Submitted URL: http://gabbardford.com/
Effective URL: https://f1026.com:9900/?aff=1044109
Submission: On February 24 via manual from US

Summary

This website contacted 12 IPs in 6 countries across 10 domains to perform 98 HTTP transactions. The main IP is 2401:cf80:6097:e664:aa28:ea63:383b:218, located in Philippines and belongs to EAGLENET-AP 60 Market Square,P.O. Box 364, PH. The main domain is f1026.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 22nd 2020. Valid for: a year.
This is the only time f1026.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 154.222.228.36 62468 (VPSQUAN)
1 123.125.115.59 4808 (CHINA169-...)
1 45.64.54.106 38197 (SUNHK-DAT...)
1 28 2401:cf80:609... 55303 (EAGLENET-...)
4 103.235.46.191 55967 (CNNIC-BAI...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
31 45.60.87.140 19551 (INCAPSULA)
9 43.251.126.131 55303 (EAGLENET-...)
2 47.246.48.252 24429 (TAOBAO Zh...)
1 59.110.185.101 37963 (CNNIC-ALI...)
98 12
Domain Requested by
31 p1.3b82.com f1026.com
p1.3b82.com
28 f1026.com 1 redirects f1289.com
f1026.com
p1.3b82.com
16 gabbardford.com gabbardford.com
9 cdn.escasino.net f1026.com
4 www.googletagmanager.com f1026.com
4 hm.baidu.com f1289.com
gabbardford.com
f1026.com
2 g.alicdn.com f1026.com
2 www.google-analytics.com www.googletagmanager.com
1 f1520.oss-cn-beijing.aliyuncs.com f1026.com
1 f1289.com gabbardford.com
1 ziyuan.baidu.com gabbardford.com
98 11

This site contains no links.

Subject Issuer Validity Valid
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2
2020-01-13 -
2020-06-25
5 months crt.sh
f1289.com
Go Daddy Secure Certificate Authority - G2
2020-01-15 -
2021-01-15
a year crt.sh
*.f1026.com
Sectigo RSA Domain Validation Secure Server CA
2020-01-22 -
2021-01-23
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2020-02-12 -
2020-05-06
3 months crt.sh
*.3b82.com
RapidSSL RSA CA 2018
2019-09-19 -
2020-09-19
a year crt.sh
*.escasino.net
Sectigo RSA Domain Validation Secure Server CA
2019-09-23 -
2020-12-21
a year crt.sh
*.alicdn.com
GlobalSign Organization Validation CA - SHA256 - G2
2019-09-03 -
2020-09-03
a year crt.sh
*.oss.aliyuncs.com
GlobalSign Organization Validation CA - SHA256 - G2
2019-10-23 -
2020-10-23
a year crt.sh

This page contains 4 frames:

Primary Page: https://f1026.com:9900/?aff=1044109
Frame ID: 9B0F76660BBC9F9004F65B07AA317BC6
Requests: 24 HTTP requests in this frame

Frame: https://f1026.com:9900/entrance/page/registermember?ni=1
Frame ID: 287B665C2CC220F967030B7437275EBA
Requests: 54 HTTP requests in this frame

Frame: https://f1026.com:9900/app/member/upupFlash.php?uid=
Frame ID: 16BCF1DBFE8DBEFD2C0ADBF7FD3947F3
Requests: 6 HTTP requests in this frame

Frame: https://f1026.com:9900/infe/user/join/
Frame ID: 4294D5ECC9B9BE4BAEA06D0084E40E5F
Requests: 16 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://gabbardford.com/ Page URL
  2. https://f1289.com/ Page URL
  3. https://f1026.com/?aff=1044109 HTTP 301
    https://f1026.com:9900/?aff=1044109 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

Page Statistics

98
Requests

84 %
HTTPS

27 %
IPv6

10
Domains

11
Subdomains

12
IPs

6
Countries

1958 kB
Transfer

3585 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gabbardford.com/ Page URL
  2. https://f1289.com/ Page URL
  3. https://f1026.com/?aff=1044109 HTTP 301
    https://f1026.com:9900/?aff=1044109 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

98 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
gabbardford.com/
27 KB
15 KB
Document
General
Full URL
http://gabbardford.com/
Protocol
HTTP/1.1
Server
154.222.228.36 , Hong Kong, ASN62468 (VPSQUAN, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / PHP/7.2.22 ASP.NET
Resource Hash
aaa7484bc3dfb86e3bc0a4c35d87e21f348f9a4a1ee7f79da2fbde2947e93bd7

Request headers

Host
gabbardford.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/7.5
X-Powered-By
PHP/7.2.22 ASP.NET
Date
Mon, 24 Feb 2020 16:09:19 GMT
Content-Length
15338
f1.script
gabbardford.com/js/
0
185 B
Script
General
Full URL
http://gabbardford.com/js/f1.script
Requested by
Host: gabbardford.com
URL: http://gabbardford.com/
Protocol
HTTP/1.1
Server
154.222.228.36 , Hong Kong, ASN62468 (VPSQUAN, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / xxfseo, ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://gabbardford.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 24 Feb 2020 16:09:20 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
xxfseo, ASP.NET
Content-Length
0
Content-Type
application/javascript
cgcyz.css
gabbardford.com/template/news/xxfseo01/style/
13 KB
4 KB
Stylesheet
General
Full URL
http://gabbardford.com/template/news/xxfseo01/style/cgcyz.css
Requested by
Host: gabbardford.com
URL: http://gabbardford.com/
Protocol
HTTP/1.1
Server
154.222.228.36 , Hong Kong, ASN62468 (VPSQUAN, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
8b016bed9d9d92494920c9de4308df334c0f0091dc5637dfdaa2e53dafc3fb9b

Request headers

Referer
http://gabbardford.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 24 Feb 2020 16:09:20 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Sep 2017 05:35:52 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0ac132b9b27d31:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
3401
dedeajax2.js
gabbardford.com/include/
22 KB
12 KB
Script
General
Full URL
http://gabbardford.com/include/dedeajax2.js
Requested by
Host: gabbardford.com
URL: http://gabbardford.com/
Protocol
HTTP/1.1
Server
154.222.228.36 , Hong Kong, ASN62468 (VPSQUAN, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / PHP/7.2.22, ASP.NET
Resource Hash
1f3ee46f29217d939f0a4a331ab973645cdaf765e510ba5a83007f375177f1e1

Request headers

Referer
http://gabbardford.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 24 Feb 2020 16:09:20 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/7.5
X-Powered-By
PHP/7.2.22, ASP.NET
Content-Length
12156
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
j.js
gabbardford.com/images/js/
20 KB
11 KB
Script
General
Full URL
http://gabbardford.com/images/js/j.js
Requested by
Host: gabbardford.com
URL: http://gabbardford.com/
Protocol
HTTP/1.1
Server
154.222.228.36 , Hong Kong, ASN62468 (VPSQUAN, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / PHP/7.2.22, ASP.NET
Resource Hash
1f5f25ff75aee3441fe4fbc7c5557a8c04a83d175ab6b6f566f90e951a4dbd71

Request headers

Referer
http://gabbardford.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 24 Feb 2020 16:09:20 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/7.5
X-Powered-By
PHP/7.2.22, ASP.NET
Content-Length
11066
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
pic_scroll.js
gabbardford.com/template/news/xxfseo01/js/
4 KB
1 KB
Script
General
Full URL
http://gabbardford.com/template/news/xxfseo01/js/pic_scroll.js
Requested by
Host: gabbardford.com
URL: http://gabbardford.com/
Protocol
HTTP/1.1
Server
154.222.228.36 , Hong Kong, ASN62468 (VPSQUAN, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
d3712df500fc47be30a84b24d6e9b85c0a222be4d47a89022f3f59e05b3e99ef

Request headers

Referer
http://gabbardford.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 24 Feb 2020 16:09:20 GMT
Content-Encoding
gzip
Last-Modified
Sat, 25 Jun 2011 17:33:52 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"080b4c5e33cc1:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
1119
logo.png
gabbardford.com/uploads/images/
3 KB
3 KB
Image
General
Full URL
http://gabbardford.com/uploads/images/logo.png?n=4s4jjzmqvtu2hdxfscpq&w=180
Requested by
Host: gabbardford.com
URL: http://gabbardford.com/
Protocol
HTTP/1.1
Server
154.222.228.36 , Hong Kong, ASN62468 (VPSQUAN, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / PHP/7.2.22, ASP.NET
Resource Hash
94bc90b8467f73c5518fa151fa348c9a3db85a3824cac3599ca49514073d1892

Request headers

Referer
http://gabbardford.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 24 Feb 2020 16:09:20 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
PHP/7.2.22, ASP.NET
Content-Length
2720
Content-Type
image/png
foot_beian.gif
gabbardford.com/template/news/xxfseo01/images/
2 KB
2 KB
Image
General
Full URL
http://gabbardford.com/template/news/xxfseo01/images/foot_beian.gif
Requested by
Host: gabbardford.com
URL: http://gabbardford.com/
Protocol
HTTP/1.1
Server
154.222.228.36 , Hong Kong, ASN62468 (VPSQUAN, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
d979ad9b506e043b7375019eede3fe4613881561079013e543b60b535abca0c5

Request headers

Referer
http://gabbardford.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 24 Feb 2020 16:09:20 GMT
Last-Modified
Sat, 25 Jun 2011 17:33:36 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0182b35e33cc1:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
2152
foot_jubao.gif
gabbardford.com/template/news/xxfseo01/images/
2 KB
2 KB
Image
General
Full URL
http://gabbardford.com/template/news/xxfseo01/images/foot_jubao.gif
Requested by
Host: gabbardford.com
URL: http://gabbardford.com/
Protocol
HTTP/1.1
Server
154.222.228.36 , Hong Kong, ASN62468 (VPSQUAN, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
3bfc502ea0410defe5db315d3c9f97e5f9346d7e7284b53f0d66662d73f6707d

Request headers

Referer
http://gabbardford.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 24 Feb 2020 16:09:20 GMT
Last-Modified
Sat, 25 Jun 2011 17:33:36 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0182b35e33cc1:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
2064
foot_wljc.gif
gabbardford.com/template/news/xxfseo01/images/
2 KB
3 KB
Image
General
Full URL
http://gabbardford.com/template/news/xxfseo01/images/foot_wljc.gif
Requested by
Host: gabbardford.com
URL: http://gabbardford.com/
Protocol
HTTP/1.1
Server
154.222.228.36 , Hong Kong, ASN62468 (VPSQUAN, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
10249afca5a071a5db76bd305abd51baec480b234ec855034a75b8cbfc3cca5e

Request headers

Referer
http://gabbardford.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 24 Feb 2020 16:09:20 GMT
Last-Modified
Sat, 25 Jun 2011 17:33:36 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0182b35e33cc1:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
2341
foot_wm.gif
gabbardford.com/template/news/xxfseo01/images/
5 KB
5 KB
Image
General
Full URL
http://gabbardford.com/template/news/xxfseo01/images/foot_wm.gif
Requested by
Host: gabbardford.com
URL: http://gabbardford.com/
Protocol
HTTP/1.1
Server
154.222.228.36 , Hong Kong, ASN62468 (VPSQUAN, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
11c4f42cdadcef92189e48e18e9002988d91466a7e76c6711210b605db9c502a

