urlscan.io logo urlscan.io
SecurityTrails logo

ad.gem88.win Open in urlscan Pro
2606:4700:3032::ac43:adae  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder...
Effective URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder...
Submission: On January 26 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 79 HTTP transactions. The main IP is 2606:4700:3032::ac43:adae, located in United States and belongs to CLOUDFLARENET, US. The main domain is ad.gem88.win. The Cisco Umbrella rank of the primary domain is 202230.
TLS certificate: Issued by GTS CA 1P5 on December 28th 2023. Valid for: 3 months.
This is the only time ad.gem88.win was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
56 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2a03:2880:f01... 32934 (FACEBOOK)
4 23.200.88.185 20940 (AKAMAI-ASN1)
1 209.97.168.10 14061 (DIGITALOC...)
1 2400:6180:0:d... 14061 (DIGITALOC...)
2 2607:f8b0:400... 15169 (GOOGLE)
5 23.206.172.29 20940 (AKAMAI-ASN1)
79 11
1    2606:4700:3031::6815:5025 (United States)

ASN13335 (CLOUDFLARENET, US)
ad.gem88.win
56    2606:4700:3032::ac43:adae (United States)

ASN13335 (CLOUDFLARENET, US)
ad.gem88.win
1    2607:f8b0:4006:81d::200a (Colchester, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:4006:80f::2008 (Colchester, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2607:f8b0:4006:81e::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    23.200.88.185 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-200-88-185.deploy.static.akamaitechnologies.com
cdn.livechatinc.com
1    209.97.168.10 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
api4.storeip-shopify.com
1    2400:6180:0:d1::61a:e001 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
api6.storeip-shopify.com
2    2607:f8b0:4006:817::200e (Colchester, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    23.206.172.29 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-206-172-29.deploy.static.akamaitechnologies.com
api.livechatinc.com
secure.livechatinc.com
accounts.livechatinc.com
Apex Domain
Subdomains		 Transfer
57 gem88.win
ad.gem88.win — Cisco Umbrella Rank: 202230
1 MB
9 livechatinc.com
cdn.livechatinc.com — Cisco Umbrella Rank: 5963
api.livechatinc.com — Cisco Umbrella Rank: 5415
secure.livechatinc.com — Cisco Umbrella Rank: 6663
accounts.livechatinc.com — Cisco Umbrella Rank: 7278
338 KB
3 gstatic.com
fonts.gstatic.com
70 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
297 B
2 storeip-shopify.com
api4.storeip-shopify.com — Cisco Umbrella Rank: 303905 Failed
api6.storeip-shopify.com — Cisco Umbrella Rank: 271266 Failed
521 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
160 KB
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
58 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
1 KB
0 gmwin.io Failed
gmwin.io Failed
79 9
Domain Requested by
57 ad.gem88.win 1 redirects ad.gem88.win
4 cdn.livechatinc.com ad.gem88.win
secure.livechatinc.com
3 api.livechatinc.com cdn.livechatinc.com
3 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com www.googletagmanager.com
2 www.googletagmanager.com ad.gem88.win
www.googletagmanager.com
1 accounts.livechatinc.com cdn.livechatinc.com
1 secure.livechatinc.com cdn.livechatinc.com
1 api6.storeip-shopify.com ad.gem88.win
1 api4.storeip-shopify.com ad.gem88.win
1 connect.facebook.net ad.gem88.win
1 fonts.googleapis.com ad.gem88.win
0 gmwin.io Failed ad.gem88.win
79 13

This site contains links to these domains. Also see Links.

Domain
web.gem88.win
Subject Issuer Validity Valid
gem88.win
GTS CA 1P5		 2023-12-28 -
2024-03-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-05 -
2024-02-03		 3 months crt.sh
livechat.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-16 -
2024-08-15		 a year crt.sh
*.storeip-shopify.com
Sectigo RSA Domain Validation Secure Server CA		 2023-08-02 -
2024-08-02		 a year crt.sh

This page contains 2 frames:

Primary Page: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Frame ID: 100490A0C24AE37DA028821AC4BB1816
Requests: 74 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=16649625&group=1&embedded=1&widget_version=3&unique_groups=0
Frame ID: 4668FC17529978ED96B5758BF5081D02
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads... HTTP 301
    https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.livechatinc\.com/.*tracking\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

79
Requests

96 %
HTTPS

73 %
IPv6

9
Domains

13
Subdomains

11
IPs

2
Countries

1906 kB
Transfer

3639 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320 HTTP 301
    https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

79 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ad.gem88.win/
Redirect Chain
  • http://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
  • https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.18
Resource Hash
5949c8ed00865d08d3fbc1fb74446567bd12c44527c7ea6672fedcbf50500598

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84bbb1a7a89202dc-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 26 Jan 2024 21:01:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2Bu8HI%2BGVFVBrF6jF%2BCggQPVb%2FP0YUQOGy18We1tqw%2F4AqrsVpgFndLPxjy8eW%2BasAh9kNerDQ6iI9yKF4UpnIPMiGslD31jRT6fld0%2B%2F8GRJ8tp1PdHoo5rSvgSXBJ%2BhRddqGyU6xvKpE4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.1.18

Redirect headers

CF-RAY
84bbb1a628155c66-MIA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Fri, 26 Jan 2024 21:01:55 GMT
Expires
Fri, 26 Jan 2024 22:01:55 GMT
Location
https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TfQ7Hn4K%2Ff6wA3%2BqWpv6NZg1ulKSI1yj8%2BDt0YYOuMIHNHbCcNOfZNyi3ZT27HylpLv1qeUg%2FaARTWN6PESJrwFIBlLMCqmKV3h7h9YB3DcuYbA2PFKsIvkEHzBlpFsiRlCVcWEpgo5Ky6U%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:100,300,400,700,900
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6bb18753865e24b64d4ffdc33cf87d83ef112d23fe18adafab4dc99939f6e0c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 26 Jan 2024 21:01:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 26 Jan 2024 20:40:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Jan 2024 21:01:56 GMT
style.min.css
ad.gem88.win/build/ 		225 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.gem88.win/build/style.min.css?v=1.0.8
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a5dabcd9588c0e8c628952107c2c0bd572087ee84a8ea75ffddcda87d063a7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:56 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 24 May 2023 09:43:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"646ddc3f-383f9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A7KXDaxB9PDa%2FdHF2ATnXC9Bt3yNBwUOGPhnGVOTbrZjMYEhXxds%2BI74Zymd1o4ZlxetfS6ffk4AuFlcmAqXyS7uLci5FAJ%2FleE66z8PiH3Ju04oiWJBoTle0%2B%2FS%2FcDcKUumk8gltiZPT%2Bo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
84bbb1aabc9802dc-MIA
alt-svc
h3=":443"; ma=86400
apphd.min.js
ad.gem88.win/build/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.gem88.win/build/apphd.min.js?v=1.0.0
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fddeffd4b4a71238d91e4d88e216ef4c20d77ab9010017d559c1c48220b1d69f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:56 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 24 Nov 2023 16:14:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6560cc01-15544"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nIoMOKzU0M6JhB2tbgx0SVGta%2FVtk0rT3pBf56JfjmgdTbRl6uX4r5GlfD6FaGB%2FyC0Jj6EUgYEvUxFB1qzMJhFoBFtrPenlf9DsI4m3dJN%2BhorYpTXPohnPv1fqeLK23Pgttzh6MVSjyDA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
84bbb1aabc9902dc-MIA
alt-svc
h3=":443"; ma=86400
thumb-header-lazy.png
ad.gem88.win/images/ 		199 B
503 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-header-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
595eb22f555f9317ce271066d3536a64b5628d8d99c22e8844c48297b770fce4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:56 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-c7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2PrxBeD5MCWwocSl9Zw5DGmWHdBWPWZQ%2Fq%2Bbgm8W26gRK6%2Fmx1Vcz%2BLP97LCWHbjqHMlteMX%2FKtzK8l%2FV9L0nCbvAZtDcO3dLGypczPY6pJQebc3LC9oO0Iv%2FeBx%2BOMbxiigFkNh3Zaygk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1aabc9a02dc-MIA
alt-svc
h3=":443"; ma=86400
content-length
199
thumb-header-mb-lazy.png
ad.gem88.win/images/ 		189 B
558 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-header-mb-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab11db15dbc833f5586d15f59fa66b8cb1aa7d1086985d8c8b82b4b7d91f078c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:56 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-bd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MBOWc9%2BQ2zRRHOuX1WfcemTOKh5n8De4L5Ml2VJwTs4GS4EtwiXGyohPgByBI66hPg3aFDSIqUya5OpN8uhk%2BErdF7yB7wLx15hUKngQDuh5vZdp4dXn1Mde%2FnNE77IZdG%2F5iphFUC6bFfg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1aabc9b02dc-MIA
alt-svc
h3=":443"; ma=86400
content-length
189
jack-top-lazy.png
ad.gem88.win/images/ 		112 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/jack-top-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64e213916d9877bca7d7dae986f5f87c6fe7699316371c948913c216b93c41f2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-70"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EX1ZrT5se%2BruVdbat8fQDW0lzB45PCMA515%2FyOl9Mx0e9Cs2bP2y2ijvQ6UxwIojCp5S%2FGYWNE24SA%2FFs29NhWD%2FNLWRpCRslAW2C2yB2NxjxDvVX8xOVp0fP96x1aVVybQIS2LjeyOnID0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1adbe26257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
112
tab-lazy.png
ad.gem88.win/images/ 		110 B
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa715f294b6d9b97487327a36ebd9038d88d3832a31e35bc65d1f2e84d1cee2f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-6e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iThT1OtPNTcvXNi3xtPUkvoerAUjwRQjrfVAWCqB4t8iK2mVhGnWDRr%2BBUGudJEulNwtRoRisDoGLHQ4VcLA0uhxN3O8drlk9Nnib634w5wV2qhdAqzs1CB4JM9sf%2BpenmE8%2BsOTTquBcGQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1adbe28257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
110
tab-active-lazy.png
ad.gem88.win/images/ 		110 B
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-active-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45e64a2d90de9f35073296ea108245328541ba68b6553bbeb5ed5cb6a8528176

