172.104.55.173 Open in urlscan Pro
172.104.55.173 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://172.104.55.173/
Submission: On December 17 via manual (December 17th 2021, 8:58:18 am UTC) from SG — Scanned from IT

Summary HTTP 101 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 9 domains to perform 101 HTTP transactions. The main IP is 172.104.55.173, located in Singapore, Singapore and belongs to LINODE-AP Linode, LLC, US. The main domain is 172.104.55.173.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 21st 2021. Valid for: a year.

This is the only time 172.104.55.173 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	172.104.55.173 172.104.55.173	63949 (LINODE-AP...) (LINODE-AP Linode)
15	2606:4700:20:... 2606:4700:20::ac43:4a58	13335 (CLOUDFLAR...) (CLOUDFLARENET)
36	2606:4700:20:... 2606:4700:20::681a:dbc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	213.187.229.56 213.187.229.56	43937 (PTNET) (PTNET)
26	2606:4700:10:... 2606:4700:10::ac43:2642	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	78.46.57.120 78.46.57.120	24940 (HETZNER-AS) (HETZNER-AS)
2	2606:4700:10:... 2606:4700:10::6816:1983	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:4761	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
101	11

12 172.104.55.173 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1635-173.members.linode.com

172.104.55.173	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:20::ac43:4a58 (United States)

ASN13335 (CLOUDFLARENET, US)

api2-yws.tr8ngames.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2606:4700:20::681a:dbc (United States)

ASN13335 (CLOUDFLARENET, US)

nx-cdn.trgwl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.187.229.56 (Canada)

ASN43937 (PTNET, EE)

tickers.playtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2606:4700:10::ac43:2642 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vsb34.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.57.120 (Naumburg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.120.57.46.78.clients.your-server.de

static.getbutton.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1983 (United States)

ASN13335 (CLOUDFLARENET, US)

va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vsb34.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4761 (United States)

ASN13335 (CLOUDFLARENET, US)

tawk.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	trgwl.com nx-cdn.trgwl.com	793 KB
28	tawk.to embed.tawk.to va.tawk.to vsb34.tawk.to	217 KB
15	tr8ngames.com api2-yws.tr8ngames.com	445 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	gstatic.com fonts.gstatic.com	47 KB
2	tawk.link tawk.link	73 KB
2	getbutton.io 1 redirects static.getbutton.io	85 KB
1	jsdelivr.net cdn.jsdelivr.net	39 KB
1	playtech.com tickers.playtech.com	8 KB
101	9

	Domain	Requested by
36	nx-cdn.trgwl.com	172.104.55.173
22	embed.tawk.to	172.104.55.173 embed.tawk.to
15	api2-yws.tr8ngames.com	172.104.55.173
3	fonts.googleapis.com	embed.tawk.to
3	vsb34.tawk.to	embed.tawk.to
3	va.tawk.to	embed.tawk.to
2	fonts.gstatic.com	fonts.googleapis.com
2	tawk.link
2	static.getbutton.io	1 redirects 172.104.55.173
1	cdn.jsdelivr.net	embed.tawk.to
1	tickers.playtech.com	172.104.55.173
101	11

This site contains links to these domains. Also see Links.

Domain
apk-depot.s3.ap-northeast-1.amazonaws.com
api.whatsapp.com
t.me
nexusengine.com
wa.me
getbutton.io

Subject Issuer	Validity	Valid
dua.la Sectigo RSA Domain Validation Secure Server CA	`2021-01-21` - `2022-01-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-10` - `2022-07-09`	a year	crt.sh
*.playtech.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-06-01` - `2022-06-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://172.104.55.173/
Frame ID: 3376474345EC410657A48936275661E5
Requests: 87 HTTP requests in this frame

Frame: https://tickers.playtech.com/js?info=2&casino=winforfun88&currency=USD
Frame ID: 36B5A31DF08258D70F735345A9BED9F8
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/61adcafd0e1/css/min-widget.css
Frame ID: 46F61AC5C1A739AF89DCA47B642F4111
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/61adcafd0e1/css/message-preview.css
Frame ID: 59BD872CED42FA85BCD6ADF5279E6A99
Requests: 5 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/61adcafd0e1/css/bubble-widget.css
Frame ID: F4A5F4A551201245677F927DE3F25B1B
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/61adcafd0e1/css/max-widget.css
Frame ID: 0D78C3B054C3FCF08E10A9CB75829CB8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

1 new message

Detected technologies

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

101
Requests

99 %
HTTPS

73 %
IPv6

9
Domains

11
Subdomains

11
IPs

4
Countries

2215 kB
Transfer

3749 kB
Size

8
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://apk-depot.s3.ap-northeast-1.amazonaws.com/yws.apk

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=6287840455490
Title: +6287840455490

Search URL Search Domain Scan URL

URL: https://t.me/+6287840454462
Title: +6287840454462

Search URL Search Domain Scan URL

URL: https://nexusengine.com/

Search URL Search Domain Scan URL

URL: https://wa.me/6287840455490
Title: ada yang bisa dibantu ?

Search URL Search Domain Scan URL

URL: http://getbutton.io/?utm_campaign=multy_widget&utm_medium=widget&utm_source=172.104.55.173
Title: GetButton

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://static.getbutton.io/widget-send-button/js/init.js HTTP 302
https://static.getbutton.io/widget/bundle.js

101 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
172.104.55.173/ 175 KB
21 KB 950ms
629ms Document
text/html 172.104.55.173
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://172.104.55.173/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.104.55.173 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1635-173.members.linode.com

Software

nginx /

Resource Hash

6f2c8847ac341b5546e83cada7984e117b88c1cc5c97e5231ba7f9c1ffa9f8b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9

Response headers

Server: nginx
Date: Fri, 17 Dec 2021 08:58:09 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, s-maxage=0
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l5RmoQ5zk7VdtyYAlVx8%2F7KiQ%2FhCk0jXdQymcUP5vlvUGFI6UkDgYkPfd2KzcbBBA6n5C7bf9jjECFFvKGytZz%2B%2F3ol3JF4tnTTci1ORZcx%2BZrffdovAbbCU5K4eEnOzLaUzFo7mX8A4XlBvDuQqw2g%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 6beef2af8b154943-SIN
Content-Encoding: gzip