Request headers

Referer
http://gabbardford.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 24 Feb 2020 16:09:20 GMT
Last-Modified
Sat, 25 Jun 2011 17:33:38 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0455c45e33cc1:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
5183
foot_110.gif
gabbardford.com/template/news/xxfseo01/images/
2 KB
3 KB
Image
General
Full URL
http://gabbardford.com/template/news/xxfseo01/images/foot_110.gif
Requested by
Host: gabbardford.com
URL: http://gabbardford.com/
Protocol
HTTP/1.1
Server
154.222.228.36 , Hong Kong, ASN62468 (VPSQUAN, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
ce720d8a8671655f9c5b4155afecf5e6d7c93322936ff496737e812e2041da34

Request headers

Referer
http://gabbardford.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 24 Feb 2020 16:09:20 GMT
Last-Modified
Sat, 25 Jun 2011 17:33:36 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0182b35e33cc1:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
2332
image.gif
ziyuan.baidu.com/
0
0
Image
General
Full URL
https://ziyuan.baidu.com/image.gif
Requested by
Host: gabbardford.com
URL: http://gabbardford.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
123.125.115.59 Beijing, China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://gabbardford.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

layout.css
gabbardford.com/template/news/xxfseo01/style/
12 KB
3 KB
Stylesheet
General
Full URL
http://gabbardford.com/template/news/xxfseo01/style/layout.css
Requested by
Host: gabbardford.com
URL: http://gabbardford.com/
Protocol
HTTP/1.1
Server
154.222.228.36 , Hong Kong, ASN62468 (VPSQUAN, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
4cb1b41ce0051e0bed1781c8f8a5a7b6235113aa973f4a4ed7697ca78ffb7b36

Request headers

Referer
http://gabbardford.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 24 Feb 2020 16:09:20 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Jul 2012 01:34:42 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0a5667f3c69cd1:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
2725
page.css
gabbardford.com/template/news/xxfseo01/style/
20 KB
4 KB
Stylesheet
General
Full URL
http://gabbardford.com/template/news/xxfseo01/style/page.css
Requested by
Host: gabbardford.com
URL: http://gabbardford.com/
Protocol
HTTP/1.1
Server
154.222.228.36 , Hong Kong, ASN62468 (VPSQUAN, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
db9f9a7539efb8d0d009b4dfc0a7400351612f16ea83d669a690ab046924e340

Request headers

Referer
http://gabbardford.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 24 Feb 2020 16:09:20 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Jul 2012 01:35:00 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"03a218a3c69cd1:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
4294
green_skin.png
gabbardford.com/template/news/xxfseo01/images/
4 KB
4 KB
Image
General
Full URL
http://gabbardford.com/template/news/xxfseo01/images/green_skin.png
Requested by
Host: gabbardford.com
URL: http://gabbardford.com/
Protocol
HTTP/1.1
Server
154.222.228.36 , Hong Kong, ASN62468 (VPSQUAN, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
ec05ac467d250e71a3908ad2cd3cf0ba621b99d5c5268aa8cbdf756cf7f9bd42

Request headers

Referer
http://gabbardford.com/template/news/xxfseo01/style/cgcyz.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 24 Feb 2020 16:09:21 GMT
Last-Modified
Sat, 25 Jun 2011 17:33:38 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0455c45e33cc1:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
4162
ico-2.gif
gabbardford.com/template/news/xxfseo01/images/
50 B
294 B
Image
General
Full URL
http://gabbardford.com/template/news/xxfseo01/images/ico-2.gif
Requested by
Host: gabbardford.com
URL: http://gabbardford.com/
Protocol
HTTP/1.1
Server
154.222.228.36 , Hong Kong, ASN62468 (VPSQUAN, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
8eaad20f0e957f43a6b6a9ffe595dfb2583e5d40216454f831513c75667f925b

Request headers

Referer
http://gabbardford.com/template/news/xxfseo01/style/layout.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 24 Feb 2020 16:09:21 GMT
Last-Modified
Sat, 25 Jun 2011 17:33:38 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0455c45e33cc1:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
50
/
f1289.com/
723 B
844 B
Document
General
Full URL
https://f1289.com/
Requested by
Host: gabbardford.com
URL: http://gabbardford.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.64.54.106 Central, Hong Kong, ASN38197 (SUNHK-DATA-AS-AP Sun Network (Hong Kong) Limited - HongKong Backbone, HK),
Reverse DNS
Software
nginx /
Resource Hash
26b480a70e77cec9db5e1204655c5a700bb32948a002bd4b9553cab1c7364f79

Request headers

:method
GET
:authority
f1289.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://gabbardford.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
http://gabbardford.com/

Response headers

status
200
server
nginx
date
Mon, 24 Feb 2020 16:09:31 GMT
content-type
text/html
content-length
723
last-modified
Wed, 19 Feb 2020 03:21:37 GMT
etag
"5e4ca9c1-2d3"
accept-ranges
bytes
Primary Request Cookie set /
f1026.com/
Redirect Chain
  • https://f1026.com/?aff=1044109
  • https://f1026.com:9900/?aff=1044109
8 KB
4 KB
Document
General
Full URL
https://f1026.com:9900/?aff=1044109
Requested by
Host: f1289.com
URL: https://f1289.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:cf80:6097:e664:aa28:ea63:383b:218 , Philippines, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
d3ddec4d36d9ec26b8ab286e60ad40f1f10ddebfe71f2fbf1147184361929595
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Host
f1026.com:9900
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://f1289.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
T0_IPL_AVRbbbbbbbbbbbbbbbb=CJILLFGJLMJNKCAEGLDEKNKFIOGJLMIMGLGBOAKNANHAMNBBJEOEBOBHMKNJBFPGHCEGMLPHDJDDLFGCGODGCNLLPCFAONEIKDAAIBICLCMHANLAHPJGECOJIJFKPEML
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://f1289.com/

Response headers

Date
Mon, 24 Feb 2020 16:09:33 GMT
Set-Cookie
lang=en; path=/ lang=en; path=/ langx=en; path=/ IBCACHE=LrbESTEntP4aSSBU092Zsrp0-fuXlOtdCffG9ffpoz8z1w7P-NXq2IiZxetJ364IT0FIZVVmbXgtX1pzbUlXaU05RFhISXVJU0pCaExEbnphZW83RkpWV2dRUQ; expires=Mon, 24-Feb-2020 16:10:33 GMT; Max-Age=60; path=/; domain=f1026.com; HttpOnly SESSION_ID=guest; path=/; domain=f1026.com ICCACHE=os%2BgpYj3bJMzY7wznJ1hn1SqBJ1s29BuXMq5qzrgnYA2RWxDc3pUcDZ4MmdxcXh4; path=/; domain=f1026.com IntrCookie=1044109; path=/ page_site=first; path=/ IntrCookie=1044109; path=/ page_site=first; path=/
Vary
Accept-Encoding
Keep-Alive
timeout=30, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Server
Apache
Content-Encoding
gzip
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload

Redirect headers

Location
https://f1026.com:9900/?aff=1044109
Connection
Keep-Alive
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Set-Cookie
T0_IPL_AVRbbbbbbbbbbbbbbbb=CJILLFGJLMJNKCAEGLDEKNKFIOGJLMIMGLGBOAKNANHAMNBBJEOEBOBHMKNJBFPGHCEGMLPHDJDDLFGCGODGCNLLPCFAONEIKDAAIBICLCMHANLAHPJGECOJIJFKPEML; HttpOnly
hm.js
hm.baidu.com/
37 KB
14 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?d06c84e201b933ceecb7c9ec0a376a75
Requested by
Host: f1289.com
URL: https://f1289.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://f1289.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 24 Feb 2020 16:09:32 GMT
Content-Encoding
gzip
Server
apache
Etag
53d8f9e62425c2e924d2a8b03ac01b35
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
13505
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=483093865&si=d06c84e201b933ceecb7c9ec0a376a75&su=http%3A%2F%2Fgabbardford.com%2F&v=1.2.68&lv=1&sn=21393&ct=!!
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://f1289.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Date
Mon, 24 Feb 2020 16:09:33 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
js
www.googletagmanager.com/gtag/
74 KB
28 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js
Requested by
Host: f1026.com
URL: https://f1026.com:9900/?aff=1044109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f23f96af36c8079a4cea6d3fe59b2a5fb26f0927f357860dc9f6498a53979acd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://f1026.com:9900/?aff=1044109
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 24 Feb 2020 16:09:34 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28488
x-xss-protection
0
last-modified
Mon, 24 Feb 2020 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 24 Feb 2020 16:09:34 GMT
gtm.js
www.googletagmanager.com/
128 KB
30 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MNTWRH2
Requested by
Host: f1026.com
URL: https://f1026.com:9900/?aff=1044109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bf2211a598b2a088f8b250f0412c1fcbfe5aab68d93ec717e1bb965c52409aaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://f1026.com:9900/?aff=1044109
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 24 Feb 2020 16:09:34 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
30762
x-xss-protection
0
last-modified
Mon, 24 Feb 2020 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 24 Feb 2020 16:09:34 GMT
registermember
f1026.com/entrance/page/ Frame 287B
155 KB
55 KB
Document
General
Full URL
https://f1026.com:9900/entrance/page/registermember?ni=1
Requested by
Host: f1026.com
URL: https://f1026.com:9900/?aff=1044109
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:cf80:6097:e664:aa28:ea63:383b:218 , Philippines, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
2094488fa4b6f6b3c7dae5b63384d316c72482ec8411283ef1efb2baa63275b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Host
f1026.com:9900
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Referer
https://f1026.com:9900/?aff=1044109
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
T0_IPL_AVRbbbbbbbbbbbbbbbb=CJILLFGJLMJNKCAEGLDEKNKFIOGJLMIMGLGBOAKNANHAMNBBJEOEBOBHMKNJBFPGHCEGMLPHDJDDLFGCGODGCNLLPCFAONEIKDAAIBICLCMHANLAHPJGECOJIJFKPEML; lang=en; langx=en; IBCACHE=LrbESTEntP4aSSBU092Zsrp0-fuXlOtdCffG9ffpoz8z1w7P-NXq2IiZxetJ364IT0FIZVVmbXgtX1pzbUlXaU05RFhISXVJU0pCaExEbnphZW83RkpWV2dRUQ; SESSION_ID=guest; ICCACHE=os%2BgpYj3bJMzY7wznJ1hn1SqBJ1s29BuXMq5qzrgnYA2RWxDc3pUcDZ4MmdxcXh4; IntrCookie=1044109; page_site=first
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://f1026.com:9900/?aff=1044109

Response headers

Date
Mon, 24 Feb 2020 16:09:34 GMT
Vary
Accept-Encoding
Keep-Alive
timeout=30, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Server
Apache
Content-Encoding
gzip
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Cookie set upupFlash.php
f1026.com/app/member/ Frame 16BC
8 KB
4 KB
Document
General
Full URL
https://f1026.com:9900/app/member/upupFlash.php?uid=
Requested by
Host: f1026.com
URL: https://f1026.com:9900/?aff=1044109
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:cf80:6097:e664:aa28:ea63:383b:218 , Philippines, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
d3e760bdcd866ad856f9a3570dfb226cb238652d2bb3992a770215e56d675308
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Host
f1026.com:9900
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Referer
https://f1026.com:9900/?aff=1044109
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
T0_IPL_AVRbbbbbbbbbbbbbbbb=CJILLFGJLMJNKCAEGLDEKNKFIOGJLMIMGLGBOAKNANHAMNBBJEOEBOBHMKNJBFPGHCEGMLPHDJDDLFGCGODGCNLLPCFAONEIKDAAIBICLCMHANLAHPJGECOJIJFKPEML; lang=en; langx=en; IBCACHE=LrbESTEntP4aSSBU092Zsrp0-fuXlOtdCffG9ffpoz8z1w7P-NXq2IiZxetJ364IT0FIZVVmbXgtX1pzbUlXaU05RFhISXVJU0pCaExEbnphZW83RkpWV2dRUQ; SESSION_ID=guest; ICCACHE=os%2BgpYj3bJMzY7wznJ1hn1SqBJ1s29BuXMq5qzrgnYA2RWxDc3pUcDZ4MmdxcXh4; IntrCookie=1044109; page_site=first
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://f1026.com:9900/?aff=1044109