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-6e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BCDOPhhnN3IbaV%2FjSel0gtdd9juMBaCAWlO1kW%2Buym2u9zTo%2BMAdPeMTcBzBlAOvL7JCGZHE43OFLVHsoF9BuBMk88lJYTtsvMLTAEEvYr4NwGeEsLzpvnevbvyauw%2BZC8h%2FTsPLcW8ZaxA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1ae0ead257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
110
tab-full-lazy.png
ad.gem88.win/images/ 		111 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-full-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08e1ffda33d81046bf53cb65a20acc3dd4249e3c0e4e14b0e39f85e04194e98a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-6f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wAleEDcPAUHztvlntMSyzONQnv%2BRRvcjDs%2BARy94vuXvNJcCWocwcZUwVucGdyJukFHmQgqfR2RNVOAbmJrZo3QqCzBjpPmyntexsILy0d%2FXe%2Bc7XcHgLm5TOflP7aqg5h7Dd51%2FX7t33Kc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1ae0eb2257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
111
btn-lazy.png
ad.gem88.win/images/ 		116 B
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd67f2b53732ab3114169952b7564c7535f82d1bdc74dd1862520e521c9c25b9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-74"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sUMIuBalXYll5VgycCV3qgAb%2Bb4kIMCzJ9gCECmfV57qla6CQfL5OE97h%2FNImnjAJDDQiVvTALJZA9s87wEQFYZhaek5pTX5y1i15VoiaidoAB9vDNGIwQxHtMU2T%2BcEtVHuYPEA8rSbObQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1ae0eb3257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
116
dacotaikhoan-lazy.png
ad.gem88.win/images/ 		110 B
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/dacotaikhoan-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8850ad2a073a4e12ff7984cdc1d8a1815020c76f2e7cd96656fe04d0e4e31f2a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 14:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644bd254-6e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TpnhSb1sOgtFyVyOnMFZe99d6T9DWOlYWt8mSzzWWDGUEzb31VVdfw9p0RMxkJ53to0cZYCCETW%2FjZ6deEBoUBZr2DLE8FG6p5XCMdmyu5zoNLzdMk6HkoXh2IAvCzU9UZyTCkvb3nhw4%2BU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1ae0eb5257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
110
btn-dl.png
ad.gem88.win/images/ 		145 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-dl.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0342a64f0d2ab3c294b31ca7b129729f4128731f037a4201fcd6e12a184d7cdc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-91"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ee2%2FYOxBWXde7zkIbqHZ9dmENniIuzDru7ZRHI1h%2Ftm7ASZFS4ooby3hJT%2BuYm3t9qcUKtjz%2FRP7cGoIamBIUVcAsxOG6EopfwRM2TdkY6EXuRAV%2BOStxMwZ9UMa7PgVUu93cGAX96OcsEI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1ae0eb7257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
145
thumb-thank-lazy.png
ad.gem88.win/images/ 		256 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-thank-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c91fd27f6f8293117478def18959bf5053f3dcf98ebb6347905974f6113f163

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-100"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IN0MOlNkBDwWcBsnxvz1VR9gwm814KkS2Egk73OrC%2F7ZJSIZ6JitfxElxhd3q99ELAMvW8N7lOggdsOs7hBru5N5eO30NIBu5hx%2FrEQhUgqvyuTb7QkFYYyKHUrGA%2B6G1w0a4IN2o1L%2F1hw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1ae0eb8257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
256
hoac-lazy.png
ad.gem88.win/images/ 		111 B
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/hoac-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de851a1267df76e4648aaa1059368f8156ab759db4ef70da4245dd6326e7cef8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 14:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644bd254-6f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2FZpZu3g1vlW5fTtjen8w8gILxFnAnnHhYWB%2Bjv6L6bWBFtuHlALYNVKtcFzz%2FvQfxPvd4nR%2FHIli9Garkn5xa1i4qdQKLLfgY1aYptdVBf7QKDanelAz6WtwrE0VpBg%2BfXFczkMt6zueZQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1ae0eb9257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
111
game-lazy.png
ad.gem88.win/images/ 		117 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/game-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65c82fd39e63e481e8718fbc5507615e8d88331056eb7a3b5454ac94bd7faeab

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-75"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2FDT6t%2BY%2BNb08I6bkAG4pnWyUDXEnS8HnTWS7171BrhzCsYmUgSWprsvjNu0FfxfXa4L1r0EieBFi5maE5RimM9rChYO2VZLVUFz30gxZHzAc4ZKOJDgOFMjWlj2%2F0ONd0eezHIa%2FbpsUrs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1ae0eba257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
117
thumb-adv2-lazy.png
ad.gem88.win/images/ 		121 B
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-adv2-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa49fbae9156dc680c02ec2554ef484426e2a98f0f0d16b3050c951f1a031d67

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-79"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hwSSk1SZ9NNRc7eedqO0LLpr%2BqAsUHStCY6UlI4AqasX2uR5o5IwkIyeYZ3UVrGVVNcTG%2BEuYc94EMqfaBx0Uaccb%2B7z1KjQdB5ylxneYNS5UPSTnJDOzUCjG7QxE%2F6JsS7zmVm%2FbxvE%2FnI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1ae0ebc257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
121
loading-lazy.png
ad.gem88.win/images/ 		96 B
559 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/loading-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc3cade2468407b0311a0bb58b781b1ca93c01c1965c49e41ca133d694dfd316

