%BB%99ng%2CUy%20t%C3%ADn%20%C4%91%C3%A1ng%20tin%20c%E1%BA%ADy&scr_res=1600x1200&ac=171650526076323197&sv=2552&fz_uniq=6354678958275640492&an=%7B%22vn%22%3A%22Google%20Inc.%22%2C%22cd%22%3A24%2C%22dm%22%3A8192%2C%22ln%22%3A%22de-DE%22%2C%22rn%22%3A%5B1600%2C1200%5D%2C%22ar%22%3A%5B1600%2C1200%5D%2C%22ss%22%3A1%2C%22lb%22%3A1%2C%22cb%22%3A1%2C%22ls%22%3A1%2C%22db%22%3A1%2C%22ax%22%3A0%2C%22pm%22%3A%22Win32%22%2C%22rp%22%3A%5B%22PDF%20Viewer%22%2C%22Chrome%20PDF%20Viewer%22%2C%22Chromium%20PDF%20Viewer%22%2C%22Microsoft%20Edge%20PDF%20Viewer%22%2C%22WebKit%20built-in%20PDF%22%5D%2C%22wv%22%3A%22Intel%20Inc.~Intel%20Iris%20OpenGL%20Engine%22%2C%22to%22%3A-120%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F125.0.0.0%20Safari%2F537.36%22%2C%22hc%22%3A14%2C%22ab%22%3A0%2C%22ts%22%3A0%2C%22ps%22%3A%2220030107%22%2C%22od%22%3A0%2C%22dr%22%3A0%2C%22bb%22%3A0%2C%22bo%22%3A0%2C%22bl%22%3A1%2C%22bs%22%3A0%2C%22dt%22%3A9%7D Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 78.140.180.86 Limassol, Cyprus, ASN35415 (WEBZILLA, NL), Reverse DNS Software / Resource Hash e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-type image/png pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload cache-control no-cache date Thu, 23 May 2024 23:01:00 GMT content-length 70 expires -1
GET H2	200	vendor.37db056e4cdb6e153061.js Show response for882937.com/static/js/	3 MB 1 MB	187ms 187ms	Script application/javascript	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/static/js/vendor.37db056e4cdb6e153061.js Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 97a37f46ed9b2f7072f272e7c3c228d4af66d1f8233115b778723a5fc30d5c1a Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:01 GMT content-encoding gzip last-modified Thu, 23 May 2024 06:04:46 GMT server openresty/1.25.3.1 etag W/"664edc7e-2ce123" x-cache-status HIT content-type application/javascript; charset=utf-8 cache-control max-age=10800 expires Fri, 24 May 2024 02:01:01 GMT
GET H2	200	vendor-build10.fd454e1d1956de4b35f9.js Show response for882937.com/static/js/	669 KB 202 KB	187ms 187ms	Script application/javascript	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/static/js/vendor-build10.fd454e1d1956de4b35f9.js Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash ef32f7fcbd9e6c22f7070a4bb7f588a649c7f933ceb84caf6547a0945060332c Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:01 GMT content-encoding gzip last-modified Thu, 23 May 2024 06:04:46 GMT server openresty/1.25.3.1 etag W/"664edc7e-a72e6" x-cache-status HIT content-type application/javascript; charset=utf-8 cache-control max-age=10800 expires Fri, 24 May 2024 02:01:01 GMT
GET H2	200	common-api.53acc2b5bb6d87085ae0.js Show response for882937.com/static/js/	295 KB 94 KB	187ms 187ms	Script application/javascript	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/static/js/common-api.53acc2b5bb6d87085ae0.js Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 92d6463c891eb554aa876ba2029e869a48ad465c8a21a3a45392d3cab8f14e20 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:01 GMT content-encoding gzip last-modified Thu, 23 May 2024 06:04:46 GMT server openresty/1.25.3.1 etag W/"664edc7e-49af8" x-cache-status HIT content-type application/javascript; charset=utf-8 cache-control max-age=10800 expires Fri, 24 May 2024 02:01:01 GMT
GET H2	200	build10.c99091dd3a6a9187ce3d.js Show response for882937.com/static/js/	600 KB 331 KB	187ms 187ms	Script application/javascript	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/static/js/build10.c99091dd3a6a9187ce3d.js Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash f128a02baf42befa004c68afce9daf3b86e49d9f260dad5e06d26dde9ffd4de8 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:01 GMT content-encoding gzip last-modified Thu, 23 May 2024 06:04:46 GMT server openresty/1.25.3.1 etag W/"664edc7e-96101" x-cache-status HIT content-type application/javascript; charset=utf-8 cache-control max-age=10800 expires Fri, 24 May 2024 02:01:01 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	33ms 7ms	Script text/javascript	2a00:1450:4001:827::200e
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: for882937.com URL: https://for882937.com/static/js/vendor.37db056e4cdb6e153061.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e -, , ASN (), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 23 May 2024 22:29:08 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 1914 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Fri, 24 May 2024 00:29:08 GMT
GET DATA	200 OK	truncated /	904 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 348148d59b112fe786d1a4c005e328502e7400eb98f72708cbb0ea3514c80caa Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5f7a334fe68bbc88615e7f77659a22d740f277909e82d186675a9a0d3dcf401d Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 19c9316759fd71b0abc391bac7d37f72db69b9149fd91a417efe2586d37e48a9 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 73cf6393488037ee3f1bbdb5588b51c2a363a94c4ee5f94192b8e71c1a7d0e93 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 50b43359cbf61e1af53ec358bfe368c5a6625f861134b8b123b9472192be79c6 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	loading2.6f3970b.png for882937.com/static/img/	15 KB 15 KB	187ms 187ms	Image image/png	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://for882937.com/static/img/loading2.6f3970b.png Requested by Host: for882937.com URL: https://for882937.com/static/css/build10.f43bedc5af6616df0568a666ecade10f.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 5f5d33bd31a4176f28df0bc4fa9eeea21eae270e0b65076f486ce5306f355c44 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/static/css/build10.f43bedc5af6616df0568a666ecade10f.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:02 GMT last-modified Thu, 23 May 2024 06:04:46 GMT server openresty/1.25.3.1 etag "664edc7e-3cd3" x-cache-status HIT content-type image/png cache-control max-age=10800 accept-ranges bytes content-length 15571 expires Fri, 24 May 2024 02:01:02 GMT
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 815145592def4244b0d9257f0b05ceb76569ea1c83321cf5a26fbe505b9342f5 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H2	200	app.72fc9be.png for882937.com/static/img/	23 KB 23 KB	187ms 186ms	Image image/png	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://for882937.com/static/img/app.72fc9be.png Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash c774d1cc298496c03e31b3a7ddf04e5a2cc8e36063b820e66ef470814a16fdac Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:02 GMT last-modified Thu, 23 May 2024 06:04:46 GMT server openresty/1.25.3.1 etag "664edc7e-5d14" x-cache-status HIT content-type image/png cache-control max-age=10800 accept-ranges bytes content-length 23828 expires Fri, 24 May 2024 02:01:02 GMT
GET DATA	200 OK	truncated /	240 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 05ba47928ea3469501f8d8e87700e2d6852738ee8dbe8d6153b123baa0b20cb9 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
POST H2	200	pixels Show response for882937.com/api/guest/	904 B 1019 B	314ms 313ms	XHR application/json	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/api/guest/pixels Requested by Host: for882937.com URL: https://for882937.com/static/js/vendor.37db056e4cdb6e153061.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 80ee578dee4f2ad4be0000df640139f3c495a829e12f23ab118aabafb6eab036 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Accept application/json, text/plain, */* Referer https://for882937.com/ sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 23:01:02 GMT content-encoding gzip x-content-type-options nosniff server openresty/1.25.3.1 vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin https://for882937.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-xss-protection 1; mode=block expires 0
POST H2	200	init Show response for882937.com/api/	3 KB 2 KB	1322ms 1322ms	XHR application/json	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/api/init Requested by Host: for882937.com URL: https://for882937.com/static/js/vendor.37db056e4cdb6e153061.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash b7dcf39bea2bf687653042b4d37c841c002dfa2dc712455e3161650b5fd42734 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Accept application/json, text/plain, */* Referer https://for882937.com/ sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 23:01:03 GMT content-encoding gzip x-content-type-options nosniff server openresty/1.25.3.1 vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin https://for882937.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-xss-protection 1; mode=block expires 0
POST H2	200	fetchImg Show response for882937.com/api/guest/	76 B 514 B	312ms 311ms	XHR application/json	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/api/guest/fetchImg Requested by Host: for882937.com URL: https://for882937.com/static/js/vendor.37db056e4cdb6e153061.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash c87fcecd96d881946d5db3703c081155a8db0ec7fae43c9278774c73abd64051 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Accept application/json, text/plain, */* Referer https://for882937.com/ sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 23:01:02 GMT content-encoding gzip x-content-type-options nosniff server openresty/1.25.3.1 vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin https://for882937.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-xss-protection 1; mode=block expires 0
POST H2	200	fetchImg Show response for882937.com/api/guest/	335 B 672 B	314ms 313ms	XHR application/json	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/api/guest/fetchImg Requested by Host: for882937.com URL: https://for882937.com/static/js/vendor.37db056e4cdb6e153061.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 53864b81133a79cee5aba6bd460575ce13a96f6b693f3d9336ff7140578ccbcf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Accept application/json, text/plain, */* Referer https://for882937.com/ sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 23:01:02 GMT content-encoding gzip x-content-type-options nosniff server openresty/1.25.3.1 vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin https://for882937.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-xss-protection 1; mode=block expires 0
POST H2	200	gamePlatform Show response for882937.com/api/game/guest/	4 KB 1 KB	528ms 527ms	XHR application/json	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/api/game/guest/gamePlatform Requested by Host: for882937.com URL: https://for882937.com/static/js/vendor.37db056e4cdb6e153061.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash c43eeb54d4cfc13561aef432335e4debe556f36ba83ab7c3c1d76232ddd9b449 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Accept application/json, text/plain, */* Referer https://for882937.com/ sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 23:01:02 GMT content-encoding gzip x-content-type-options nosniff server openresty/1.25.3.1 vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin https://for882937.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-xss-protection 1; mode=block expires 0
POST H2	200	gamePlatform Show response for882937.com/api/game/guest/	3 KB 1 KB	458ms 456ms	XHR application/json	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/api/game/guest/gamePlatform Requested by Host: for882937.com URL: https://for882937.com/static/js/vendor.37db056e4cdb6e153061.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash bd8110aedb14d762c0db939b163184d660d769cf018ad3b22dcb29b6cc2b9e49 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Accept application/json, text/plain, */* Referer https://for882937.com/ sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 23:01:02 GMT content-encoding gzip x-content-type-options nosniff server openresty/1.25.3.1 vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin https://for882937.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-xss-protection 1; mode=block expires 0