Response headers

Date
Mon, 24 Feb 2020 16:09:34 GMT
Set-Cookie
PHPSESSID=luulp8hr0l11pjuos9hrr3m5p2; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Vary
Accept-Encoding
Keep-Alive
timeout=30, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Server
Apache
Content-Encoding
gzip
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
analytics.js
www.google-analytics.com/
44 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNTWRH2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://f1026.com:9900/?aff=1044109
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
1264
date
Mon, 24 Feb 2020 15:48:30 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Mon, 24 Feb 2020 17:48:30 GMT
jquery-1.7.2.min.js
f1026.com/cl/js/ Frame 16BC
93 KB
46 KB
Script
General
Full URL
https://f1026.com:9900/cl/js/jquery-1.7.2.min.js
Requested by
Host: f1026.com
URL: https://f1026.com:9900/app/member/upupFlash.php?uid=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:cf80:6097:e664:aa28:ea63:383b:218 , Philippines, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
4332316d0fe4e2c7a9e213afa4d9cbf983ad5bf80cb47d98c9cacd5470e35889
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://f1026.com:9900/app/member/upupFlash.php?uid=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 24 Feb 2020 16:09:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Nov 2016 05:35:53 GMT
Server
Apache
ETag
"582d41b9-1727a"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=432000
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Expires
Sat, 29 Feb 2020 16:09:34 GMT
plugins.min.js
f1026.com/cl/js/plugin/ Frame 16BC
15 KB
8 KB
Script
General
Full URL
https://f1026.com:9900/cl/js/plugin/plugins.min.js
Requested by
Host: f1026.com
URL: https://f1026.com:9900/app/member/upupFlash.php?uid=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:cf80:6097:e664:aa28:ea63:383b:218 , Philippines, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
50fb90447efaef23d17e95cfd13fc0d6b9bb96e8c0cb957e7d0e8c222e30935a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://f1026.com:9900/app/member/upupFlash.php?uid=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 24 Feb 2020 16:09:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Aug 2019 07:13:16 GMT
Server
Apache
ETag
"5d56578c-3a48"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=432000
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
7333
Expires
Sat, 29 Feb 2020 16:09:35 GMT
FigLeaf.js
f1026.com/ipl/app/flash/publicbmw/ball/ Frame 16BC
14 KB
6 KB
Script
General
Full URL
https://f1026.com:9900/ipl/app/flash/publicbmw/ball/FigLeaf.js?site=member
Requested by
Host: f1026.com
URL: https://f1026.com:9900/app/member/upupFlash.php?uid=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:cf80:6097:e664:aa28:ea63:383b:218 , Philippines, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
610959508837b1fed34a90c085517b2aec1bd260c5d09be5b7fd41b7380de26e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://f1026.com:9900/app/member/upupFlash.php?uid=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 24 Feb 2020 16:09:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Aug 2019 07:31:22 GMT
Server
Apache
ETag
"5d550a4a-3735"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
5417
bootstrap-notify.js
f1026.com/cl/js/tools/ Frame 16BC
14 KB
6 KB
Script
General
Full URL
https://f1026.com:9900/cl/js/tools/bootstrap-notify.js
Requested by
Host: f1026.com
URL: https://f1026.com:9900/app/member/upupFlash.php?uid=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:cf80:6097:e664:aa28:ea63:383b:218 , Philippines, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
9007912bcffccf883304ac19824051ae72dcd3a69a68b065f81fe929f1995e9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://f1026.com:9900/app/member/upupFlash.php?uid=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 24 Feb 2020 16:09:35 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Sep 2017 00:57:17 GMT
Server
Apache
ETag
"59caf76d-36ab"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=432000
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
5450
Expires
Sat, 29 Feb 2020 16:09:35 GMT
common.min.css
p1.3b82.com/cl/tpl/template/style/ Frame 287B
2 KB
1 KB
Stylesheet
General
Full URL
https://p1.3b82.com/cl/tpl/template/style/common.min.css?v=ver112.176
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c37ce466abeb200225cab59f6820623e3cd3136bdd086c45d9dd0add0a23cd48

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 24 Feb 2020 16:09:34 GMT
content-encoding
gzip
last-modified
Mon, 26 Aug 2019 11:41:16 GMT
x-cdn
Incapsula
access-control-allow-origin
*
etag
"5d63c55c-83d"
content-type
text/css
status
200
x-iinfo
1-19076135-19075625 2CNN RT(1582560574536 0) q(0 0 0 0) r(0 0) U18
cache-control
max-age=17973, public
content-length
1101
expires
Mon, 24 Feb 2020 21:09:07 GMT
f1casino.css
p1.3b82.com/cl/tpl/f1casino/ver1/css/ Frame 287B
13 KB
5 KB
Stylesheet
General
Full URL
https://p1.3b82.com/cl/tpl/f1casino/ver1/css/f1casino.css?v=ver112.176
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
da71875ef18bd902f92733967cadf5414769fa62c213cff6a4550cab17527e1c

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 24 Feb 2020 16:09:34 GMT
content-encoding
gzip
last-modified
Tue, 29 Jan 2019 06:25:27 GMT
x-cdn
Incapsula
access-control-allow-origin
*
etag
"5c4ff1d7-34a5"
content-type
text/css
status
200
x-iinfo
1-19076136-19072330 2CNN RT(1582560574536 0) q(0 0 0 3) r(0 0) U18
cache-control
max-age=17973, public
content-length
4574
expires
Mon, 24 Feb 2020 21:09:07 GMT
jquery-1.7.2.min.js
p1.3b82.com/cl/js/ Frame 287B
93 KB
46 KB
Script
General
Full URL
https://p1.3b82.com/cl/js/jquery-1.7.2.min.js?v=ver112.176
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
4332316d0fe4e2c7a9e213afa4d9cbf983ad5bf80cb47d98c9cacd5470e35889

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 24 Feb 2020 16:09:34 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2016 05:35:53 GMT
x-cdn
Incapsula
access-control-allow-origin
*
etag
"582d41b9-1727a"
content-type
application/javascript; charset=utf-8
status
200
x-iinfo
1-19076137-19069016 2CNN RT(1582560574540 0) q(0 0 0 0) r(0 0) U18
cache-control
max-age=17974, public
content-length
46323
expires
Mon, 24 Feb 2020 21:09:08 GMT
common.min.js
p1.3b82.com/cl/js/ Frame 287B
16 KB
8 KB
Script
General
Full URL
https://p1.3b82.com/cl/js/common.min.js?v=ver112.176
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
402d2462cf7ccf6b5429a7d6a7fae0ecb281b3ddd1d5f7eb8478bc6985ccd4a1

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 24 Feb 2020 16:09:34 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 00:52:06 GMT
x-cdn
Incapsula
access-control-allow-origin
*
etag
"5e4c86b6-3f21"
content-type
application/javascript; charset=utf-8
status
200
x-iinfo
1-19076138-19076139 2CNN RT(1582560574541 0) q(0 0 0 1) r(0 0) U18
cache-control
max-age=17973, public
content-length
7350
expires
Mon, 24 Feb 2020 21:09:07 GMT
upup.js
p1.3b82.com/cl/js/tools/ Frame 287B
10 KB
4 KB
Script
General
Full URL
https://p1.3b82.com/cl/js/tools/upup.js?v=ver112.176
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
837d35e4a675030fa06d97c26c641541e23e115424500817a34bf53ad4613655

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 24 Feb 2020 16:09:34 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2016 05:35:53 GMT
x-cdn
Incapsula
access-control-allow-origin
*
etag
"582d41b9-2718"
content-type
application/javascript; charset=utf-8
status
200
x-iinfo
1-19076140-19074672 2CNN RT(1582560574543 0) q(0 0 0 0) r(0 0) U18
cache-control
max-age=17973, public
content-length
3581
expires
Mon, 24 Feb 2020 21:09:07 GMT
plugins.min.js
p1.3b82.com/cl/js/plugin/ Frame 287B
15 KB
7 KB
Script
General
Full URL
https://p1.3b82.com/cl/js/plugin/plugins.min.js?v=ver112.176
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
50fb90447efaef23d17e95cfd13fc0d6b9bb96e8c0cb957e7d0e8c222e30935a

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 24 Feb 2020 16:09:34 GMT
content-encoding
gzip
last-modified
Fri, 16 Aug 2019 07:13:16 GMT
x-cdn
Incapsula
access-control-allow-origin
*
etag
"5d56578c-3a48"
content-type
application/javascript; charset=utf-8
status
200
x-iinfo
1-19076141-19072330 2CNN RT(1582560574544 0) q(0 0 0 0) r(0 0) U18
cache-control
max-age=17973, public
content-length
7333
expires
Mon, 24 Feb 2020 21:09:07 GMT
157606013699.gif
cdn.escasino.net/tpl/1308/1364753/images/ Frame 287B
2 KB
3 KB
Image
General
Full URL
https://cdn.escasino.net/tpl/1308/1364753/images/157606013699.gif
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.251.126.131 , India, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
a7548406bef770d988ad7fafb164a0dce83b7c4cc8cc984966e5c1930902b3f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 24 Feb 2020 16:09:37 GMT
last-modified
Wed, 11 Dec 2019 10:28:56 GMT
server
Apache
access-control-allow-origin
*
etag
"5df0c4e8-9e4"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
status
200
accept-ranges
bytes
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length
2532
154754955312.gif
cdn.escasino.net/tpl/1308/1170401/images/ Frame 287B
2 KB
3 KB
Image
General
Full URL
https://cdn.escasino.net/tpl/1308/1170401/images/154754955312.gif
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.251.126.131 , India, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
a7548406bef770d988ad7fafb164a0dce83b7c4cc8cc984966e5c1930902b3f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 24 Feb 2020 16:09:37 GMT
last-modified
Tue, 15 Jan 2019 10:52:33 GMT
server
Apache
access-control-allow-origin
*
etag
"5c3dbb71-9e4"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
status
200
accept-ranges
bytes
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length
2532
154754957051.gif
cdn.escasino.net/tpl/1308/1170401/images/ Frame 287B
2 KB
3 KB
Image
General
Full URL
https://cdn.escasino.net/tpl/1308/1170401/images/154754957051.gif
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.251.126.131 , India, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
a7548406bef770d988ad7fafb164a0dce83b7c4cc8cc984966e5c1930902b3f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 24 Feb 2020 16:09:37 GMT
last-modified
Tue, 15 Jan 2019 10:52:50 GMT
server
Apache
access-control-allow-origin
*
etag
"5c3dbb82-9e4"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
status
200
accept-ranges
bytes
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length
2532
fckeditor.css
f1026.com/cl/tpl/commonFile/css/ Frame 287B
9 KB
3 KB
Stylesheet
General
Full URL
https://f1026.com:9900/cl/tpl/commonFile/css/fckeditor.css
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:cf80:6097:e664:aa28:ea63:383b:218 , Philippines, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
567cd4a93f90307ce4d25ac5343c91b636e15eefbcf8667132cb498247cc6489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Mon, 24 Feb 2020 16:09:35 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 May 2017 04:02:33 GMT
Server
Apache
ETag
"592e4059-24aa"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
text/css
Cache-Control
max-age=432000
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Expires
Sat, 29 Feb 2020 16:09:35 GMT
white.png
p1.3b82.com/cl/tpl/commonFile/images/bbinlogo/ Frame 287B
4 KB
4 KB
Image
General
Full URL
https://p1.3b82.com/cl/tpl/commonFile/images/bbinlogo/white.png?v=ver112.176
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e19d50c37d32fe5aad9fe90d31bffcbac03e7ea0ac46bbfb7e8a446513619ad1