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-60"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rRTeVpLPvklrLTCa3KuVT1GhnXm%2BAZ4z%2BXvYdUyGPCHUhDXDR2523hz%2BENkrTU5IC4ZLN6aYGpbQnddV4cik1qcBmD9XaGXnWUTnVGZ1b45k3EowSVtBUo75wA5xijGE5zdia8K56u3nDb0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1ae0ebd257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
96
app.min.js
ad.gem88.win/build/ 		276 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.gem88.win/build/app.min.js?v=1.3.6
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
707a7ed66ec0a3a3a48dd9875948c4660ece2725b6b6aa03b635b2d30060aa1f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 24 Nov 2023 16:14:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6560cc01-44fd2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZfaF%2BMgbta3H3r18xnWyVVZW9NVksx4np8yDpS9AQMKof2f%2Bck5IRFcfbWPr9ewxCZtRLnXJCyB%2BM8UGZSPHCTUDpb0tBtSoygWA8dPJtq1KiyAncDkM6sUqdBBLYR%2FFT2TKTUFjT22xR8I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
84bbb1ae0eb1257d-MIA
alt-svc
h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		187 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P4HXMRQ
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c6483623b575939d59efb013a41d171eddf38b317824debd2b5f874481c8970c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
67562
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 26 Jan 2024 21:01:57 GMT
bg.jpg
ad.gem88.win/images/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/bg.jpg?v=1.1
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd7fe97d8b0b2a686e232ef2a8b711f5195bc543f5b660e684685c7e66b8f2f0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-f17e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2FOHQR8BPpzeyoJPDdFKxKDaDbHMKwX9oFcaHmKLc9B9cVhoSNCrxrEVLzIlXlv%2BumXLm3V%2BoYOrbGpgPWq7445%2FsXSZapjxHFxf40Yqyxos7ejZYbf2R9rY7PtAOu9jy3R3%2BgcjxE0P51o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1ae0ebf257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
61822
bg-jack.png
ad.gem88.win/images/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/bg-jack.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
762ead9dbd6081f969db272c17bb280daa359f45e2f82519531a2392ca4fcaf1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-cb3e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4rk4M2MRYmEvu4ePt0P3hPHTVOG7ypFlWnPJoKhXby1P3EkE3ibfYd9zeYAW%2BZuf6SljWse6Rh7lQ9wM0rwO8RIqZrsnOtj3Z4VDfUUPqzNj%2ByBP8PZfhMhfceAhoEivdA5bbxEerZeomOM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1ae0ec1257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
52030
bg-form.png
ad.gem88.win/images/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/bg-form.png?v=1.0
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3ba98f60481267b1d7e20f2743d93ed2bba4daf00c9104801d8f51f4d7bf77c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-73f5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dfo3Rn%2FNKMuXJcqLoAkcsUC536dv8RXrm%2BVyuLuNtG%2Bo0nZHLKMdeFZsGl0KVozvr53BoiFNRVdEkbjSk%2BFpao%2FW6Y3jns995qFq7As57CuSGP7d7lb%2BB3K2cvIFKggVRjbO3H%2BKz3TN5vE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1ae0ec2257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
29685
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ad.gem88.win
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 05:52:47 GMT
x-content-type-options
nosniff
age
54550
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 05:52:47 GMT
js
www.googletagmanager.com/gtag/ 		288 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R9056WVBMG&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4HXMRQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a22beead55df8b763fc9a5151d82b240ef0316ad7f587a4b2705d5dae101b555
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96138
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 26 Jan 2024 21:01:57 GMT
fbevents.js
connect.facebook.net/en_US/ 		213 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4101e4fa9bdc7ecb354caf1649d251f838a10b437009900ecc30321fe472b154
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 26 Jan 2024 21:01:57 GMT
document-policy
force-load-at-top
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57022
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
q99tPttbAgEyk3hSg04QADrTNfrgMVzfJ5RJRXKDwtfpcl5bbdvXhcpQXeZ0I85yxDW19ZnMh9FmdXA+n/DSiw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
tracking.js
cdn.livechatinc.com/ 		89 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/tracking.js
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/app.min.js?v=1.3.6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.88.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-88-185.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
de5b777102b32b22b3f991aa9b80a6717627320c5066c8a95c464f5ed3f48dba

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
MOcccbsyoY3U3zni.c1w1U0C4q61EgD7
content-encoding
br
date
Fri, 26 Jan 2024 21:01:57 GMT
last-modified
Thu, 25 Jan 2024 14:13:59 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
etag
W/"5207eeab3f165c63891a636c1077768b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=28800
x-amz-cf-id
OXfYbBYHIZ1y5_VUgLb0eHnENpVgzeheA5ZqRYELUsefqfwmwh1HDg==
content-length
27437
expires
Sat, 27 Jan 2024 05:01:57 GMT
collect
api4.storeip-shopify.com/sw/ 		0
0
collect
api6.storeip-shopify.com/sw/ 		0
0
res
api4.storeip-shopify.com/ca/ 		57 B
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api4.storeip-shopify.com/ca/res?command=storeClientIP&affId=5f5b0c8b85662b13cb8d07a28fcfb947&utm_source=propellerads&utm_medium=popunder&utm_campaign=anw&utm_term=5742320
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/app.min.js?v=1.3.6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.97.168.10 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
5bbbf5993a58c0d9b935e4657bd528add358d75eb40d98e9b04b854fa2b9e8fc

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 26 Jan 2024 21:01:58 GMT
server
nginx/1.16.1
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Authorization
access-control-allow-methods
GET, POST, OPTIONS
res
api6.storeip-shopify.com/ca/ 		12 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api6.storeip-shopify.com/ca/res?command=storeClientIP&affId=5f5b0c8b85662b13cb8d07a28fcfb947&utm_source=propellerads&utm_medium=popunder&utm_campaign=anw&utm_term=5742320
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/app.min.js?v=1.3.6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2400:6180:0:d1::61a:e001 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 26 Jan 2024 21:01:58 GMT
server
nginx/1.16.1
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Authorization
access-control-allow-methods
GET, POST, OPTIONS
collect
gmwin.io/sw/ 		0
0
get-rank.html
ad.gem88.win/ 		2 KB
856 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.gem88.win/get-rank.html?t=1706302917000
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/app.min.js?v=1.3.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.18
Resource Hash
7525736d739b59796b56174150af76f23d160430519ec5a288ec465d82de202f

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
X-CSRF-TOKEN
24c7c9eb4e39b2b87290f5cb6a3e0285
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.1.18
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VxWknwXsB3hRUpffaWXCnBzg7wp1rt89TuvxA0W4HLgjz2wOOhZ2WbQnuwZUeI6JyVbj3d7CFoAfpMVNx5%2FcTIIk%2Fse%2FvS%2F7rWXVYGAyuancfXWxR7aw0SLsAyOhOpQkBV4DN9fpNdi9Mrc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
84bbb1b1ac2f257d-MIA
alt-svc
h3=":443"; ma=86400
notifications.html
ad.gem88.win/ 		1 KB
776 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.gem88.win/notifications.html
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/app.min.js?v=1.3.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.18
Resource Hash
fbb66a6d1a22666f5497ebac652b3f3fe4d2b85cb50f1027ad4a21235a2f652b

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
X-CSRF-TOKEN
24c7c9eb4e39b2b87290f5cb6a3e0285
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.1.18
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gIEEdWHd39MDVDBOrPcwZAjF53%2FdttNE7XF0nSAE0JQgcCNdwgpuSgXi2C3ClOC3La5ctMKJjsVbtPOv%2FMoWvsbt%2FFsOiy08V%2FxnZplsHBFuP4lhjyXcp5D0%2FNGKeqzf7kO%2BV1ExK54FGHY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
84bbb1b1ac32257d-MIA
alt-svc
h3=":443"; ma=86400
thumb-header.webp
ad.gem88.win/images/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-header.webp?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
637bc10ddc6784ea531a496255c1d649b56800f5e26dcdc2f41c31c244353761