GET
H/1.1 200
OK glyphicons-halflings-regular.woff
172.104.55.173/fonts/ 16 KB
18 KB 523ms
523ms Font
font/x-woff 172.104.55.173
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://172.104.55.173/fonts/glyphicons-halflings-regular.woff

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.104.55.173 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1635-173.members.linode.com

Software

nginx /

Resource Hash

71c12656535e99119c2a952c10554cd6f47c6923d2d96155a7833276e68992af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://172.104.55.173/
Origin: https://172.104.55.173
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 08:58:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: BYPASS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ESlCI4WDwt841QPbPAAqS3yOgOmP3coa3N%2FUYgClBcdew1V88M80njRlqJpOf9tiElCpEQBxQ6vdG67L8MvVl09bNqWKOSwCnm3JtEHVpkQkXX0t83apa6IaiReHzzXZ5j9jww9sL3KzG%2Bv51xDVOQ4%3D"}],"group":"cf-nel","max_age":604800}
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Last-Modified: Mon, 13 Dec 2021 05:32:16 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: W/"030ebc9e2efd71:0"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Content-Type: font/x-woff
Cache-Control: max-age=31536000
CF-RAY: 6beef2b39e4cd9a8-SIN

GET
H/1.1 200
OK Lato-Regular.woff2
172.104.55.173/fonts/ 178 KB
180 KB 897ms
554ms Font
application/font-woff2 172.104.55.173
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://172.104.55.173/fonts/Lato-Regular.woff2

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.104.55.173 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1635-173.members.linode.com

Software

nginx /

Resource Hash

983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://172.104.55.173/
Origin: https://172.104.55.173
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 08:58:10 GMT
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: BYPASS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Content-Length: 182708
X-Xss-Protection: 1; mode=block
Last-Modified: Mon, 13 Dec 2021 05:32:16 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "030ebc9e2efd71:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dmYOuIFLeHdMGbAyTI%2FC2GPsm4fnv93N%2BVSPzPM9b74SOJEQ40TJUNgZ4ljB0vYzIsf9mwXeBQTrHDhtcT8BspODJXwc2ONW882ohdpPd6S5HiUgR2MtIr5%2FR8k4VBeeKqbA9hM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/font-woff2
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 6beef2b5be976be2-SIN

GET
H/1.1 200
OK lato-bold.woff2
172.104.55.173/fonts/ 24 KB
26 KB 954ms
582ms Font
application/font-woff2 172.104.55.173
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://172.104.55.173/fonts/lato-bold.woff2

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.104.55.173 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1635-173.members.linode.com

Software

nginx /

Resource Hash

fa1e2abf03fae481aac90a92038552d55518c2cd36d7400370ebd357e1c1126f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://172.104.55.173/
Origin: https://172.104.55.173
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 08:58:10 GMT
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: BYPASS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Content-Length: 24388
X-Xss-Protection: 1; mode=block
Last-Modified: Mon, 13 Dec 2021 05:32:16 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "030ebc9e2efd71:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B3wW%2FLNzwMkOFzbqCsI1sy3DFU7GRU1iLvSJldVwFcfEU6v0jxiDgCifI9eYeHA0DbihYG1%2FSRdgAWgueR7nTp0A4KgZtWCd8d1aRpgyFCNzCRwlTjBxxIV5LyE%2FchmZJvBss8p1FHUSrAb76Z%2Fvxsk%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/font-woff2
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 6beef2b608336bdb-SIN

GET
H/1.1 200
OK Open24DisplaySt.woff2
172.104.55.173/fonts/ 6 KB
8 KB 837ms
312ms Font
application/font-woff2 172.104.55.173
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://172.104.55.173/fonts/Open24DisplaySt.woff2

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.104.55.173 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1635-173.members.linode.com

Software

nginx /

Resource Hash

2991f771f85700b7f88a8944a66afcd96199467920eec36cbb7ea77b6028f1dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://172.104.55.173/
Origin: https://172.104.55.173
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 08:58:10 GMT
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: BYPASS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Content-Length: 6100
X-Xss-Protection: 1; mode=block
Last-Modified: Mon, 13 Dec 2021 05:32:16 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
ETag: "030ebc9e2efd71:0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VP8vZdFHcUqJO1SIc54%2BdkND1Es4pyvXiS80Sfo3%2BHWTUVovdyzSVZNa3PuOpYfICudNMTlLrZEwU2hAHUdMd7J74STH9Stfq1FuYWvDkRVVYUzliiV9zAieU1FjGyDCePymVpI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/font-woff2
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 6beef2b6ed396bc3-SIN

GET
H/1.1 200
OK nexus-beta-desktop-css
172.104.55.173/Content/ 165 KB
44 KB 775ms
460ms Stylesheet
text/css 172.104.55.173
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://172.104.55.173/Content/nexus-beta-desktop-css?v=nUy2eENMekRRfoH9S-kX8JUvnNJMPpfQj3xzdl7oDVo1

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.104.55.173 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1635-173.members.linode.com

Software

nginx /

Resource Hash

889fb5de61adf571aea24b94dcc0931018c81137c2e46a39c158e63dc3483730

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 08:58:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Vary: User-Agent,Accept-Encoding
Content-Length: 43122
X-Xss-Protection: 1; mode=block
Last-Modified: Fri, 17 Dec 2021 08:58:10 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VcyALCLfs3i77Jfjk%2Fxdwl3v5AXn35PhriUl7SHTjtoKqjkqHUgHt0H%2FyDzibf5GGi8S5Y5bGO%2F%2FemqTDObBXAbtRaxnL61UPWgeLRy3n1W3RRjmJhOD7wR3nzQgc6ZpoS08eWs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css; charset=utf-8
Cache-Control: public
CF-RAY: 6beef2b59b4c4a9b-SIN
Expires: Sat, 17 Dec 2022 08:58:10 GMT

GET
H/1.1 200
OK nexus-beta-desktop-css
172.104.55.173/Content/Home/ 5 KB
3 KB 598ms
256ms Stylesheet
text/css 172.104.55.173
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://172.104.55.173/Content/Home/nexus-beta-desktop-css?v=PMzVIR2JpjV53SuWJl4_78nTyWqdQ7O2xgHBojtuIB81

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.104.55.173 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1635-173.members.linode.com