POST H2	200	gamePlatform Show response for882937.com/api/game/guest/	3 KB 1 KB	1133ms 1132ms	XHR application/json	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/api/game/guest/gamePlatform Requested by Host: for882937.com URL: https://for882937.com/static/js/vendor.37db056e4cdb6e153061.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash a9f8df1b975d117600e21b1eae8871383635d41aa71d5d16e649293c585f8dcd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Accept application/json, text/plain, */* Referer https://for882937.com/ sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 23:01:02 GMT content-encoding gzip x-content-type-options nosniff server openresty/1.25.3.1 vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin https://for882937.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-xss-protection 1; mode=block expires 0
POST H2	200	gamePlatform Show response for882937.com/api/game/guest/	2 KB 1 KB	1133ms 1132ms	XHR application/json	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/api/game/guest/gamePlatform Requested by Host: for882937.com URL: https://for882937.com/static/js/vendor.37db056e4cdb6e153061.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 6c22858d8686064af9a1c7d2863a053ca2a61c1eb8ddefe966d3cab60c4183c3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Accept application/json, text/plain, */* Referer https://for882937.com/ sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 23:01:02 GMT content-encoding gzip x-content-type-options nosniff server openresty/1.25.3.1 vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin https://for882937.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-xss-protection 1; mode=block expires 0
POST H2	200	gamePlatform Show response for882937.com/api/game/guest/	11 KB 2 KB	530ms 530ms	XHR application/json	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/api/game/guest/gamePlatform Requested by Host: for882937.com URL: https://for882937.com/static/js/vendor.37db056e4cdb6e153061.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 55a0034171efd7990bc662eb65c6c5b743e37c5367c31fb19bb4557fa62132a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Accept application/json, text/plain, */* Referer https://for882937.com/ sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 23:01:02 GMT content-encoding gzip x-content-type-options nosniff server openresty/1.25.3.1 vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin https://for882937.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-xss-protection 1; mode=block expires 0
POST H2	200	gamePlatform Show response for882937.com/api/game/guest/	2 KB 1 KB	538ms 537ms	XHR application/json	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/api/game/guest/gamePlatform Requested by Host: for882937.com URL: https://for882937.com/static/js/vendor.37db056e4cdb6e153061.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 0affe19b786850f72e65d08d8a36e5ddfe5af6b149019588706013199199daba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Accept application/json, text/plain, */* Referer https://for882937.com/ sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 23:01:02 GMT content-encoding gzip x-content-type-options nosniff server openresty/1.25.3.1 vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin https://for882937.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-xss-protection 1; mode=block expires 0
POST H2	200	gamePlatform Show response for882937.com/api/game/guest/	3 KB 1 KB	535ms 534ms	XHR application/json	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/api/game/guest/gamePlatform Requested by Host: for882937.com URL: https://for882937.com/static/js/vendor.37db056e4cdb6e153061.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash a9f8df1b975d117600e21b1eae8871383635d41aa71d5d16e649293c585f8dcd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Accept application/json, text/plain, */* Referer https://for882937.com/ sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 23:01:02 GMT content-encoding gzip x-content-type-options nosniff server openresty/1.25.3.1 vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin https://for882937.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-xss-protection 1; mode=block expires 0
POST H2	200	fetchImg Show response for882937.com/api/guest/	76 B 512 B	1133ms 1132ms	XHR application/json	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/api/guest/fetchImg Requested by Host: for882937.com URL: https://for882937.com/static/js/vendor.37db056e4cdb6e153061.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash c87fcecd96d881946d5db3703c081155a8db0ec7fae43c9278774c73abd64051 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Accept application/json, text/plain, */* Referer https://for882937.com/ sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 23:01:02 GMT content-encoding gzip x-content-type-options nosniff server openresty/1.25.3.1 vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin https://for882937.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-xss-protection 1; mode=block expires 0
POST H2	200	vipPrivilege Show response for882937.com/api/guest/	14 KB 2 KB	1323ms 1323ms	XHR application/json	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/api/guest/vipPrivilege Requested by Host: for882937.com URL: https://for882937.com/static/js/vendor.37db056e4cdb6e153061.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 90f4689f895197223b255382e1ba07787a041c0e1baa530063d27027ee861041 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Accept application/json, text/plain, */* Referer https://for882937.com/ sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 23:01:03 GMT content-encoding gzip x-content-type-options nosniff server openresty/1.25.3.1 vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin https://for882937.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-xss-protection 1; mode=block expires 0
POST H2	200	list Show response for882937.com/api/guest/frontConfig/getFrontConfig/	7 KB 3 KB	1133ms 1132ms	XHR application/json	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/api/guest/frontConfig/getFrontConfig/list Requested by Host: for882937.com URL: https://for882937.com/static/js/vendor.37db056e4cdb6e153061.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 3348c2293a106a09eb1a82f29c7d34cc33388ded72df49236b0c73f78fbf9ada Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Accept application/json, text/plain, */* Referer https://for882937.com/ sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 23:01:02 GMT content-encoding gzip x-content-type-options nosniff server openresty/1.25.3.1 vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin https://for882937.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-xss-protection 1; mode=block expires 0
GET H2	200	agentCodeCache Show response for882937.com/api/guest/	57 B 306 B	1133ms 1133ms	XHR application/json	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/api/guest/agentCodeCache?code= Requested by Host: for882937.com URL: https://for882937.com/static/js/vendor.37db056e4cdb6e153061.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 15d58b6df4671908939ba39a2469df60674d72d97bcab4bb3b1f0b54f2d0101f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept application/json, text/plain, */* Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 23:01:02 GMT content-encoding gzip x-content-type-options nosniff server openresty/1.25.3.1 vary Accept-Encoding content-type application/json;charset=UTF-8 cache-control no-cache, no-store, max-age=0, must-revalidate x-xss-protection 1; mode=block expires 0
POST H2	200	fetchImg Show response for882937.com/api/guest/	998 B 807 B	527ms 527ms	XHR application/json	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/api/guest/fetchImg Requested by Host: for882937.com URL: https://for882937.com/static/js/vendor.37db056e4cdb6e153061.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash b4b98b32a9f69be69408bd8904d3d014caf7bf96cf848a399a092e497d16dce8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Accept application/json, text/plain, */* Referer https://for882937.com/ sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 23:01:02 GMT content-encoding gzip x-content-type-options nosniff server openresty/1.25.3.1 vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin https://for882937.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-xss-protection 1; mode=block expires 0
POST H2	200	pushInfoList Show response for882937.com/api/guest/	1 KB 1 KB	421ms 421ms	XHR application/json	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/api/guest/pushInfoList Requested by Host: for882937.com URL: https://for882937.com/static/js/vendor.37db056e4cdb6e153061.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 09c3b5ebe4fd6c7a230302465917103f4904e726c76e2e758cb7d98f6ee6e874 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Accept application/json, text/plain, */* Referer https://for882937.com/ sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 23:01:02 GMT content-encoding gzip x-content-type-options nosniff server openresty/1.25.3.1 vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin https://for882937.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-xss-protection 1; mode=block expires 0
POST H2	200	fetchImg Show response for882937.com/api/guest/	2 KB 937 B	1132ms 1132ms	XHR application/json	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/api/guest/fetchImg Requested by Host: for882937.com URL: https://for882937.com/static/js/vendor.37db056e4cdb6e153061.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 43ec15d3bc284272a93deff5db101b8f2970ec5015f240f8f81a24650401dc03 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Accept application/json, text/plain, */* Referer https://for882937.com/ sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 23:01:02 GMT content-encoding gzip x-content-type-options nosniff server openresty/1.25.3.1 vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin https://for882937.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-xss-protection 1; mode=block expires 0
GET H2	200	36.a6d8a92674dc89f1152a.js Show response for882937.com/static/js/	34 KB 12 KB	352ms 352ms	Script application/javascript	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/static/js/36.a6d8a92674dc89f1152a.js Requested by Host: for882937.com URL: https://for882937.com/static/js/manifest.126c41a047f2a19e071b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash bf2b553102e6920d2230e6a8497a1ddcd9f77a08ee26ffc5e4dba492fdc04cee Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:02 GMT content-encoding gzip last-modified Thu, 23 May 2024 06:04:46 GMT server openresty/1.25.3.1 etag W/"664edc7e-892b" x-cache-status HIT content-type application/javascript; charset=utf-8 cache-control max-age=10800 expires Fri, 24 May 2024 02:01:02 GMT
GET H2	200	info Show response for882937.com/api/guest/liveSocket/	77 B 257 B	511ms 511ms	XHR application/json	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/api/guest/liveSocket/info?t=1716505262137 Requested by Host: for882937.com URL: https://for882937.com/static/js/vendor.37db056e4cdb6e153061.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash e925dd905f05c5af6eedf1c7ac577d97c0afcab407fa69a06ad9429c7c454e65 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:02 GMT cache-control no-store, no-cache, must-revalidate, max-age=0 x-content-type-options nosniff server openresty/1.25.3.1 content-length 77 x-xss-protection 1; mode=block content-type application/json;charset=UTF-8
GET H2	200	1733808713812801 Show response connect.facebook.net/signals/config/	288 KB 90 KB	11ms 10ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1733808713812801?v=2.9.156&r=stable&domain=for882937.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 43652f55e1d614d4a97469eb39d096aadb0746bfd8d719d8ea182a079aae3b35 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 23 May 2024 23:01:02 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 92242 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=11, rtx=0, c=62, mss=1326, tbw=63346, tp=-1, tpl=-1, uplat=3, ullat=-1 pragma public x-fb-debug TBG8LzBfYmGCOOvWyy4oHbA3ustYJ3ycJjrkv9romrEiprHUiGv3Fr6gRHddQwqBaszQ7XKs9p5ElwaOdJ5rLw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	tr www.facebook.com/	0 32 B	27ms 7ms	Image text/plain	2a03:2880:f177:83:face:b00c:0:25de