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 16 May 2023 09:46:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64635110-108d6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FftcIHdypV%2FRrU2XO7tvUgxG7c%2B4MVqlDlWGovbK1USSdls9%2FITmK4JcAYYTN%2FYcxOgqcABdPzNiJgfymtC80ejoYmdJ9WkJD94GxJpvUzZaDHREDQ%2BRmaRt%2FRo42JzbMFmHW1GeQpvxbNM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1b1ac40257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
67798
thumb-header-mb.webp
ad.gem88.win/images/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-header-mb.webp?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698a7dd29e741793552da6fd4cc98192ad6da8478aeaa0443e27f57f4e9481b4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 09:37:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b93de-e102"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cpzt6ZOWwuBEovuB%2FD%2BY3tNasPVZkWoL%2FVO%2Bh%2F3MQV1u0uWbyeoXvHxoQkuWJxJvP%2FMphk2VhrlapJQrYn4NgOUqzWuq2gf%2BT%2BIsNL3wyd6f1NH4cOwaSCPDUwwrZEbj66sG2dstQuT6sE8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1b1bc4f257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
57602
jack-top.png
ad.gem88.win/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/jack-top.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
150e991344277d2ed02609b431389e719a7133fc719ad8caf9e5b24740e8d694

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-2101"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKgzPrq7vuO%2BTGheXIA3kPzG9wBGb6x35hx%2BhWQZ%2BFiVI3wj1xqsO8Fkfyo9cMCmBiCK8gJkVvxvRPaqESUzJBrdf623lxa75Lh7iE%2B50ktVWd0QH%2BGIkKByQNSfkDtPr%2BexcMwt6DEPddI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1b1bc51257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
8449
tab-dangky.png
ad.gem88.win/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-dangky.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3717be19007b1fd3ccc6c03c33d310ea8e7d3e4d51bc8ba27e617b5f5b477403

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-187a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZs%2BBh9bPQ%2BxMzjBKEtfhMJa2kWuSrisxhQtDIUZ46CjCjO7lZhLTNmxOu5%2Bq%2Fop4giIMorx6o1BLjZz%2FQTS9XrZ6dgFkdVIbJjYVLYrQR7nzkQAck4WF%2BjnjTUPnEYQOxkghKSVrM20bJA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1b1bc53257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
6266
tab-dangky-active.png
ad.gem88.win/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-dangky-active.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40e20d0623dba65f3a7be919bd1b4213c5759ea7d362598e2fffcd03ecb72ade

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-1e90"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bR9MMeq9tnfRyjw4exqranYzWObAiQC1ObHHAohhP4ig1Z2wAmUSlfLfJx8vYrbrJ%2BdX8qXeUm%2FkAoRrhSOAD7SkeOIP178PvikzVSTgL%2FpmewHMnW1gZJXRDz1Ixo5rjGZ01IULTmd%2Fp64%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1b1bc56257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
7824
tab-dangky-full.png
ad.gem88.win/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-dangky-full.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6658297a10eb33e2d3d139f9cea73e2885635495fa475cc4f1fdf41c2ebac72

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-2723"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=euSP8DnsnMa2bXIWSne3zYpm%2F1x1qj%2B9bl8%2F3UeHCiVQAslqstd0HdXJkzRM%2BnsDUW0t8kOy5TknnZTFzNX0W3vifY0MhqPpjoWyAMdO293US4UeofFQZPPvxm87aSG7CmC57CknvW9G2Hc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1b1bc59257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
10019
tab-dangnhap.png
ad.gem88.win/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-dangnhap.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a82b32ea4fcf428a441750c401b3a4752f501995403538889c6d697db4e265e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-1947"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zYOr88GvMzj44eU9hPeiidLv%2FkfRbcxTh8O7lpHx0llptA%2FQCJUkMQMuDOPO5wWHhgrd7GB%2BiiUrnob3J5nhsX8WPzAB87RI67m3SiK%2BpoEmaBo3EP%2FQ296wDF%2FeXlrnMwDHPOdynqnnc54%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1b1bc5c257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
6471
tab-dangnhap-active.png
ad.gem88.win/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-dangnhap-active.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e66619ac22c40ebb4b8ac9284325bb301e77423dee32a5bf091a8d0e8894ff45

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-1fb5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2FoYpb8%2BACc5b7WPMvHthQt2qNb1fwH7TslFHobONgG9kzG%2Fs9WCqyyIfZ26ArFQgoAiXAVnVOcgOsZMmBKt3nYA0hBKZwlHj2R8hhIWSPkImVQON6ZFRBuOKLDi%2FIYdteHhNiAcZ4veiZ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1b1bc5d257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
8117
tab-choinhanhweb.png
ad.gem88.win/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-choinhanhweb.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df4c4d50f9082a8d502245115432b004535b78dfc6dcc5d4f206e875fabc5575

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-20e9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZtYf0j1ONxlcnYVs6yawdnt8oAxB9oaBA1EOdiqP9buqE%2FTlwBvD0TdWOxoLsacLEyCUe7FqAaJ3%2FPa3Ox%2FWSitvi2rYK4lU9ZMHpTFUF46kJ4KE0fOaHwIcN28I7W0fgn4ikPaCaWDLB4g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1b1bc5e257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
8425
btn-dangky.png
ad.gem88.win/images/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-dangky.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3c6d54c27cb6f6eb3986a10b70080fce7c6378d873340cb9856a7d41e556127

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-61c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qD5i%2BAjdO5TXQmAA5HA4izZ%2F9PiEDz%2BvhCc2cePibmn7uRnIriuOyS9zfbAhFYJGtCoJozTZqFIWryLHtqVgeq5NYsClkf%2BiTg6POZWZUCSbCm61J8y8LqKtZUm2ZfaDGN7NrVHjYk11Hps%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1b1bc5f257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
25026
btn-dangnhap.png
ad.gem88.win/images/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-dangnhap.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36c64ee60a979a9056c04de2092ff68c0744e24029d7add30fc6c7342d3e47fb

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-599c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EY18duXjihNEu9MeLahu4pO%2BNOXAH1Yhd4qeljRfoDFeUd2RXtDrhoYE4tLvUlO16cJEoenNgvhDOaouTcKt9E4%2BghBJSLd3qH9yciNh8i3Q1TIOVjfRp4qvfKPeqj9z5soHx8%2Bcmy5i10M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1b1bc61257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
22940
dacotaikhoan-v2.png
ad.gem88.win/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/dacotaikhoan-v2.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1334fc4f83d8709a632ab9fd8d22c4e2868b30534f58d11f8a029456666dcc71

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 16 May 2023 09:46:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64635110-157b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzTvJBbPRmg98wnLcJOCEE0GFP4JYQzbwYW2o5DA%2FdPjn5eU5O3mZlZzwIaXJjXPUEzH38HaM00T2qO%2FgBiqQrnaW%2BpYzRW1Lj5v301CNN%2Bou3pY9YLnZBvV4cbQDZofof%2B088AcHxNuRio%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1b1bc63257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
5499
btn-playweb.png
ad.gem88.win/images/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-playweb.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbcad0512f42296a7388501662662ef64652a9daa3fb39147352b657b61acb9c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-f69b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5M3JMJpPrm%2BTnVNXZ3oJlfK%2FNBRAGdS9YzgOsvsQ6hriAJSY9uL4SFMUQhw3vd%2Fn9Hznc3leLmZ5xwH%2BrlM1YLlu4fVVllcYTE%2BAKb1qJ2Y8qxXhEmVjKZETqB0oAMNf1BeQZYAOcdAyvwo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1b1bc65257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
63131
thumb-thank.png
ad.gem88.win/images/ 		225 KB
225 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-thank.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c9d6b9b0ae9bc6c9c0059e96e8d679b82a868c59ec1e9bee350bc6e2edf2186