Software

nginx /

Resource Hash

a76237e4323193bd7cf8bc0614642e3c0a55dd7bba9e132580b55e731a9d22d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 08:58:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Vary: User-Agent,Accept-Encoding
Content-Length: 1677
X-Xss-Protection: 1; mode=block
Last-Modified: Fri, 17 Dec 2021 08:58:10 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yoCg0yCdOp5dldjxgYeTCV6Upzu9EIxVPPqi15OBJIB1DICLK6NSxXWjf38jyRXzEjEetZTiLoJ%2BR3U0YVYOfagArKsT3i19bAA3y0kFSlzt7yM6v8RKHyFvkH0%2FXlc3jqjWUOrSFAPq0i6QtRc4dPM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css; charset=utf-8
Cache-Control: public
CF-RAY: 6beef2b5d85445fb-SIN
Expires: Sat, 17 Dec 2022 08:58:10 GMT

GET
H/1.1 200
OK nexus-beta-desktop-dark-purple-css
172.104.55.173/Content/Theme/ 19 KB
7 KB 602ms
260ms Stylesheet
text/css 172.104.55.173
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://172.104.55.173/Content/Theme/nexus-beta-desktop-dark-purple-css?v=PG2EjWqL_NJw9gZTNfzVvWT8zAwca-smcgZ8ZnLCaSM1

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.104.55.173 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1635-173.members.linode.com

Software

nginx /

Resource Hash

d5ba42e0367d7c161f16f79fc29ae4c858b792fe9e1cf0a2d5f5549604dbc586

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 08:58:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Vary: User-Agent,Accept-Encoding
Content-Length: 5321
X-Xss-Protection: 1; mode=block
Last-Modified: Fri, 17 Dec 2021 08:58:10 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c4Q%2FI9%2FL33e5WuNyQGuV%2FMXecQC2FnzIY3tPKaiBIg9i9BtsbW17zhosc1q29P7xX5kcEAFCvu6LcUycreWiYojSUZTaMbJldgagiwCvD1CVj7%2BT673FalKiky1mPiw21CgR3rcf7X%2Bwlb%2B1Ey6b%2Fjg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css; charset=utf-8
Cache-Control: public
CF-RAY: 6beef2b5d8df6c30-SIN
Expires: Sat, 17 Dec 2022 08:58:10 GMT

GET
H2 200 logo_046c350a-f51c-456a-a7ca-cf6861697eb9_1639665300657.png
api2-yws.tr8ngames.com/images/ 19 KB
20 KB 905ms
851ms Image
image/png 2606:4700:20::ac43:4a58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-yws.tr8ngames.com/images/logo_046c350a-f51c-456a-a7ca-cf6861697eb9_1639665300657.png

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f471a9cfc54aa4b64c5e26fb49415a6c2264caf0287dade88797a4b4f79e7a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:10 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 19471
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 14:47:05 GMT
server: cloudflare
etag: "fab420cb8bf2d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f00HvCtkGDLuhqrf3TczraZb7LseIwZfNsMrXtYnEK3V8wgsVsAlTca%2FoiaQ1gDJzO1ngzwFlSppttxOthsdjQnmnq44UF6i6Wy9UyqyRGATGNgRHTJYcJu9sIpgjQNprVRoC0pcWWA7y7zCU8ds3DTz2KQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 6beef2b38f6e3748-MXP

GET
H2 200 BCA_e1bab23f-dda6-4835-b3ce-d5039f28546c_1639579422023.png
api2-yws.tr8ngames.com/images/ 979 B
2 KB 624ms
574ms Image
image/png 2606:4700:20::ac43:4a58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-yws.tr8ngames.com/images/BCA_e1bab23f-dda6-4835-b3ce-d5039f28546c_1639579422023.png

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25e9cb2c38a9e51dd0e0a6f39b1bfe1a6f59bb7e88507ad82c34ab2b2b9e4288

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:10 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 979
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Dec 2021 14:47:03 GMT
server: cloudflare
etag: "75b7ac9fc2f1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FucYlal%2B3AeOoy9PKcKOmiMaEacuEkcF06OQLcC0tvQ1LRpzPIpXLsdwtLdKXbiDaosty1SkeGD4Y2f7%2F2qEgaHS6cm0snB7nHzDAwzCESGHJ2DkI5MevY5EQ8%2FRlj9UkBc9d66TvtV%2BMzvtxIeGAhLBg7g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 6beef2b38f713748-MXP

GET
H2 200 BNI_3d30334c-d871-46fb-80b3-0fcb12f99b87_1639614224203.png
api2-yws.tr8ngames.com/images/ 918 B
1 KB 728ms
678ms Image
image/png 2606:4700:20::ac43:4a58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-yws.tr8ngames.com/images/BNI_3d30334c-d871-46fb-80b3-0fcb12f99b87_1639614224203.png

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4549533789cd22c67e36646d183e2349bc205ceb6b22af1d9421c83ac95df9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:10 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 918
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 00:32:04 GMT
server: cloudflare
etag: "d2af5e5914f2d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5BKWz7Y3UuRJ%2Fn2NbloMsmopYGbpuutnvgknu1dhWAIoTkwVQxVY2adMTYviDSHAJPoEoe49UPWIiCRX5xOh3A94Chlu0xKXcoaXAwyw5xl2XVSE9aUiOmB81C2K3zsga%2B5mSzvJZ%2FtwrJcFwxlexK9f%2BE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 6beef2b38f723748-MXP

GET
H2 200 BRI_a458ab91-91a3-49ac-98b3-1bfc5d1966bd_1639614240233.png
api2-yws.tr8ngames.com/images/ 839 B
2 KB 616ms
566ms Image
image/png 2606:4700:20::ac43:4a58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-yws.tr8ngames.com/images/BRI_a458ab91-91a3-49ac-98b3-1bfc5d1966bd_1639614240233.png

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

198b1cec1f6538854534bfaf1a77c3ba191f8ffb0cb2eed0c9be9513d1b55b31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:10 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 839
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 00:32:04 GMT
server: cloudflare
etag: "d347615914f2d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=254A1LrQ6kiASkkf7EP1vd3XUnWjQCWvsKwczuMVOZXC4b01HMosO0bMMUmh7pvG2di90ICcuFpQJ00Dbg3o5WV2UvzuGds%2FXR%2Bs7Y5dE%2FVarr59Ty%2FgEC52Myyld6eMcTC6YPp%2FQW8Z0cjDbuORqewhaKM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 6beef2b38f743748-MXP

