urlscan.io logo urlscan.io
SecurityTrails logo

ad.gem88.win Open in urlscan Pro
2606:4700:3032::ac43:adae  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm...
Effective URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm...
Submission: On February 04 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 79 HTTP transactions. The main IP is 2606:4700:3032::ac43:adae, located in United States and belongs to CLOUDFLARENET, US. The main domain is ad.gem88.win. The Cisco Umbrella rank of the primary domain is 202230.
TLS certificate: Issued by GTS CA 1P5 on December 28th 2023. Valid for: 3 months.
This is the only time ad.gem88.win was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
56 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2a03:2880:f01... 32934 (FACEBOOK)
2 2607:f8b0:400... 15169 (GOOGLE)
4 23.48.224.14 20940 (AKAMAI-ASN1)
1 209.97.168.10 14061 (DIGITALOC...)
1 2400:6180:0:d... 14061 (DIGITALOC...)
5 23.48.224.75 20940 (AKAMAI-ASN1)
79 11
1    2606:4700:3031::6815:5025 (United States)

ASN13335 (CLOUDFLARENET, US)
ad.gem88.win
56    2606:4700:3032::ac43:adae (United States)

ASN13335 (CLOUDFLARENET, US)
ad.gem88.win
1    2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:4006:820::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2607:f8b0:4006:81c::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2607:f8b0:4006:80c::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    23.48.224.14 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-224-14.deploy.static.akamaitechnologies.com
cdn.livechatinc.com
1    209.97.168.10 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
api4.storeip-shopify.com
1    2400:6180:0:d1::61a:e001 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
api6.storeip-shopify.com
5    23.48.224.75 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-224-75.deploy.static.akamaitechnologies.com
api.livechatinc.com
secure.livechatinc.com
accounts.livechatinc.com
Apex Domain
Subdomains		 Transfer
57 gem88.win
ad.gem88.win — Cisco Umbrella Rank: 202230
1 MB
9 livechatinc.com
cdn.livechatinc.com — Cisco Umbrella Rank: 5963
api.livechatinc.com — Cisco Umbrella Rank: 5415
secure.livechatinc.com — Cisco Umbrella Rank: 6663
accounts.livechatinc.com — Cisco Umbrella Rank: 7278
338 KB
3 gstatic.com
fonts.gstatic.com
70 KB
2 storeip-shopify.com
api4.storeip-shopify.com — Cisco Umbrella Rank: 303905 Failed
api6.storeip-shopify.com — Cisco Umbrella Rank: 271266 Failed
476 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
306 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
161 KB
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
58 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
1 KB
0 gmwin.io Failed
gmwin.io Failed
79 9
Domain Requested by
57 ad.gem88.win 1 redirects ad.gem88.win
4 cdn.livechatinc.com ad.gem88.win
secure.livechatinc.com
3 api.livechatinc.com cdn.livechatinc.com
3 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com www.googletagmanager.com
2 www.googletagmanager.com ad.gem88.win
www.googletagmanager.com
1 accounts.livechatinc.com cdn.livechatinc.com
1 secure.livechatinc.com cdn.livechatinc.com
1 api6.storeip-shopify.com ad.gem88.win
1 api4.storeip-shopify.com ad.gem88.win
1 connect.facebook.net ad.gem88.win
1 fonts.googleapis.com ad.gem88.win
0 gmwin.io Failed ad.gem88.win
79 13

This site contains links to these domains. Also see Links.

Domain
web.gem88.win
Subject Issuer Validity Valid
gem88.win
GTS CA 1P5		 2023-12-28 -
2024-03-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-14 -
2024-02-12		 3 months crt.sh
livechat.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-01-31 -
2025-01-31		 a year crt.sh
*.storeip-shopify.com
Sectigo RSA Domain Validation Secure Server CA		 2023-08-02 -
2024-08-02		 a year crt.sh

This page contains 2 frames:

Primary Page: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Frame ID: 9EFAB5F623B3081B4E55FE0869430142
Requests: 74 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=16649625&group=1&embedded=1&widget_version=3&unique_groups=0
Frame ID: A3CBC09F22679321E8DC2F0BF0B8A8D1
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm... HTTP 301
    https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.livechatinc\.com/.*tracking\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

79
Requests

96 %
HTTPS

73 %
IPv6

9
Domains

13
Subdomains

11
IPs

2
Countries

1907 kB
Transfer

3649 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213 HTTP 301
    https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

79 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ad.gem88.win/
Redirect Chain
  • http://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
  • https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.18
Resource Hash
285a5d202b20d680b19de50c017635a4afbedf3aebb6424e08e67bc5f26b273c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8505c2c12e6b6aed-BUF
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 04 Feb 2024 20:46:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Yp5JN1EWe10vFRUbr9aMD2%2F%2Bkpa2ta%2BqyaKEt0nos0%2F3kumYzLEhElwIhWMyGLX4g8bGAWZ4iBbqDLGopOfSzvUtZjOMDh1ABYYE%2Bjy37jyqFP%2FUYP2rbj4ryPpZbFbFZbL45ROmIixXk4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.1.18

Redirect headers

CF-RAY
8505c2c00da54bc1-BUF
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sun, 04 Feb 2024 20:46:02 GMT
Expires
Sun, 04 Feb 2024 21:46:02 GMT
Location
https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4IoMA6waaGWKeUdF6Yu2r%2BKHPKXSmeTghx%2Fyok40skYSm9YNPZGB9CMAzha5jOPAganTlO1ReCdcj%2FarshFbUE2HxrsnLlcOkcXD0TzWLCmhsO3p88wlmjQ7%2FgVoAhBQLiiUig9V5z%2F1PM%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:100,300,400,700,900
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6bb18753865e24b64d4ffdc33cf87d83ef112d23fe18adafab4dc99939f6e0c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 04 Feb 2024 20:46:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 04 Feb 2024 20:37:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 04 Feb 2024 20:46:02 GMT
style.min.css
ad.gem88.win/build/ 		225 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.gem88.win/build/style.min.css?v=1.0.8
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a5dabcd9588c0e8c628952107c2c0bd572087ee84a8ea75ffddcda87d063a7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:03 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 24 May 2023 09:43:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"646ddc3f-383f9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lTi8nG0IBhF3MFTG2eeZW8b2UxEA566gZzjUEQtjj0%2FYA2EiyHbyrkiDSar%2FSsyzZc%2BtFn7VSbKsAXlsmOGb648FB1lG2jIaQdzUUvrrIpozcTvwg0nD0aNkzp%2B8BSptEuefhtfhh%2Bab3Qc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8505c2c4299c6aed-BUF
alt-svc
h3=":443"; ma=86400
apphd.min.js
ad.gem88.win/build/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.gem88.win/build/apphd.min.js?v=1.0.0
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fddeffd4b4a71238d91e4d88e216ef4c20d77ab9010017d559c1c48220b1d69f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:03 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 28 Jan 2024 08:36:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65b61217-15544"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8OSizxZH44Bc%2Fglx8Y%2B3AEew3%2FUu91i0Fk6HIP9wQ71FpmlEWx9ADXdaAEiNHO1XkH663yx0%2BLUaJuuMLVVhcaUGNDGx0zwu9qDSB4zj7VeKn4%2FMRK7IgfbawnUzdbMhtL%2F5Z%2FKsh4ew07E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8505c2c4299d6aed-BUF
alt-svc
h3=":443"; ma=86400
thumb-header-lazy.png
ad.gem88.win/images/ 		199 B
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-header-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
595eb22f555f9317ce271066d3536a64b5628d8d99c22e8844c48297b770fce4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:03 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-c7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rw4GAROczgvQQ0DPAznEcNYeruezODlwT4bop%2FZYleYBpwuKV0gfH2JgsD%2B5WPQIVGIpDeY10%2FBsLQDj479ZWV%2FRmf430wKh6Nta87ExNBc%2FuCO%2FhSCaOCdLk766wn1qE3FM8CHUh0T7meI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2c4299e6aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
199
thumb-header-mb-lazy.png
ad.gem88.win/images/ 		189 B
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-header-mb-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab11db15dbc833f5586d15f59fa66b8cb1aa7d1086985d8c8b82b4b7d91f078c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:03 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-bd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2BhbvlAneyS8mGTb2Z8L8rfOcnsDWZjo%2BnW8W7r67VNrcCf62aBZYIKSAQMT96v6YSToKFrq2ZzIok7xw5JzyiK7wtva6SvvtCqAiRRi8xiuT1slNK%2FMfDruAWHUVtdnuoeirvgb2tCHScw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2c4299f6aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
189
jack-top-lazy.png
ad.gem88.win/images/ 		112 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/jack-top-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64e213916d9877bca7d7dae986f5f87c6fe7699316371c948913c216b93c41f2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:03 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-70"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q74Hma%2B7T3QSN291n0hQr8rD8qLnuM5IQ%2FiKTh6D%2FGFvAWlHebDPW7myIexptIsC6Ao2HUGEVrKOWD%2F24M6bM70ggtzjYFngBbeS%2FzEPcajJavUkOqxGihxwaPCvjXkqwa35U4lwmiehu9c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2c72c644bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
112
tab-lazy.png
ad.gem88.win/images/ 		110 B
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa715f294b6d9b97487327a36ebd9038d88d3832a31e35bc65d1f2e84d1cee2f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:03 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-6e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YbM9%2F4nJvhJR2hIAHITpIUmLuuAHDQSqu%2FJT0MD7FFdhmUyR%2FFLzTejFCkVPEuwTEUXKE1p2Eh1gsKh1hM17ticc0K18hswvV7ULRmEDYZEGskp23vPmplr9%2FTjT3PJKOcHRKLfkyInc7A4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2c72c654bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
110
tab-active-lazy.png
ad.gem88.win/images/ 		110 B
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-active-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45e64a2d90de9f35073296ea108245328541ba68b6553bbeb5ed5cb6a8528176

