play.tribute.ca Open in urlscan Pro
198.55.51.50  Public Scan

9 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response play.tribute.ca/gacorkang/	12 KB 4 KB	258ms 190ms	Document text/html	198.55.51.50 NUDAY
General Check archive.org Show headers Download Go to Full URL https://play.tribute.ca/gacorkang/?login=dewihoki Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 198.55.51.50 Toronto, Canada, ASN1100 (NUDAY, CA), Reverse DNS Software Microsoft-IIS/8.5 / PHP/7.2.7 ASP.NET Resource Hash cb8064dd1af3d6a7151db939d445accbc71b4c1531603a3cb20c0b921d01540c Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 accept-language en-CA,en;q=0.9 Response headers Access-Control-Allow-Origin * Content-Encoding gzip Content-Length 3889 Content-Type text/html; charset=UTF-8 Date Sat, 24 Feb 2024 03:37:52 GMT Server Microsoft-IIS/8.5 Vary Accept-Encoding X-Powered-By PHP/7.2.7 ASP.NET
GET H2	404	slick.css 64.32.8.233/static/css/slick/	0 0	238ms 78ms	Stylesheet text/html	64.32.8.233 SHARKTECH
General Check archive.org Show headers Download Go to Full URL https://64.32.8.233/static/css/slick/slick.css Requested by Host: play.tribute.ca URL: https://play.tribute.ca/gacorkang/?login=dewihoki Protocol H2 Security TLS 1.3, , AES_128_GCM Server 64.32.8.233 Chicago, United States, ASN46844 (SHARKTECH, US), Reverse DNS topw7.topweb2014.info Software / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://play.tribute.ca/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers
GET H2	404	hsycmsAlert.css 64.32.8.233/static/css/hsycmsAlert/	0 0	238ms 79ms	Stylesheet text/html	64.32.8.233 SHARKTECH
General Check archive.org Show headers Download Go to Full URL https://64.32.8.233/static/css/hsycmsAlert/hsycmsAlert.css Requested by Host: play.tribute.ca URL: https://play.tribute.ca/gacorkang/?login=dewihoki Protocol H2 Security TLS 1.3, , AES_128_GCM Server 64.32.8.233 Chicago, United States, ASN46844 (SHARKTECH, US), Reverse DNS topw7.topweb2014.info Software / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://play.tribute.ca/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers
GET H2	404	normalize.css 64.32.8.233/static/css/normalize.css/	0 0	239ms 79ms	Stylesheet text/html	64.32.8.233 SHARKTECH
General Check archive.org Show headers Download Go to Full URL https://64.32.8.233/static/css/normalize.css/normalize.css Requested by Host: play.tribute.ca URL: https://play.tribute.ca/gacorkang/?login=dewihoki Protocol H2 Security TLS 1.3, , AES_128_GCM Server 64.32.8.233 Chicago, United States, ASN46844 (SHARKTECH, US), Reverse DNS topw7.topweb2014.info Software / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://play.tribute.ca/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers
GET H2	200	common.css xn--l3cabib4f8afw6fbb4b6otae.xyz/script/	6 KB 2 KB	86ms 31ms	Stylesheet text/css	104.21.80.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xn--l3cabib4f8afw6fbb4b6otae.xyz/script/common.css Requested by Host: play.tribute.ca URL: https://play.tribute.ca/gacorkang/?login=dewihoki Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.80.20 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 38c4cb9a991ccfd93e30eb1dd9ef880086ca754a57d8ff9ac00416103e845786 Request headers accept-language en-CA,en;q=0.9 Referer https://play.tribute.ca/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Sat, 24 Feb 2024 03:37:53 GMT content-encoding br cf-cache-status HIT last-modified Mon, 30 Oct 2023 07:00:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 547 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=34jPdZ3vVCbdOYuQhHb9xk0VMnsubFIIKzKr9omA0RuKjYdvr7vhuBycChWDib14iWrnHgZDTr9PyJC7FzOwYfW%2BEbadyTacC%2B%2Flr9%2FaxoBE5cDcSXhkiLLhikqHQ7docsUdqPvOUV2HwSe%2BJ6MPHKV7xw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 85a4ac2a5ae13701-YYZ alt-svc h3=":443"; ma=86400