GET
H2 403 /
api2-yws.tr8ngames.com/images/ 0
0 791ms
741ms Image
text/html 2606:4700:20::ac43:4a58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api2-yws.tr8ngames.com/images/
Requested by: Host: 172.104.55.173
URL: https://172.104.55.173/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 DANAMON_97be9049-789a-4b06-b66d-14b0fd26ff52_1639562185173.png
api2-yws.tr8ngames.com/images/ 956 B
2 KB 732ms
682ms Image
image/png 2606:4700:20::ac43:4a58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-yws.tr8ngames.com/images/DANAMON_97be9049-789a-4b06-b66d-14b0fd26ff52_1639562185173.png

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d88699a4dd8647afc4b35e0850bc824d1b981879936130299bb85ad685913435

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:10 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 956
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Dec 2021 10:02:03 GMT
server: cloudflare
etag: "a73f3ccf9af1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZ5xsCvY2v%2FnJq%2FG17FJvH6JJGL8cjaP6JsHZ9Ypcj4UaqClvfeBMWRGzbASONwG1amhMCva%2Bh1otFd6BomYIn%2Bxdkl0R5IGP%2BlB8RQlYeKXI923KXKoclVjWPgAnqqcdyTAG7DigmNwCb61puie%2BtcZ2%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 6beef2b38f773748-MXP

GET
H2 200 GOPAY_6d9f75a3-3a2c-4be2-8179-3bbfd755d7cd_1639562217173.png
api2-yws.tr8ngames.com/images/ 956 B
2 KB 593ms
592ms Image
image/png 2606:4700:20::ac43:4a58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-yws.tr8ngames.com/images/GOPAY_6d9f75a3-3a2c-4be2-8179-3bbfd755d7cd_1639562217173.png

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01f26c1fdfbd986fa23c802d8e5b125b97afe4a9a556fdcf93c33fe888e9b29e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:10 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 956
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Dec 2021 10:02:03 GMT
server: cloudflare
etag: "ecfe3ecf9af1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SOQkpqz6tCFLF2YwPsS5ZJOrWDHt9NOV8QGhyu%2Bg1BOdSHJOG5P1YQsO76SIJw8O27iNP6l9JJAOt39X8J6eEuWn2riGnZNpvbQpo8az06FSc3QYDNM25R6RMmSkpb9WOwWRAxxWay2S%2FBICxRczC8HbFzw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 6beef2b67bff3748-MXP

GET
H2 200 INDOSAT_c549535b-79e4-4df1-8c4b-4dff4802903f_1639562609090.png
api2-yws.tr8ngames.com/images/ 912 B
2 KB 571ms
570ms Image
image/png 2606:4700:20::ac43:4a58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-yws.tr8ngames.com/images/INDOSAT_c549535b-79e4-4df1-8c4b-4dff4802903f_1639562609090.png

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03ce852b13f4cb306a91a2413a9662aee0c4317bdf816efd828e6a672c0236dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:10 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 912
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Dec 2021 10:17:03 GMT
server: cloudflare
etag: "16818ae79cf1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gpa0QZfyhUDV4kq6KsQAdPpYvaUcQ0kz8PuRJ1FbtR%2ByEwimuXx%2FDuMkgM7JsBvCDpKkn5peWDt6vSjxBnZjGdYCdRU3bz9nPbzmqMc%2FlOx48d2ObHX%2BK2vIxKCXpgcQhuBq%2BYuT0EfcMUdUDuo79uxJD2c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 6beef2b67c013748-MXP

GET
H2 200 MANDIRI_ec4427ff-2e6e-4657-a2fe-b3702bc15e7c_1639579724250.png
api2-yws.tr8ngames.com/images/ 1 KB
2 KB 596ms
595ms Image
image/png 2606:4700:20::ac43:4a58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-yws.tr8ngames.com/images/MANDIRI_ec4427ff-2e6e-4657-a2fe-b3702bc15e7c_1639579724250.png

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7aedc6ca549c685e560d1bd7a05840960b9589b35261a9bdeaf20bcefbf8df9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:10 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 1465
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Dec 2021 15:02:03 GMT
server: cloudflare
etag: "af815bb8c4f1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBVVqnj%2BjFKBGY7kLxRoSc7DETF930l%2Fq8kls%2BfHW2LuTXHnZwNaezLelH9mEz6BZ1gVRXaJCkT8qj8D4va0AG6qhCXJi3UNAHkFk0B288P7vDSNfqE9lG9ktSea5H1LhmTUYFPShfci3%2F5WhXzqbtBM2%2FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 6beef2b67c023748-MXP

GET
H2 200 OVO_ddd6e876-f366-4b0b-a506-d0e8210c55e9_1639562423633.png
api2-yws.tr8ngames.com/images/ 965 B
2 KB 566ms
565ms Image
image/png 2606:4700:20::ac43:4a58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-yws.tr8ngames.com/images/OVO_ddd6e876-f366-4b0b-a506-d0e8210c55e9_1639562423633.png

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41c04af3b1f1e46cb3f253b4ba1c559517a9fd1c18e06ebecdf8ba56b53ad2df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:10 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 965
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Dec 2021 10:02:03 GMT
server: cloudflare
etag: "dec248cf9af1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XhF78akXkVInlxMFWTnqy6XL6fIymnruh3f%2BN8VknOTAM6UDKjObyLPAD1MLH2dRZFhXz1qCBJjTT0OEi%2FNOkDgjiUfkZzVtjgVPArluYBmbcHR%2B0d5VUwrigqNflL6dyx2ofrTj%2FHMnzsxTKp8vd0iBAuU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 6beef2b67c033748-MXP

GET
H2 200 TELKOMSEL_708c135d-74c5-482f-9d03-27a5f7035c60_1639562559230.png
api2-yws.tr8ngames.com/images/ 923 B
2 KB 673ms
672ms Image
image/png 2606:4700:20::ac43:4a58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-yws.tr8ngames.com/images/TELKOMSEL_708c135d-74c5-482f-9d03-27a5f7035c60_1639562559230.png