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 24 Feb 2020 16:09:35 GMT
last-modified
Thu, 03 Aug 2017 04:08:43 GMT
x-cdn
Incapsula
access-control-allow-origin
*
etag
"5982a1cb-fc8"
content-type
image/png
status
200
x-iinfo
1-19076147-19074672 2VNN RT(1582560574629 0) q(0 0 0 -1) r(8 8) U18
cache-control
max-age=1800, public
content-length
3597
expires
Mon, 24 Feb 2020 16:39:35 GMT
152568322794.png
cdn.escasino.net/tpl/1308/965375/images/ Frame 287B
6 KB
6 KB
Image
General
Full URL
https://cdn.escasino.net/tpl/1308/965375/images/152568322794.png?1126278
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.251.126.131 , India, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
9c768ef6c74aeab2b740831c749432dc404156f4b895ad7a64fe89b70afb5616
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 24 Feb 2020 16:09:37 GMT
last-modified
Mon, 07 May 2018 08:53:47 GMT
server
Apache
access-control-allow-origin
*
etag
"5af0141b-1656"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
status
200
accept-ranges
bytes
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length
5718
152568323368.gif
cdn.escasino.net/tpl/1308/965375/images/ Frame 287B
17 KB
18 KB
Image
General
Full URL
https://cdn.escasino.net/tpl/1308/965375/images/152568323368.gif?1126278
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.251.126.131 , India, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
a9408fc53f695d69521a4d5ac308088c2d43a15a0bfb1b9f9a38fd9db38e4c66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 24 Feb 2020 16:09:37 GMT
last-modified
Mon, 07 May 2018 08:53:53 GMT
server
Apache
access-control-allow-origin
*
etag
"5af01421-4557"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
status
200
accept-ranges
bytes
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length
17751
152568323754.gif
cdn.escasino.net/tpl/1308/965375/images/ Frame 287B
27 KB
28 KB
Image
General
Full URL
https://cdn.escasino.net/tpl/1308/965375/images/152568323754.gif?1126278
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.251.126.131 , India, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
4bdd1df005124e60beb3f8d480082dfe1b85aad6abce070e6cee9427153d2429
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 24 Feb 2020 16:09:37 GMT
last-modified
Mon, 07 May 2018 08:53:57 GMT
server
Apache
access-control-allow-origin
*
etag
"5af01425-6deb"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
status
200
accept-ranges
bytes
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length
28139
152568324212.png
cdn.escasino.net/tpl/1308/965375/images/ Frame 287B
9 KB
10 KB
Image
General
Full URL
https://cdn.escasino.net/tpl/1308/965375/images/152568324212.png?1126278
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.251.126.131 , India, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
76ed94022bbca81b69405565cc8874c0c4fa7285c195cea21ba541f470653a6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 24 Feb 2020 16:09:37 GMT
last-modified
Mon, 07 May 2018 08:54:02 GMT
server
Apache
access-control-allow-origin
*
etag
"5af0142a-24de"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
status
200
accept-ranges
bytes
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length
9438
jquery.easing.1.3.min.js
f1026.com/cl/js/pluging/ Frame 287B
3 KB
2 KB
Script
General
Full URL
https://f1026.com:9900/cl/js/pluging/jquery.easing.1.3.min.js?v=ver112.176
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:cf80:6097:e664:aa28:ea63:383b:218 , Philippines, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
8a55344c1b18579e6a41c3a8be3f18c4b1140bcc2ef26fa34045068ac36cc7fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 24 Feb 2020 16:09:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Nov 2016 05:35:53 GMT
Server
Apache
ETag
"582d41b9-ce5"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=432000
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
1081
Expires
Sat, 29 Feb 2020 16:09:35 GMT
common.min.js
p1.3b82.com/cl/js/tools/ Frame 287B
7 KB
3 KB
Script
General
Full URL
https://p1.3b82.com/cl/js/tools/common.min.js?v=ver112.176
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
af3089c89607dd2b8afa7e999296f50a056666572ea000772df7dc81d25e10a4

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 24 Feb 2020 16:09:34 GMT
content-encoding
gzip
last-modified
Tue, 27 Aug 2019 08:05:43 GMT
x-cdn
Incapsula
access-control-allow-origin
*
etag
"5d64e457-1ae9"
content-type
application/javascript; charset=utf-8
status
200
x-iinfo
1-19076146-19076139 2CNN RT(1582560574627 0) q(0 0 0 -1) r(0 0) U18
cache-control
max-age=17973, public
content-length
3380
expires
Mon, 24 Feb 2020 21:09:07 GMT
index_bg.png
p1.3b82.com/cl/tpl/f1casino/ver1/image/ Frame 287B
5 KB
5 KB
Image
General
Full URL
https://p1.3b82.com/cl/tpl/f1casino/ver1/image/index_bg.png
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
8331917d1c1084b5852bf84de6181b9fab1aa89168329120f3bfc7bb6d2aad62

Request headers

Referer
https://p1.3b82.com/cl/tpl/f1casino/ver1/css/f1casino.css?v=ver112.176
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 24 Feb 2020 16:09:35 GMT
last-modified
Wed, 31 Aug 2016 03:04:12 GMT
x-cdn
Incapsula
access-control-allow-origin
*
etag
"57c6492c-274d"
content-type
image/png
status
200
x-iinfo
1-19076148-19069016 2VNN RT(1582560574630 0) q(0 0 0 -1) r(7 7) U18
cache-control
max-age=1800, public
content-length
5145
expires
Mon, 24 Feb 2020 16:39:35 GMT
title_welcome.jpg
p1.3b82.com/cl/tpl/f1casino/ver1/image/lang/en/ Frame 287B
74 KB
75 KB
Image
General
Full URL
https://p1.3b82.com/cl/tpl/f1casino/ver1/image/lang/en/title_welcome.jpg?v=ver112.176
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c464da23200ac0ecc6ad734032d38751bfee106e8ca39a1f4514ecb37ae00e8d

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 24 Feb 2020 16:09:35 GMT
last-modified
Wed, 31 Aug 2016 03:04:12 GMT
x-cdn
Incapsula
access-control-allow-origin
*
etag
"57c6492c-12954"
content-type
image/jpeg
status
200
x-iinfo
1-19076149-19074714 2VNN RT(1582560574632 0) q(0 0 0 -1) r(8 8) U18
cache-control
max-age=1800, public
content-length
76098
expires
Mon, 24 Feb 2020 16:39:35 GMT
157302006281.png
cdn.escasino.net/tpl/1308/0/images/ Frame 287B
22 KB
23 KB
Image
General
Full URL
https://cdn.escasino.net/tpl/1308/0/images/157302006281.png
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.251.126.131 , India, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
39c6cb6aa4e718c2ba2c31e7a8bdc48f694c60988c016097380f1f7b9d30c5f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 24 Feb 2020 16:09:37 GMT
last-modified
Wed, 06 Nov 2019 06:01:02 GMT
server
Apache
access-control-allow-origin
*
etag
"5dc2619e-57fe"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
status
200
accept-ranges
bytes
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length
22526
lang_rect.png
p1.3b82.com/cl/tpl/template/images/element/ Frame 287B
4 KB
4 KB
Image
General
Full URL
https://p1.3b82.com/cl/tpl/template/images/element/lang_rect.png?v=ver112.176
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
5a7c091c7008d880fe8052b4c6cbd33b7e744a21fe6c86b1a94070a5511bd9b9

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 24 Feb 2020 16:09:35 GMT
last-modified
Fri, 20 Mar 2015 01:33:10 GMT
x-cdn
Incapsula
access-control-allow-origin
*
etag
"550b78d6-108b"
content-type
image/png
status
200
x-iinfo
1-19076150-19072330 2VNN RT(1582560574633 0) q(0 0 0 -1) r(12 12) U18
cache-control
max-age=1800, public
content-length
4155
expires
Mon, 24 Feb 2020 16:39:35 GMT
loginbar_01.png
p1.3b82.com/cl/tpl/f1casino/ver1/image/ Frame 287B
205 B
448 B
Image
General
Full URL
https://p1.3b82.com/cl/tpl/f1casino/ver1/image/loginbar_01.png
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c3ad2786a56653bdbf92be9385de762f4bde4cfa525419f47ca992a011b82cc5

Request headers

Referer
https://p1.3b82.com/cl/tpl/f1casino/ver1/css/f1casino.css?v=ver112.176
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 24 Feb 2020 16:09:35 GMT
last-modified
Wed, 31 Aug 2016 03:04:12 GMT
x-cdn
Incapsula
access-control-allow-origin
*
etag
"57c6492c-189"
content-type
image/png
status
200
x-iinfo
1-19076151-19074729 2VNN RT(1582560574634 0) q(0 0 0 -1) r(8 8) U18
cache-control
max-age=1800, public
content-length
205
expires
Mon, 24 Feb 2020 16:39:35 GMT
icon_down_light.png
p1.3b82.com/cl/tpl/template/images/element/ Frame 287B
331 B
600 B
Image
General
Full URL
https://p1.3b82.com/cl/tpl/template/images/element/icon_down_light.png?v=ver112.176
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
92d5ee6f222afc504098f9ccb87a914468a89518159661e0b708bcd0fffdffa0

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 24 Feb 2020 16:09:35 GMT
last-modified
Thu, 12 Jul 2018 06:32:49 GMT
x-cdn
Incapsula
access-control-allow-origin
*
etag
"5b46f611-50a"
content-type
image/png
status
200
x-iinfo
1-19076152-19076139 2VNN RT(1582560574635 0) q(0 0 0 -1) r(11 11) U18
cache-control
max-age=1800, public
content-length
331
expires
Mon, 24 Feb 2020 16:39:35 GMT
bg01.jpg
p1.3b82.com/cl/tpl/f1casino/ver1/image/ Frame 287B
432 KB
435 KB
Image
General
Full URL
https://p1.3b82.com/cl/tpl/f1casino/ver1/image/bg01.jpg
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
67c1cca3574cfcd6fa26bb0f0ebc54fd1394c9728a431e766af2e224abb06b67

Request headers

Referer
https://p1.3b82.com/cl/tpl/f1casino/ver1/css/f1casino.css?v=ver112.176
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 24 Feb 2020 16:09:36 GMT
last-modified
Wed, 30 Jan 2019 07:55:24 GMT
x-cdn
Incapsula
access-control-allow-origin
*
etag
"5c51586c-6bf5d"
content-type
image/jpeg
status
200
x-iinfo
1-19076154-19075625 2VNN RT(1582560574647 0) q(0 8 8 -1) r(16 16) U18
cache-control
max-age=1800, public
content-length
442205
expires
Mon, 24 Feb 2020 16:39:36 GMT
about_top.png
p1.3b82.com/cl/tpl/f1casino/ver1/image/ Frame 287B
117 B
362 B
Image
General
Full URL
https://p1.3b82.com/cl/tpl/f1casino/ver1/image/about_top.png
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
ed809d45457d9b66768fa46c1156979bd87a85de3e1bdfd9c27580658324ead2