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:03 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-6e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxg%2BuuKt07hpeMVWW24M%2FP5n036BBZ89NxW4jOOIga4KiPens3wHa1GmjfvxMTD4ChMqPOuPUJxGSWboFeiQblX%2BWgbsNzq2delVAWIA2Z%2BD2ROP7jzV4ISwYCcMZzZ5UemI0F3pxgvCVhs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2c77c9a4bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
110
tab-full-lazy.png
ad.gem88.win/images/ 		111 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-full-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08e1ffda33d81046bf53cb65a20acc3dd4249e3c0e4e14b0e39f85e04194e98a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:03 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-6f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gQ%2FU5Vzm2D0uURFaql%2BXd3wK8mUDA0YLhaeARECDutPQQwtbZVXcz9ABqZodp31skeXBqOVvv%2B9xgiXO7o%2F6u%2BqDM3q2UA3%2BL1LevJ3gZUcUNgtOzBeYhwZQm%2FuAmiCdDI%2FoTy93KfSPeM4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2c78ca14bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
111
btn-lazy.png
ad.gem88.win/images/ 		116 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd67f2b53732ab3114169952b7564c7535f82d1bdc74dd1862520e521c9c25b9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:03 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-74"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FEmBXZrlT76ibZvka6wUQ2Ckm%2F0D7fghwRKnvBaKg%2FzhECkKI37rJnszSICwJfb7TRvagFgRG90%2BpyaUqS1eoQvVLzh%2Bb0uD2sGY08LgWyYmcboF1yVWcBQ2JCtrZrY13q%2Bsfe%2BWc3KJSbw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2c78ca34bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
116
dacotaikhoan-lazy.png
ad.gem88.win/images/ 		110 B
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/dacotaikhoan-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8850ad2a073a4e12ff7984cdc1d8a1815020c76f2e7cd96656fe04d0e4e31f2a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:03 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 14:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644bd254-6e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sTTEBoLWgyAU3j1raicO6Y2GYItUDj08WE91z2hGBsPS32RNbqz2DyB3wRlwfnWTirCg5%2B2YsOUCKYWbwUiDK5GfMemzWsCtGaCEgkQcR6MmlvFogUvWoslkMlGUZwwfEJ%2B1KXZxLtzI5P0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2c78ca54bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
110
btn-dl.png
ad.gem88.win/images/ 		145 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-dl.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0342a64f0d2ab3c294b31ca7b129729f4128731f037a4201fcd6e12a184d7cdc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:03 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-91"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2FjsdzWYy6EvJF0SvRSA4mK%2FWVRC7I62QLz7GOvDDsj7yzbNcbMcKfHHRb%2FMKS0I4PnNJB%2FyoujPPLMVDda%2BN%2FoOu15i2MmAXqrbVJu1Jblt%2FXa2W4w3vCiAZ2qTy8RRgJ%2FJvsnq1%2BYVGZ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2c78ca64bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
145
thumb-thank-lazy.png
ad.gem88.win/images/ 		256 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-thank-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c91fd27f6f8293117478def18959bf5053f3dcf98ebb6347905974f6113f163

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:03 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-100"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WMPNQkh7rIcS%2BT95%2Fy%2BggM8ltiMdMlcyrgxuv6vx0VlXqhYJIrXy5AcPMaLiR%2FXezssl6tmT94dfHVJeM94W40q7WADUO0LGzBY1NlvjqO4CBDWvd6o53VB1VWH7SYuaYDzT4zdJLXAvcIE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2c78ca74bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
256
hoac-lazy.png
ad.gem88.win/images/ 		111 B
605 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/hoac-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de851a1267df76e4648aaa1059368f8156ab759db4ef70da4245dd6326e7cef8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:03 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 14:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644bd254-6f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gsB%2BUbA3nxi63u0G1018JWpgJgZqpgXeXGbfmZNlVDmgUxp1WaXj5hsgiqetM0DzT13oEu5QjWJbUoiQeox4jJ9AbJ55qLbfG4Kn4CTAYbLjvKZk0ovm9ELxB6YmYQ6vIQJWU3AMx743gas%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2c78ca84bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
111
game-lazy.png
ad.gem88.win/images/ 		117 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/game-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65c82fd39e63e481e8718fbc5507615e8d88331056eb7a3b5454ac94bd7faeab

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:03 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-75"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M7komOM380NR2HgHUBQtjk8mAWZDPRHY3nMHA21MXGnA0m4mgLxRDX4zR3mFkaRXAgUzERUku0SsWTnQ%2BB0eVNSshDnYSoIOlHZNqycybWi4Q0hVsI5gYnE3dwfLpiqvQM2rhoUOjjh3D5w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2c78ca94bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
117
thumb-adv2-lazy.png
ad.gem88.win/images/ 		121 B
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-adv2-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa49fbae9156dc680c02ec2554ef484426e2a98f0f0d16b3050c951f1a031d67

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:03 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-79"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nUgaIDmhpLQY%2FOw6MHybKC7N4DBsVl2I6Gj2zlRDF4KGC6nniCTtAQL1sY7Q5ZzPRt4fxNegmwDrmAZ0jIW8ySo%2FCWHjmu%2B3a7NPkSdgsnw3O30YK%2BriwVzuKreGTfzbOVy8f8SeINuC%2Bhk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2c78caa4bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
121
loading-lazy.png
ad.gem88.win/images/ 		96 B
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/loading-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc3cade2468407b0311a0bb58b781b1ca93c01c1965c49e41ca133d694dfd316