GET H2	200	wap.css xn--l3cabib4f8afw6fbb4b6otae.xyz/script/	9 KB 2 KB	89ms 34ms	Stylesheet text/css	104.21.80.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xn--l3cabib4f8afw6fbb4b6otae.xyz/script/wap.css Requested by Host: play.tribute.ca URL: https://play.tribute.ca/gacorkang/?login=dewihoki Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.80.20 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 303af0908f64187c6d32e56ef20f88b921142219953bf9c35ca3cfc1013f1c78 Request headers accept-language en-CA,en;q=0.9 Referer https://play.tribute.ca/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Sat, 24 Feb 2024 03:37:53 GMT content-encoding br cf-cache-status HIT last-modified Mon, 30 Oct 2023 06:45:29 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 547 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wS8D2HoFgY9bQm0FO0Uzqvw1xjNtnRuKYWocWJZ83MF%2Fofo6l9auhtV%2BDbMnjQ8QjZFxiVNKuc50ra%2Bd6yhqqWloS1eWse3amcQQCXEYoHU9BK3%2Bj7w%2BNN738jCMKUkRsd206kD4xMXyioCYKqmTZoQllw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 85a4ac2a5ae23701-YYZ alt-svc h3=":443"; ma=86400
GET H2	200	nprogress.css xn--l3cabib4f8afw6fbb4b6otae.xyz/script/	1 KB 878 B	85ms 30ms	Stylesheet text/css	104.21.80.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xn--l3cabib4f8afw6fbb4b6otae.xyz/script/nprogress.css Requested by Host: play.tribute.ca URL: https://play.tribute.ca/gacorkang/?login=dewihoki Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.80.20 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4400c1e6b434bc414f3870cc8d155b3335f1f32d1a07381e06cc8a8bd869de73 Request headers accept-language en-CA,en;q=0.9 Referer https://play.tribute.ca/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Sat, 24 Feb 2024 03:37:53 GMT content-encoding br cf-cache-status HIT last-modified Mon, 30 Oct 2023 07:00:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 547 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1UqV7yhcluLzo6rVQwKA7j7xjBSg%2BgL2zbkswPc04oCSvX2NeX49CsNGzavFozK6oL6UorzajALuKRM1%2ByRgu%2FLXUc44sQfsGykX7TzAuX6v%2Fph99r1Fb97ajDuaqPN54d6tSzDDCw5BTp6%2BHXtFSDT21g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 85a4ac2a5ae33701-YYZ alt-svc h3=":443"; ma=86400
GET H2	200	aexdy.js Show response jagoanneo.pro/probanget/	658 B 820 B	87ms 31ms	Script application/javascript	172.67.149.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jagoanneo.pro/probanget/aexdy.js Requested by Host: play.tribute.ca URL: https://play.tribute.ca/gacorkang/?login=dewihoki Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.149.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 115c154a5496eaa846d7aefb88be94810aa9ebbdf67ab4e5f1404d57456659c3 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-CA,en;q=0.9 Referer https://play.tribute.ca/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Sat, 24 Feb 2024 03:37:53 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 547 alt-svc h3=":443"; ma=86400 last-modified Tue, 26 Dec 2023 08:18:05 GMT server cloudflare etag W/"658a8c3d-292" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JUtw4pIaT2nq3%2B6OXQWrC1imVaG13Zxau1qfJlSFjiHC%2BZgw%2FJd%2BuPXqlIvlN5AUwmoRfI5caDSjZ8BotM5d6IbWS2ZNisfVuy2y%2BBusJzhsJR3%2BuEuklL1baIsdPMsx"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 85a4ac2a5b5e36c8-YYZ expires Sat, 24 Feb 2024 15:28:46 GMT