Request headers

Referer
https://p1.3b82.com/cl/tpl/f1casino/ver1/css/f1casino.css?v=ver112.176
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 24 Feb 2020 16:09:35 GMT
last-modified
Wed, 31 Aug 2016 03:04:12 GMT
x-cdn
Incapsula
access-control-allow-origin
*
etag
"57c6492c-111"
content-type
image/png
status
200
x-iinfo
1-19076155-19073522 2VNN RT(1582560574648 0) q(0 8 8 -1) r(11 11) U18
cache-control
max-age=1800, public
content-length
117
expires
Mon, 24 Feb 2020 16:39:35 GMT
about_bg_y.png
p1.3b82.com/cl/tpl/f1casino/ver1/image/ Frame 287B
115 B
407 B
Image
General
Full URL
https://p1.3b82.com/cl/tpl/f1casino/ver1/image/about_bg_y.png
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
36fbcae8769cfabeb5bf54c382c47c08378847f56e0a407cb6b1bd3366e8c2cf

Request headers

Referer
https://p1.3b82.com/cl/tpl/f1casino/ver1/css/f1casino.css?v=ver112.176
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 24 Feb 2020 16:09:36 GMT
last-modified
Wed, 31 Aug 2016 03:04:12 GMT
x-cdn
Incapsula
access-control-allow-origin
*
etag
"57c6492c-10d"
content-type
image/png
status
200
x-iinfo
1-19076156-19074729 2VNN RT(1582560574649 0) q(0 8 8 -1) r(11 11) U18
cache-control
max-age=1800, public
content-length
115
expires
Mon, 24 Feb 2020 16:39:36 GMT
sidebar_top.png
p1.3b82.com/cl/tpl/f1casino/ver1/image/lang/en/ Frame 287B
2 KB
2 KB
Image
General
Full URL
https://p1.3b82.com/cl/tpl/f1casino/ver1/image/lang/en/sidebar_top.png?v=ver112.176
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d361bfc6188bb2f59a77d334db51f05a82a573d7b64389ac6e1d46b1388c3e00

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 24 Feb 2020 16:09:36 GMT
last-modified
Wed, 31 Aug 2016 03:04:12 GMT
x-cdn
Incapsula
access-control-allow-origin
*
etag
"57c6492c-880"
content-type
image/png
status
200
x-iinfo
1-19076157-19069016 2VNN RT(1582560574650 0) q(0 8 8 -1) r(11 11) U18
cache-control
max-age=1800, public
content-length
2176
expires
Mon, 24 Feb 2020 16:39:36 GMT
login-agreement.min.js
f1026.com/cl/js/tools/ Frame 287B
3 KB
2 KB
Script
General
Full URL
https://f1026.com:9900/cl/js/tools/login-agreement.min.js?v=ver112.176
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:cf80:6097:e664:aa28:ea63:383b:218 , Philippines, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
4036ebc8786ab8b4097caa8da57fffb85daeed2d5c57dafeb2faf816f1b5cdb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 24 Feb 2020 16:09:35 GMT
Content-Encoding
gzip
Last-Modified
Mon, 28 Oct 2019 04:37:29 GMT
Server
Apache
ETag
"5db67089-b99"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=432000
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
1637
Expires
Sat, 29 Feb 2020 16:09:35 GMT
transparentNo.gif
p1.3b82.com/cl/tpl/commonFile/images/ Frame 287B
1 KB
1 KB
Image
General
Full URL
https://p1.3b82.com/cl/tpl/commonFile/images/transparentNo.gif?v=ver112.176
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
85c0faf37c252bff11abfca7b08fcb5c196e92ee3286f583b2c3c7d74ce18823

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 24 Feb 2020 16:09:36 GMT
last-modified
Fri, 20 Mar 2015 01:24:24 GMT
x-cdn
Incapsula
access-control-allow-origin
*
etag
"550b76c8-447"
content-type
image/gif
status
200
x-iinfo
1-19076161-19074729 2VNN RT(1582560574740 0) q(0 10 10 -1) r(13 13) U18
cache-control
max-age=1800, public
content-length
1095
expires
Mon, 24 Feb 2020 16:39:36 GMT
spin.min.js
p1.3b82.com/cl/js/pluging/ Frame 287B
4 KB
3 KB
Script
General
Full URL
https://p1.3b82.com/cl/js/pluging/spin.min.js?v=ver112.176
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
55a0136d6018cd2bd9b7945585bb64f97cbdd303897b732958d3c9bf20aefcec

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 24 Feb 2020 16:09:35 GMT
content-encoding
gzip
last-modified
Wed, 29 Nov 2017 00:46:16 GMT
x-cdn
Incapsula
access-control-allow-origin
*
etag
"5a1e0358-10b6"
content-type
application/javascript; charset=utf-8
status
200
x-iinfo
1-19076160-19073522 2CNN RT(1582560574739 0) q(0 6 6 -1) r(6 6) U18
cache-control
max-age=17973, public
content-length
2639
expires
Mon, 24 Feb 2020 21:09:08 GMT
jquery.spin.min.js
p1.3b82.com/cl/js/pluging/ Frame 287B
658 B
573 B
Script
General
Full URL
https://p1.3b82.com/cl/js/pluging/jquery.spin.min.js?v=ver112.176
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
5114374da04855c7763cb8cb4cf7ce45fe6712624b52d0048680607798bbcf27

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 24 Feb 2020 16:09:35 GMT
content-encoding
gzip
last-modified
Fri, 16 Aug 2019 07:13:16 GMT
x-cdn
Incapsula
access-control-allow-origin
*
etag
"5d56578c-292"
content-type
application/javascript; charset=utf-8
status
200
x-iinfo
1-19076162-19073522 2CNN RT(1582560574741 0) q(0 6 6 -1) r(6 6) U18
cache-control
max-age=17973, public
content-length
471
expires
Mon, 24 Feb 2020 21:09:08 GMT
fingerprint2.min.js
p1.3b82.com/cl/js/tools/ Frame 287B
59 KB
27 KB
Script
General
Full URL
https://p1.3b82.com/cl/js/tools/fingerprint2.min.js?v=ver112.176
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e9be96e22e2feee39ed9e9b3e9e8ba8bbff61a97e3f71dab5757227feb25229c

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 24 Feb 2020 16:09:35 GMT
content-encoding
gzip
last-modified
Thu, 22 Aug 2019 02:08:44 GMT
x-cdn
Incapsula
access-control-allow-origin
*
etag
"5d5df92c-ecdb"
content-type
application/javascript; charset=utf-8
status
200
x-iinfo
1-19076163-19073522 2CNN RT(1582560574742 0) q(0 6 6 -1) r(6 6) U18
cache-control
max-age=17973, public
content-length
27180
expires
Mon, 24 Feb 2020 21:09:08 GMT
jquery.qrcode.min.js
p1.3b82.com/cl/js/tools/ Frame 287B
14 KB
6 KB
Script
General
Full URL
https://p1.3b82.com/cl/js/tools/jquery.qrcode.min.js?v=ver112.176
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
f4ccf02b69092819ac24575c717a080c3b6c6d6161f1b8d82bf0bb523075032d

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 24 Feb 2020 16:09:35 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 00:31:32 GMT
x-cdn
Incapsula
access-control-allow-origin
*
etag
"5d12bce4-36ab"
content-type
application/javascript; charset=utf-8
status
200
x-iinfo
1-19076164-19073522 2CNN RT(1582560574743 0) q(0 7 7 -1) r(7 7) U18
cache-control
max-age=17973, public
content-length
6359
expires
Mon, 24 Feb 2020 21:09:08 GMT
ubauthsdk.min.js
p1.3b82.com/cl/js/ Frame 287B
40 KB
17 KB
Script
General
Full URL
https://p1.3b82.com/cl/js/ubauthsdk.min.js?v=ver112.176
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
05205b9edf6f283d2b8f710a15494a99334e46ac317f58e72aadd4b8df2ceead

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 24 Feb 2020 16:09:35 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 00:31:32 GMT
x-cdn
Incapsula
access-control-allow-origin
*
etag
"5d12bce4-9f5f"
content-type
application/javascript; charset=utf-8
status
200
x-iinfo
1-19076165-19069016 2CNN RT(1582560574744 0) q(0 7 7 -1) r(7 7) U18
cache-control
max-age=17974, public
content-length
16901
expires
Mon, 24 Feb 2020 21:09:09 GMT
nc.js
g.alicdn.com/sd/ncpc/ Frame 287B
214 KB
56 KB
Script
General
Full URL
https://g.alicdn.com/sd/ncpc/nc.js
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.48.252 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
8e1e2ec7cd754621e22301445d9a6d709a62960c8596ff0a8a78599fb485489d

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 24 Feb 2020 15:19:02 GMT
content-encoding
gzip
x-oss-request-id
5E53E9665B72E536379D2E58
content-md5
CglpGTStF57PXN6aqfrL0w==
age
3033
via
cache32.l2de1[0,200-0,H], cache14.l2de1[0,0], cache7.nl2[0,200-0,H], cache2.nl2[1,0]
x-cache
HIT TCP_MEM_HIT dirn:4:471411711
status
200
x-swift-cachetime
3600
x-swift-savetime
Mon, 24 Feb 2020 15:19:02 GMT
content-length
56539
x-bucket-code
3
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1582557542
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600,s-maxage=3600
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
14644019259155142582
eagleid
2ff6309615825605752453925e
x-oss-server-time
4
Cookie set /
f1026.com/infe/user/join/ Frame 4294
1 KB
2 KB
Document
General
Full URL
https://f1026.com:9900/infe/user/join/
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:cf80:6097:e664:aa28:ea63:383b:218 , Philippines, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
95427ea3de3ac3b7495dbbd522881e141b9b328b19a2ba0530e8b8d518f324c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Host
f1026.com:9900
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://f1026.com:9900/entrance/page/registermember?ni=1

Response headers

Date
Mon, 24 Feb 2020 16:09:35 GMT
Last-Modified
Mon, 17 Feb 2020 02:16:25 GMT
ETag
"5a2-59ebc24621040"
Accept-Ranges
bytes
Vary
Accept-Encoding
Keep-Alive
timeout=30, max=100
Connection
Keep-Alive
Content-Type
text/html
Server
Apache
Content-Encoding
gzip
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Set-Cookie
T0_IPL_AVRbbbbbbbbbbbbbbbb=HFJALKACPAJCEMEHNMPJKPBLFGOENAGMGICMOOEBEBBAAMBIPCONEIJCEAGKJOOHEKBDPBGOFPODLFMBGOIGEJAKMOLAPFIPNDOCKOOPDOBDLCLHHPJJLJLBGEOPDMPB; HttpOnly
about_bg_bottom.png
p1.3b82.com/cl/tpl/f1casino/ver1/image/ Frame 287B
117 B
365 B
Image
General
Full URL
https://p1.3b82.com/cl/tpl/f1casino/ver1/image/about_bg_bottom.png
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
dc1a68271d4ead419314e2e0dce486db974ddf1e3457635ce9e450da0cab6a6f

Request headers

Referer
https://p1.3b82.com/cl/tpl/f1casino/ver1/css/f1casino.css?v=ver112.176
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 24 Feb 2020 16:09:36 GMT
last-modified
Wed, 31 Aug 2016 03:04:12 GMT
x-cdn
Incapsula
access-control-allow-origin
*
etag
"57c6492c-114"
content-type
image/png
status
200
x-iinfo
1-19076175-19069016 2VNN RT(1582560574938 0) q(0 8 8 -1) r(10 10) U18
cache-control
max-age=1800, public
content-length
117
expires
Mon, 24 Feb 2020 16:39:36 GMT
ublogo.png
p1.3b82.com/cl/tpl/f1casino/ver1/image/ Frame 287B
9 KB
9 KB
Image
General
Full URL
https://p1.3b82.com/cl/tpl/f1casino/ver1/image/ublogo.png
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
6ec6202f78a122a8aceb41b4d2788ce8b2a82b655b34567c374e6d9518db214c