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:03 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-60"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GCemoeYjGzpePMjjtRhnDm4w0VD3r1sdtdAa548mpu0l1WyhORiWs%2FvxzwismcaNsx20EUGsSL3Ug210ZZeT%2Br5E3syQcQtdlYOuLKjE5hqlfdNr4waTnPUk7%2Bj3%2BjdZITVXtKIdw6EqeYg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2c78cab4bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
96
app.min.js
ad.gem88.win/build/ 		276 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.gem88.win/build/app.min.js?v=1.3.8
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb198f9953745a11bcc28a33224e282daef5dadf6f6e66634c282f1a57b7659a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:03 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sat, 03 Feb 2024 03:10:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65bdae8e-45024"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hkSmwJsj%2Fj6QOB%2FmO%2FRWE2tgMMXtYZiZ67%2B8f4BKqBIuNDI0vY%2FRHp17dTGCQ%2Bq6szUHcOTRhUwm2FAMvYQy3fHh%2F98MAxOuP1wIxINUF7uzGh3bsxPE90f7EZPevJs3D4QibN%2B%2BudEm77I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8505c2c78ca04bc6-BUF
alt-svc
h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		193 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P4HXMRQ
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d3db1523c678e0217a2046b0e12a3b7778cfceab3a041920174ba7d67422d3b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68223
x-xss-protection
0
last-modified
Sun, 04 Feb 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 04 Feb 2024 20:46:03 GMT
bg.jpg
ad.gem88.win/images/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/bg.jpg?v=1.1
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd7fe97d8b0b2a686e232ef2a8b711f5195bc543f5b660e684685c7e66b8f2f0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:03 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-f17e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=um45ox9k3LasvImWffFqtfDWGESw0DOpFL%2BHvK85IJ%2FdwyFVN7WOXmLUlricUPOY4G5hB%2FmOGfwmOPZj6u37szcqoG1lJLbMM02QE6JpJqdl1dqqnIScmRHZfqqwZ7At122qyeEYqR5vzs0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2c78cac4bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
61822
bg-jack.png
ad.gem88.win/images/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/bg-jack.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
762ead9dbd6081f969db272c17bb280daa359f45e2f82519531a2392ca4fcaf1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:03 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-cb3e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kA01quprAa4ZN9VnYIub3LPpzyQtjWFGpEEWxeExY5rxwj%2FHquXYVL6yfO8a4ALjaLZF95s6i%2FUNJZSQ%2Fm4dqpCUM5yFy5IHiPiOq7mCSyzwDMGzFQipRd6rEOoYme0TUF1IvoN7ptaEYdU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2c78cae4bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
52030
bg-form.png
ad.gem88.win/images/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/bg-form.png?v=1.0
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3ba98f60481267b1d7e20f2743d93ed2bba4daf00c9104801d8f51f4d7bf77c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:03 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-73f5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbhGFMfiw9efyVUjFmLOQHn6o%2Fyb%2BMnvcxffNxKlwzI3FKdrwb8uqSVX%2BMnwjZkvLIn1YKS2bkGFwFZ5YhYH5psBfDdfgOZ%2FLjOgR1vybtCNNqGc9UAEj738NBImzZicXheV6OBjPHv%2B2sU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2c78caf4bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
29685
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ad.gem88.win
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:22:00 GMT
x-content-type-options
nosniff
age
300243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 31 Jan 2025 09:22:00 GMT
js
www.googletagmanager.com/gtag/ 		288 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R9056WVBMG&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4HXMRQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7a0ea7512ef3ef6351f58273115ce81e2b37e071a3badad72fd6d0a10fa92024
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96489
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 04 Feb 2024 20:46:03 GMT
fbevents.js
connect.facebook.net/en_US/ 		214 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
22cf1baba55eced80d7ebb0de51fc8961757ef581964f8e10ebc8676399eba81
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 04 Feb 2024 20:46:03 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57202
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
iXGQsWXup7Hg0pfUo3X8pYJH6t7qBZYOhp6vo+MXUY/qcIGhYDECf5c7ACXNIil/4HBBJqVCsl/ZnZF0Vxu7Mg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-R9056WVBMG&gtm=45je41v0v9118954187z89118949234za200&_p=1707079563424&gcd=11l1l1l1l1&npa=0&dma=0&cid=1664562097.1707079564&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707079563&sct=1&seg=0&dl=https%3A%2F%2Fad.gem88.win%2F%3Fa%3D0b08d04b25bcd0ad4484c0f9dbd56c4e%26utm_campaign%3Danw%26utm_source%3Dclickadu%26utm_medium%3Dpopunder%26utm_term%3D1999213&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1563
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R9056WVBMG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Feb 2024 20:46:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ad.gem88.win
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking.js
cdn.livechatinc.com/ 		89 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/tracking.js
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/app.min.js?v=1.3.8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.14 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-14.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
275d8126ef3dfb6c425ee7ad451c1cf110f3dc28bd01d6e65c7a7d59f29bde2a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
c8WTjdLmk.GXdzcsOKpgseftokj8fJyL
content-encoding
br
date
Sun, 04 Feb 2024 20:46:03 GMT
last-modified
Wed, 31 Jan 2024 13:52:56 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
etag
W/"4c8c48a92ae8500bea40fb49877da227"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=28800
x-amz-cf-id
gkiqo3Uy8-CffGlSeVyCOXE0St_9cmXgEaPOCTT0Q5fADFNyGsU91Q==
content-length
27232
expires
Mon, 05 Feb 2024 04:46:03 GMT
collect
api4.storeip-shopify.com/sw/ 		0
0
collect
api6.storeip-shopify.com/sw/ 		0
0
res
api4.storeip-shopify.com/ca/ 		12 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api4.storeip-shopify.com/ca/res?command=storeClientIP&affId=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_source=clickadu&utm_medium=popunder&utm_campaign=anw&utm_term=1999213
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/app.min.js?v=1.3.8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.97.168.10 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 04 Feb 2024 20:46:04 GMT
server
nginx/1.16.1
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Authorization
access-control-allow-methods
GET, POST, OPTIONS
res
api6.storeip-shopify.com/ca/ 		12 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api6.storeip-shopify.com/ca/res?command=storeClientIP&affId=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_source=clickadu&utm_medium=popunder&utm_campaign=anw&utm_term=1999213
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/app.min.js?v=1.3.8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2400:6180:0:d1::61a:e001 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 04 Feb 2024 20:46:04 GMT
server
nginx/1.16.1
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Authorization
access-control-allow-methods
GET, POST, OPTIONS
collect
gmwin.io/sw/ 		0
0
get-rank.html
ad.gem88.win/ 		2 KB
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.gem88.win/get-rank.html?t=1707079563000
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/app.min.js?v=1.3.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.18
Resource Hash
a6eb08d199acceb11413b7cc4d3108461882ac3659c804e741af1067daed73c4

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
X-CSRF-TOKEN
a7ebe3d33c5fc40b8565ce8e016d5e5e
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.1.18
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AhXOBtalf2QuJWVi2Ohefgl1BFkTGk9nl8enx%2BG6ipeu7RJ8cAWpr8yVzTGa3qcywQvTH36nC2xZZz39hfcFJEtJ9959vCJdEvFYriIiAsKmlN%2FA8xfPUCi8Dz6auEwx6zAuhEBfy2T4JLM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
8505c2ca0f354bc6-BUF
alt-svc
h3=":443"; ma=86400
notifications.html
ad.gem88.win/ 		1 KB
780 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.gem88.win/notifications.html
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/app.min.js?v=1.3.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.18
Resource Hash
8d78c5d69f6930521c3b46a8fca575ad1c723fe0114d056005d2bb2db4f5eafc