GET H2	200	css2 fonts.googleapis.com/	17 KB 1 KB	134ms 52ms	Stylesheet text/css	172.253.122.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Inter&family=Josefin+Sans:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700&family=Poppins:wght@400;500;600;700&display=swap Requested by Host: play.tribute.ca URL: https://play.tribute.ca/gacorkang/?login=dewihoki Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f95.1e100.net Software ESF / Resource Hash 5e334ebe1aa7211ef189d8cf0b2fd03f43323813303c0455acc2dd6554b7e76d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://play.tribute.ca/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=31536000 date Sat, 24 Feb 2024 03:37:53 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 expires Sat, 24 Feb 2024 03:37:53 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	280 KB 93 KB	214ms 91ms	Script application/javascript	142.251.163.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-9NFW78BV0H Requested by Host: play.tribute.ca URL: https://play.tribute.ca/gacorkang/?login=dewihoki Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.163.97 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f97.1e100.net Software Google Tag Manager / Resource Hash c58b987dc32fc82d93ffab51fee0a29fad194f941f1ebaa6976e8b0ceeebe7ad Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://play.tribute.ca/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Sat, 24 Feb 2024 03:37:53 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 94893 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 24 Feb 2024 03:37:53 GMT
GET H2	200	logo-n.png i.ibb.co/dGdbFhd/	93 KB 93 KB	5058ms 4997ms	Image image/png	104.243.38.202
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/dGdbFhd/logo-n.png Requested by Host: play.tribute.ca URL: https://play.tribute.ca/gacorkang/?login=dewihoki Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.243.38.202 -, , ASN (), Reverse DNS Software nginx / Resource Hash 2f7939b36bdd2770ffe7ba4f9a4297cc97f3ff8436346cf10e289d4a6bec2376 Request headers accept-language en-CA,en;q=0.9 Referer https://play.tribute.ca/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Sat, 24 Feb 2024 03:37:55 GMT last-modified Thu, 16 Nov 2023 04:17:47 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 94937 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	icon_flag_id.png z1yxn6-399-ppp.oss-accelerate.aliyuncs.com/siteadmin/languageFlagIcon/	767 B 1 KB	454ms 291ms	Image image/png	47.89.140.91 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Show image Full URL https://z1yxn6-399-ppp.oss-accelerate.aliyuncs.com/siteadmin/languageFlagIcon/icon_flag_id.png Requested by Host: play.tribute.ca URL: https://play.tribute.ca/gacorkang/?login=dewihoki Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.89.140.91 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software AliyunOSS / Resource Hash e41baeb379170b3a0ddabb6c524a8d2815996cc973adaef8a2b0e56c2f3d2e66 Request headers accept-language en-CA,en;q=0.9 Referer https://play.tribute.ca/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers Date Sat, 24 Feb 2024 03:37:53 GMT x-oss-request-id 65D96491DE66934E9952A312 Content-MD5 C8YknZxKNh8kuRsH3MepdQ== Content-Disposition attachment Connection keep-alive x-oss-meta-crc32c 3519729347 Content-Length 767 x-oss-object-type Normal Last-Modified Thu, 13 Jul 2023 04:42:05 GMT Server AliyunOSS ETag "0BC6249D9C4A361F24B91B07DCC7A975" Vary Origin Content-Type image/png x-oss-ec 0048-00000110 x-oss-force-download true x-oss-storage-class Standard Accept-Ranges bytes x-oss-hash-crc64ecma 11480143976896501816 x-oss-server-time 2