Request headers

Referer
https://p1.3b82.com/cl/tpl/f1casino/ver1/css/f1casino.css?v=ver112.176
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 24 Feb 2020 16:09:36 GMT
last-modified
Wed, 31 Aug 2016 03:04:12 GMT
x-cdn
Incapsula
access-control-allow-origin
*
etag
"57c6492c-2848"
content-type
image/png
status
200
x-iinfo
1-19076176-19076235 2VNN RT(1582560574940 0) q(0 8 8 -1) r(8 11) U18
cache-control
max-age=1800, public
content-length
8948
expires
Mon, 24 Feb 2020 16:39:36 GMT
bbin_close.png
p1.3b82.com/cl/tpl/template/images/BBinInfo/ Frame 287B
768 B
1 KB
Image
General
Full URL
https://p1.3b82.com/cl/tpl/template/images/BBinInfo/bbin_close.png?v=ver112.176
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
897755deedc4b5bc083ff80daf2db88a89151d89531a13ae97afe3c19b5f13ac

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 24 Feb 2020 16:09:36 GMT
last-modified
Wed, 25 Mar 2015 02:33:58 GMT
x-cdn
Incapsula
access-control-allow-origin
*
etag
"55121e96-32f"
content-type
image/png
status
200
x-iinfo
1-19076177-19076237 2VNN RT(1582560574946 0) q(0 8 8 -1) r(8 11) U18
cache-control
max-age=1800, public
content-length
768
expires
Mon, 24 Feb 2020 16:39:36 GMT
gtm.js
www.googletagmanager.com/ Frame 287B
128 KB
30 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MNTWRH2
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bf2211a598b2a088f8b250f0412c1fcbfe5aab68d93ec717e1bb965c52409aaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 24 Feb 2020 16:09:35 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
30762
x-xss-protection
0
last-modified
Mon, 24 Feb 2020 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 24 Feb 2020 16:09:35 GMT
bg_ie_full.png
p1.3b82.com/cl/tpl/template/images/ie11alert/ Frame 287B
97 B
365 B
Image
General
Full URL
https://p1.3b82.com/cl/tpl/template/images/ie11alert/bg_ie_full.png?v=ver112.176
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c7a0758209927de2cfb4ccfbe5a7521f5b1c39c8baab3d0c212fac7198e4fbe0

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 24 Feb 2020 16:09:36 GMT
last-modified
Tue, 01 Dec 2015 02:07:53 GMT
x-cdn
Incapsula
access-control-allow-origin
*
etag
"565d00f9-cf"
content-type
image/png
status
200
x-iinfo
1-19076182-19076241 2VNN RT(1582560575051 0) q(0 8 8 -1) r(8 10) U18
cache-control
max-age=1800, public
content-length
97
expires
Mon, 24 Feb 2020 16:39:36 GMT
bg_gray.png
p1.3b82.com/cl/tpl/template/images/element/notice/ Frame 287B
96 B
364 B
Image
General
Full URL
https://p1.3b82.com/cl/tpl/template/images/element/notice/bg_gray.png?v=ver112.176
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
752e47d99002abde98bab5edc2ee5feba32dd2843b608deb4cbe7f1247887e9b

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 24 Feb 2020 16:09:35 GMT
last-modified
Wed, 20 Sep 2017 00:46:00 GMT
x-cdn
Incapsula
access-control-allow-origin
*
etag
"59c1ba48-af2"
content-type
image/png
status
200
x-iinfo
1-19076183-19073522 2VNN RT(1582560575052 0) q(0 9 9 -1) r(12 12) U18
cache-control
max-age=1800, public
content-length
96
expires
Mon, 24 Feb 2020 16:39:35 GMT
list_icon.png
p1.3b82.com/cl/tpl/template/images/element/notice/ Frame 287B
372 B
619 B
Image
General
Full URL
https://p1.3b82.com/cl/tpl/template/images/element/notice/list_icon.png?v=ver112.176
Requested by
Host: p1.3b82.com
URL: https://p1.3b82.com/cl/js/jquery-1.7.2.min.js?v=ver112.176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
2272ac89f4dbf33e15f6875b9d6df7015fa6adba2e4bb9128fccbd530d3e2801

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 24 Feb 2020 16:09:35 GMT
last-modified
Wed, 20 Sep 2017 00:46:00 GMT
x-cdn
Incapsula
access-control-allow-origin
*
etag
"59c1ba48-1f7"
content-type
image/png
status
200
x-iinfo
1-19076184-19074672 2VNN RT(1582560575057 0) q(0 10 10 -1) r(12 12) U18
cache-control
max-age=1800, public
content-length
372
expires
Mon, 24 Feb 2020 16:39:35 GMT
fontawesome-webfont.woff
p1.3b82.com/cl/tpl/template/style/element/fonts/ Frame 287B
64 KB
64 KB
Font
General
Full URL
https://p1.3b82.com/cl/tpl/template/style/element/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: p1.3b82.com
URL: https://p1.3b82.com/cl/js/jquery-1.7.2.min.js?v=ver112.176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer
https://p1.3b82.com/cl/tpl/template/style/common.min.css?v=ver112.176
Origin
https://f1026.com:9900
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 24 Feb 2020 16:09:35 GMT
content-encoding
gzip
last-modified
Fri, 20 Mar 2015 01:33:15 GMT
x-cdn
Incapsula
access-control-allow-origin
*
etag
"550b78db-ffac"
content-type
application/font-woff
status
200
x-iinfo
3-38776406-0 0CNN RT(1582560575113 0) q(0 -1 -1 0) r(0 -1)
cache-control
max-age=197021, public
content-length
65453
expires
Wed, 26 Feb 2020 22:53:16 GMT
0210-%E6%AD%A6%E6%B1%89%E5%8A%A0%E6%B2%B9-%E5%BC%B9%E8%B7%B3.jpg
f1520.oss-cn-beijing.aliyuncs.com/F1pic/1090205-%E9%98%B2%E7%96%AB/ Frame 287B
72 KB
72 KB
Image
General
Full URL
https://f1520.oss-cn-beijing.aliyuncs.com/F1pic/1090205-%E9%98%B2%E7%96%AB/0210-%E6%AD%A6%E6%B1%89%E5%8A%A0%E6%B2%B9-%E5%BC%B9%E8%B7%B3.jpg
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
59.110.185.101 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
a338d7929ceba3f4dd19afeb778b13e101436e5721fb665c0c9fca990156833e

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-oss-object-type
Normal
Date
Mon, 24 Feb 2020 16:09:36 GMT
x-oss-request-id
5E53F540B41F133132F3720B
Last-Modified
Mon, 10 Feb 2020 06:49:29 GMT
Server
AliyunOSS
Content-MD5
VEUW9OUp2nBsC94OyDgAlw==
ETag
"544516F4E529DA706C0BDE0EC8380097"
Content-Type
image/jpeg
x-oss-storage-class
Standard
Connection
keep-alive
Accept-Ranges
bytes
x-oss-hash-crc64ecma
17677319476458320396
Content-Length
73762
x-oss-server-time
23
getServerIP.json
f1026.com/infe/rest/flash/ Frame 16BC
122 B
1 KB
XHR
General
Full URL
https://f1026.com:9900/infe/rest/flash/getServerIP.json
Requested by
Host: f1026.com
URL: https://f1026.com:9900/ipl/app/flash/publicbmw/ball/FigLeaf.js?site=member
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:cf80:6097:e664:aa28:ea63:383b:218 , Philippines, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
5687ded31680b6ebd72f17a4bcf64803dd254b9950152d62b608effb110b2a72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://f1026.com:9900/app/member/upupFlash.php?uid=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty

Response headers

Date
Mon, 24 Feb 2020 16:09:35 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/json
Connection
Keep-Alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Keep-Alive
timeout=30, max=100
analytics.js
www.google-analytics.com/ Frame 287B
44 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNTWRH2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
1265
date
Mon, 24 Feb 2020 15:48:30 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Mon, 24 Feb 2020 17:48:30 GMT
bg_gray.png
f1026.com/cl/tpl/template/images/element/notice/ Frame 287B
3 KB
3 KB
Image
General
Full URL
https://f1026.com:9900/cl/tpl/template/images/element/notice/bg_gray.png
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:cf80:6097:e664:aa28:ea63:383b:218 , Philippines, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
5080963c7a0d55c0dd5554bb619a6a46d61c408bd2511842f8fe12b11ec5120b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 24 Feb 2020 16:09:35 GMT
Last-Modified
Wed, 20 Sep 2017 00:46:00 GMT
Server
Apache
ETag
"59c1ba48-af2"
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
image/png
Cache-Control
max-age=1800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2802
Expires
Mon, 24 Feb 2020 16:39:35 GMT
nc.js
g.alicdn.com/sd/ncpc/ Frame 4294
214 KB
55 KB
Script
General
Full URL
https://g.alicdn.com/sd/ncpc/nc.js
Requested by
Host: f1026.com
URL: https://f1026.com:9900/infe/user/join/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.48.252 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
8e1e2ec7cd754621e22301445d9a6d709a62960c8596ff0a8a78599fb485489d