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

642ef5aec86961d7777b10d275f354c767cc604c2390afc2790f2a40ec25cecc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:10 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 923
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Dec 2021 10:17:03 GMT
server: cloudflare
etag: "e91091e79cf1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FB4LHqPn%2FNTUD5VJDYuV%2Bu6Vy8J87XZvuX2pWMQk1p4zYfjPx4aQAiOz6tX2Et4ApZbD75Bk0p7cjIQ8D9LJFy%2FIVK98SRiKOBx%2B8MkS3pFN1Cl0Gom3EeduzZsLtY0BTKMhONUR3GUoWRSsdzmiB0YLNAE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 6beef2b67c063748-MXP

GET
H2 200 XL_ea2a82b1-ca96-4eb1-9a52-cf378c6405e7_1639562582653.png
api2-yws.tr8ngames.com/images/ 686 B
1 KB 575ms
575ms Image
image/png 2606:4700:20::ac43:4a58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-yws.tr8ngames.com/images/XL_ea2a82b1-ca96-4eb1-9a52-cf378c6405e7_1639562582653.png

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c78efbcc2ad2825c8f24702f16c32b27c731d6fcfc3dc4dd984134c6173d8a7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:10 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 686
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Dec 2021 10:17:03 GMT
server: cloudflare
etag: "e1a495e79cf1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j7LL1xhnHx1pKVt8MWZB%2BtWew0fLFWXWzW4nvBR%2FSVlzNsdovx588mJsvOhJr6gX6sKmBhMDBbOOtoNvGPey77UabAOvdXrziT0iLfi06at%2BYzAFHUZmrKBhMwIjTM2UD%2FL88kHkwXZbww3i1QB3D9B3sO4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 6beef2b67c083748-MXP

GET
H2 200 en_Whatsapp_1_1639730826688.png
api2-yws.tr8ngames.com/images/ 22 KB
23 KB 963ms
962ms Image
image/png 2606:4700:20::ac43:4a58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-yws.tr8ngames.com/images/en_Whatsapp_1_1639730826688.png

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14a476b4063060fbd351019ef660102b5de76dd77fb7ce1e3049987dfc856bbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:11 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 22383
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Dec 2021 08:47:06 GMT
server: cloudflare
etag: "7355cfab22f3d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSePUBTytGbnulDyAJ7IvvN%2BRr53itue5KUyAQjWG9b3fr04H3jv8PV%2BaReu3jlkK2rRUbZ8M0uhopLsuSGW%2BLJogwCUKQ9ZCbL4O9f5vQaXdCLjChqfUdhD1SkFchXNClZC8CZyl%2BIQpvIvMhbxW%2FV3uj0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 6beef2b67c093748-MXP

GET
H/1.1 200
OK captcha
172.104.55.173/ 2 KB
3 KB 255ms
255ms Image
image/jpeg 172.104.55.173
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://172.104.55.173/captcha

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.104.55.173 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1635-173.members.linode.com

Software

nginx /

Resource Hash

3bd442f522979abdef45cbcef2279d7453d8c0d62c796f4cda7947574cbcba4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 08:58:10 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2FKAJkAA8Z5BU8iKy9K34l7hIdjYaJU5pKZiO0bL5dR4aMFYXpIGqUyCUphA%2F5u6M4kIoQz0zvLhNPLDbX3kpbUSvJYPJcHu5Bokx7S39jIVcpiZFHAn%2Bl%2BKyUPm6WlNN%2BsNhp0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: private, s-maxage=0
Connection: keep-alive
CF-RAY: 6beef2b77c681897-SIN
Content-Length: 1802
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK nexus-beta-desktop-js Show response
172.104.55.173/bundles/ 467 KB
179 KB 415ms
415ms Script
application/javascript 172.104.55.173
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://172.104.55.173/bundles/nexus-beta-desktop-js?v=33ASXlGxsN4ippHWmRJzMwFU1PH-qlvBe9uQ3JR2TWY1

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.104.55.173 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1635-173.members.linode.com

Software

nginx /

Resource Hash

4c84a59d8ac9622955ac083deb37570601e4a83db7b73b7bc9f8216c8a779f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 08:58:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Vary: User-Agent,Accept-Encoding
X-Xss-Protection: 1; mode=block
Last-Modified: Fri, 17 Dec 2021 08:58:10 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmeHsSgcPQytF1YBMButIeNRWMqbAwMNu6FgJkqLIcd%2FtE91L9r2ESk6%2Bn%2FpU2JpxhnGu9sB2Bsfigh0GDF56266bRPLdRQj44c%2BWRQlaKXE9tj8NHXwPk2kO1EinWyVxE4r1qk%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
CF-RAY: 6beef2b77beb87ed-SIN
Expires: Sat, 17 Dec 2022 08:58:10 GMT

GET
H/1.1 200
OK desktop-js Show response
172.104.55.173/bundles/Home/ 37 KB
15 KB 518ms
518ms Script
application/javascript 172.104.55.173
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://172.104.55.173/bundles/Home/desktop-js?v=Z_ce32yiYgPWDn0rPN8MfXPoT8Fa3IuYkqVIwUOPyE01

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.104.55.173 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1635-173.members.linode.com

Software

nginx /

Resource Hash

ba8145cf848d2c72f03c234538c70eef27c8b12f4594da3dec4e48a74217eb12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 08:58:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Vary: User-Agent,Accept-Encoding
Content-Length: 13906
X-Xss-Protection: 1; mode=block
Last-Modified: Fri, 17 Dec 2021 08:58:10 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0hO1CdabXr%2FDg84tJkGL2c2f4pQTDDtWe6Tbj9Fxsid%2BGXm8%2BiTILTac9tOp204Tp3ucHRR84RUt6BiQJQO0awRb15jiLae99pEgrBDD7mXUdIGAFmHaozorTqDpROmD5EYHoXeIN9Sg%2Fi2%2BQNN6mE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
CF-RAY: 6beef2b8dc312ec8-SIN
Expires: Sat, 17 Dec 2022 08:58:10 GMT