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-38349"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VLr8l0BK6ffSGhsCAPGAoEvqKvORR5Qp4I6zPA5WlSRuxJwS4JX%2BW4kOgRfrvlYaT%2BNoY5akneZedDN86RaRHY97in8WSynZvTufd8UOv2l5YmLVLf%2FceCFtrtAukthsAuRgeGaMJ3oA9QY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1b1bc67257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
230217
dacotaikhoan.png
ad.gem88.win/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/dacotaikhoan.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c5da9fa4f696362b6832648e51af1420004535e4e8267bf0dbbf289dbb51669

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 14:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644bd254-2d24"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fq2eJOt%2BdmsENEyENu43mSSo82m8DNTiihHvRXNvz4eWgU0v6YGle7CZJHbb8AuIzSMNTI9VljvRTEb9W8TNL78274fD28ACz%2Fib3Qtziuwd%2B7RFZgApB2YmZfXfdHgin0BJeAh2kJABCo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1b1bc69257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
11556
btn-android.png
ad.gem88.win/images/ 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-android.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0210b490fceb299ba4561c1fc0a13f330191f5ee0aa4a17a4e700abe1037b85

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-1c1c8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJRFd7yAYmHo2Gog3hAaQd%2BZu%2BGFpzBDKLMjlcbzHThQVjBLQnN6Oh5fjk067uFcfT1D6qhk1OlQZ7kHOLaQplt8WJEqR23yZhQ7Th6iAWvOk3MxvSvkN2A8a27WPknEao8vAU4NnnsYV44%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1b1bc6b257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
115144
btn-ios.png
ad.gem88.win/images/ 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-ios.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9ce5a276819119f1b6223228d236ffdf3d8d83014b08a4e1c909310fd261f3d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-1c02e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D8BDVc7KxFQGlm%2Bil6LCcepghvTcaCo%2FnBtHlwx7evzl6pPxW22NeAi3xiy6BMbA2tywbpuMFP37tx9c%2BU0JrK38PwFAqlHt%2FRanb%2FoZ86mi569XA7BIK%2FX8ZBTC1GahaClvKkjEYqv2uWc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1b1bc6d257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
114734
hoac.png
ad.gem88.win/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/hoac.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae34e2543ec92b8c440339855cf1829b8107fdecb3280d43ba905b59715f6fc0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 14:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644bd254-fd8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v4r8Fg9KNs9wSQcnM2CT0dqYaSMEVhq3cKTYHmGplxnbNTpa4NhyxntaFZRqj1LZ9GlwE%2BMADQ4%2FtRfS9iEbwoCFROF6zXFFizeiUOHDqNsGaCRlxju1jgBzBqNy7yEdr7H%2B%2FRMzSPy7ExA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1b1bc70257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
4056
game1.png
ad.gem88.win/images/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/game1.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bc27df30f2056611a375e141bbd6ed4de7f7574a0acc2f265cd52fa8a7d72e6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-8ac6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mhfHWQWwyKH7Gaag8dz8SEdAp134s2HD9Owz699eYOgeYmGuysSKoZXFapsmxFlucPSf1HWzvdDKvoz6EpRPUYG6i0LqTNNLN3Qgyws80Ao3jNvmkoj2K3Xi70zpKQepQ1QFSEyvXV0V%2B84%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1b1bc76257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
35526
game2.png
ad.gem88.win/images/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/game2.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9d251e4fae4ce41096ac504dcc8277b13509f3b21716fa6bf2bbbf248299428

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-83a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ffMszAGLprgvOAlNsNEAjsa82OGjbVDWFx1ECAl90FNiKbPcWGpn94aOKah6%2FfTJkAGGhkqmfm1fuy8EAWHyS8EvEu8eXkV2NnQBugbisnkPYg7q1taggRJURbg8%2BEM7ubCM%2FcnSIYQSf1Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1b1bc77257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
33705
game3.png
ad.gem88.win/images/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/game3.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a914ae4cdbc9c034bb19398eee3bff1effe990f4f934cd704842fd4b79ab01

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-8898"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jKLognuaDAePDjhJVe3T7FgfXPZJ14kuFpA1qO4ZK%2BMPlFls%2FH4TQEHulHkOmodHz%2BUTaxuMRVc8s%2BIBQrD%2BEllgTvvQh3J7VpVKhxv2icgnK5u8Lp0Q1KSe9%2F1AEPOR9GZkLwoq3qmPG1k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1b1bc79257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
34968
game4.png
ad.gem88.win/images/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/game4.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb2489c0eeffa420686b1bb54575790cadfeb3344d2063ac26bb38d4e1ee9c5b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-5a8c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46KLLZrDOgwiEehGltHVnwfth0u95sPSmX3y1i4VMUUtyR%2FHQLyxPA2rkhVNB2HIVbhIwGqcLZj0VYXsMRCzg%2FjxdeKhlNoJsOY%2BWWvKZO%2B1jWhLjT0XuLzhrmhwKvyvUZELxIiZovynU%2FE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1b1bc7a257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
23180
thumb-adv2.png
ad.gem88.win/images/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-adv2.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bca08b5abefcb969515978e1a62cdc71eedb282539de0a93da72ef604ddfb905

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-8eed"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dzcRv6qKf69qa6vQGl4jAKgh1MqYlquWra%2BWx6ay%2Fx%2Fod1yosk6vfm3Loyx2OBLyKCEXggXYfcDEzyL%2FO1Ph9gMUkCEZioGTTwiz5PKP4m8%2BrP%2BL%2BdQ0r30EJwOXhLdMdR1TUAAYJvwIRQ4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1b1bc7c257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
36589
loading.gif
ad.gem88.win/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/loading.gif?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ade47c7bfe9cb00a16c8b4fa265aa07e8fa676f051e23d1d8a4fbfdb86fef1b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-663"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Imheex7sx0l3sv%2BWs%2B3JuRSSdx1LHZ6nCcJgsqWQpBhAGCwr58qkMCear8TXpq4QiTcY0f50XTS%2B7LqmBKMo27yyGhnODukkQMpEkFLlD3z4x1ZxFFrH430HNfsFO9fGyRJBVwqiV7u4FQk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1b1bc7d257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
1635
icon-user.png
ad.gem88.win/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/icon-user.png?v=1.0
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25adcb5829f4e373982ac7be939819c77761f28132c5728725638d766d49b06b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-784"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gzvN12MReGrZ2Ny5xxYSa3ff2Rt%2BsFm7rZc0MVZwYhHb4HOH5tgaltBZAjl9bZOiDw%2FGyoClY42%2FGltYu0%2F365grnj0P%2F9c%2FDucufTzJOurV125Buk%2BeDkzp2cEq6CyZGgbB3n%2B3Euxy%2BmI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1b1bc7f257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
1924
bg-input.png
ad.gem88.win/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/bg-input.png?v=1.0
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b7d1a33f8a26fadb03580db340f76f5fed5e5b765d0563048687638f7a0269b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-b45"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5fno3JWwNNW5a282J3b4OuPkKGgxZFUZNkHtALqAjvBPVPURb283aQJXHSLkVdJLAJutSq9kyDH6Qs49uWq%2BI%2BKE66UIUbdOFnT0kl7adiV1wa2ggzsrcOb5IUOzvHa5MpBTjc%2Fuvv7D5Yo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1b1bc83257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
2885
icon-lock.png
ad.gem88.win/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/icon-lock.png?v=1.0
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41841244ce6ed4f465cfb868c420edeb0f64c532c5a31329bcdacf8c7841d852