Request headers

Referer
https://f1026.com:9900/infe/user/join/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 24 Feb 2020 15:19:02 GMT
content-encoding
gzip
x-oss-request-id
5E53E9665B72E536379D2E58
content-md5
CglpGTStF57PXN6aqfrL0w==
age
3033
via
cache32.l2de1[0,200-0,H], cache14.l2de1[0,0], cache7.nl2[0,200-0,H], cache2.nl2[1,0]
x-cache
HIT TCP_MEM_HIT dirn:4:471411711
status
200
x-swift-cachetime
3600
x-swift-savetime
Mon, 24 Feb 2020 15:19:02 GMT
content-length
56539
x-bucket-code
3
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1582557542
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600,s-maxage=3600
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
14644019259155142582
eagleid
2ff6309615825605756424602e
x-oss-server-time
4
app.4c7535be9ed1e84e016d6f9511d8e212.css
f1026.com/infe/user/join/static/css/ Frame 4294
191 KB
130 KB
Stylesheet
General
Full URL
https://f1026.com:9900/infe/user/join/static/css/app.4c7535be9ed1e84e016d6f9511d8e212.css
Requested by
Host: f1026.com
URL: https://f1026.com:9900/infe/user/join/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:cf80:6097:e664:aa28:ea63:383b:218 , Philippines, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
875b0e6d2c4f31806c7c21957ee50985818a5a2e3cfd9d6c1fa313b8b75d8255
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://f1026.com:9900/infe/user/join/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Mon, 24 Feb 2020 16:09:35 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Feb 2020 04:15:51 GMT
Server
Apache
ETag
"5e40d8f7-2fcc6"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
text/css
Cache-Control
max-age=432000
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Expires
Sat, 29 Feb 2020 16:09:35 GMT
jquery-1.9.1.min.js
f1026.com/cl/js/ Frame 4294
90 KB
45 KB
Script
General
Full URL
https://f1026.com:9900/cl/js/jquery-1.9.1.min.js
Requested by
Host: f1026.com
URL: https://f1026.com:9900/infe/user/join/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:cf80:6097:e664:aa28:ea63:383b:218 , Philippines, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
c5d8dd024247e52db7c3c8585e365e2cbf112db85c48dcb618f892cca331d3cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://f1026.com:9900/infe/user/join/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 24 Feb 2020 16:09:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Nov 2016 05:35:53 GMT
Server
Apache
ETag
"582d41b9-169d8"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=432000
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Expires
Sat, 29 Feb 2020 16:09:35 GMT
jquery-ui.min.js
f1026.com/infe/js/join_mem/ Frame 4294
39 KB
17 KB
Script
General
Full URL
https://f1026.com:9900/infe/js/join_mem/jquery-ui.min.js
Requested by
Host: f1026.com
URL: https://f1026.com:9900/infe/user/join/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:cf80:6097:e664:aa28:ea63:383b:218 , Philippines, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
681bfd29357e5df4b34bd46548ecf3d110b801bf4e2d1b9776f294783b908e02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://f1026.com:9900/infe/user/join/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 24 Feb 2020 16:09:35 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Nov 2015 02:19:55 GMT
Server
Apache
ETag
"564be04b-9cbe"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=432000
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
17112
Expires
Sat, 29 Feb 2020 16:09:35 GMT
manifest.e6071012264e03c59ff6.js
f1026.com/infe/user/join/static/js/ Frame 4294
873 B
1 KB
Script
General
Full URL
https://f1026.com:9900/infe/user/join/static/js/manifest.e6071012264e03c59ff6.js
Requested by
Host: f1026.com
URL: https://f1026.com:9900/infe/user/join/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:cf80:6097:e664:aa28:ea63:383b:218 , Philippines, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
389010ee87616544f4c27c179f7bbedbfa675c07edf6f2b568a967c8c95f6a67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://f1026.com:9900/infe/user/join/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 24 Feb 2020 16:09:35 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Feb 2020 02:16:25 GMT
Server
Apache
ETag
"5e49f779-369"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=432000
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
696
Expires
Sat, 29 Feb 2020 16:09:35 GMT
vendor.ec08d9bdfa47cd43aae5.js
f1026.com/infe/user/join/static/js/ Frame 4294
410 KB
173 KB
Script
General
Full URL
https://f1026.com:9900/infe/user/join/static/js/vendor.ec08d9bdfa47cd43aae5.js
Requested by
Host: f1026.com
URL: https://f1026.com:9900/infe/user/join/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:cf80:6097:e664:aa28:ea63:383b:218 , Philippines, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
f116008309697ba7d13c38699aacd764fcca26eb30d0d9633d033248e7ca8a24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://f1026.com:9900/infe/user/join/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 24 Feb 2020 16:09:35 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Jan 2020 01:02:44 GMT
Server
Apache
ETag
"5e152a34-66817"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=432000
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Expires
Sat, 29 Feb 2020 16:09:35 GMT
app.344db701127f8b0cadb7.js
f1026.com/infe/user/join/static/js/ Frame 4294
17 KB
7 KB
Script
General
Full URL
https://f1026.com:9900/infe/user/join/static/js/app.344db701127f8b0cadb7.js
Requested by
Host: f1026.com
URL: https://f1026.com:9900/infe/user/join/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:cf80:6097:e664:aa28:ea63:383b:218 , Philippines, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
020a632f9c4f10b4991aa4a1c520ac9784fa11c2d210730419f98bfe97ca32c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://f1026.com:9900/infe/user/join/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 24 Feb 2020 16:09:35 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Feb 2020 02:16:25 GMT
Server
Apache
ETag
"5e49f779-438b"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=432000
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
7215
Expires
Sat, 29 Feb 2020 16:09:35 GMT
gtm.js
www.googletagmanager.com/ Frame 4294
128 KB
30 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MNTWRH2
Requested by
Host: f1026.com
URL: https://f1026.com:9900/infe/user/join/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bf2211a598b2a088f8b250f0412c1fcbfe5aab68d93ec717e1bb965c52409aaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://f1026.com:9900/infe/user/join/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 24 Feb 2020 16:09:35 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
30762
x-xss-protection
0
last-modified
Mon, 24 Feb 2020 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 24 Feb 2020 16:09:35 GMT
truncated
/ Frame 4294
34 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ Frame 287B
34 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
common.json
f1026.com/infe/rest/fig/advertise/ Frame 287B
544 B
864 B
XHR
General
Full URL
https://f1026.com:9900/infe/rest/fig/advertise/common.json?mobile_open=1
Requested by
Host: p1.3b82.com
URL: https://p1.3b82.com/cl/js/jquery-1.7.2.min.js?v=ver112.176
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:cf80:6097:e664:aa28:ea63:383b:218 , Philippines, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
e79897f2513e7b204abd28c0ae7e0e5d6dc52eb3903688587df79969aa055f88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 24 Feb 2020 16:09:36 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/json
Connection
Keep-Alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Keep-Alive
timeout=30, max=100
getinfo
f1026.com/infe/common/basicinfocontroller/ Frame 287B
11 KB
5 KB
XHR
General
Full URL
https://f1026.com:9900/infe/common/basicinfocontroller/getinfo
Requested by
Host: p1.3b82.com
URL: https://p1.3b82.com/cl/js/jquery-1.7.2.min.js?v=ver112.176
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:cf80:6097:e664:aa28:ea63:383b:218 , Philippines, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
d92507d9ad350f23d2a3253269fd7c95d972f3595ba14f6085243d9ceaa93300
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 24 Feb 2020 16:09:36 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/json
Connection
Keep-Alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Keep-Alive
timeout=30, max=100
float_top_up.png
p1.3b82.com/cl/tpl/template/images/element/float_top/black/ Frame 287B
186 B
431 B
Image
General
Full URL
https://p1.3b82.com/cl/tpl/template/images/element/float_top/black/float_top_up.png?v=ver112.176
Requested by
Host: p1.3b82.com
URL: https://p1.3b82.com/cl/js/tools/common.min.js?v=ver112.176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c338323c7ef9692066778e00a05fa70bab7ab0b83e57ba94958d24f0ab1ebeee

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 24 Feb 2020 16:09:36 GMT
last-modified
Fri, 20 Mar 2015 01:33:10 GMT
x-cdn
Incapsula
access-control-allow-origin
*
etag
"550b78d6-158"
content-type
image/png
status
200
x-iinfo
1-19076202-19072330 2VNN RT(1582560575468 0) q(0 6 6 -1) r(9 9) U18
cache-control
max-age=1800, public
content-length
186
expires
Mon, 24 Feb 2020 16:39:36 GMT
brcorner_en_150043383823.png
cdn.escasino.net/tpl/advertise/normal/ Frame 287B
21 KB
22 KB
Image
General
Full URL
https://cdn.escasino.net/tpl/advertise/normal/brcorner_en_150043383823.png
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.251.126.131 , India, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
5778bf532e71096453b20520d0a9b905b200d4cd64d5b8517decdc361526f4f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 24 Feb 2020 16:09:37 GMT
last-modified
Wed, 19 Jul 2017 03:10:38 GMT
server
Apache
access-control-allow-origin
*
etag
"596ecdae-54bf"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
status
200
accept-ranges
bytes
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length
21695
hm.js
hm.baidu.com/ Frame 287B
37 KB
14 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?1368a1088a7663be9bd30b2e762c0b1b
Requested by
Host: gabbardford.com
URL: http://gabbardford.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
451066b109823913d19178c49c6d04088944073439dd33a464398ac2696532fa
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 24 Feb 2020 16:09:36 GMT
Content-Encoding
gzip
Server
apache
Etag
c72c6bb1ace093267884980ddfae7833
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
13505
hm.gif
hm.baidu.com/ Frame 287B
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=216859634&si=1368a1088a7663be9bd30b2e762c0b1b&su=https%3A%2F%2Ff1026.com%3A9900%2F%3Faff%3D1044109&v=1.2.68&lv=1&sn=21397&ct=!!&tt=F1%20casino
Requested by
Host: f1026.com
URL: https://f1026.com:9900/entrance/page/registermember?ni=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://f1026.com:9900/entrance/page/registermember?ni=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Date
Mon, 24 Feb 2020 16:09:37 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
0.2090997c57bbe7876a97.js
f1026.com/infe/user/join/static/js/ Frame 4294
147 KB
60 KB
Script
General
Full URL
https://f1026.com:9900/infe/user/join/static/js/0.2090997c57bbe7876a97.js
Requested by
Host: f1026.com
URL: https://f1026.com:9900/infe/user/join/static/js/manifest.e6071012264e03c59ff6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:cf80:6097:e664:aa28:ea63:383b:218 , Philippines, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
1b5b61aec41cf39998e04bb675bf536f84d473e9160081f5cfd8ddd8418d44ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://f1026.com:9900/infe/user/join/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 24 Feb 2020 16:09:37 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Feb 2020 02:16:25 GMT
Server
Apache
ETag
"5e49f779-24be1"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=432000
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Expires
Sat, 29 Feb 2020 16:09:37 GMT
userInit.json
f1026.com/infe/rest/register/ Frame 4294
28 KB
12 KB
Fetch
General
Full URL
https://f1026.com:9900/infe/rest/register/userInit.json
Requested by
Host: f1026.com
URL: https://f1026.com:9900/infe/user/join/static/js/app.344db701127f8b0cadb7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:cf80:6097:e664:aa28:ea63:383b:218 , Philippines, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
200cc211518739eef4ddd496ee26967e6097368b3b42351c028f93f82c695fd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://f1026.com:9900/infe/user/join/
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
If-Modified-Since
0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Date
Mon, 24 Feb 2020 16:09:37 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/json
Connection
Keep-Alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Keep-Alive
timeout=30, max=100
setting.json
f1026.com/m/new/ Frame 4294
8 KB
3 KB
Fetch
General
Full URL
https://f1026.com:9900/m/new/setting.json
Requested by
Host: f1026.com
URL: https://f1026.com:9900/infe/user/join/static/js/app.344db701127f8b0cadb7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:cf80:6097:e664:aa28:ea63:383b:218 , Philippines, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
185b77852e0ed327acfc719d22cae7e8020ff4a9b21589f6dea231ac04fc0674
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://f1026.com:9900/infe/user/join/
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
If-Modified-Since
0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Date
Mon, 24 Feb 2020 16:09:37 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Feb 2020 03:30:09 GMT
Server
Apache
ETag
"1f7b-59f0da3707240"
Vary
Accept-Encoding
Content-Type
application/json
Connection
Keep-Alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=100
join.css
f1026.com/cl/tpl/f1casino/ver1/css/ Frame 4294
311 B
811 B
Stylesheet
General
Full URL
https://f1026.com:9900/cl/tpl/f1casino/ver1/css/join.css?v=1
Requested by
Host: f1026.com
URL: https://f1026.com:9900/infe/user/join/static/js/app.344db701127f8b0cadb7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:cf80:6097:e664:aa28:ea63:383b:218 , Philippines, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
f613ff9ee3e00037697e31f5d381d9d83aeaab4fa0b4e66e2e55784a1cf388b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://f1026.com:9900/infe/user/join/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Mon, 24 Feb 2020 16:09:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Dec 2016 01:45:22 GMT
Server
Apache
ETag
"5850a432-137"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
text/css
Cache-Control
max-age=432000
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Expires
Sat, 29 Feb 2020 16:09:38 GMT
m_welcome.png
f1026.com/infe/img/join_mem/ Frame 4294
6 KB
6 KB
Image
General
Full URL
https://f1026.com:9900/infe/img/join_mem/m_welcome.png
Requested by
Host: f1026.com
URL: https://f1026.com:9900/cl/js/jquery-1.9.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:cf80:6097:e664:aa28:ea63:383b:218 , Philippines, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
ffe3a69a489e756bd25e6493f412ccbba1e8a843edf106ed262f2d726f941406
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://f1026.com:9900/infe/user/join/static/css/app.4c7535be9ed1e84e016d6f9511d8e212.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 24 Feb 2020 16:09:38 GMT
Last-Modified
Mon, 06 Feb 2017 03:01:25 GMT
Server
Apache
ETag
"5897e705-1779"
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
image/png
Cache-Control
max-age=1800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6009
Expires
Mon, 24 Feb 2020 16:39:38 GMT
join_btn_icon.23fe5b1.png
f1026.com/infe/user/join/static/images/ Frame 4294
68 KB
69 KB
Image
General
Full URL
https://f1026.com:9900/infe/user/join/static/images/join_btn_icon.23fe5b1.png
Requested by
Host: f1026.com
URL: https://f1026.com:9900/cl/js/jquery-1.9.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:cf80:6097:e664:aa28:ea63:383b:218 , Philippines, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://f1026.com:9900/infe/user/join/static/css/app.4c7535be9ed1e84e016d6f9511d8e212.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 24 Feb 2020 16:09:38 GMT
Last-Modified
Wed, 29 Nov 2017 01:04:21 GMT
Server
Apache
ETag
"5a1e0795-111f1"
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
image/png
Cache-Control
max-age=1800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
70129
Expires
Mon, 24 Feb 2020 16:39:38 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer object| serverPushData object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