GET
H2 200 flags.png
nx-cdn.trgwl.com/Images/nexus-beta/dark-purple/desktop/layout/ 24 KB
25 KB 1058ms
1004ms Image
image/png 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-beta/dark-purple/desktop/layout/flags.png?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/Content/nexus-beta-desktop-css?v=nUy2eENMekRRfoH9S-kX8JUvnNJMPpfQj3xzdl7oDVo1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c39fbe2913ec3a15d82e5817e820273c5ca61fc18e2cb8cae299d4209396994

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:11 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 24949
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 20:01:16 GMT
server: cloudflare
etag: "0ce75e4e5c8d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VdPXsi9K8Db%2BgzAIo4coTzBCr2bDJdW4whmfbRd7bzYvTCeg7o7DNS7341JUDxd1Ty7EpBlqrrvAQLlnxseTNgMNRCIifdk3Mnj0GDSdhJr11lJgSIGWnCmIWeGjSMiO%2BKC%2BxKF%2Bw%2BeoBdmjs5c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6beef2b95aa13747-MXP

GET
H2 200 live-chat.svg
nx-cdn.trgwl.com/Images/nexus-beta/dark-purple/desktop/layout/ 588 B
1 KB 679ms
625ms Image
image/svg+xml 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-beta/dark-purple/desktop/layout/live-chat.svg?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/Content/nexus-beta-desktop-css?v=nUy2eENMekRRfoH9S-kX8JUvnNJMPpfQj3xzdl7oDVo1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

667ee8612b9502ae0c6f0b8eac253c8bca307446262f7ac5c2cc1a84b50d9d65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 20:01:16 GMT
server: cloudflare
etag: W/"0ce75e4e5c8d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Am5qKEU%2FUisaFec7%2FkBbv%2FaLtkFSj8JKaJX2Peg4ruReZ7TIaBkxI2VmCtS0HavR6oKI5eJy5TY8RIqWydTuZkJRpHHSIPIaPjjpbT2qQnWSE%2BGYKwtnlacTI4C67LXQMKm5PV8ows%2FcAFnDNKw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 6beef2b95aa23747-MXP

GET
H2 200 mobile.svg
nx-cdn.trgwl.com/Images/nexus-beta/dark-purple/desktop/layout/ 733 B
2 KB 747ms
693ms Image
image/svg+xml 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-beta/dark-purple/desktop/layout/mobile.svg?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/Content/nexus-beta-desktop-css?v=nUy2eENMekRRfoH9S-kX8JUvnNJMPpfQj3xzdl7oDVo1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbf8ea136cb9875f6548ddfeb8eaf0290fab91b50610dfdd8583f5bc8644e04d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Dec 2020 00:03:04 GMT
server: cloudflare
etag: W/"06c135775c7d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7yf1g%2FEqmaBFnv7F2Fv5WtwF8QQDFH%2FYwXgRZbdnWvr0RJOfFKz69ShwBLXeiPnKGd3WGWsvqlnwsZRskae4%2BvNPZa27ad7aMsqdVlE2EddSK%2BQwlzjaHGgrNlcdGifozucatppm6U7f8cOSeE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 6beef2b95aa33747-MXP

GET
H2 200 news.png
nx-cdn.trgwl.com/Images/nexus-beta/dark-purple/desktop/home/ 336 B
1 KB 746ms
693ms Image
image/png 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-beta/dark-purple/desktop/home/news.png?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/Content/Home/nexus-beta-desktop-css?v=PMzVIR2JpjV53SuWJl4_78nTyWqdQ7O2xgHBojtuIB81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

466c2f7ee824f745aff52913e5f722ff6ea7adf798793784b453d83eb1a5493a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:11 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 336
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 20:01:16 GMT
server: cloudflare
etag: "0ce75e4e5c8d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PlV3oYl%2B42BVESGxMq5tO8MLECq2NJx9TiT4tPelWxf2A2GKwoYygv%2Ff9%2Bz5gDqz0ZVXRmNOoFmtVcW1w8bGCBzwC64QauVBFvnaBnliS%2B1RMHALj3uD5H7NNoxH373x6btd%2Bo2C%2BsP5bhj0a5Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6beef2b95aa43747-MXP

GET
H2 200 home.jpg
nx-cdn.trgwl.com/Images/nexus-beta/dark-purple/desktop/backgrounds/ 53 KB
54 KB 1059ms
1007ms Image
image/jpeg 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-beta/dark-purple/desktop/backgrounds/home.jpg?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b17d8cae3802fe84512f3efe7735236b350f21b2005a27e9719a99b28d02f4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:11 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 54421
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 20:01:16 GMT
server: cloudflare
etag: "0ce75e4e5c8d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vjC%2BtjwYtcLrwShLT0l7hBvt1VkqRxnqQstcgz2oqoR%2BsB4DsjZcDs5z8k97%2BttJPO8FbvUmI8e6jdMMpug1k170yACmQuulUXotI95asUvrFj9MkAsJlLj053CMS5cmW60FPf9eqI83BA4upPI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6beef2b95aa63747-MXP

GET
H2 200 jackpot.png
nx-cdn.trgwl.com/Images/nexus-beta/dark-purple/desktop/home/ 18 KB
19 KB 1052ms
1000ms Image
image/png 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-beta/dark-purple/desktop/home/jackpot.png?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/Content/Home/nexus-beta-desktop-css?v=PMzVIR2JpjV53SuWJl4_78nTyWqdQ7O2xgHBojtuIB81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3065c3d99e92d80e5c5b7c19607522d645d6a3f8dbcb581cef3722a3ac834b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:11 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 18296
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 20:01:16 GMT
server: cloudflare
etag: "0ce75e4e5c8d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ejTvbiviOyCsMl66zzfwr%2Bz%2BOnx88%2Fb5gLFq5s5iH7C6gnwgSFVYGsAeZhvfGGjrlqp9T5OerClaKJVHGuTIAr4NgU72wrk6GBQ%2FcELRYkTTJGM%2FvpDD292b16y63oUPylgLHH1ej9XaUXec8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6beef2b95aa73747-MXP