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr?id=1733808713812801&ev=PageView&noscript=1 Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de -, , ASN (), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1326, tbw=2772, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Thu, 23 May 2024 23:01:02 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	tr www.facebook.com/	0 273 B	27ms 7ms	Image text/plain	2a03:2880:f177:83:face:b00c:0:25de
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr?id=322933400900459&ev=PageView&noscript=1 Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de -, , ASN (), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1326, tbw=2772, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Thu, 23 May 2024 23:01:02 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	1700634993004639.png static.aaduxm.com/upload/	7 KB 7 KB	718ms 186ms	Image image/png	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.aaduxm.com/upload/1700634993004639.png Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 77ebbb5a2e21a9e3d0b63744c87ccfda1015d61a2d9eef60bf3c7aa90cbd77b7 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT last-modified Wed, 22 Nov 2023 06:36:33 GMT server openresty/1.25.3.1 etag "655da171-1bbc" x-cache-status HIT content-type image/png cache-control max-age=10800 accept-ranges bytes content-length 7100 expires Fri, 24 May 2024 02:01:03 GMT
GET H3	200	322933400900459 Show response connect.facebook.net/signals/config/	22 KB 3 KB	7ms 7ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/322933400900459?v=2.9.156&r=stable&domain=for882937.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C150%2C179%2C181%2C113%2C144%2C135%2C145%2C208%2C209%2C207%2C128%2C139%2C119%2C174%2C216%2C106%2C217%2C152%2C110%2C133%2C126%2C114 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash fe4413acdb08b5560ab6354dc8cebe96e63e79f8818506de8fd28df872812288 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 23 May 2024 23:01:02 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 2930 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=8, rtx=0, c=33, mss=1232, tbw=4614, tp=11, tpl=0, uplat=0, ullat=-1 pragma public x-fb-debug CKMnog413I28IqkNX0X5uzGOf8wKMMxm+vxvQxxmRly4EA884HxCYymYi1IOS573OPCYES0cAWik50ftFhaRXw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	200	913d9fe394407c055dfc8a6868227d9b21933f8e659d898283eead4783bdea61 Show response facebookad.for88vn.com/events/	0 318 B	816ms 256ms	XHR text/plain	2406:da18:80a:db00:10ec:fa9:881c:def4
General Check archive.org Show headers Download Go to Full URL https://facebookad.for88vn.com/events/913d9fe394407c055dfc8a6868227d9b21933f8e659d898283eead4783bdea61 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/signals/config/1733808713812801?v=2.9.156&r=stable&domain=for882937.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2406:da18:80a:db00:10ec:fa9:881c:def4 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://for882937.com date Thu, 23 May 2024 23:01:03 GMT access-control-allow-credentials true content-length 0 vary origin
GET H2	200	/ www.facebook.com/tr/	0 102 B	7ms 7ms	Image text/plain	2a03:2880:f177:83:face:b00c:0:25de
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1733808713812801&ev=PageView&dl=https%3A%2F%2Ffor882937.com%2F%23%2F&rl=https%3A%2F%2Fbbs.nwt4.com%2F&if=false&ts=1716505262489&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1716505262488.99483762&eid=ob3_plugin-set_321d49ba72ce205ad0ccfe06b06f9f917db09c9570186555f97815f4d1c05d8f&ler=other&cdl=API_unavailable&it=1716505262433&coo=false&rqm=GET Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de -, , ASN (), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=9, rtx=0, c=10, mss=1326, tbw=3191, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Thu, 23 May 2024 23:01:02 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 3 KB	153ms 152ms	Image image/png	2a03:2880:f177:83:face:b00c:0:25de
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1733808713812801&ev=PageView&dl=https%3A%2F%2Ffor882937.com%2F%23%2F&rl=https%3A%2F%2Fbbs.nwt4.com%2F&if=false&ts=1716505262489&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1716505262488.99483762&eid=ob3_plugin-set_321d49ba72ce205ad0ccfe06b06f9f917db09c9570186555f97815f4d1c05d8f&ler=other&cdl=API_unavailable&it=1716505262433&coo=false&rqm=FGET Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de -, , ASN (), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xd9b7acda0a6128a0","source_keys":["1","2"]},{"key_piece":"0x26395926c4f5fa70","source_keys":["1","2"]}],"aggregatable_values":{"1":1}} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Thu, 23 May 2024 23:01:02 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=8, rtx=0, c=10, mss=1326, tbw=3337, tp=-1, tpl=-1, uplat=143, ullat=0 pragma no-cache x-fb-debug I/w3uYHLWw7kSqx/QyeB/6Rz9rSyU2ufA25dKsxaEYmRbX0QM5F3pkMBQts1SD6lkxo+GaTxqKoeaDHJboDvPQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	16 B 220 B	16ms 15ms	XHR text/plain	2a00:1450:4001:827::200e
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=467853507&t=pageview&_s=1&dl=https%3A%2F%2Ffor882937.com%2F&dr=https%3A%2F%2Fbbs.nwt4.com%2F&dp=%2Fhome&ul=de-de&de=UTF-8&dt=For88%2010%20N%C4%83m%20ho%E1%BA%A1t%20%C4%91%E1%BB%99ng%2CUy%20t%C3%ADn%20%C4%91%C3%A1ng%20tin%20c%E1%BA%ADy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAACAAI~&jid=1568102486&gjid=206633797&cid=1562646048.1716505262&tid=UA-135652521-2&_gid=666786770.1716505262&_r=1&_slc=1&z=973236705 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e -, , ASN (), Reverse DNS Software Golfe2 / Resource Hash 2f153982693497d912f8288b933b963cd3f1866df95bfcd96d7902167fae8975 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 23 May 2024 23:01:02 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://for882937.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	16nian@3x.41fbf79.png for882937.com/static/img/	30 KB 31 KB	187ms 187ms	Image image/png	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://for882937.com/static/img/16nian@3x.41fbf79.png Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash c9f385928bd1dfa52461a0a9a52bd51e3379cd53acd534fe11da3665787374e9 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:02 GMT last-modified Thu, 23 May 2024 06:04:46 GMT server openresty/1.25.3.1 etag "664edc7e-7922" x-cache-status HIT content-type image/png cache-control max-age=10800 accept-ranges bytes content-length 31010 expires Fri, 24 May 2024 02:01:02 GMT
GET H2	200	18jia@3x.9ff01f8.png for882937.com/static/img/	32 KB 33 KB	189ms 188ms	Image image/png	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://for882937.com/static/img/18jia@3x.9ff01f8.png Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 410c30ceb7aa75b12005cc82dcda92dabd1b4fbbee6379a22f8d1331f5643903 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:02 GMT last-modified Thu, 23 May 2024 06:04:46 GMT server openresty/1.25.3.1 etag "664edc7e-813d" x-cache-status HIT content-type image/png cache-control max-age=10800 accept-ranges bytes content-length 33085 expires Fri, 24 May 2024 02:01:02 GMT
GET H2	200	18miao@3x.9ff365b.png for882937.com/static/img/	32 KB 32 KB	190ms 189ms	Image image/png	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://for882937.com/static/img/18miao@3x.9ff365b.png Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 174ec62be706c659fbc6a5634c8ba2cc12b797dd730c1502ed8613b345746fb5 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:02 GMT last-modified Thu, 23 May 2024 06:04:46 GMT server openresty/1.25.3.1 etag "664edc7e-7fb3" x-cache-status HIT content-type image/png cache-control max-age=10800 accept-ranges bytes content-length 32691 expires Fri, 24 May 2024 02:01:02 GMT
GET H2	200	24hour@3x.0278786.png for882937.com/static/img/	32 KB 32 KB	191ms 191ms	Image image/png	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://for882937.com/static/img/24hour@3x.0278786.png Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 036f12a0b8d03410f2ba2e6e22d712a47bf784a06e22360aa17f794d49929d02 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:02 GMT last-modified Thu, 23 May 2024 06:04:46 GMT server openresty/1.25.3.1 etag "664edc7e-7ed6" x-cache-status HIT content-type image/png cache-control max-age=10800 accept-ranges bytes content-length 32470 expires Fri, 24 May 2024 02:01:02 GMT
POST H2	200	gianUserWinInfo Show response for882937.com/api/guest/frontConfig/	22 KB 3 KB	748ms 748ms	XHR application/json	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/api/guest/frontConfig/gianUserWinInfo Requested by Host: for882937.com URL: https://for882937.com/static/js/vendor.37db056e4cdb6e153061.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 6756e4f570c6d804147b761ed016bfa39cebd86db4020d94387ecfdf74fc7e45 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Accept application/json, text/plain, */* Referer https://for882937.com/ sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 23:01:02 GMT content-encoding gzip x-content-type-options nosniff server openresty/1.25.3.1 vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin https://for882937.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-xss-protection 1; mode=block expires 0
POST H2	200	newHeatGamePlatform Show response for882937.com/api/game/guest/	5 KB 1 KB	748ms 747ms	XHR application/json	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/api/game/guest/newHeatGamePlatform Requested by Host: for882937.com URL: https://for882937.com/static/js/vendor.37db056e4cdb6e153061.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 9949b8bf42142e0fbc9e5b7947bd8ea39cdc3bf95d6c6587b5e4ebde89faace0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Accept application/json, text/plain, */* Referer https://for882937.com/ sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 23:01:02 GMT content-encoding gzip x-content-type-options nosniff server openresty/1.25.3.1 vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin https://for882937.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-xss-protection 1; mode=block expires 0
POST H2	200	fetchImg Show response for882937.com/api/guest/	2 KB 843 B	748ms 748ms	XHR application/json	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/api/guest/fetchImg Requested by Host: for882937.com URL: https://for882937.com/static/js/vendor.37db056e4cdb6e153061.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 9264760b7432ec798dac0e63487a04e1bf2b07fe7a24dc37bd811d37bb948ea7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Accept application/json, text/plain, */* Referer https://for882937.com/ sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 23:01:02 GMT content-encoding gzip x-content-type-options nosniff server openresty/1.25.3.1 vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin https://for882937.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-xss-protection 1; mode=block expires 0
POST H2	200	fetchImg Show response for882937.com/api/guest/	76 B 453 B	748ms 748ms	XHR application/json	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/api/guest/fetchImg Requested by Host: for882937.com URL: https://for882937.com/static/js/vendor.37db056e4cdb6e153061.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash c87fcecd96d881946d5db3703c081155a8db0ec7fae43c9278774c73abd64051 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Accept application/json, text/plain, */* Referer https://for882937.com/ sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 23:01:02 GMT content-encoding gzip x-content-type-options nosniff server openresty/1.25.3.1 vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin https://for882937.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-xss-protection 1; mode=block expires 0