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-6d3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rmSkSMgjrajM7EINBw4VjDbKPaNKTvUSFsKgIXGCE%2FThj%2BBanzwnCxo2WCov87otOTOigE%2BeqB%2B2b4vnn2jPdp1ZdRpCGL40vzeF6TTSfYi7T3nL1%2FVrRgmJgPREgO%2Fe5Whq4bmqqPWRq5M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1b1bc87257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
1747
fa-regular-400.woff2
ad.gem88.win/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ad.gem88.win/webfonts/fa-regular-400.woff2
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9

Request headers

Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
Origin
https://ad.gem88.win
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-350c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OIcwdc%2BI85ZbeLWGvpXj%2Fctuw%2BaUUoJHoAR82t91w2GuXZ19k6csLWZ4JvGa%2BGbOvMqSAdn2750FBhwThHLNU5jqr%2BlVvviFsTVgRvq4k2S3ymCPQctdaUfmpm38opgMomjJm1eCE3tcsE4%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1b1bc89257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
13580
JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ad.gem88.win
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 06:05:51 GMT
x-content-type-options
nosniff
age
53766
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27812
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:37:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 06:05:51 GMT
JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26a448d7f02e7b021d15ba5d546ce57d822e6c7728420eb089a23adf10ea26ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ad.gem88.win
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 06:09:19 GMT
x-content-type-options
nosniff
age
53558
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9512
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:58:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 06:09:19 GMT
collect
www.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-R9056WVBMG&gtm=45je41o0v9118954187z89118949234&_p=1706302916785&gcd=11l1l1l1l1&dma=0&cid=1113491708.1706302917&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706302917&sct=1&seg=0&dl=https%3A%2F%2Fad.gem88.win%2F%3Fa%3D5f5b0c8b85662b13cb8d07a28fcfb947%26utm_campaign%3Danw%26utm_source%3Dpropellerads%26utm_medium%3Dpopunder%26utm_term%3D5742320&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1998
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R9056WVBMG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 21:01:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ad.gem88.win
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
get_dynamic_configuration
api.livechatinc.com/v3.6/customer/action/ 		402 B
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=16649625&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fad.gem88.win%2F%3Fa%3D5f5b0c8b85662b13cb8d07a28fcfb947%26utm_campaign%3Danw%26utm_source%3Dpropellerads%26utm_medium%3Dpopunder%26utm_term%3D5742320&channel_type=code&jsonp=__86ed74zavxj
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.172.29 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-172-29.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f6438c31ef075c505956135fccbc2dad89d943106d8ab8c62ce8593121526738
Security Headers
Name Value
Content-Security-Policy frame-ancestors ;
X-Frame-Options allow-from

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
frame-ancestors ;
date
Fri, 26 Jan 2024 21:01:58 GMT
content-length
402
vary
Accept-Encoding
x-frame-options
allow-from
content-type
application/javascript; charset=UTF-8
icon-jacktop1.png
ad.gem88.win/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/icon-jacktop1.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eed0f9e2fc88385306cc4d2aa8bcd1fc329e7354a29a265809094ba409045ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:58 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-b71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tjZuxQ3aj3QDpvTDO4jWWdhCWRLyOVQvBk%2BrWvg8SXZ0TvqPEtSW9%2BTV1Tk6uIK%2BPk4vSdM4K3IHD4pr%2FQYWChyyVTRWwxKdpVeVzLdGUulRBnXT4ySX1%2FIRcHNtqsJEmhdzai9l59lGbtI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1b4a9db257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
2929
icon-jacktop2.png
ad.gem88.win/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/icon-jacktop2.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed522d1bf5b935ecb33a5896bbf3d84e910104318a5b41c9b9f1e5ab3f72dc01

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:58 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-950"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d4GAaYy1hXfdRFn4K%2FQbz7qiiZan5yZXmgLVzKebUi2BZExBxI00Cvo88XAwVHOj0R12YOvaPU3NHIEk8%2BwJa4oae6v4CUziBzmvt9lSrfv5TdNG9FEicTallymvY8%2BKXS7ID9jl4obFo6M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1b4a9e0257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
2384
icon-jacktop3.png
ad.gem88.win/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/icon-jacktop3.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6155fdbd8360064763e6e9eba26ee73353d2fe4754b58ae921a9541ccb40ca6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:58 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-874"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJyBAGYGiyL%2FRiVZlNe3362m586fIcBVOvpgtAjSi5pOyf6%2B1i%2FsIZpjer34a0AaIOyKF5pwsrv4wmXvl1bgWtjcsZ%2BdRNZESPqAAS3JSOSC2lhSQlqXKXXWQj%2B6QMOSKUYPJzNS7kv1PiE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1b4a9e5257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
2164
icon-jacktop4.png
ad.gem88.win/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/icon-jacktop4.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
647be14a6401e00f3d516ae4415fcd53940ce6602d4efa9594a3572e949e6a8c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:58 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-5fe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SIQVgRECIHlGqrRbidJ32yeNoaJtlpzcyT7tH6KlPVYKPkJrLzNXt3dHha4IL9%2BnSpl6hdcePqGBnijYcMfgBftoJVb5czgKF54hSBXa0mt8x408mdO3QKxzEPaCQ5B9kHiHWLaDO7JWq6Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1b4a9ea257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
1534
icon-jacktop5.png
ad.gem88.win/images/ 		934 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/icon-jacktop5.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
306b373301556d58c2ea00c4b5a45e65f61859ee5f4f812e4708b74c41af1d48

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:58 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-3a6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQdh18FqN%2FkQyZbspwBKAZ4Dx5ueQ20XkVZSaNamofQPCNu6aB9cBJl0USJRzEs0CLUUeyQhefUkQ239bhMebxbPedZFofLwI%2B2dL%2BHKNbNqEpri7l84XMxkgZGujyeKcQ4v195%2F%2Fdq3x%2Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1b4a9ed257d-MIA
alt-svc
h3=":443"; ma=86400
content-length
934
get_configuration
api.livechatinc.com/v3.4/customer/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=ef2f11e4-1091-4034-ac21-61891ac28f7e&version=116.0.2.50.156.93.2.3.4.26.3.4.1064&group_id=1&jsonp=__lc_static_config
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.172.29 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-172-29.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
30125e3c72c23b56d3b4c74bd29c2ce9947e5cdd286dc442b01e145fabbe48b2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:58 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
legacy
2024-05-31
cache-control
public, max-age=580
content-length
1721
expires
Fri, 26 Jan 2024 21:11:38 GMT
open_chat
secure.livechatinc.com/customer/action/ Frame 4668 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.livechatinc.com/customer/action/open_chat?license_id=16649625&group=1&embedded=1&widget_version=3&unique_groups=0
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.172.29 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-172-29.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7dc5c3312081faba5473707cf05aa56ee6913aee78bdab46c3a79c54d214b09b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-length
2614
content-type
text/html; charset=utf-8
date
Fri, 26 Jan 2024 21:01:58 GMT
vary
Accept-Encoding
get_localization
api.livechatinc.com/v3.4/customer/action/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=ef2f11e4-1091-4034-ac21-61891ac28f7e&version=075b79d72a19c7c515c01775c17428ae_280255cebfb378fb1b940cc57366633a&language=vi&group_id=1&jsonp=__lc_localization
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.172.29 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-172-29.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
20fe76e9a86514a99ecd09e63a268f5c7492efea04cbefdd611d3e737ef5c9d3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:58 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
legacy
2024-05-31
cache-control
public, max-age=580
content-length
4673
expires
Fri, 26 Jan 2024 21:11:38 GMT
0.5dc5f2c2.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 4668 		209 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/widget/static/js/0.5dc5f2c2.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=16649625&group=1&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.88.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-88-185.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
39d26d3eba5a1e793cb88055d3576c215c35cb694519b0e894a4b368f3498f79