GET
H2 200 new-games.png
nx-cdn.trgwl.com/Images/nexus-beta/dark-purple/desktop/home/ 507 B
2 KB 700ms
689ms Image
image/png 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-beta/dark-purple/desktop/home/new-games.png?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/Content/Home/nexus-beta-desktop-css?v=PMzVIR2JpjV53SuWJl4_78nTyWqdQ7O2xgHBojtuIB81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e5ac8f0c39a0d860bee7590a6fcbc147f7760f889bd27fc8b4be09edfccf78a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:11 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 507
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 20:01:16 GMT
server: cloudflare
etag: "0ce75e4e5c8d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XesARS7AS2G7PKMd1a4hCqXyTTlI23g4MwT7RZuAn4wgzksF5T5UZGN4KHjQuetWFWpbOmCKsgfgT6Cy30ERcXO3YoXeiaosBy5utfHCrPIHjIui3mC568QfGZMamFnWjf%2Fcdk47loJNbk838AA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6beef2b94a9e3747-MXP

GET
H2 200 popular-games.png
nx-cdn.trgwl.com/Images/nexus-beta/dark-purple/desktop/home/ 360 B
1 KB 714ms
713ms Image
image/png 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-beta/dark-purple/desktop/home/popular-games.png?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/Content/Home/nexus-beta-desktop-css?v=PMzVIR2JpjV53SuWJl4_78nTyWqdQ7O2xgHBojtuIB81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ade929071b57665452d1d4abde2ed8b52a8daa3d2ea88a34690cc769c8f344c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:11 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 360
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 20:01:16 GMT
server: cloudflare
etag: "0ce75e4e5c8d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNNlwtyDjyEYOVY3rX2lPy0C6%2BNA9j%2FJBxjhuQoWwsENn%2FRqxmtF2eVc1Mv1b2MMjT196TPT1nOXfB1F1kiJpcutlSGwAZ2I3yXuP2s6OXGNZyFsqwks3HxmmHf12W8hk32W30D9bipX1ayLraU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6beef2b96abe3747-MXP

GET
H2 200 jackpot-games.png
nx-cdn.trgwl.com/Images/nexus-beta/dark-purple/desktop/home/ 404 B
2 KB 609ms
608ms Image
image/png 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-beta/dark-purple/desktop/home/jackpot-games.png?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/Content/Home/nexus-beta-desktop-css?v=PMzVIR2JpjV53SuWJl4_78nTyWqdQ7O2xgHBojtuIB81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f3e6456694935c28fa4fbe90929d439c8c9585c96d3a60ebc6c7f1227cf7ad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:11 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 404
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 20:01:16 GMT
server: cloudflare
etag: "0ce75e4e5c8d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LSu9m87dQVfwoC4K8iXIWkMMqwIgGV9Z7FQlGgOwSvsBeimnY9Ormu7JNxRDJ7t3VQwgSHIWkl1VHn7E9bk6hp8cZcLQaPVn5tN%2F1f09ADWySnLqMsX6FwGvu%2Bir9CDjcq7aIz4DOmb%2B2ag9Skc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6beef2b96ac03747-MXP

GET
H2 200 download-apk-background.png
nx-cdn.trgwl.com/Images/nexus-beta/dark-purple/desktop/home/ 337 KB
338 KB 901ms
899ms Image
image/png 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-beta/dark-purple/desktop/home/download-apk-background.png?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/Content/Home/nexus-beta-desktop-css?v=PMzVIR2JpjV53SuWJl4_78nTyWqdQ7O2xgHBojtuIB81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76d5e56574836f2db9840d269bec80da1ee37b7a736f7b1aa73bd6275eef3369

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:11 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 344639
x-xss-protection: 1; mode=block
last-modified: Mon, 24 May 2021 01:37:24 GMT
server: cloudflare
etag: "06293583d50d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3HBkcYsFrWgQvkXrYrkUj7SpJHQs92B9Rd44Bo6jBKzo9bOoiBF32C4BncrJDsOqN4oVqLB1LHaB9%2FJWE%2B69yaCCuuHMBBif0ADPRECUVV%2BEkJ6Yw6ya7A%2BhPlCu1dQNR8CV0sZiu18eMXnd8FM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6beef2b96ac13747-MXP

GET
H2 200 icon-sprite.png
nx-cdn.trgwl.com/Images/nexus-beta/dark-purple/desktop/layout/ 4 KB
5 KB 697ms
696ms Image
image/png 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-beta/dark-purple/desktop/layout/icon-sprite.png?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b81a90d317b70f82719218970659a41b488eae52d89f93401a41bcc7b23f44e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:11 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 4235
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Feb 2021 20:23:40 GMT
server: cloudflare
etag: "06ec4f1336d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bmx7RjUY4uyULH8bbKN91s2SyuhD5rKPb9DbvDJov55sOgeMU%2BsZJLluylHLAwm68nCVqaHW%2BpE1%2BsYLBEmx2ZDA1I2qvm2lGxXPC9u1gz8AoDcx1gJ9069uMAYXYHQAP0S%2FSIn2dLiLhUA8FQE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6beef2b96ac23747-MXP

GET
H2 200 id_cbd_e77b95f7-a164-4c04-9df9-0f9a1501a485_1612071864773.png
api2-yws.tr8ngames.com/images/ 385 KB
386 KB 988ms
985ms Image
image/png 2606:4700:20::ac43:4a58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-yws.tr8ngames.com/images/id_cbd_e77b95f7-a164-4c04-9df9-0f9a1501a485_1612071864773.png

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f271481d02f476a7466c2cd2827b3e462d2c22d4d414702155c97e0857d2527a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:11 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 394585
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Feb 2021 05:41:22 GMT
server: cloudflare
etag: "152d4534eff9d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=03SHL3pwaUaftpwI0MM3FlNgvLs%2F%2F6p9ebTZ4gcER6%2FslBVN4%2F7YmCT7HMTFVSpS6Mgw4e%2Bzc6%2FIPwur9rffyb8mk6HgYNX3A5HaMEuBA2coZujG9hzfDNobbjAsa5Tzcs7bTVrAFUpSWg%2F7IuH1ZsUdTe8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 6beef2b948e93748-MXP

GET
H2 200 vs1024lionsd.webp
nx-cdn.trgwl.com/Images/providers/PP/ 12 KB
13 KB 599ms
598ms Image
image/webp 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/PP/vs1024lionsd.webp?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