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
X-CSRF-TOKEN
a7ebe3d33c5fc40b8565ce8e016d5e5e
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.1.18
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MIsfVHi3LoKJPFvkVhpo4Kr7XCAt5mXknm%2Be8byJyirSafLbHcVHfzuY7AX4Uq0zj7KiEU0OJPBlh9naQsXV2fbtOzGXUte2D5cZJPqw0HQ0usNs8kZp%2BsdwPHZHSX%2FMqROnJqiTEWgKNWc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
8505c2ca0f374bc6-BUF
alt-svc
h3=":443"; ma=86400
thumb-header.webp
ad.gem88.win/images/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-header.webp?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
637bc10ddc6784ea531a496255c1d649b56800f5e26dcdc2f41c31c244353761

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 16 May 2023 09:46:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64635110-108d6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OrLhD2H12AG6JUBZ35DZw%2B2dGAmmq%2BJ9PT95cGSQ89VfWrp4zIt372ynm2lcW%2FtOd4yWgHVY0kLWSjtfVRrdBIm%2By%2Brac5SqrFsuPnp%2B%2BHEGAYnkucUlgc9JxyR4qKkkinw6SBBAP%2B2eoow%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2ca1f494bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
67798
thumb-header-mb.webp
ad.gem88.win/images/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-header-mb.webp?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698a7dd29e741793552da6fd4cc98192ad6da8478aeaa0443e27f57f4e9481b4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 09:37:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b93de-e102"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEXN0rnsugSCrGceMdGwvT%2FCSNzOWHJcQFT6qVsYaTt8%2BKKnuKvglMzhlK494VbOS7Ge7vADfpyYP8k9Pmhhlflgd8KgYjVthnCeyOPWMPtBqVyZ15fGpZOiqM1Yq%2B5YlAaumPtCtX4zMzE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2ca2f514bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
57602
jack-top.png
ad.gem88.win/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/jack-top.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
150e991344277d2ed02609b431389e719a7133fc719ad8caf9e5b24740e8d694

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-2101"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Srcu3UGh1csBSIBHV6mB7c7L%2Fd3e8Vt2M6TvQIpX0Ju02zJzekLB3qvPPaFohojqM9k1hTweBzjAP2QStrN7Zn9DQew7DT0sadTO0yjMcynlSR2rLWpTwshFbUw%2Bw0ImPzTaq8LA1vkjBsE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2ca2f524bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
8449
tab-dangky.png
ad.gem88.win/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-dangky.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3717be19007b1fd3ccc6c03c33d310ea8e7d3e4d51bc8ba27e617b5f5b477403

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-187a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7dJoppdQg5oM8bQglkPo5XWjLEWnar85wUnwsDQ5TZle%2FRJnHtYU8Jcm6NDYKohIdx1g2tbZkn0lLKdBnQPEm84UBD72Al9pY8IbiEG9bZvWYGFiv0%2FDnXPt22GnX0v6YgzhWgUMPxtdI4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2ca2f534bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
6266
tab-dangky-active.png
ad.gem88.win/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-dangky-active.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40e20d0623dba65f3a7be919bd1b4213c5759ea7d362598e2fffcd03ecb72ade

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-1e90"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2F98uAQeIQfZn0cU9haaLoYcg3QLa0RXqu0uyWdIvtHF%2FQkkxbEiYEkDNvqAgUdGaz5ue5zyVnyNTwbLqAsMX2RWuYpYxWtySLEsxn1Hhy5z5y0eeWYSkDo6Wactj5uaU9eqLc2pLOkECtc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2ca2f544bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
7824
tab-dangky-full.png
ad.gem88.win/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-dangky-full.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6658297a10eb33e2d3d139f9cea73e2885635495fa475cc4f1fdf41c2ebac72

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-2723"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dEKb%2B%2B2A3IR2qrIpatD3k3ChYFlyBJeIXrW1XOV2BihOZypz7RqTZUZmixMe%2F0J0bvZ8Na4RBeZEM6xbaKdtPOYEQxjv3XDT2Jd3uO3Q6XNwo%2Fr9RL0biby5HgxvNw7TJXzVQAQVGsWwFGQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2ca2f554bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
10019
tab-dangnhap.png
ad.gem88.win/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-dangnhap.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a82b32ea4fcf428a441750c401b3a4752f501995403538889c6d697db4e265e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-1947"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gnD3wtU37E2WJ85QprifGJgPqaPcwhz0XxtUWvVcnf4vfsHVJZUwDUIJbNtYkly5kswVSDF4fd5a4hJnkDQ1u1zuYkSobCp4iAOXy%2BTgowiKF0doLPx8ACEw42UIy3d2NTgZhhoyn9bKUGM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2ca2f564bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
6471
tab-dangnhap-active.png
ad.gem88.win/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-dangnhap-active.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e66619ac22c40ebb4b8ac9284325bb301e77423dee32a5bf091a8d0e8894ff45

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-1fb5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K2UV5haSVebMRM4FNnhPbq4DMuoo%2BxtO1v6cb9JZQNgcKKArzsfdbMtLCyL8q%2FkWgl1j28OFSA98FwESweOM%2FmlKzjWiexDYhZwx0sa7vQO4YxingB%2FMs5JfhTrAn2qWesC5QXmbP1MPrQY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2ca2f574bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
8117
tab-choinhanhweb.png
ad.gem88.win/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-choinhanhweb.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df4c4d50f9082a8d502245115432b004535b78dfc6dcc5d4f206e875fabc5575

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-20e9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LB2MPESl2YJjvRMoeUAFLROVzw%2BNqUHkGSjM08YNcKuq3WjORmqVgVUjSKZVt9IciJuOYZEOShkwddIHnMK%2Bwf5IFSC%2FwC1OSWYltUxw4A8nYi0eLUqw9mqwse62RCqZuFPFVhp38VhnhmA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2ca2f584bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
8425
btn-dangky.png
ad.gem88.win/images/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-dangky.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3c6d54c27cb6f6eb3986a10b70080fce7c6378d873340cb9856a7d41e556127

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-61c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t54tKCx1VuqXTeu38V%2B5YhViWuNRSzVnIT6mtbtafO6yVn9rtKUDhyi%2FWBKr2uXlE37CCEF4oxuyM6BmQ7PjvEekCwtTYCkthW65Hyaqg%2BXWZgVNIIxFaIWo1%2FxffjEc5EchAZ9KDPuUXY4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2ca2f5a4bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
25026
btn-dangnhap.png
ad.gem88.win/images/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-dangnhap.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36c64ee60a979a9056c04de2092ff68c0744e24029d7add30fc6c7342d3e47fb

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-599c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NxizSjvA%2FzKYBfABCERuZLwaC5Xz4ZeYiavlAIn1t3MW3UlmxE%2B3H6KUJ8%2Br3Em%2F6yVD%2FxhzeylKP0tggHsaE6EZnolQtw4jA3lXvfdf9lZEVBq3VexUety1nDh39GlHFT6deg5pGTT5ApY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2ca2f5b4bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
22940
dacotaikhoan-v2.png
ad.gem88.win/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/dacotaikhoan-v2.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1334fc4f83d8709a632ab9fd8d22c4e2868b30534f58d11f8a029456666dcc71

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 16 May 2023 09:46:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64635110-157b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cvs9DoVggFbPXeELHVYUaQwe4O3o8GpCUvmgO4jU0bc9LElUMpQ75tij3s6ikNzRkqqlT2obYFETKBuTLINCuZ%2BUS2l67ivc6qHb5LHl2YYChB6020OYs9ttMjUjr7qdGTqSnUtVXsGZoqc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2ca2f5c4bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
5499
btn-playweb.png
ad.gem88.win/images/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-playweb.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbcad0512f42296a7388501662662ef64652a9daa3fb39147352b657b61acb9c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-f69b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cSx2FpoMFh0Uo%2FuU%2FfblbRMpW79upvst7Eq8YsaItlZTtfVJOUfa%2BIkbmBt0Bx6yluDUqPieSrqOe7ST0v%2FjdT3Jq6XWJJ8xUqD6W96XqRLYACXLGMfzWW%2FhHr89RdjQEr8ztJFJ45NBJm0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2ca2f5d4bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
63131
thumb-thank.png
ad.gem88.win/images/ 		225 KB
225 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-thank.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c9d6b9b0ae9bc6c9c0059e96e8d679b82a868c59ec1e9bee350bc6e2edf2186