GET DATA	200 OK	truncated /	820 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7bf9e228d31b5238e17040f65f8d4657805b4bbce4ffb76fa789fde6b78e33cd Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 65811ad264c8d13b6046b6b02e431e21c245230ea3c8f49b99e1ebe4b15e59c5 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 41fcbcabb18acc6de8f00cb5e3f22780778d1de7138f3701730d46e4743e6278 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	download-bg@3x.7b27ba9.png for882937.com/static/img/	3 MB 3 MB	188ms 188ms	Image image/png	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://for882937.com/static/img/download-bg@3x.7b27ba9.png Requested by Host: for882937.com URL: https://for882937.com/static/css/build10.f43bedc5af6616df0568a666ecade10f.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 7e0b83eb8b123b708ea5b8635169c6c3203cc42d6f0fe6e481029bb48bc72f38 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/static/css/build10.f43bedc5af6616df0568a666ecade10f.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:02 GMT last-modified Thu, 23 May 2024 06:04:46 GMT server openresty/1.25.3.1 etag "664edc7e-2d063d" x-cache-status HIT content-type image/png cache-control max-age=10800 accept-ranges bytes content-length 2950717 expires Fri, 24 May 2024 02:01:02 GMT
GET DATA	200 OK	truncated /	788 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 753be1bc949ed5be4bd5b2c8eccddb9b058eac63b5206ade086d4227444b0f79 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5cbff00e4b944f2ed2eb1a8d3b0b592b7808cac1b81b05b6a146f02694666376 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4cb5f7eef7fd2d14f8116d5ef4e375567ab8f318e6a798ceeed6522628e4b52b Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bb821c8bf31f92822f9e569b06d4d800274193ec3fb70f54991718a36c4bb44f Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4061046653b19da26fb3506b8a955f161359dac95f09383c07eef13718097bea Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 347 B	65ms 23ms	XHR text/plain	2a00:1450:400c:c0d::9d
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-135652521-2&cid=1562646048.1716505262&jid=1568102486&gjid=206633797&_gid=666786770.1716505262&_u=aEBAAEAAEAAAACAAI~&z=1765303151 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0d::9d -, , ASN (), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Thu, 23 May 2024 23:01:02 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://for882937.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	256 KB 91 KB	43ms 21ms	Script application/javascript	2a00:1450:4001:82f::2008
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-T45TQYCMD6&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 -, , ASN (), Reverse DNS Software Google Tag Manager / Resource Hash 87829d9f6a88004ac35ea3aafc26714c764a7dea0c14b18c4fd652dff464707c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:02 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 92393 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 23 May 2024 23:01:02 GMT
POST H2	200	913d9fe394407c055dfc8a6868227d9b21933f8e659d898283eead4783bdea61 Show response facebookad.for88vn.com/events/	0 317 B	787ms 257ms	XHR text/plain	2406:da18:80a:db00:10ec:fa9:881c:def4
General Check archive.org Show headers Download Go to Full URL https://facebookad.for88vn.com/events/913d9fe394407c055dfc8a6868227d9b21933f8e659d898283eead4783bdea61 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/signals/config/1733808713812801?v=2.9.156&r=stable&domain=for882937.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2406:da18:80a:db00:10ec:fa9:881c:def4 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://for882937.com date Thu, 23 May 2024 23:01:03 GMT access-control-allow-credentials true content-length 0 vary origin
GET H3	200	/ www.facebook.com/tr/	0 19 B	7ms 7ms	Image text/plain	2a03:2880:f177:83:face:b00c:0:25de
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=322933400900459&ev=PageView&dl=https%3A%2F%2Ffor882937.com%2F%23%2Fhome&rl=https%3A%2F%2Fbbs.nwt4.com%2F&if=false&ts=1716505262521&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1716505262488.99483762&eid=ob3_plugin-set_bf37348c835e8e07eab5b04926d5b065eaacec103cb312a3b91b6bc44dab63cc&ler=other&cdl=API_unavailable&it=1716505262433&coo=false&rqm=GET Requested by Host: for882937.com URL: https://for882937.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de -, , ASN (), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4362, tp=10, tpl=0, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Thu, 23 May 2024 23:01:02 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0 priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 198 B	173ms 173ms	Image image/png	2a03:2880:f177:83:face:b00c:0:25de
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=322933400900459&ev=PageView&dl=https%3A%2F%2Ffor882937.com%2F%23%2Fhome&rl=https%3A%2F%2Fbbs.nwt4.com%2F&if=false&ts=1716505262521&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1716505262488.99483762&eid=ob3_plugin-set_bf37348c835e8e07eab5b04926d5b065eaacec103cb312a3b91b6bc44dab63cc&ler=other&cdl=API_unavailable&it=1716505262433&coo=false&rqm=FGET Requested by Host: for882937.com URL: https://for882937.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de -, , ASN (), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xd76ea94883ee22d3","source_keys":["1","2"]},{"key_piece":"0xabd81c53f5843b73","source_keys":["1","2"]}],"aggregatable_values":{"1":1}} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Thu, 23 May 2024 23:01:02 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4730, tp=13, tpl=0, uplat=163, ullat=0 pragma no-cache x-fb-debug k/ucvwLmFSjDeVJvkwscxqxsVAbJIeU/57Xn0SwdmgYFsIXYOksNrxmT3EBON7WsyEh2+VvyYa70vmYI6H2YOA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	ga-audiences www.google.com/ads/	42 B 63 B	34ms 18ms	Image image/gif	2a00:1450:4001:811::2004
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-135652521-2&cid=1562646048.1716505262&jid=1568102486&_u=aEBAAEAAEAAAACAAI~&z=1666903052 Requested by Host: for882937.com URL: https://for882937.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2004 -, , ASN (), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 23:01:02 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	58ms 42ms	Image image/gif	2a00:1450:4001:80f::2003
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-135652521-2&cid=1562646048.1716505262&jid=1568102486&_u=aEBAAEAAEAAAACAAI~&z=1666903052 Requested by Host: for882937.com URL: https://for882937.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2003 -, , ASN (), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 23:01:02 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 252 B	43ms 21ms	Ping text/plain	2001:4860:4802:32::36
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-T45TQYCMD6&gtm=45je45m0v9124730715za200&_p=1716505262518&_gaz=1&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&ul=de-de&sr=1600x1200&cid=1562646048.1716505262&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Ffor882937.com%2F&dr=https%3A%2F%2Fbbs.nwt4.com%2F&dp=%2Fhome&dt=For88%2010%20N%C4%83m%20ho%E1%BA%A1t%20%C4%91%E1%BB%99ng%2CUy%20t%C3%ADn%20%C4%91%C3%A1ng%20tin%20c%E1%BA%ADy&sid=1716505262&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=4506 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-T45TQYCMD6&cx=c&_slc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 -, , ASN (), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 23:01:02 GMT server Golfe2 content-type text/plain access-control-allow-origin https://for882937.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 56 B	20ms 20ms	Ping text/plain	2a00:1450:400c:c0d::9d
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-T45TQYCMD6&cid=1562646048.1716505262&gtm=45je45m0v9124730715za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l2&npa=0&frm=0 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-T45TQYCMD6&cx=c&_slc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0d::9d -, , ASN (), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 23:01:02 GMT server Golfe2 content-type text/plain access-control-allow-origin https://for882937.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	17ms 17ms	Image image/gif	2a00:1450:4001:80f::2003
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-T45TQYCMD6&cid=1562646048.1716505262&gtm=45je45m0v9124730715za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l2&npa=0&frm=0&z=1322820380 Requested by Host: for882937.com URL: https://for882937.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2003 -, , ASN (), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 23:01:02 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	fetchImgs Show response for882937.com/api/guest/	7 KB 2 KB	398ms 398ms	XHR application/json	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/api/guest/fetchImgs Requested by Host: for882937.com URL: https://for882937.com/static/js/vendor.37db056e4cdb6e153061.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 286d3b281362622b7bea08e99cfdef74062b89513eaec10f479cf5d84a4f0232 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Accept application/json, text/plain, */* Referer https://for882937.com/ sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 23:01:03 GMT content-encoding gzip x-content-type-options nosniff server openresty/1.25.3.1 vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin https://for882937.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-xss-protection 1; mode=block expires 0
POST H2	200	gianUserWinInfo Show response for882937.com/api/guest/frontConfig/	22 KB 3 KB	513ms 512ms	XHR application/json	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/api/guest/frontConfig/gianUserWinInfo Requested by Host: for882937.com URL: https://for882937.com/static/js/vendor.37db056e4cdb6e153061.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 6756e4f570c6d804147b761ed016bfa39cebd86db4020d94387ecfdf74fc7e45 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Accept application/json, text/plain, */* Referer https://for882937.com/ sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 23:01:03 GMT content-encoding gzip x-content-type-options nosniff server openresty/1.25.3.1 vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin https://for882937.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-xss-protection 1; mode=block expires 0
GET		1703237111938.png live-hk-static.oss-cn-hongkong.aliyuncs.com/gamelist/AE/	0 0
GET		1703236945942.png live-hk-static.oss-cn-hongkong.aliyuncs.com/gamelist/DB/	0 0
GET		1703236915625.png live-hk-static.oss-cn-hongkong.aliyuncs.com/gamelist/CQ9/	0 0
GET		1703237086569.png live-hk-static.oss-cn-hongkong.aliyuncs.com/gamelist/JDB/	0 0
GET		1703237059289.png live-hk-static.oss-cn-hongkong.aliyuncs.com/gamelist/JILI/	0 0
GET		1703237027438.png live-hk-static.oss-cn-hongkong.aliyuncs.com/gamelist/PG/	0 0
GET		1703237001862.png live-hk-static.oss-cn-hongkong.aliyuncs.com/gamelist/SABA/	0 0
GET		1703236976255.png live-hk-static.oss-cn-hongkong.aliyuncs.com/gamelist/V8/	0 0
GET H2	200	1716458744110335.png static.aaduxm.com/upload/	44 KB 44 KB	187ms 186ms	Image image/png	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.aaduxm.com/upload/1716458744110335.png Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 86b5a21b5e12feab845c68bd200c87aa681dc146788abd2f61ff53b31b5c41e7 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT last-modified Thu, 23 May 2024 10:05:44 GMT server openresty/1.25.3.1 etag "664f14f8-b039" x-cache-status HIT content-type image/png cache-control max-age=10800 accept-ranges bytes content-length 45113 expires Fri, 24 May 2024 02:01:03 GMT
GET H2	200	1716458827512220.gif static.aaduxm.com/upload/	552 KB 553 KB	375ms 375ms	Image image/gif	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.aaduxm.com/upload/1716458827512220.gif Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 2b05ec6fbfaf9ac7215c060344b0bcea8c3ec792ed337653c8a9212b676491b7 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT last-modified Thu, 23 May 2024 10:07:08 GMT server openresty/1.25.3.1 etag "664f154c-8a0e4" x-cache-status HIT content-type image/gif cache-control max-age=10800 accept-ranges bytes content-length 565476 expires Fri, 24 May 2024 02:01:03 GMT