GET H2	200	kl2.jpg jagoanneo.pro/probanget/	869 KB 870 KB	31ms 30ms	Image image/jpeg	172.67.149.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://jagoanneo.pro/probanget/kl2.jpg Requested by Host: play.tribute.ca URL: https://play.tribute.ca/gacorkang/?login=dewihoki Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.149.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e829c70b2b40ffe6d9d1edf97f09890257b9888b7ccdf745b2cc324233bb11b4 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-CA,en;q=0.9 Referer https://play.tribute.ca/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Sat, 24 Feb 2024 03:37:53 GMT strict-transport-security max-age=31536000 cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 547 alt-svc h3=":443"; ma=86400 content-length 889457 last-modified Tue, 21 Nov 2023 01:30:04 GMT server cloudflare etag "655c081c-d9271" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mpfFDFJwri5iO7h%2FQGgdOGBKJHBgAmXMOXaSvNBC9vKc6wdyE06uzJINfGM2xbs0dASNDV8mzIm7Xbbs%2FSmVmVEpPCumk8p%2FPSy%2Buv%2FZ7wP5plOXxyqBs9id68044mrv"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 85a4ac2b7d4e36c8-YYZ expires Mon, 25 Mar 2024 03:28:46 GMT
GET H2	200	game.jpg jagoanneo.pro/probanget/	145 KB 145 KB	131ms 131ms	Image image/jpeg	172.67.149.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://jagoanneo.pro/probanget/game.jpg Requested by Host: play.tribute.ca URL: https://play.tribute.ca/gacorkang/?login=dewihoki Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.149.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9af5619e6f62b64c2859828981b4a9039bbda7e58797da2579d313bb4cf43218 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-CA,en;q=0.9 Referer https://play.tribute.ca/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Sat, 24 Feb 2024 03:37:53 GMT strict-transport-security max-age=31536000 cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 547 alt-svc h3=":443"; ma=86400 content-length 148467 last-modified Tue, 21 Nov 2023 01:28:43 GMT server cloudflare etag "655c07cb-243f3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NlPiwX0PmBa56OlmVdTyyDhfkLtN8pLWvIx9agdQN%2FMNxhPYuFkklSv%2BnVl7WHQsL3IAMw8qAQS7v9t8k3kidevMYwqLep2R251HmLJIivQhoZ2mQN6mS0WjWUjSln2v"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 85a4ac2b7d5036c8-YYZ expires Mon, 25 Mar 2024 03:28:46 GMT
GET H2	200	js-sdk-pro.min.js Show response sdk.51.la/	34 KB 13 KB	133ms 54ms	Script application/javascript	47.246.24.211 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://sdk.51.la/js-sdk-pro.min.js Requested by Host: play.tribute.ca URL: https://play.tribute.ca/gacorkang/?login=dewihoki Protocol H2 Security TLS 1.3, , AES_256_GCM Server 47.246.24.211 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27 Request headers accept-language en-CA,en;q=0.9 Referer https://play.tribute.ca/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Fri, 16 Feb 2024 07:54:49 GMT via cache10.l2us1[922,921,304-0,M], cache29.l2us1[923,0], ens-cache2.us18[0,0,200-0,H], ens-cache3.us18[1,0] content-encoding gzip x-oss-request-id 65CF14C9ABB8F83638F681BD content-md5 JLtSDpUX8u0+2Ye0aur3Iw== age 675784 x-swift-cachetime 1296000 x-cache HIT TCP_MEM_HIT dirn:12:552892566 x-oss-cdn-auth success x-swift-savetime Fri, 16 Feb 2024 07:54:49 GMT content-length 12846 x-oss-object-type Normal last-modified Thu, 08 Jun 2023 02:24:34 GMT server Tengine vary Accept-Encoding ali-swift-global-savetime 1708070089 content-type application/javascript access-control-allow-origin * x-oss-storage-class Standard timing-allow-origin * x-oss-hash-crc64ecma 5143829838470429443 eagleid 2ff6189717087458732822644e x-oss-server-time 2
POST H/1.1	200	collect Show response collect-v6.51.la/v6/	0 515 B	955ms 343ms	XHR text/plain	203.107.86.226 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Full URL https://collect-v6.51.la/v6/collect?dt=4 Requested by Host: sdk.51.la URL: https://sdk.51.la/js-sdk-pro.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://play.tribute.ca/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers Access-Control-Allow-Origin https://play.tribute.ca Date Sat, 24 Feb 2024 03:37:54 GMT Access-Control-Allow-Credentials true Server nginx Connection keep-alive Content-Length 0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers