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-38349"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yMbG86CLojMaWJq8ghgmRWwIQtusVKkxxF1UrExKx05%2F7w%2BprKzrp2n7p%2BxkBINwoPcqTsqKDPA4LQKVbRdJXbs5V%2BDsMjkdyK3NYBkXlmX3khNYBK2ECc3baLTdUTPUX6G6rBN%2BlYS0LzE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2ca2f5e4bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
230217
dacotaikhoan.png
ad.gem88.win/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/dacotaikhoan.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c5da9fa4f696362b6832648e51af1420004535e4e8267bf0dbbf289dbb51669

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 14:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644bd254-2d24"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jO0cQDDhhm9i4y5e3p2FC9F%2Fme%2FPiIlUSLI0QRY3pFuCX2xsDtiAmVrF2hzXd0GpzmxUkiXOVUNYSrmb%2FlTJ4e3hj9O0%2BInMpOjoQb5%2FtNfusiFGeHTPt5QJtinmEhIxjcl5AU%2FCPy%2F16eA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2ca2f5f4bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
11556
btn-android.png
ad.gem88.win/images/ 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-android.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0210b490fceb299ba4561c1fc0a13f330191f5ee0aa4a17a4e700abe1037b85

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-1c1c8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bSJlhaV0SHs12iq0Ae4LqtacQ8VqyfYipK3AAPVGwZdndMN%2FnrGMSRCycqgMa7ba7QriGpW62Edq20OgBekqv5RDaCjsyjhdROQFQ5hGcmTCcBEFoklEk2GPV%2FdhskB8os%2BrhPiih1ZS%2FCE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2ca2f614bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
115144
btn-ios.png
ad.gem88.win/images/ 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-ios.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9ce5a276819119f1b6223228d236ffdf3d8d83014b08a4e1c909310fd261f3d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-1c02e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2F%2B23hdAiBMn31blB5vxM4%2FRhvrnB0GkcWLWcjvqA85R92oqm0VKGrcK80Ai%2Bj55crwVF8vPzntemesxormiq%2FQEXofgHcI6n%2F7POa1ydI15pOGLU6pFbCVPO%2FtejZmvH3wGqQFqSMl7bcU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2ca2f624bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
114734
hoac.png
ad.gem88.win/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/hoac.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae34e2543ec92b8c440339855cf1829b8107fdecb3280d43ba905b59715f6fc0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 14:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644bd254-fd8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v2CiswmeluSp0l0V3UhwL7AXWoRdZXD73wYWkC%2FXBcEp3zY6GVqyKuWXKMKV6g8Krdl%2FZ%2BFytkDOVTuQ4vXgMo87kUUrO5Y%2BUXUWAgVIlTRBukk4oPog4RN6drWn%2BIOKWcdZrQyj%2BrdgW5c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2ca2f634bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
4056
game1.png
ad.gem88.win/images/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/game1.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bc27df30f2056611a375e141bbd6ed4de7f7574a0acc2f265cd52fa8a7d72e6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-8ac6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=os7CcyP2Wc2rlNGG2rkSc5pOlsjU%2FBnkCsaARG%2FMYdDvsbsjN5TsCKEXT%2Bu60BPVorLhAlh8vXKAk6IIMD9yXDHmCwpuqepf%2F1W%2BpPBDXUN9Xoe%2Fpf8j1WT%2B6j1mLsromEpN3bmDg4mc5uE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2ca2f644bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
35526
game2.png
ad.gem88.win/images/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/game2.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9d251e4fae4ce41096ac504dcc8277b13509f3b21716fa6bf2bbbf248299428

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-83a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GeCRp%2BMJJJWlgS8C%2FsryDmluPnubsXA8wfWE%2B8sPtwsZjFEmmOITWYbwTB9uBfyg7ht7AJt%2FGQfMyizAOnfJO29A%2BTshKDPc5501tQfBHZ4g7vvb9Kc0%2FMts%2B%2FkyBJz%2Fm1eVs%2FTyo1YrF6o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2ca2f654bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
33705
game3.png
ad.gem88.win/images/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/game3.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a914ae4cdbc9c034bb19398eee3bff1effe990f4f934cd704842fd4b79ab01

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-8898"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BtIamLqmCluChoPqEkl5hds7rc5vDe0QFodHXsJPgazstY5eZ3mRz0uaIfqM5cFavOCcgKgO8W%2BPVfliGSpXIj9FeUedSxApywOfkmE1TjdiAWFXagVmb828C%2Bt9sb%2B%2F0F%2BUXP%2Bps19bZ40%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2ca2f664bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
34968
game4.png
ad.gem88.win/images/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/game4.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb2489c0eeffa420686b1bb54575790cadfeb3344d2063ac26bb38d4e1ee9c5b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-5a8c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvPbhGehTyMgbawN%2BrwP2N4a0aSXm7c1RAcEzH2CGoxLoOtMuK5ZUqXKX29KZx1G2PBHFJIdDInP1CYqJq3G5w4triL69QWKoHbZgKZo%2FHnwgUDdh4%2F0dXdXXn15b%2BlP1JbHFJWztCG1xYY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2ca2f674bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
23180
thumb-adv2.png
ad.gem88.win/images/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-adv2.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bca08b5abefcb969515978e1a62cdc71eedb282539de0a93da72ef604ddfb905

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-8eed"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S3Pf0zVpOccVX%2BOC926AU1ReKvZxnVfGZXSnx7hR1Z%2B65hkgxlw86i41VF52UIZzmG%2BA1L9P5ivAF9PgWC3e65d2qHDKd9pVIN16Ijgje82kbidQeu%2FpYIBbP7sAi1GGLdLmBcrURvPa3MI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2ca2f684bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
36589
loading.gif
ad.gem88.win/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/loading.gif?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ade47c7bfe9cb00a16c8b4fa265aa07e8fa676f051e23d1d8a4fbfdb86fef1b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-663"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ks7Yve3HGUuXiFhAxDo3GM72GCgos1KX3S48nVzk8dW4axP2JlB481kWl5MgTYc92r212kC1Um42UJLrCoBVK5dlJyG7Aefr%2FDk2DRnAkSArmvm4T7BhPRVBVgO%2FgPDbXL7W2sYVI315uMQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2ca2f694bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
1635
icon-user.png
ad.gem88.win/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/icon-user.png?v=1.0
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25adcb5829f4e373982ac7be939819c77761f28132c5728725638d766d49b06b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-784"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F2P1i15m5R3IvPtaagK1GWQ18tObn74dilQD4TAow5qr%2FMdUNhQ6TlRWNfNmiXOT8NoISnDPyn4DVKHC%2BGbTLSUHiyNdj0C4YYRtzfA%2FU3bNicY%2FQgHPPtkNHNoDc9cAcJKmlKRY0TMhodw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2ca2f6a4bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
1924
bg-input.png
ad.gem88.win/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/bg-input.png?v=1.0
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b7d1a33f8a26fadb03580db340f76f5fed5e5b765d0563048687638f7a0269b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-b45"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FjImoFHy4H4ApnG7viPFcnJCMfKGealFHsY4GPLA%2B6SsMXQ%2BAnSWpoA5LRUQDM8my6jRQsMyNHKCkrw8EOq3CaO25lV4fe%2FOk2DPcYGcnIXAwnJHFmr2z2cW5LKCYI42TRmPEBX7H3o9%2BdM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2ca2f6b4bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
2885
icon-lock.png
ad.gem88.win/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/icon-lock.png?v=1.0
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41841244ce6ed4f465cfb868c420edeb0f64c532c5a31329bcdacf8c7841d852