GET H2	200	1716458921352618.png static.aaduxm.com/upload/	43 KB 43 KB	375ms 375ms	Image image/png	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.aaduxm.com/upload/1716458921352618.png Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash a556589175913b77a1281a4e9da24c51928f0ae6db1775c408f497df44445c27 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT last-modified Thu, 23 May 2024 10:08:41 GMT server openresty/1.25.3.1 etag "664f15a9-ab06" x-cache-status HIT content-type image/png cache-control max-age=10800 accept-ranges bytes content-length 43782 expires Fri, 24 May 2024 02:01:03 GMT
GET H2	200	1716458931286618.png static.aaduxm.com/upload/	47 KB 47 KB	376ms 375ms	Image image/png	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.aaduxm.com/upload/1716458931286618.png Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 1d763c6299a649f2d0e58eb49be87d103cf4d3b727841409790c29fe0f63480b Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT last-modified Thu, 23 May 2024 10:08:51 GMT server openresty/1.25.3.1 etag "664f15b3-bbf4" x-cache-status HIT content-type image/png cache-control max-age=10800 accept-ranges bytes content-length 48116 expires Fri, 24 May 2024 02:01:03 GMT
GET H2	200	1716458970662412.png static.aaduxm.com/upload/	42 KB 42 KB	376ms 375ms	Image image/png	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.aaduxm.com/upload/1716458970662412.png Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 00efdf650321c2b874e85653cd3a3867f9f654e1afaa011390413683d1b2c1a1 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT last-modified Thu, 23 May 2024 10:09:30 GMT server openresty/1.25.3.1 etag "664f15da-a6e0" x-cache-status HIT content-type image/png cache-control max-age=10800 accept-ranges bytes content-length 42720 expires Fri, 24 May 2024 02:01:03 GMT
GET DATA	200 OK	truncated /	929 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 733463a881714e9b5316c998520fcc3b44851d87ae09a9e1ad15058debb41a0e Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	959 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b073b5ecdec1a48d6508574606f99b53d8cacd62c5cbc28aaeda49a675c5a3eb Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8297119a417a67557db47757a179de23b51694d4c77274242d5df82276e17111 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6b59a7eb762fe65376e3b2ddd389b2d705f5a3da38167cf9a8446f86719fb8c1 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9e8f0c399bdfbca619b53127d0c301fff53f949a6dc32a37a61b6758d63bcf40 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6bfde9e7aa859bb593e31e9b072f3e9b353877863b163f1967068f0e343ae3d8 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b2841a1cc5c7da81c73450875b51dc434b40833d84818addd9e860b3e2a836ef Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
POST H2	200	xhr_streaming for882937.com/api/guest/liveSocket/174/1o2mzrf2/	0 0	348ms 348ms	XHR application/javascript	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/api/guest/liveSocket/174/1o2mzrf2/xhr_streaming?t=1716505263343 Requested by Host: for882937.com URL: https://for882937.com/static/js/vendor.37db056e4cdb6e153061.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT content-encoding gzip x-content-type-options nosniff server openresty/1.25.3.1 vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/javascript;charset=UTF-8 access-control-allow-origin https://for882937.com cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block
GET H2	200	tracking.js Show response cdn.livechatinc.com/	90 KB 27 KB	41ms 7ms	Script application/javascript	2.16.1.243
General Check archive.org Show headers Download Go to Full URL https://cdn.livechatinc.com/tracking.js Requested by Host: for882937.com URL: https://for882937.com/static/js/common-api.53acc2b5bb6d87085ae0.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.1.243 -, , ASN (), Reverse DNS Software AmazonS3 / Resource Hash 057b527fbcb52b4cb4f3e214f09ffe4a33101e29159b8150333c91c47853d342 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id XbWbM1Ifd_HLpRiHDjlnPBlK7_uvS8UR content-encoding br date Thu, 23 May 2024 23:01:03 GMT x-amz-cf-pop FRA60-P2 x-amz-server-side-encryption AES256 cross-origin-resource-policy cross-origin content-length 27755 last-modified Thu, 23 May 2024 13:26:36 GMT server AmazonS3 etag W/"8413d917ac3adb609e0c3bbfee8af87a" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=28800 x-amz-cf-id 0CsEB_i0oxMpOMYIZ9Jh1URwm8RsOreMKPUz0yKZcHF8uxdRowuAng== expires Fri, 24 May 2024 07:01:03 GMT
GET H2	200	1703237111938.png static.aaduxm.com/gamelist/AE/	40 KB 41 KB	197ms 195ms	Image image/png	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.aaduxm.com/gamelist/AE/1703237111938.png Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 61ca83dd2c95d5d5a5a2127892bdd11c3ccdbb8ae034760ed79a4bf30438dd73 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT last-modified Fri, 22 Dec 2023 09:25:09 GMT server openresty/1.25.3.1 etag "658555f5-a1a4" x-cache-status HIT content-type image/png cache-control max-age=10800 accept-ranges bytes content-length 41380 expires Fri, 24 May 2024 02:01:03 GMT
GET H2	200	1703236945942.png static.aaduxm.com/gamelist/DB/	30 KB 30 KB	197ms 195ms	Image image/png	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.aaduxm.com/gamelist/DB/1703236945942.png Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash a30aee02af06c8283235ed3515813095776801a288a5a5aabfef54453a6d1f54 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT last-modified Fri, 22 Dec 2023 09:22:24 GMT server openresty/1.25.3.1 etag "65855550-7851" x-cache-status HIT content-type image/png cache-control max-age=10800 accept-ranges bytes content-length 30801 expires Fri, 24 May 2024 02:01:03 GMT
GET H2	200	1703236915625.png static.aaduxm.com/gamelist/CQ9/	37 KB 37 KB	197ms 195ms	Image image/png	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.aaduxm.com/gamelist/CQ9/1703236915625.png Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 59ac55e7a28b815e4425055378503df921436849e6ab7752b2324e0a80beb124 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT last-modified Fri, 22 Dec 2023 09:21:53 GMT server openresty/1.25.3.1 etag "65855531-9253" x-cache-status HIT content-type image/png cache-control max-age=10800 accept-ranges bytes content-length 37459 expires Fri, 24 May 2024 02:01:03 GMT
GET H2	200	1703237086569.png static.aaduxm.com/gamelist/JDB/	37 KB 37 KB	197ms 196ms	Image image/png	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.aaduxm.com/gamelist/JDB/1703237086569.png Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 67bc40c2887bb368974e1fa2ac8a6a446b5fd3e8c74179c1841b37806d3c203f Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT last-modified Fri, 22 Dec 2023 09:24:43 GMT server openresty/1.25.3.1 etag "658555db-9507" x-cache-status HIT content-type image/png cache-control max-age=10800 accept-ranges bytes content-length 38151 expires Fri, 24 May 2024 02:01:03 GMT
GET H2	200	1703237059289.png static.aaduxm.com/gamelist/JILI/	37 KB 38 KB	197ms 196ms	Image image/png	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.aaduxm.com/gamelist/JILI/1703237059289.png Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 42172fe29ad22be8cc52054228ee9f916421d391be28e98b1a34cd689a212ee3 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT last-modified Fri, 22 Dec 2023 09:24:14 GMT server openresty/1.25.3.1 etag "658555be-9529" x-cache-status HIT content-type image/png cache-control max-age=10800 accept-ranges bytes content-length 38185 expires Fri, 24 May 2024 02:01:03 GMT
GET H2	200	1703237027438.png static.aaduxm.com/gamelist/PG/	37 KB 38 KB	197ms 196ms	Image image/png	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.aaduxm.com/gamelist/PG/1703237027438.png Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 6ecfb6e2e115f3edbd8d4061c130add26017401c7883d511307fc8050ec5d7cd Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT last-modified Fri, 22 Dec 2023 09:23:46 GMT server openresty/1.25.3.1 etag "658555a2-951f" x-cache-status HIT content-type image/png cache-control max-age=10800 accept-ranges bytes content-length 38175 expires Fri, 24 May 2024 02:01:03 GMT
GET H2	200	1703237001862.png static.aaduxm.com/gamelist/SABA/	39 KB 40 KB	197ms 196ms	Image image/png	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.aaduxm.com/gamelist/SABA/1703237001862.png Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash a4c96ff8e5ab252d51151367f7d37c988aa6460c9d97218349ab152512fc89ed Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT last-modified Fri, 22 Dec 2023 09:23:16 GMT server openresty/1.25.3.1 etag "65855584-9da6" x-cache-status HIT content-type image/png cache-control max-age=10800 accept-ranges bytes content-length 40358 expires Fri, 24 May 2024 02:01:03 GMT
GET H2	200	1703236976255.png static.aaduxm.com/gamelist/V8/	33 KB 33 KB	197ms 196ms	Image image/png	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.aaduxm.com/gamelist/V8/1703236976255.png Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 3c58b6f5d12f6e36fc42e64594c087848a9d5bf404c517ff493ff9b107b794ff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT last-modified Fri, 22 Dec 2023 09:22:51 GMT server openresty/1.25.3.1 etag "6585556b-8254" x-cache-status HIT content-type image/png cache-control max-age=10800 accept-ranges bytes content-length 33364 expires Fri, 24 May 2024 02:01:03 GMT
GET H2	200	getACode Show response for882937.com/api/guest/	90 B 337 B	601ms 600ms	XHR application/json	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/api/guest/getACode?doName=for882937.com Requested by Host: for882937.com URL: https://for882937.com/static/js/vendor.37db056e4cdb6e153061.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash d604065bb6d89b8f164498b376d3247b3b078339cc899627c73e4d02b0e6682b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept application/json, text/plain, */* Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 23:01:03 GMT content-encoding gzip x-content-type-options nosniff server openresty/1.25.3.1 vary Accept-Encoding content-type application/json;charset=UTF-8 cache-control no-cache, no-store, max-age=0, must-revalidate x-xss-protection 1; mode=block expires 0
POST H2	200	queryBonusArticleTypeList Show response for882937.com/api/guest/	746 B 638 B	329ms 328ms	XHR application/json	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/api/guest/queryBonusArticleTypeList Requested by Host: for882937.com URL: https://for882937.com/static/js/vendor.37db056e4cdb6e153061.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 07d9fbda0aa2e1f295f2b875292c0c9c660e548fe7fcd8c14ba7ab1c5b8d6bbc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Accept application/json, text/plain, */* Referer https://for882937.com/ sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 23:01:03 GMT content-encoding gzip x-content-type-options nosniff server openresty/1.25.3.1 vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin https://for882937.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-xss-protection 1; mode=block expires 0
GET H2	200	get_dynamic_configuration Show response api.livechatinc.com/v3.6/customer/action/	386 B 600 B	592ms 556ms	Script application/javascript	2.17.100.137
General Check archive.org Show headers Download Go to Full URL https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=16387728&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Ffor882937.com%2F%23%2Fhome&channel_type=code&jsonp=__id6rsjvrclo Requested by Host: cdn.livechatinc.com URL: https://cdn.livechatinc.com/tracking.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.137 -, , ASN (), Reverse DNS Software / Resource Hash f29c1538cff04b838b74104813f4f9c954d4326b3c7408ec452c09ba83bf96bf Security Headers Name Value Content-Security-Policy frame-ancestors https://for882937.com/; X-Frame-Options allow-from https://for882937.com/ Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy frame-ancestors https://for882937.com/; date Thu, 23 May 2024 23:01:04 GMT cross-origin-resource-policy cross-origin content-length 386 vary Accept-Encoding x-frame-options allow-from https://for882937.com/ content-type application/javascript; charset=UTF-8