5 Cookies

Domain/Path Name / Value
.f1026.com/ Name: SESSION_ID
Value: guest
.f1026.com/ Name: IBCACHE
Value: LrbESTEntP4aSSBU092Zslv_LIytaPhi3Zgvft_eIMD2C2y-4jeS52ZQOm0f5seoU2piRzNMb0JLSmJBdGl2ZmRPMDhsamZUOXRRN1ZRZmVXR0d6NkR1eVN1Yw
f1026.com/ Name: langx
Value: en
.f1026.com/ Name: ICCACHE
Value: gCf6lvmbnalrZSOCgCUf0ZuzJS%2BwZtaKDfeR%2FJSMDExYNlUwMlBkbTkyOVE1aXQ4
f1026.com/ Name: lang
Value: en

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.escasino.net
f1026.com
f1289.com
f1520.oss-cn-beijing.aliyuncs.com
g.alicdn.com
gabbardford.com
hm.baidu.com
p1.3b82.com
www.google-analytics.com
www.googletagmanager.com
ziyuan.baidu.com
103.235.46.191
123.125.115.59
154.222.228.36
2401:cf80:6097:e664:aa28:ea63:383b:218
2a00:1450:4001:800::200e
2a00:1450:4001:81e::2008
43.251.126.131
45.60.87.140
45.64.54.106
47.246.48.252
59.110.185.101
020a632f9c4f10b4991aa4a1c520ac9784fa11c2d210730419f98bfe97ca32c1
05205b9edf6f283d2b8f710a15494a99334e46ac317f58e72aadd4b8df2ceead
10249afca5a071a5db76bd305abd51baec480b234ec855034a75b8cbfc3cca5e
11c4f42cdadcef92189e48e18e9002988d91466a7e76c6711210b605db9c502a
185b77852e0ed327acfc719d22cae7e8020ff4a9b21589f6dea231ac04fc0674
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1b5b61aec41cf39998e04bb675bf536f84d473e9160081f5cfd8ddd8418d44ac
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1f3ee46f29217d939f0a4a331ab973645cdaf765e510ba5a83007f375177f1e1
1f5f25ff75aee3441fe4fbc7c5557a8c04a83d175ab6b6f566f90e951a4dbd71
200cc211518739eef4ddd496ee26967e6097368b3b42351c028f93f82c695fd3
2094488fa4b6f6b3c7dae5b63384d316c72482ec8411283ef1efb2baa63275b7
2272ac89f4dbf33e15f6875b9d6df7015fa6adba2e4bb9128fccbd530d3e2801
26b480a70e77cec9db5e1204655c5a700bb32948a002bd4b9553cab1c7364f79
36fbcae8769cfabeb5bf54c382c47c08378847f56e0a407cb6b1bd3366e8c2cf
389010ee87616544f4c27c179f7bbedbfa675c07edf6f2b568a967c8c95f6a67
39c6cb6aa4e718c2ba2c31e7a8bdc48f694c60988c016097380f1f7b9d30c5f6
3bfc502ea0410defe5db315d3c9f97e5f9346d7e7284b53f0d66662d73f6707d
402d2462cf7ccf6b5429a7d6a7fae0ecb281b3ddd1d5f7eb8478bc6985ccd4a1
4036ebc8786ab8b4097caa8da57fffb85daeed2d5c57dafeb2faf816f1b5cdb2
4332316d0fe4e2c7a9e213afa4d9cbf983ad5bf80cb47d98c9cacd5470e35889
451066b109823913d19178c49c6d04088944073439dd33a464398ac2696532fa
4bdd1df005124e60beb3f8d480082dfe1b85aad6abce070e6cee9427153d2429
4cb1b41ce0051e0bed1781c8f8a5a7b6235113aa973f4a4ed7697ca78ffb7b36
5080963c7a0d55c0dd5554bb619a6a46d61c408bd2511842f8fe12b11ec5120b
50fb90447efaef23d17e95cfd13fc0d6b9bb96e8c0cb957e7d0e8c222e30935a
5114374da04855c7763cb8cb4cf7ce45fe6712624b52d0048680607798bbcf27
55a0136d6018cd2bd9b7945585bb64f97cbdd303897b732958d3c9bf20aefcec
567cd4a93f90307ce4d25ac5343c91b636e15eefbcf8667132cb498247cc6489
5687ded31680b6ebd72f17a4bcf64803dd254b9950152d62b608effb110b2a72
5778bf532e71096453b20520d0a9b905b200d4cd64d5b8517decdc361526f4f4
5a7c091c7008d880fe8052b4c6cbd33b7e744a21fe6c86b1a94070a5511bd9b9
610959508837b1fed34a90c085517b2aec1bd260c5d09be5b7fd41b7380de26e
67c1cca3574cfcd6fa26bb0f0ebc54fd1394c9728a431e766af2e224abb06b67
681bfd29357e5df4b34bd46548ecf3d110b801bf4e2d1b9776f294783b908e02
6ec6202f78a122a8aceb41b4d2788ce8b2a82b655b34567c374e6d9518db214c
752e47d99002abde98bab5edc2ee5feba32dd2843b608deb4cbe7f1247887e9b
76ed94022bbca81b69405565cc8874c0c4fa7285c195cea21ba541f470653a6b
8331917d1c1084b5852bf84de6181b9fab1aa89168329120f3bfc7bb6d2aad62
837d35e4a675030fa06d97c26c641541e23e115424500817a34bf53ad4613655
85c0faf37c252bff11abfca7b08fcb5c196e92ee3286f583b2c3c7d74ce18823
875b0e6d2c4f31806c7c21957ee50985818a5a2e3cfd9d6c1fa313b8b75d8255
897755deedc4b5bc083ff80daf2db88a89151d89531a13ae97afe3c19b5f13ac
8a55344c1b18579e6a41c3a8be3f18c4b1140bcc2ef26fa34045068ac36cc7fc
8b016bed9d9d92494920c9de4308df334c0f0091dc5637dfdaa2e53dafc3fb9b
8e1e2ec7cd754621e22301445d9a6d709a62960c8596ff0a8a78599fb485489d
8eaad20f0e957f43a6b6a9ffe595dfb2583e5d40216454f831513c75667f925b
9007912bcffccf883304ac19824051ae72dcd3a69a68b065f81fe929f1995e9a
92d5ee6f222afc504098f9ccb87a914468a89518159661e0b708bcd0fffdffa0
94bc90b8467f73c5518fa151fa348c9a3db85a3824cac3599ca49514073d1892
95427ea3de3ac3b7495dbbd522881e141b9b328b19a2ba0530e8b8d518f324c4
9c768ef6c74aeab2b740831c749432dc404156f4b895ad7a64fe89b70afb5616
a338d7929ceba3f4dd19afeb778b13e101436e5721fb665c0c9fca990156833e
a7548406bef770d988ad7fafb164a0dce83b7c4cc8cc984966e5c1930902b3f9
a9408fc53f695d69521a4d5ac308088c2d43a15a0bfb1b9f9a38fd9db38e4c66
aaa7484bc3dfb86e3bc0a4c35d87e21f348f9a4a1ee7f79da2fbde2947e93bd7
af3089c89607dd2b8afa7e999296f50a056666572ea000772df7dc81d25e10a4
bf2211a598b2a088f8b250f0412c1fcbfe5aab68d93ec717e1bb965c52409aaa
c338323c7ef9692066778e00a05fa70bab7ab0b83e57ba94958d24f0ab1ebeee
c37ce466abeb200225cab59f6820623e3cd3136bdd086c45d9dd0add0a23cd48
c3ad2786a56653bdbf92be9385de762f4bde4cfa525419f47ca992a011b82cc5
c464da23200ac0ecc6ad734032d38751bfee106e8ca39a1f4514ecb37ae00e8d
c5d8dd024247e52db7c3c8585e365e2cbf112db85c48dcb618f892cca331d3cf
c7a0758209927de2cfb4ccfbe5a7521f5b1c39c8baab3d0c212fac7198e4fbe0
ce720d8a8671655f9c5b4155afecf5e6d7c93322936ff496737e812e2041da34
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d361bfc6188bb2f59a77d334db51f05a82a573d7b64389ac6e1d46b1388c3e00
d3712df500fc47be30a84b24d6e9b85c0a222be4d47a89022f3f59e05b3e99ef
d3ddec4d36d9ec26b8ab286e60ad40f1f10ddebfe71f2fbf1147184361929595
d3e760bdcd866ad856f9a3570dfb226cb238652d2bb3992a770215e56d675308
d92507d9ad350f23d2a3253269fd7c95d972f3595ba14f6085243d9ceaa93300
d979ad9b506e043b7375019eede3fe4613881561079013e543b60b535abca0c5
da71875ef18bd902f92733967cadf5414769fa62c213cff6a4550cab17527e1c
db9f9a7539efb8d0d009b4dfc0a7400351612f16ea83d669a690ab046924e340
dc1a68271d4ead419314e2e0dce486db974ddf1e3457635ce9e450da0cab6a6f
e19d50c37d32fe5aad9fe90d31bffcbac03e7ea0ac46bbfb7e8a446513619ad1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79897f2513e7b204abd28c0ae7e0e5d6dc52eb3903688587df79969aa055f88
e9be96e22e2feee39ed9e9b3e9e8ba8bbff61a97e3f71dab5757227feb25229c
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ec05ac467d250e71a3908ad2cd3cf0ba621b99d5c5268aa8cbdf756cf7f9bd42
ed809d45457d9b66768fa46c1156979bd87a85de3e1bdfd9c27580658324ead2
f116008309697ba7d13c38699aacd764fcca26eb30d0d9633d033248e7ca8a24
f23f96af36c8079a4cea6d3fe59b2a5fb26f0927f357860dc9f6498a53979acd
f4ccf02b69092819ac24575c717a080c3b6c6d6161f1b8d82bf0bb523075032d
f613ff9ee3e00037697e31f5d381d9d83aeaab4fa0b4e66e2e55784a1cf388b0
ffe3a69a489e756bd25e6493f412ccbba1e8a843edf106ed262f2d726f941406