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-6d3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZRGfBcbeMmG1d6ithEvLl%2F%2FDZj%2FDsmkaV2iHqR2INc41Pe3PFbj2aiTS8JW516iiUYt5PeBvqWEWvzs8X6vUFhatzdu2xmOMWuClxj4%2BRT0vncMHdKhdkf6f%2Flt0wxpPrhu6N%2BTzohXhAE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2ca2f6c4bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
1747
fa-regular-400.woff2
ad.gem88.win/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ad.gem88.win/webfonts/fa-regular-400.woff2
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9

Request headers

Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
Origin
https://ad.gem88.win
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-350c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bh3ilZvqdMBcdO%2BKUYBykVL8ZRV%2FcPPINEm2DxqmKMhQ8Co7pySc5ZJycWgyBpJgo6cGG2RuaNrCnDddGjG9hWdQi8ev1JAkVkJQPlw2ZMDuikfmbcI8WovQwf4OFr3kbbugyqccZU3gYsU%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2ca2f6d4bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
13580
JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ad.gem88.win
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:11:48 GMT
x-content-type-options
nosniff
age
441255
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27812
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:37:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 18:11:48 GMT
JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26a448d7f02e7b021d15ba5d546ce57d822e6c7728420eb089a23adf10ea26ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ad.gem88.win
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 01:52:03 GMT
x-content-type-options
nosniff
age
413640
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9512
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:58:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jan 2025 01:52:03 GMT
get_dynamic_configuration
api.livechatinc.com/v3.6/customer/action/ 		402 B
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=16649625&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fad.gem88.win%2F%3Fa%3D0b08d04b25bcd0ad4484c0f9dbd56c4e%26utm_campaign%3Danw%26utm_source%3Dclickadu%26utm_medium%3Dpopunder%26utm_term%3D1999213&channel_type=code&jsonp=__hisngyvi8jn
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.75 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-75.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
001446062a5f050c360ddbb6c60be73fb557956128c37263a2e1416378ae9b96
Security Headers
Name Value
Content-Security-Policy frame-ancestors ;
X-Frame-Options allow-from

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy
frame-ancestors ;
date
Sun, 04 Feb 2024 20:46:04 GMT
content-length
402
vary
Accept-Encoding
x-frame-options
allow-from
content-type
application/javascript; charset=UTF-8
icon-jacktop1.png
ad.gem88.win/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/icon-jacktop1.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eed0f9e2fc88385306cc4d2aa8bcd1fc329e7354a29a265809094ba409045ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-b71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZz7b1Ybm1fIUDq6vfLTxHbt0yY7%2FhxlKl%2F37jom6r1ME98v6DhQsPxzFuKhcUUUbywLqTM0qQxBA0uLkyVKo54rypsW9WjnvLcvRkVlvIvvL%2FznpKkTf%2BrL2xFzW1znLjQngzKS%2FTRRNHU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2ce2d5d4bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
2929
icon-jacktop2.png
ad.gem88.win/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/icon-jacktop2.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed522d1bf5b935ecb33a5896bbf3d84e910104318a5b41c9b9f1e5ab3f72dc01

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-950"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fCrVM2PDGTovao8ybDLfhMnGq%2BkOv6PgtYf1LTO2F5h8GLFD3NlbInf4C99XRodLJVdkIlUtf8HDKj4ix28zixmfo2zbQ9nMxbFC2m9n4VLOY9zfWImcPwQ7y5dCJpiqlOfCTqdGeSwNK90%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2ce2d5f4bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
2384
icon-jacktop3.png
ad.gem88.win/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/icon-jacktop3.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6155fdbd8360064763e6e9eba26ee73353d2fe4754b58ae921a9541ccb40ca6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-874"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ki8tpBBWQUBtpijNSo2kq6irfFaNJ7DapxIQe%2BijjoaQQf0hGDA28RPGqi64U2dSL9aTsW6McO88W%2FBF%2F1xsC0OsGcC0E0AITCYli%2BpifkE2guOI2D%2BbyL%2BL%2FjZBqXUqOVHfdrJKtVAh4Kw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2ce2d604bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
2164
icon-jacktop4.png
ad.gem88.win/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/icon-jacktop4.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
647be14a6401e00f3d516ae4415fcd53940ce6602d4efa9594a3572e949e6a8c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-5fe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jTMBGyH4mXrSzCYedkHwTV2B5LOm1rUiz13JR1nZ3VfHUun%2BhJaJXRJ%2BN9HoQSbKenmdF9qtAf64EIUjhigE64Y6u7u3Uvy4AS2zWxe1i9v%2BFRpXLhg9%2F59AfzLcwFoSCXTEj5buFOqmFhk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2ce2d614bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
1534
icon-jacktop5.png
ad.gem88.win/images/ 		934 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/icon-jacktop5.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
306b373301556d58c2ea00c4b5a45e65f61859ee5f4f812e4708b74c41af1d48

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-3a6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkHlZy0a0BzphwkkCDB9i%2FqIRogrRsyYVxfAnuiF7m9B6jLmrspmEA93uT0mahDNMcfKLUtYniZmBnbdJAQkiZdDhgp2x%2FUDfEiZCzukxfP8OgeIvy1s6VT6aR0EqrvZbCEXCavGTJARNuY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8505c2ce2d624bc6-BUF
alt-svc
h3=":443"; ma=86400
content-length
934
get_configuration
api.livechatinc.com/v3.4/customer/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=ef2f11e4-1091-4034-ac21-61891ac28f7e&version=132.0.2.50.156.93.2.3.4.31.3.4.1084&group_id=1&jsonp=__lc_static_config
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.75 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-75.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7ab62ac9726a557f01fb403751cf3befb3a47b312dd24c9a2ea93fcf638fd43e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
legacy
2024-05-31
cache-control
public, max-age=438
content-length
1740
expires
Sun, 04 Feb 2024 20:53:22 GMT
open_chat
secure.livechatinc.com/customer/action/ Frame A3CB 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.livechatinc.com/customer/action/open_chat?license_id=16649625&group=1&embedded=1&widget_version=3&unique_groups=0
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.75 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-75.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b9e4962f54e9165292c569766c6db38f4e3b1269eac73d3858c17ac5562dbe4e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-length
2612
content-type
text/html; charset=utf-8
date
Sun, 04 Feb 2024 20:46:04 GMT
vary
Accept-Encoding
get_localization
api.livechatinc.com/v3.4/customer/action/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=ef2f11e4-1091-4034-ac21-61891ac28f7e&version=075b79d72a19c7c515c01775c17428ae_280255cebfb378fb1b940cc57366633a&language=vi&group_id=1&jsonp=__lc_localization
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.75 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-75.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
20fe76e9a86514a99ecd09e63a268f5c7492efea04cbefdd611d3e737ef5c9d3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 20:46:04 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
legacy
2024-05-31
cache-control
public, max-age=439
content-length
4673
expires
Sun, 04 Feb 2024 20:53:23 GMT
0.8edb486d.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame A3CB 		210 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/widget/static/js/0.8edb486d.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=16649625&group=1&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.14 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-14.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4268fd3a9a8083a9724fda763379e07129cec27094ee1c9326eeee53423adf63