GET DATA	200 OK	truncated /	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 162e15f2a20dce07fab55b583a3f0ac741bae0bdad3b1ca87bd970d2c40cbb6c Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	6 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0a3aa7ba1eee9c77a99d663125930af18a8c49f76dbea40755bbed10b3f81e9d Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8f3eeaf7c8b08e4a592ad824f12972618c222edae4fa67616622ad96fbc5cb34 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5ecf476007a3b4b7363bd7fa3c556a2e857d16db5cb9f579aa22b4b93a2d90e2 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	7 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0716532ce51496e4d00db6d648134b79ac9e4472c63b81a9e726759057c23f3a Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c466b9a33eaaa52825de88bb5c6dc135bbe0382c44f6cb088678108007b41735 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0767e9ad9a1e234c56156ea440e749189cfa23c9f97d6dfef1654dd701537c8b Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1bb9ef421bd4a56afc817b553e696330a4bd0f773fe7cc14a5f60f3fca6d3031 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c55d973b4f1f97077be29773eb62828830292fa61f01bae59c2fc1488263ad92 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H2	200	plat_MICRO.320b60b.png for882937.com/static/img/	12 KB 13 KB	187ms 187ms	Image image/png	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://for882937.com/static/img/plat_MICRO.320b60b.png Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 627c58eef357f6c7f0fe9eeb1c991db1d10b3c13185fe98e679316e4cf9d27a6 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT last-modified Thu, 23 May 2024 06:04:46 GMT server openresty/1.25.3.1 etag "664edc7e-3196" x-cache-status HIT content-type image/png cache-control max-age=10800 accept-ranges bytes content-length 12694 expires Fri, 24 May 2024 02:01:03 GMT
GET DATA	200 OK	truncated /	8 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 013ce981af6a4753fd46be9ee530f237889dfef0aef50c43ca3553a2790cfe0f Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	8 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash de9d487d60b91b8ed5f1e07e32cf0efa5c2c77302d5c736d9da5be72a91e9ee1 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c1e00af4d889aa1d1d6848f5c0673d84a4ee9c7f5cf2ff5782e889c33dce5374 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e038269e60c8497adb4c07499959bdf329bc40cc60ce1e093fcebb387298440b Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 784ecee26b76b0d7ca3a119632b5c61503a013b9506bafbfe5234203f39e948b Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9295111834dd49a75ac0945911893103e82746a10cc25e019468c5f298b8f7a3 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H2	200	pogo_1.7e93f16.png for882937.com/static/img/	27 KB 28 KB	188ms 187ms	Image image/png	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://for882937.com/static/img/pogo_1.7e93f16.png Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 46f047e2cd2dc9dd8148ecfb3271e4ea7f8c899086694c437ad44692860b7eee Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT last-modified Thu, 23 May 2024 06:04:46 GMT server openresty/1.25.3.1 etag "664edc7e-6d17" x-cache-status HIT content-type image/png cache-control max-age=10800 accept-ranges bytes content-length 27927 expires Fri, 24 May 2024 02:01:03 GMT
GET H2	200	pogo_2.42a15a8.png for882937.com/static/img/	11 KB 11 KB	188ms 188ms	Image image/png	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://for882937.com/static/img/pogo_2.42a15a8.png Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash c48001793255553e41ac39bb9b0911bb46053792c31e880d088c91ee8bcdd473 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT last-modified Thu, 23 May 2024 06:04:46 GMT server openresty/1.25.3.1 etag "664edc7e-2bf5" x-cache-status HIT content-type image/png cache-control max-age=10800 accept-ranges bytes content-length 11253 expires Fri, 24 May 2024 02:01:03 GMT
GET H2	200	pogo_3.1173f26.png for882937.com/static/img/	26 KB 26 KB	189ms 189ms	Image image/png	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://for882937.com/static/img/pogo_3.1173f26.png Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 1ee57193e4cbfcddfab942ea4cb37c1587a2968f3754e38d4bb100555ccdea78 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT last-modified Thu, 23 May 2024 06:04:46 GMT server openresty/1.25.3.1 etag "664edc7e-679d" x-cache-status HIT content-type image/png cache-control max-age=10800 accept-ranges bytes content-length 26525 expires Fri, 24 May 2024 02:01:03 GMT
GET DATA	200 OK	truncated /	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 837f45088d49590df88560148aea6752491e20324d73e6585a5a2731e65bfd4b Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H2	200	payment_2.ea49432.png for882937.com/static/img/	14 KB 14 KB	190ms 189ms	Image image/png	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://for882937.com/static/img/payment_2.ea49432.png Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 57ea5beb00818ad568bf1fa07dd89e7b4be6008b6d871efdc5c8b9199c464656 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT last-modified Thu, 23 May 2024 06:04:46 GMT server openresty/1.25.3.1 etag "664edc7e-36a0" x-cache-status HIT content-type image/png cache-control max-age=10800 accept-ranges bytes content-length 13984 expires Fri, 24 May 2024 02:01:03 GMT
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1e9ee46920049e40eb448056cfa55d272fbba0225cdd8c9709abfae4b6245e27 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	85 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/gif
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f603563ab110f77d86d43a1d2c044d2d36b2339588fba476c36b82b276cebf9e Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	476 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b842e10305b060c01be11bd5df095c96b065429c4ed0dd4db3aaf57db624a08f Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	458 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7f738b0249c26226077c35d36d7a42813a29a294dd604b730d2443729c98bc00 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H2	200	reg_modal2.d67757c.png for882937.com/static/img/	325 KB 325 KB	187ms 186ms	Image image/png	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://for882937.com/static/img/reg_modal2.d67757c.png Requested by Host: for882937.com URL: https://for882937.com/static/css/build10.f43bedc5af6616df0568a666ecade10f.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash faebe30da11d729602b2449f508a3f7b0cca38de400d96672cfc9bf1d5c05d3b Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/static/css/build10.f43bedc5af6616df0568a666ecade10f.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT last-modified Thu, 23 May 2024 06:04:46 GMT server openresty/1.25.3.1 etag "664edc7e-51251" x-cache-status HIT content-type image/png cache-control max-age=10800 accept-ranges bytes content-length 332369 expires Fri, 24 May 2024 02:01:03 GMT
GET H2	200	reg_modal.941ef56.png for882937.com/static/img/	558 KB 559 KB	192ms 192ms	Image image/png	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://for882937.com/static/img/reg_modal.941ef56.png Requested by Host: for882937.com URL: https://for882937.com/static/css/build10.f43bedc5af6616df0568a666ecade10f.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash fb5bab855ce38c2f3b8971e24954098c1c43653da1a20366586b86b34813c98c Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/static/css/build10.f43bedc5af6616df0568a666ecade10f.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT last-modified Thu, 23 May 2024 06:04:46 GMT server openresty/1.25.3.1 etag "664edc7e-8b9bf" x-cache-status HIT content-type image/png cache-control max-age=10800 accept-ranges bytes content-length 571839 expires Fri, 24 May 2024 02:01:03 GMT
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 73cec4fbe46c431c0a3063798ed52e455e87a5de8c49021438f2134e65f94755 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H2	200	1716360172409311.gif static.aaduxm.com/upload/	704 KB 705 KB	347ms 346ms	Image image/gif	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.aaduxm.com/upload/1716360172409311.gif Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 9b782578aeda1d965f3bddf4f1e308ad239739319a0dc3c1a9757f3481052529 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT last-modified Wed, 22 May 2024 06:42:53 GMT server openresty/1.25.3.1 etag "664d93ed-b01c5" x-cache-status HIT content-type image/gif cache-control max-age=10800 accept-ranges bytes content-length 721349 expires Fri, 24 May 2024 02:01:03 GMT
GET H2	200	reg_modal_hat.720c8cd.png for882937.com/static/img/	258 KB 259 KB	289ms 287ms	Image image/png	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://for882937.com/static/img/reg_modal_hat.720c8cd.png Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash ff253f4fa42f6c51ac593ee66e79a4587a39a72d9f0071b3b9bbc30288597dbc Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT last-modified Thu, 23 May 2024 06:04:46 GMT server openresty/1.25.3.1 etag "664edc7e-40974" x-cache-status HIT content-type image/png cache-control max-age=10800 accept-ranges bytes content-length 264564 expires Fri, 24 May 2024 02:01:03 GMT
GET H2	200	reg_text.7ae0c79.png for882937.com/static/img/	385 KB 385 KB	370ms 368ms	Image image/png	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://for882937.com/static/img/reg_text.7ae0c79.png Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash e4dfd1a1babf33175f56c14db2ccc26d94aa0961f3111a8e31da5c36d21c9819 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT last-modified Thu, 23 May 2024 06:04:46 GMT server openresty/1.25.3.1 etag "664edc7e-6034b" x-cache-status HIT content-type image/png cache-control max-age=10800 accept-ranges bytes content-length 394059 expires Fri, 24 May 2024 02:01:03 GMT
GET H2	200	171403998037674.jpg static.aaduxm.com/upload/	78 KB 79 KB	345ms 343ms	Image image/jpeg	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.aaduxm.com/upload/171403998037674.jpg Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash f6acbd755768b559e6ed1abe5bc9c57897cb30c183cf0ca82c6fd25c4c57251f Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT last-modified Thu, 25 Apr 2024 10:13:00 GMT server openresty/1.25.3.1 etag "662a2cac-1391c" x-cache-status HIT content-type image/jpeg cache-control max-age=10800 accept-ranges bytes content-length 80156 expires Fri, 24 May 2024 02:01:03 GMT
GET H2	200	1714039989824419.jpg static.aaduxm.com/upload/	70 KB 70 KB	345ms 344ms	Image image/jpeg	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.aaduxm.com/upload/1714039989824419.jpg Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 2a60d6948ccdb72f5cb0f2c37ece49baf016285b5899147d8f86e524de8a1679 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT last-modified Thu, 25 Apr 2024 10:13:09 GMT server openresty/1.25.3.1 etag "662a2cb5-11772" x-cache-status HIT content-type image/jpeg cache-control max-age=10800 accept-ranges bytes content-length 71538 expires Fri, 24 May 2024 02:01:03 GMT
GET H2	200	17140400356660.jpg static.aaduxm.com/upload/	70 KB 70 KB	345ms 344ms	Image image/jpeg	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.aaduxm.com/upload/17140400356660.jpg Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 087bef01a86f0d5e521ad2b4832bc4f4cbddecaa264cdc0a0f65082652d7651a Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT last-modified Thu, 25 Apr 2024 10:13:55 GMT server openresty/1.25.3.1 etag "662a2ce3-11883" x-cache-status HIT content-type image/jpeg cache-control max-age=10800 accept-ranges bytes content-length 71811 expires Fri, 24 May 2024 02:01:03 GMT
GET H2	200	1711689966076951.jpg static.aaduxm.com/upload/	68 KB 68 KB	345ms 344ms	Image image/jpeg	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.aaduxm.com/upload/1711689966076951.jpg Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash eea83a9ce5e30d5f5120fb7769d5cb05e8c67e96777f1a1668ff26f1e41dfd1f Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT last-modified Fri, 29 Mar 2024 05:26:06 GMT server openresty/1.25.3.1 etag "660650ee-10e56" x-cache-status HIT content-type image/jpeg cache-control max-age=10800 accept-ranges bytes content-length 69206 expires Fri, 24 May 2024 02:01:03 GMT