POST H2	204	collect www.google-analytics.com/g/	0 254 B	126ms 47ms	Ping text/plain	172.253.122.113 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-9NFW78BV0H&gtm=45je42l0v9169822109za200&_p=1708745873187&gcd=13l3l3l3l1&npa=0&dma=0&cid=604905008.1708745874&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708745873&sct=1&seg=0&dl=https%3A%2F%2Fplay.tribute.ca%2Fgacorkang%2F%3Flogin%3Ddewihoki&dt=DEWIHOKI%20%3E%20Agen%20penyedia%20mesin%20slot%20terbaik%202023&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=846 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-9NFW78BV0H Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.113 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f113.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://play.tribute.ca/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Sat, 24 Feb 2024 03:37:53 GMT server Golfe2 content-type text/plain access-control-allow-origin https://play.tribute.ca cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| appUrl function| downloadApp function| gtag object| dataLayer object| LA number| laWaitTime object| downloadBtn object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			play.tribute.ca/	1969-12-31 23:59:59	Name: __vtins__K9RrX1HKVqKqZtrJ Value: %7B%22sid%22%3A%20%223951d4b7-64bf-5974-84e4-979aca585a51%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201708747673343%2C%20%22ct%22%3A%201708745873343%7D
			play.tribute.ca/	1970-01-21 04:15:05	Name: __51uvsct__K9RrX1HKVqKqZtrJ Value: 1
			play.tribute.ca/	1970-01-21 04:15:05	Name: __51vcke__K9RrX1HKVqKqZtrJ Value: a54aed7e-4582-540a-8d9f-1139d0c8adf6
			play.tribute.ca/	1970-01-21 04:15:05	Name: __51vuft__K9RrX1HKVqKqZtrJ Value: 1708745873347
			.tribute.ca/	1970-01-21 04:15:05	Name: _ga Value: GA1.1.604905008.1708745874
			.tribute.ca/	1970-01-21 04:15:05	Name: _ga_9NFW78BV0H Value: GS1.1.1708745873.1.0.1708745873.0.0.0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://64.32.8.233/static/css/slick/slick.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://64.32.8.233/static/css/hsycmsAlert/hsycmsAlert.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://64.32.8.233/static/css/normalize.css/normalize.css Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

collect-v6.51.la
fonts.googleapis.com
i.ibb.co
jagoanneo.pro
play.tribute.ca
sdk.51.la
www.google-analytics.com
www.googletagmanager.com
xn--l3cabib4f8afw6fbb4b6otae.xyz
z1yxn6-399-ppp.oss-accelerate.aliyuncs.com
104.21.80.20
104.243.38.202
142.251.163.97
172.253.122.113
172.253.122.95
172.67.149.24
198.55.51.50
203.107.86.226
47.246.24.211
47.89.140.91
64.32.8.233
115c154a5496eaa846d7aefb88be94810aa9ebbdf67ab4e5f1404d57456659c3
2f7939b36bdd2770ffe7ba4f9a4297cc97f3ff8436346cf10e289d4a6bec2376
303af0908f64187c6d32e56ef20f88b921142219953bf9c35ca3cfc1013f1c78
38c4cb9a991ccfd93e30eb1dd9ef880086ca754a57d8ff9ac00416103e845786
4400c1e6b434bc414f3870cc8d155b3335f1f32d1a07381e06cc8a8bd869de73
5e334ebe1aa7211ef189d8cf0b2fd03f43323813303c0455acc2dd6554b7e76d
9af5619e6f62b64c2859828981b4a9039bbda7e58797da2579d313bb4cf43218
c58b987dc32fc82d93ffab51fee0a29fad194f941f1ebaa6976e8b0ceeebe7ad
cb8064dd1af3d6a7151db939d445accbc71b4c1531603a3cb20c0b921d01540c
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41baeb379170b3a0ddabb6c524a8d2815996cc973adaef8a2b0e56c2f3d2e66
e829c70b2b40ffe6d9d1edf97f09890257b9888b7ccdf745b2cc324233bb11b4