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
hSCdgFK2B2KKyOhDftwxdfcLkgieJoCI
content-encoding
br
date
Sun, 04 Feb 2024 20:46:04 GMT
last-modified
Wed, 31 Jan 2024 13:52:58 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
etag
W/"811da62b09673b7ce2d816040f78e0fd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
2Z-BJFCPyTUBKom75PskWEMNn8Q_vt8F2z3P98aB_bec-ta-EphRXQ==
content-length
66302
expires
Mon, 03 Feb 2025 20:46:04 GMT
1.8d6ac9ce.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame A3CB 		328 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/widget/static/js/1.8d6ac9ce.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=16649625&group=1&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.14 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-14.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
dcc96f40ae4373ac5adfd3c8fdfae2b2eb92323a679df9da61a2158d5c07ce82

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
M8T7lulN0.udfkZshJkCO94m7CdmzVZt
content-encoding
br
date
Sun, 04 Feb 2024 20:46:04 GMT
last-modified
Wed, 31 Jan 2024 13:52:58 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
etag
W/"a0e9ace30984b8a65ba9dfb4ce256a63"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
TSXxZ7TZPqEHIX7aXbGfh9BIO_mF4eWvPWCWQ_4QJE6mqd6QzkClZw==
content-length
94395
expires
Mon, 03 Feb 2025 20:46:04 GMT
iframe.96d548c7.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame A3CB 		530 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/widget/static/js/iframe.96d548c7.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=16649625&group=1&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.14 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-14.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f6b3e39421aa2c2ad0cf79462e02e841b34fc431e0195a5399e7c6defc46b4f5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
KdK34o9L6dxCQ5PMY5eqgjpjBu80Kqjl
content-encoding
br
date
Sun, 04 Feb 2024 20:46:04 GMT
last-modified
Wed, 31 Jan 2024 13:53:00 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
etag
W/"6d5448698923d6af598cee49604499b8"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
6nAjQafnjb4rQs2r-io1yetM_2WgHl9XqBNp_DRhPlUtxYQZWlnPtg==
content-length
145086
expires
Mon, 03 Feb 2025 20:46:04 GMT
token
accounts.livechatinc.com/v2/customer/ Frame A3CB 		195 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.livechatinc.com/v2/customer/token
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/widget/static/js/0.8edb486d.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.75 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-75.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c23d5ec945b912e7a5c028779526b7bd85fa68a687479e341505cdd21f60f451

Request headers

Referer
https://secure.livechatinc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 04 Feb 2024 20:46:04 GMT
content-type
application/json
access-control-allow-origin
https://secure.livechatinc.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
195
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-R9056WVBMG&gtm=45je41v0v9118954187za200&_p=1707079563424&gcd=11l1l1l1l1&npa=0&dma=0&cid=1664562097.1707079564&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1707079563&sct=1&seg=0&dl=https%3A%2F%2Fad.gem88.win%2F%3Fa%3D0b08d04b25bcd0ad4484c0f9dbd56c4e%26utm_campaign%3Danw%26utm_source%3Dclickadu%26utm_medium%3Dpopunder%26utm_term%3D1999213&dt=&en=scroll&epn.percent_scrolled=90&_et=9&tfd=6573
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R9056WVBMG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Feb 2024 20:46:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ad.gem88.win
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api4.storeip-shopify.com
URL
https://api4.storeip-shopify.com/sw/collect?aff_id=0b08d04b25bcd0ad4484c0f9dbd56c4e
Domain
api6.storeip-shopify.com
URL
https://api6.storeip-shopify.com/sw/collect?aff_id=0b08d04b25bcd0ad4484c0f9dbd56c4e
Domain
gmwin.io
URL
https://gmwin.io/sw/collect?aff_id=0b08d04b25bcd0ad4484c0f9dbd56c4e

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 string| aff_id function| setCookiesLogIpv4 function| setCookiesLogIpv6 function| $ function| jQuery object| dataLayer boolean| isCHPlay boolean| isAppStore boolean| isApk boolean| isIpa number| isAction boolean| isRegis string| v object| google_tag_manager object| google_tag_data string| myDomainPV string| idPixelPV string| srcPV function| fbq function| _fbq function| onYouTubeIframeAPIReady object| gaGlobal object| iv object| key object| conf string| affId string| userAgent object| urlParams boolean| openCHplay boolean| ipv4Res boolean| ipv6Res string| query_string function| checkResp function| logIps function| parseUTM string| app_id object| session object| refresh_token function| onRegFrmSubmit function| onLoginFrmSubmit function| onLogin function| onRegister boolean| isMobile object| notifications boolean| isIPadPro boolean| autofill object| idgame object| totaljackpot number| total object| namegames function| lazyLoading function| onPlayWeb boolean| jackpotRunning function| onJackpot number| notificationTimer boolean| notificationInit boolean| notificationCall boolean| notificationRunning function| onNotifications function| showInfo function| setEncrypt function| onDownloadAndroid function| onDownloadIos function| setCookiesTracking boolean| ipv4 boolean| ipv6 object| LC_API number| t function| getIP object| bootstrap function| Fingerprint2 object| CryptoJS function| UAParser object| __lc boolean| __lc_inited object| notijackpot

7 Cookies

Domain/Path Name / Value
.accounts.livechatinc.com/v2/customer/token Name: __lc_cid
Value: 0f5dde4f-243d-422e-9d61-f5280fc146ae
.accounts.livechatinc.com/v2/customer/token Name: __lc_cst
Value: 1f2642bd7561dfe55b1a651875d2b0e782bf31e3a76ed23238d54f021d102a39aa30a707c5c5922185a65b0adfa8207867b8b1f5ad758ae10552c3f60e24
.accounts.livechatinc.com/customer/token Name: __lc_cid
Value: 0f5dde4f-243d-422e-9d61-f5280fc146ae
.accounts.livechatinc.com/customer/token Name: __lc_cst
Value: 1f2642bd7561dfe55b1a651875d2b0e782bf31e3a76ed23238d54f021d102a39aa30a707c5c5922185a65b0adfa8207867b8b1f5ad758ae10552c3f60e24
.gem88.win/ Name: _ga
Value: GA1.1.1664562097.1707079564
.gem88.win/ Name: _ga_R9056WVBMG
Value: GS1.1.1707079563.1.0.1707079563.0.0.0
accounts.livechatinc.com/ Name: __oauth_redirect_detector
Value: counter=1&t=1707079594&tag=edb485fa09c6792f1459e93f8643353d8e9863f5