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
uYA6jbT227F8MDfo8xw0rcZS_FxwPTFl
content-encoding
br
date
Fri, 26 Jan 2024 21:01:58 GMT
last-modified
Wed, 24 Jan 2024 11:54:36 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
x-amz-server-side-encryption
AES256
etag
W/"8e16a491d4092798d51fc0b239ddcc39"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
jvpAR_DcWFPE2QMGwDyaNaLEqRUnDwbu-1Fv7l8OymoB0lHTuGkDfA==
content-length
66404
expires
Sat, 25 Jan 2025 21:01:58 GMT
1.96e1aea4.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 4668 		328 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/widget/static/js/1.96e1aea4.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=16649625&group=1&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.88.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-88-185.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
96ee529d1c4cb148b1489b318aa07589836a40a4e3587a75de8b6f651f6ef605

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
3od1pR008NiXO7xyXz6HXUIar9TaQzr.
content-encoding
br
date
Fri, 26 Jan 2024 21:01:58 GMT
last-modified
Thu, 25 Jan 2024 14:14:01 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
etag
W/"3b4eeffb8e4912e719da28446585e843"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
SfS_srL8tCqQCMWTN-Pl0p9zEJCDqIIED4oRlBvz5sF7IzjTRVVFJQ==
content-length
94505
expires
Sat, 25 Jan 2025 21:01:58 GMT
iframe.968650b8.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 4668 		528 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/widget/static/js/iframe.968650b8.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=16649625&group=1&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.88.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-88-185.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
323f9e0dbba09e9ce07263ea4e32395848a8cf9c83ddc90d2aabcd68b828e6ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
UQZjkbKwDjiiCcpU.Wtwl5PkoFFxbITx
content-encoding
br
date
Fri, 26 Jan 2024 21:01:58 GMT
last-modified
Thu, 25 Jan 2024 14:14:02 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
etag
W/"d46e2de9e93b83f2721736516d65ffaa"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
CGw60oKQXlh2q_bG2Bc0P9dY7RVryW22sXxQ4NKh_h3cQIwOFYitPw==
content-length
144691
expires
Sat, 25 Jan 2025 21:01:58 GMT
token
accounts.livechatinc.com/v2/customer/ Frame 4668 		195 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.livechatinc.com/v2/customer/token
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/widget/static/js/0.5dc5f2c2.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.172.29 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-172-29.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
edd370f7313b635e56c7f7f095de5e9e89623f9cbd2c8db2f6852a4f6a7b6039

Request headers

Referer
https://secure.livechatinc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 21:01:58 GMT
content-type
application/json
access-control-allow-origin
https://secure.livechatinc.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
195
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-R9056WVBMG&gtm=45je41o0v9118954187&_p=1706302916785&gcd=11l1l1l1l1&dma=0&cid=1113491708.1706302917&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1706302917&sct=1&seg=0&dl=https%3A%2F%2Fad.gem88.win%2F%3Fa%3D5f5b0c8b85662b13cb8d07a28fcfb947%26utm_campaign%3Danw%26utm_source%3Dpropellerads%26utm_medium%3Dpopunder%26utm_term%3D5742320&dt=&en=scroll&epn.percent_scrolled=90&_et=14&tfd=7020
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R9056WVBMG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 21:02:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ad.gem88.win
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api4.storeip-shopify.com
URL
https://api4.storeip-shopify.com/sw/collect?aff_id=5f5b0c8b85662b13cb8d07a28fcfb947
Domain
api6.storeip-shopify.com
URL
https://api6.storeip-shopify.com/sw/collect?aff_id=5f5b0c8b85662b13cb8d07a28fcfb947
Domain
gmwin.io
URL
https://gmwin.io/sw/collect?aff_id=5f5b0c8b85662b13cb8d07a28fcfb947

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 string| aff_id function| setCookiesLogIpv4 function| setCookiesLogIpv6 function| $ function| jQuery object| dataLayer boolean| isCHPlay boolean| isAppStore boolean| isApk boolean| isIpa number| isAction boolean| isRegis string| v object| google_tag_manager object| google_tag_data string| myDomainPV string| idPixelPV string| srcPV function| fbq function| _fbq object| iv object| key object| conf string| affId string| userAgent object| urlParams boolean| openCHplay boolean| ipv4Res boolean| ipv6Res string| query_string function| checkResp function| logIps function| parseUTM string| app_id object| session function| onRegFrmSubmit function| onLoginFrmSubmit function| onLogin function| onRegister boolean| isMobile object| notifications boolean| isIPadPro boolean| autofill object| idgame object| totaljackpot number| total object| namegames function| lazyLoading function| onPlayWeb boolean| jackpotRunning function| onJackpot number| notificationTimer boolean| notificationInit boolean| notificationCall boolean| notificationRunning function| onNotifications function| showInfo function| setEncrypt function| onDownloadAndroid function| onDownloadIos function| setCookiesTracking boolean| ipv4 boolean| ipv6 object| LC_API number| t function| getIP object| bootstrap function| Fingerprint2 object| CryptoJS function| UAParser object| __lc function| onYouTubeIframeAPIReady object| gaGlobal boolean| __lc_inited object| notijackpot

7 Cookies

Domain/Path Name / Value
.accounts.livechatinc.com/v2/customer/token Name: __lc_cid
Value: 9a113458-8f63-4510-89e1-ea06dbbe233b
.accounts.livechatinc.com/v2/customer/token Name: __lc_cst
Value: 1a9f4123707955735b020e4b5cad1c91eb70f282193d620259a3dccd14faf08ce55c12e068e736c96e780a5935e9e823dc9c313928b12f6590c61eaed18b
.accounts.livechatinc.com/customer/token Name: __lc_cid
Value: 9a113458-8f63-4510-89e1-ea06dbbe233b
.accounts.livechatinc.com/customer/token Name: __lc_cst
Value: 1a9f4123707955735b020e4b5cad1c91eb70f282193d620259a3dccd14faf08ce55c12e068e736c96e780a5935e9e823dc9c313928b12f6590c61eaed18b
.gem88.win/ Name: _ga
Value: GA1.1.1113491708.1706302917
.gem88.win/ Name: _ga_R9056WVBMG
Value: GS1.1.1706302917.1.0.1706302917.0.0.0
accounts.livechatinc.com/ Name: __oauth_redirect_detector
Value: counter=1&t=1706302948&tag=3be038f2bc27100eda1c882e78c917a58f8e7ba4