GET H2	200	171152072201133.jpg static.aaduxm.com/upload/	73 KB 73 KB	345ms 344ms	Image image/jpeg	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.aaduxm.com/upload/171152072201133.jpg Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 53dc66aad07f25cb2ef00e30443e4c86e3ca1982570422fb94aaf62cfcce3974 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT last-modified Wed, 27 Mar 2024 06:25:22 GMT server openresty/1.25.3.1 etag "6603bbd2-123bf" x-cache-status HIT content-type image/jpeg cache-control max-age=10800 accept-ranges bytes content-length 74687 expires Fri, 24 May 2024 02:01:03 GMT
GET H2	200	1711520734569563.jpg static.aaduxm.com/upload/	70 KB 70 KB	345ms 344ms	Image image/jpeg	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.aaduxm.com/upload/1711520734569563.jpg Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash a59c4048e34e37931a0837ea3dd927d1294928d8cb14a140b2497bb55d03325a Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT last-modified Wed, 27 Mar 2024 06:25:34 GMT server openresty/1.25.3.1 etag "6603bbde-1177e" x-cache-status HIT content-type image/jpeg cache-control max-age=10800 accept-ranges bytes content-length 71550 expires Fri, 24 May 2024 02:01:03 GMT
GET H2	200	1711520748366415.jpg static.aaduxm.com/upload/	71 KB 71 KB	345ms 344ms	Image image/jpeg	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.aaduxm.com/upload/1711520748366415.jpg Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 7c6d19e8a8918f332e20b527531be6f87d903573bf05f1b8b0a645a215e42971 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT last-modified Wed, 27 Mar 2024 06:25:48 GMT server openresty/1.25.3.1 etag "6603bbec-11c6a" x-cache-status HIT content-type image/jpeg cache-control max-age=10800 accept-ranges bytes content-length 72810 expires Fri, 24 May 2024 02:01:03 GMT
GET H2	200	171403238526088.jpg static.aaduxm.com/upload/	147 KB 147 KB	345ms 345ms	Image image/jpeg	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.aaduxm.com/upload/171403238526088.jpg Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 3f11561ebfd4333875f8d792668bfb54491cf9d90e8b5a1905cbdfccfd56c9c4 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT last-modified Thu, 25 Apr 2024 08:06:25 GMT server openresty/1.25.3.1 etag "662a0f01-24b01" x-cache-status HIT content-type image/jpeg cache-control max-age=10800 accept-ranges bytes content-length 150273 expires Fri, 24 May 2024 02:01:03 GMT
GET H2	200	1714033086419427.jpg static.aaduxm.com/upload/	77 KB 77 KB	345ms 345ms	Image image/jpeg	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.aaduxm.com/upload/1714033086419427.jpg Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash cd101eef8026bf3c74acc3df5939c29ec710a0d4bae071ed202bf91baaab048e Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT last-modified Thu, 25 Apr 2024 08:18:06 GMT server openresty/1.25.3.1 etag "662a11be-1325d" x-cache-status HIT content-type image/jpeg cache-control max-age=10800 accept-ranges bytes content-length 78429 expires Fri, 24 May 2024 02:01:03 GMT
GET H2	200	1716362750308723.jpg static.aaduxm.com/upload/	175 KB 175 KB	344ms 344ms	Image image/jpeg	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.aaduxm.com/upload/1716362750308723.jpg Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 90611516bce0c63644e905a0c3ef008cb0ec371e9ea08fe439006ade95518825 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT last-modified Wed, 22 May 2024 07:25:50 GMT server openresty/1.25.3.1 etag "664d9dfe-2bbaa" x-cache-status HIT content-type image/jpeg cache-control max-age=10800 accept-ranges bytes content-length 179114 expires Fri, 24 May 2024 02:01:03 GMT
POST H2	200	queryBonusArticleInfoList Show response for882937.com/api/guest/	60 KB 8 KB	673ms 673ms	XHR application/json	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/api/guest/queryBonusArticleInfoList Requested by Host: for882937.com URL: https://for882937.com/static/js/vendor.37db056e4cdb6e153061.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 206cac9bbc235a60dd79fa270069892f4b3847b4c864abf28c947cd9dc8a0b55 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Accept application/json, text/plain, */* Referer https://for882937.com/ sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 23:01:04 GMT content-encoding gzip x-content-type-options nosniff server openresty/1.25.3.1 vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin https://for882937.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true x-xss-protection 1; mode=block expires 0
GET H2	200	get_configuration Show response api.livechatinc.com/v3.4/customer/action/	6 KB 2 KB	14ms 14ms	Script application/javascript	2.17.100.137
General Check archive.org Show headers Download Go to Full URL https://api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=500da5e9-4386-43b4-b672-a73fd6ada06f&version=270.0.3.37.234.166.3.4.1.1.1.21.1&group_id=0&jsonp=__lc_static_config Requested by Host: cdn.livechatinc.com URL: https://cdn.livechatinc.com/tracking.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.137 -, , ASN (), Reverse DNS Software / Resource Hash 09c6f65522c6f2d56e7480c38a725c20fd81780d35b157ef09976a987e3e2ab7 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:04 GMT content-encoding gzip vary Accept-Encoding content-type application/javascript; charset=UTF-8 legacy 2024-05-31 cache-control public, max-age=211 cross-origin-resource-policy cross-origin content-length 2150 expires Thu, 23 May 2024 23:04:35 GMT
GET H/1.1	200 OK	open_chat secure.livechatinc.com/customer/action/ Frame DAA5	0 0	182ms 151ms	Document text/html	2.17.100.209
General Check archive.org Show headers Download Go to Full URL https://secure.livechatinc.com/customer/action/open_chat?license_id=16387728&group=0&embedded=1&widget_version=3&unique_groups=0 Requested by Host: cdn.livechatinc.com URL: https://cdn.livechatinc.com/tracking.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.17.100.209 -, , ASN (), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://for882937.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Connection keep-alive Content-Encoding gzip Content-Length 2599 Content-Type text/html; charset=utf-8 Date Thu, 23 May 2024 23:01:04 GMT Vary Accept-Encoding cross-origin-resource-policy cross-origin
GET H2	200	get_localization Show response api.livechatinc.com/v3.4/customer/action/	15 KB 5 KB	16ms 16ms	Script application/javascript	2.17.100.137
General Check archive.org Show headers Download Go to Full URL https://api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=500da5e9-4386-43b4-b672-a73fd6ada06f&version=470b74842e9d45ce9f156d1d5a957bad_ff1d334908ca01000fc432ec9247735b&language=vi&group_id=0&jsonp=__lc_localization Requested by Host: cdn.livechatinc.com URL: https://cdn.livechatinc.com/tracking.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.137 -, , ASN (), Reverse DNS Software / Resource Hash f9a304d6aed9c0df4a5df087ca8b10564ae0f31eb8e9ab5c8cdc32e21aef9a70 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:04 GMT content-encoding gzip vary Accept-Encoding content-type application/javascript; charset=UTF-8 legacy 2024-05-31 cache-control public, max-age=211 cross-origin-resource-policy cross-origin content-length 4892 expires Thu, 23 May 2024 23:04:35 GMT
GET H2	200	1716458827512220.gif static.aaduxm.com/upload/	552 KB 0	0ms 0ms	Image image/gif	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.aaduxm.com/upload/1716458827512220.gif Requested by Host: for882937.com URL: https://for882937.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 2b05ec6fbfaf9ac7215c060344b0bcea8c3ec792ed337653c8a9212b676491b7 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:03 GMT last-modified Thu, 23 May 2024 10:07:08 GMT server openresty/1.25.3.1 etag "664f154c-8a0e4" x-cache-status HIT content-type image/gif cache-control max-age=10800 accept-ranges bytes content-length 565476 expires Fri, 24 May 2024 02:01:03 GMT
GET H2	200	st content.mql5.com/	70 B 129 B	13ms 13ms	Image image/png	78.140.180.86 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://content.mql5.com/st?id=pnwfsvievauzqnnucpojphmbnnacptuqbg&p_di=4036&p_dcl_s=4036&p_dcl_e=4036&p_dc=6852&p_dns_s=7&p_dns_e=7&p_tcp_s=7&p_tcp_e=387&p_req=387&p_res_s=574&p_res_e=575&d_fp=4027&d_fcp=4027&r_script_s=588&r_script_e=6028&r_style_s=1060&r_style_e=2556&r_img_s=4013&r_img_e=6851&r_ajax_s=4017&r_ajax_e=6349&r_other_s=4507&r_other_e=4550&r_iframe_s=6011&r_iframe_e=6291&err=%7B%22undefined%22%3A3%2C%22type%22%3A1%7D&ssn=1716505260975570964&ssn_dr=4&ssn_sr=0&fv_date=1716505260&ref=https%3A%2F%2Ffor882937.com%2F&back_ref=https%3A%2F%2Fbbs.nwt4.com%2F&title=For88%2010%20N%C4%83m%20ho%E1%BA%A1t%20%C4%91%E1%BB%99ng%2CUy%20t%C3%ADn%20%C4%91%C3%A1ng%20tin%20c%E1%BA%ADy&scr_res=1600x1200&ac=171650526495467422&sv=2552&fz_uniq=6354678958275640492&an=%7B%22vn%22%3A%22Google%20Inc.%22%2C%22cd%22%3A24%2C%22dm%22%3A8192%2C%22ln%22%3A%22de-DE%22%2C%22rn%22%3A%5B1600%2C1200%5D%2C%22ar%22%3A%5B1600%2C1200%5D%2C%22ss%22%3A1%2C%22lb%22%3A1%2C%22cb%22%3A1%2C%22ls%22%3A1%2C%22db%22%3A1%2C%22ax%22%3A0%2C%22pm%22%3A%22Win32%22%2C%22rp%22%3A%5B%22PDF%20Viewer%22%2C%22Chrome%20PDF%20Viewer%22%2C%22Chromium%20PDF%20Viewer%22%2C%22Microsoft%20Edge%20PDF%20Viewer%22%2C%22WebKit%20built-in%20PDF%22%5D%2C%22wv%22%3A%22Intel%20Inc.~Intel%20Iris%20OpenGL%20Engine%22%2C%22to%22%3A-120%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F125.0.0.0%20Safari%2F537.36%22%2C%22hc%22%3A14%2C%22ab%22%3A0%2C%22ts%22%3A0%2C%22ps%22%3A%2220030107%22%2C%22od%22%3A0%2C%22dr%22%3A0%2C%22bb%22%3A0%2C%22bo%22%3A0%2C%22bl%22%3A1%2C%22bs%22%3A0%2C%22dt%22%3A4191%2C%22at%22%3A%7B%22kd%22%3A0%2C%22ku%22%3A0%2C%22md%22%3A0%2C%22mm%22%3A0%2C%22mu%22%3A0%2C%22fc%22%3A0%2C%22br%22%3A0%2C%22ts%22%3A0%2C%22tm%22%3A0%2C%22te%22%3A0%2C%22sc%22%3A0%2C%22sw%22%3A0%2C%22ge%22%3A0%2C%22gy%22%3A0%2C%22dm%22%3A0%2C%22do%22%3A0%7D%2C%22sg%22%3A0%2C%22jc%22%3A0%2C%22bd%22%3A50%7D Protocol H2 Security TLS 1.3, , AES_256_GCM Server 78.140.180.86 Limassol, Cyprus, ASN35415 (WEBZILLA, NL), Reverse DNS Software / Resource Hash e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-type image/png pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload cache-control no-cache date Thu, 23 May 2024 23:01:04 GMT content-length 70 expires -1
GET H2	200	favicon.ico for882937.com/	3 KB 3 KB	187ms 187ms	Other image/x-icon	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash 39a2b81b49429b9bb3fee5d638b4f1863ff83ec14e3ef9da17ec3a1927c301d0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:05 GMT last-modified Thu, 23 May 2024 06:04:46 GMT server openresty/1.25.3.1 accept-ranges bytes etag "664edc7e-b9f" content-length 2975 content-type image/x-icon
GET H2	200	eventsource for882937.com/api/guest/liveSocket/174/u30qqum3/	76 B 0	197ms 197ms	EventSource text/event-stream	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/api/guest/liveSocket/174/u30qqum3/eventsource Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Accept text/event-stream Cache-Control no-cache Referer https://for882937.com/ sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 23:01:06 GMT cache-control no-store, no-cache, must-revalidate, max-age=0 x-content-type-options nosniff server openresty/1.25.3.1 x-xss-protection 1; mode=block content-type text/event-stream;charset=UTF-8
POST H2	204	xhr_send Show response for882937.com/api/guest/liveSocket/174/u30qqum3/	0 276 B	197ms 197ms	XHR text/plain	18.140.30.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://for882937.com/api/guest/liveSocket/174/u30qqum3/xhr_send?t=1716505266999 Requested by Host: for882937.com URL: https://for882937.com/static/js/vendor.37db056e4cdb6e153061.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.140.30.40 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-30-40.ap-southeast-1.compute.amazonaws.com Software openresty/1.25.3.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://for882937.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-type text/plain Response headers date Thu, 23 May 2024 23:01:07 GMT x-content-type-options nosniff server openresty/1.25.3.1 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-origin https://for882937.com cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