11 Console Messages

Source Level URL
Text
javascript error URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Message:
Access to XMLHttpRequest at 'https://api4.storeip-shopify.com/sw/collect?aff_id=0b08d04b25bcd0ad4484c0f9dbd56c4e' from origin 'https://ad.gem88.win' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api4.storeip-shopify.com/sw/collect?aff_id=0b08d04b25bcd0ad4484c0f9dbd56c4e
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Message:
Access to XMLHttpRequest at 'https://api6.storeip-shopify.com/sw/collect?aff_id=0b08d04b25bcd0ad4484c0f9dbd56c4e' from origin 'https://ad.gem88.win' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api6.storeip-shopify.com/sw/collect?aff_id=0b08d04b25bcd0ad4484c0f9dbd56c4e
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1999213
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cdn.livechatinc.com/widget/static/js/iframe.96d548c7.chunk.js
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other warning URL: https://cdn.livechatinc.com/tracking.js
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.livechatinc.com
ad.gem88.win
api.livechatinc.com
api4.storeip-shopify.com
api6.storeip-shopify.com
cdn.livechatinc.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
gmwin.io
secure.livechatinc.com
www.google-analytics.com
www.googletagmanager.com
api4.storeip-shopify.com
api6.storeip-shopify.com
gmwin.io
209.97.168.10
23.48.224.14
23.48.224.75
2400:6180:0:d1::61a:e001
2606:4700:3031::6815:5025
2606:4700:3032::ac43:adae
2607:f8b0:4006:80c::200e
2607:f8b0:4006:81c::2003
2607:f8b0:4006:820::2008
2607:f8b0:4006:822::200a
2a03:2880:f012:8:face:b00c:0:1
001446062a5f050c360ddbb6c60be73fb557956128c37263a2e1416378ae9b96
0342a64f0d2ab3c294b31ca7b129729f4128731f037a4201fcd6e12a184d7cdc
08e1ffda33d81046bf53cb65a20acc3dd4249e3c0e4e14b0e39f85e04194e98a
11a5dabcd9588c0e8c628952107c2c0bd572087ee84a8ea75ffddcda87d063a7
1334fc4f83d8709a632ab9fd8d22c4e2868b30534f58d11f8a029456666dcc71
150e991344277d2ed02609b431389e719a7133fc719ad8caf9e5b24740e8d694
1c9d6b9b0ae9bc6c9c0059e96e8d679b82a868c59ec1e9bee350bc6e2edf2186
20fe76e9a86514a99ecd09e63a268f5c7492efea04cbefdd611d3e737ef5c9d3
22cf1baba55eced80d7ebb0de51fc8961757ef581964f8e10ebc8676399eba81
25adcb5829f4e373982ac7be939819c77761f28132c5728725638d766d49b06b
26a448d7f02e7b021d15ba5d546ce57d822e6c7728420eb089a23adf10ea26ef
275d8126ef3dfb6c425ee7ad451c1cf110f3dc28bd01d6e65c7a7d59f29bde2a
285a5d202b20d680b19de50c017635a4afbedf3aebb6424e08e67bc5f26b273c
2bc27df30f2056611a375e141bbd6ed4de7f7574a0acc2f265cd52fa8a7d72e6
306b373301556d58c2ea00c4b5a45e65f61859ee5f4f812e4708b74c41af1d48
36c64ee60a979a9056c04de2092ff68c0744e24029d7add30fc6c7342d3e47fb
3717be19007b1fd3ccc6c03c33d310ea8e7d3e4d51bc8ba27e617b5f5b477403
3c5da9fa4f696362b6832648e51af1420004535e4e8267bf0dbbf289dbb51669
40e20d0623dba65f3a7be919bd1b4213c5759ea7d362598e2fffcd03ecb72ade
41841244ce6ed4f465cfb868c420edeb0f64c532c5a31329bcdacf8c7841d852
4268fd3a9a8083a9724fda763379e07129cec27094ee1c9326eeee53423adf63
45e64a2d90de9f35073296ea108245328541ba68b6553bbeb5ed5cb6a8528176
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e
595eb22f555f9317ce271066d3536a64b5628d8d99c22e8844c48297b770fce4
5ade47c7bfe9cb00a16c8b4fa265aa07e8fa676f051e23d1d8a4fbfdb86fef1b
5b7d1a33f8a26fadb03580db340f76f5fed5e5b765d0563048687638f7a0269b
5eed0f9e2fc88385306cc4d2aa8bcd1fc329e7354a29a265809094ba409045ce
637bc10ddc6784ea531a496255c1d649b56800f5e26dcdc2f41c31c244353761
647be14a6401e00f3d516ae4415fcd53940ce6602d4efa9594a3572e949e6a8c
64e213916d9877bca7d7dae986f5f87c6fe7699316371c948913c216b93c41f2
65c82fd39e63e481e8718fbc5507615e8d88331056eb7a3b5454ac94bd7faeab
698a7dd29e741793552da6fd4cc98192ad6da8478aeaa0443e27f57f4e9481b4
6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9
6bb18753865e24b64d4ffdc33cf87d83ef112d23fe18adafab4dc99939f6e0c6
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
762ead9dbd6081f969db272c17bb280daa359f45e2f82519531a2392ca4fcaf1
7a0ea7512ef3ef6351f58273115ce81e2b37e071a3badad72fd6d0a10fa92024
7a82b32ea4fcf428a441750c401b3a4752f501995403538889c6d697db4e265e
7ab62ac9726a557f01fb403751cf3befb3a47b312dd24c9a2ea93fcf638fd43e
85a914ae4cdbc9c034bb19398eee3bff1effe990f4f934cd704842fd4b79ab01
8850ad2a073a4e12ff7984cdc1d8a1815020c76f2e7cd96656fe04d0e4e31f2a
8d78c5d69f6930521c3b46a8fca575ad1c723fe0114d056005d2bb2db4f5eafc
9c91fd27f6f8293117478def18959bf5053f3dcf98ebb6347905974f6113f163
a6eb08d199acceb11413b7cc4d3108461882ac3659c804e741af1067daed73c4
ab11db15dbc833f5586d15f59fa66b8cb1aa7d1086985d8c8b82b4b7d91f078c
ae34e2543ec92b8c440339855cf1829b8107fdecb3280d43ba905b59715f6fc0
b0210b490fceb299ba4561c1fc0a13f330191f5ee0aa4a17a4e700abe1037b85
b6658297a10eb33e2d3d139f9cea73e2885635495fa475cc4f1fdf41c2ebac72
b9e4962f54e9165292c569766c6db38f4e3b1269eac73d3858c17ac5562dbe4e
bb2489c0eeffa420686b1bb54575790cadfeb3344d2063ac26bb38d4e1ee9c5b
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bca08b5abefcb969515978e1a62cdc71eedb282539de0a93da72ef604ddfb905
c23d5ec945b912e7a5c028779526b7bd85fa68a687479e341505cdd21f60f451
c3ba98f60481267b1d7e20f2743d93ed2bba4daf00c9104801d8f51f4d7bf77c
cbcad0512f42296a7388501662662ef64652a9daa3fb39147352b657b61acb9c
d3db1523c678e0217a2046b0e12a3b7778cfceab3a041920174ba7d67422d3b3
dcc96f40ae4373ac5adfd3c8fdfae2b2eb92323a679df9da61a2158d5c07ce82
dd7fe97d8b0b2a686e232ef2a8b711f5195bc543f5b660e684685c7e66b8f2f0
de851a1267df76e4648aaa1059368f8156ab759db4ef70da4245dd6326e7cef8
df4c4d50f9082a8d502245115432b004535b78dfc6dcc5d4f206e875fabc5575
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66619ac22c40ebb4b8ac9284325bb301e77423dee32a5bf091a8d0e8894ff45
e9ce5a276819119f1b6223228d236ffdf3d8d83014b08a4e1c909310fd261f3d
ed522d1bf5b935ecb33a5896bbf3d84e910104318a5b41c9b9f1e5ab3f72dc01
f3c6d54c27cb6f6eb3986a10b70080fce7c6378d873340cb9856a7d41e556127
f6155fdbd8360064763e6e9eba26ee73353d2fe4754b58ae921a9541ccb40ca6
f6b3e39421aa2c2ad0cf79462e02e841b34fc431e0195a5399e7c6defc46b4f5
f9d251e4fae4ce41096ac504dcc8277b13509f3b21716fa6bf2bbbf248299428
fa49fbae9156dc680c02ec2554ef484426e2a98f0f0d16b3050c951f1a031d67
fa715f294b6d9b97487327a36ebd9038d88d3832a31e35bc65d1f2e84d1cee2f
fb198f9953745a11bcc28a33224e282daef5dadf6f6e66634c282f1a57b7659a
fc3cade2468407b0311a0bb58b781b1ca93c01c1965c49e41ca133d694dfd316
fd67f2b53732ab3114169952b7564c7535f82d1bdc74dd1862520e521c9c25b9
fddeffd4b4a71238d91e4d88e216ef4c20d77ab9010017d559c1c48220b1d69f