6 Console Messages

Source Level URL
Text
javascript error URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Message:
Access to XMLHttpRequest at 'https://api6.storeip-shopify.com/sw/collect?aff_id=5f5b0c8b85662b13cb8d07a28fcfb947' from origin 'https://ad.gem88.win' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api6.storeip-shopify.com/sw/collect?aff_id=5f5b0c8b85662b13cb8d07a28fcfb947
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://ad.gem88.win/?a=5f5b0c8b85662b13cb8d07a28fcfb947&utm_campaign=anw&utm_source=propellerads&utm_medium=popunder&utm_term=5742320
Message:
Access to XMLHttpRequest at 'https://api4.storeip-shopify.com/sw/collect?aff_id=5f5b0c8b85662b13cb8d07a28fcfb947' from origin 'https://ad.gem88.win' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api4.storeip-shopify.com/sw/collect?aff_id=5f5b0c8b85662b13cb8d07a28fcfb947
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://cdn.livechatinc.com/widget/static/js/iframe.968650b8.chunk.js
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other warning URL: https://cdn.livechatinc.com/tracking.js
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.livechatinc.com
ad.gem88.win
api.livechatinc.com
api4.storeip-shopify.com
api6.storeip-shopify.com
cdn.livechatinc.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
gmwin.io
secure.livechatinc.com
www.google-analytics.com
www.googletagmanager.com
api4.storeip-shopify.com
api6.storeip-shopify.com
gmwin.io
209.97.168.10
23.200.88.185
23.206.172.29
2400:6180:0:d1::61a:e001
2606:4700:3031::6815:5025
2606:4700:3032::ac43:adae
2607:f8b0:4006:80f::2008
2607:f8b0:4006:817::200e
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81e::2003
2a03:2880:f012:10c:face:b00c:0:3
0342a64f0d2ab3c294b31ca7b129729f4128731f037a4201fcd6e12a184d7cdc
08e1ffda33d81046bf53cb65a20acc3dd4249e3c0e4e14b0e39f85e04194e98a
11a5dabcd9588c0e8c628952107c2c0bd572087ee84a8ea75ffddcda87d063a7
1334fc4f83d8709a632ab9fd8d22c4e2868b30534f58d11f8a029456666dcc71
150e991344277d2ed02609b431389e719a7133fc719ad8caf9e5b24740e8d694
1c9d6b9b0ae9bc6c9c0059e96e8d679b82a868c59ec1e9bee350bc6e2edf2186
20fe76e9a86514a99ecd09e63a268f5c7492efea04cbefdd611d3e737ef5c9d3
25adcb5829f4e373982ac7be939819c77761f28132c5728725638d766d49b06b
26a448d7f02e7b021d15ba5d546ce57d822e6c7728420eb089a23adf10ea26ef
2bc27df30f2056611a375e141bbd6ed4de7f7574a0acc2f265cd52fa8a7d72e6
30125e3c72c23b56d3b4c74bd29c2ce9947e5cdd286dc442b01e145fabbe48b2
306b373301556d58c2ea00c4b5a45e65f61859ee5f4f812e4708b74c41af1d48
323f9e0dbba09e9ce07263ea4e32395848a8cf9c83ddc90d2aabcd68b828e6ce
36c64ee60a979a9056c04de2092ff68c0744e24029d7add30fc6c7342d3e47fb
3717be19007b1fd3ccc6c03c33d310ea8e7d3e4d51bc8ba27e617b5f5b477403
39d26d3eba5a1e793cb88055d3576c215c35cb694519b0e894a4b368f3498f79
3c5da9fa4f696362b6832648e51af1420004535e4e8267bf0dbbf289dbb51669
40e20d0623dba65f3a7be919bd1b4213c5759ea7d362598e2fffcd03ecb72ade
4101e4fa9bdc7ecb354caf1649d251f838a10b437009900ecc30321fe472b154
41841244ce6ed4f465cfb868c420edeb0f64c532c5a31329bcdacf8c7841d852
45e64a2d90de9f35073296ea108245328541ba68b6553bbeb5ed5cb6a8528176
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e
5949c8ed00865d08d3fbc1fb74446567bd12c44527c7ea6672fedcbf50500598
595eb22f555f9317ce271066d3536a64b5628d8d99c22e8844c48297b770fce4
5ade47c7bfe9cb00a16c8b4fa265aa07e8fa676f051e23d1d8a4fbfdb86fef1b
5b7d1a33f8a26fadb03580db340f76f5fed5e5b765d0563048687638f7a0269b
5bbbf5993a58c0d9b935e4657bd528add358d75eb40d98e9b04b854fa2b9e8fc
5eed0f9e2fc88385306cc4d2aa8bcd1fc329e7354a29a265809094ba409045ce
637bc10ddc6784ea531a496255c1d649b56800f5e26dcdc2f41c31c244353761
647be14a6401e00f3d516ae4415fcd53940ce6602d4efa9594a3572e949e6a8c
64e213916d9877bca7d7dae986f5f87c6fe7699316371c948913c216b93c41f2
65c82fd39e63e481e8718fbc5507615e8d88331056eb7a3b5454ac94bd7faeab
698a7dd29e741793552da6fd4cc98192ad6da8478aeaa0443e27f57f4e9481b4
6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9
6bb18753865e24b64d4ffdc33cf87d83ef112d23fe18adafab4dc99939f6e0c6
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
707a7ed66ec0a3a3a48dd9875948c4660ece2725b6b6aa03b635b2d30060aa1f
7525736d739b59796b56174150af76f23d160430519ec5a288ec465d82de202f
762ead9dbd6081f969db272c17bb280daa359f45e2f82519531a2392ca4fcaf1
7a82b32ea4fcf428a441750c401b3a4752f501995403538889c6d697db4e265e
7dc5c3312081faba5473707cf05aa56ee6913aee78bdab46c3a79c54d214b09b
85a914ae4cdbc9c034bb19398eee3bff1effe990f4f934cd704842fd4b79ab01
8850ad2a073a4e12ff7984cdc1d8a1815020c76f2e7cd96656fe04d0e4e31f2a
96ee529d1c4cb148b1489b318aa07589836a40a4e3587a75de8b6f651f6ef605
9c91fd27f6f8293117478def18959bf5053f3dcf98ebb6347905974f6113f163
a22beead55df8b763fc9a5151d82b240ef0316ad7f587a4b2705d5dae101b555
ab11db15dbc833f5586d15f59fa66b8cb1aa7d1086985d8c8b82b4b7d91f078c
ae34e2543ec92b8c440339855cf1829b8107fdecb3280d43ba905b59715f6fc0
b0210b490fceb299ba4561c1fc0a13f330191f5ee0aa4a17a4e700abe1037b85
b6658297a10eb33e2d3d139f9cea73e2885635495fa475cc4f1fdf41c2ebac72
bb2489c0eeffa420686b1bb54575790cadfeb3344d2063ac26bb38d4e1ee9c5b
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bca08b5abefcb969515978e1a62cdc71eedb282539de0a93da72ef604ddfb905
c3ba98f60481267b1d7e20f2743d93ed2bba4daf00c9104801d8f51f4d7bf77c
c6483623b575939d59efb013a41d171eddf38b317824debd2b5f874481c8970c
cbcad0512f42296a7388501662662ef64652a9daa3fb39147352b657b61acb9c
dd7fe97d8b0b2a686e232ef2a8b711f5195bc543f5b660e684685c7e66b8f2f0
de5b777102b32b22b3f991aa9b80a6717627320c5066c8a95c464f5ed3f48dba
de851a1267df76e4648aaa1059368f8156ab759db4ef70da4245dd6326e7cef8
df4c4d50f9082a8d502245115432b004535b78dfc6dcc5d4f206e875fabc5575
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66619ac22c40ebb4b8ac9284325bb301e77423dee32a5bf091a8d0e8894ff45
e9ce5a276819119f1b6223228d236ffdf3d8d83014b08a4e1c909310fd261f3d
ed522d1bf5b935ecb33a5896bbf3d84e910104318a5b41c9b9f1e5ab3f72dc01
edd370f7313b635e56c7f7f095de5e9e89623f9cbd2c8db2f6852a4f6a7b6039
f3c6d54c27cb6f6eb3986a10b70080fce7c6378d873340cb9856a7d41e556127
f6155fdbd8360064763e6e9eba26ee73353d2fe4754b58ae921a9541ccb40ca6
f6438c31ef075c505956135fccbc2dad89d943106d8ab8c62ce8593121526738
f9d251e4fae4ce41096ac504dcc8277b13509f3b21716fa6bf2bbbf248299428
fa49fbae9156dc680c02ec2554ef484426e2a98f0f0d16b3050c951f1a031d67
fa715f294b6d9b97487327a36ebd9038d88d3832a31e35bc65d1f2e84d1cee2f
fbb66a6d1a22666f5497ebac652b3f3fe4d2b85cb50f1027ad4a21235a2f652b
fc3cade2468407b0311a0bb58b781b1ca93c01c1965c49e41ca133d694dfd316
fd67f2b53732ab3114169952b7564c7535f82d1bdc74dd1862520e521c9c25b9
fddeffd4b4a71238d91e4d88e216ef4c20d77ab9010017d559c1c48220b1d69f