live-hk-static.oss-cn-hongkong.aliyuncs.com

URL

https://live-hk-static.oss-cn-hongkong.aliyuncs.com/gamelist/AE/1703237111938.png

Domain

live-hk-static.oss-cn-hongkong.aliyuncs.com

URL

https://live-hk-static.oss-cn-hongkong.aliyuncs.com/gamelist/DB/1703236945942.png

Domain

live-hk-static.oss-cn-hongkong.aliyuncs.com

URL

https://live-hk-static.oss-cn-hongkong.aliyuncs.com/gamelist/CQ9/1703236915625.png

Domain

live-hk-static.oss-cn-hongkong.aliyuncs.com

URL

https://live-hk-static.oss-cn-hongkong.aliyuncs.com/gamelist/JDB/1703237086569.png

Domain

live-hk-static.oss-cn-hongkong.aliyuncs.com

URL

https://live-hk-static.oss-cn-hongkong.aliyuncs.com/gamelist/JILI/1703237059289.png

Domain

live-hk-static.oss-cn-hongkong.aliyuncs.com

URL

https://live-hk-static.oss-cn-hongkong.aliyuncs.com/gamelist/PG/1703237027438.png

Domain

live-hk-static.oss-cn-hongkong.aliyuncs.com

URL

https://live-hk-static.oss-cn-hongkong.aliyuncs.com/gamelist/SABA/1703237001862.png

Domain

live-hk-static.oss-cn-hongkong.aliyuncs.com

URL

https://live-hk-static.oss-cn-hongkong.aliyuncs.com/gamelist/V8/1703236976255.png