913b1b967e7e580acef74960e763a7cf534f559ece42776697403669f9cb3875

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:11 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 12570
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Dec 2021 18:16:02 GMT
server: cloudflare
etag: "09dc1a616f1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CpJhcBT2OT%2By4NIomohhzOh5510qC%2FyNJ%2FJpKi7hDVn44NuXKfUtilq2eim2bk%2FOz68fk6BeKAijdm0okdKGNvnbCgXMwzObsCZD6G2LOogMn4ddTrxn%2BAzzbFd%2FeT8dbKvdnyzCVohJBkBrboo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6beef2b96abb3747-MXP

GET
H2 200 iw7az1sm3drhh.webp
nx-cdn.trgwl.com/Images/providers/JOKER/ 27 KB
28 KB 1003ms
1001ms Image
image/webp 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/JOKER/iw7az1sm3drhh.webp?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06b69dedfc425949e247970db4d7b2464c78bf61caf59165fc42fa393e128953

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:11 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 27798
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Dec 2021 18:15:54 GMT
server: cloudflare
etag: "0e9fca116f1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KIoRkkQ9B6cMN4MKKpd7e%2BmzsmM7iOKzyI7TMViPNdM%2F%2ByosGaGi8JrFC5xNf2aSXqHiwamxH3l1uVbJHrzhN7zUMXBRz0d5SgMthhnAb9oTpPFfd3Nxqi25sR9xYAM6y0rQ7iJEfLzVHebJ4lA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6beef2b96ab83747-MXP

GET
H2 200 gpas_rriches_pop.webp
nx-cdn.trgwl.com/Images/providers/PLAYTECH/ 12 KB
13 KB 594ms
592ms Image
image/webp 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/PLAYTECH/gpas_rriches_pop.webp?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5549f5525c20d57edc7d3ae822ad6d3cb4d5fc2c0ff2921b7c487587999f4367

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:11 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 12310
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Dec 2021 18:16:00 GMT
server: cloudflare
etag: "07090a516f1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TS4m4G3ouIBT1yni5Slmja1YN%2FsakIYrAOjsdGTHsdB9BN8an5CxJRof%2FMZct1sP3p0SC6Vr8wcxP4FKhbpTV2yQ76HTl7xO8hmioiG9kjs8%2FZkayU4NfB57jeQjWgp3h7zYy0xbgrRS3atkUI4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6beef2b96abc3747-MXP

GET
H2 200 SGJellyFishFlowUltra.webp
nx-cdn.trgwl.com/Images/providers/HABANERO/ 24 KB
25 KB 818ms
817ms Image
image/webp 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/HABANERO/SGJellyFishFlowUltra.webp?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4d4206926650ac5f4dba4ee3f3f51a89f6fcaf895e677807486c8ce616f946f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:11 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 24676
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Dec 2021 18:15:52 GMT
server: cloudflare
etag: "0bccba016f1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HeyOVVoWPCINP%2BHl9qt%2BJWfck5AlOynQUzP7fgnw5t2ru1Vh%2FzQCC%2By2iprtZjsm3uI%2Bb9CsO9iAzXmtMRsELh3rq%2FKEMGz8eW2X9KG6%2FRTxRZJMP7lCVzADRC9hEDlQ7jd%2BGG5ukZH7nEW49OM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6beef2b96abd3747-MXP

GET
H2 200 SMG_playboyFortunes.webp
nx-cdn.trgwl.com/Images/providers/MICROGAMING/ 25 KB
26 KB 1450ms
1448ms Image
image/webp 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/MICROGAMING/SMG_playboyFortunes.webp?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4147d90124650418cd05066c006af47d978d6fcae6f495d08713771fd3e76aa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:12 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 25676
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Dec 2021 18:15:56 GMT
server: cloudflare
etag: "0162ea316f1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E0e1epec2gOsRwzzZjB5vogXWcTtYVzyhTFVfGBkrPcwuutCSQw798stMArpfAtF3ELZumyXEsXQhhqPRV8N5L6oZ1KBfWdm8pqpaOFqMsF7lYwiG68wVkXgRhRg%2BwD4D5VyOcVTaxe9T1xS988%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6beef2b96aba3747-MXP

GET
H2 200 treasures-aztec.webp
nx-cdn.trgwl.com/Images/providers/PGSOFT/ 28 KB
29 KB 840ms
839ms Image
image/webp 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/PGSOFT/treasures-aztec.webp?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

040bf02b560fb5befb82f5c6fdda73b2fa533162470d1ce7b75a7acd63ae6066

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:11 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 28450
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Dec 2021 18:15:58 GMT
server: cloudflare
etag: "0435fa416f1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bjGbEP3CyHmr46qrX13AIAG2iLmCoj9G6gZ2JEDbOlIRjcMZjcw3770pHnHGOSS6d6IZ4xA%2BLnDByaT0YB148cqYd0PWvjxOekZ5qmm8wHF0ciu7LUBfHT7qH%2FN7%2Fbvq14l18WGgEV6G3fopS6k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6beef2b95aae3747-MXP

GET
H2 200 vs20rhinoluxe.webp
nx-cdn.trgwl.com/Images/providers/PP/ 12 KB
13 KB 637ms
635ms Image
image/webp 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/PP/vs20rhinoluxe.webp?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35f7e2b1d4141dab556de2e30a4af4af068494cf4c8dbc3b16a307e6675243d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:11 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 12326
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Dec 2021 18:16:02 GMT
server: cloudflare
etag: "09dc1a616f1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGrEielisnuu%2B34C1k64M1k7Y%2FU8pGGnOTejcWnZ0oycUQQ2aem%2FWRpvkBwgoWb8sOyJiparqa7qc39iX4ZtejjtykDkYaViTGyQoTue5q9X%2BxDBu7GlhPke%2BNZnUHS%2BtBpwNAbahCl0VLITTHg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6beef2b96ac33747-MXP

GET
H2 200 hcu3p8r71kj3y.webp
nx-cdn.trgwl.com/Images/providers/JOKER/ 26 KB
28 KB 869ms
867ms Image
image/webp 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/JOKER/hcu3p8r71kj3y.webp?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02abb0760798a67710669ecc1d86c28d79a7e813b1dee18bf93c7b7ac23f8b4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:11 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 27034
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Dec 2021 18:15:54 GMT
server: cloudflare
etag: "0e9fca116f1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ga019DFh9pAcCm%2FlyAiYSw5NU950PTBYNoUZq1GAVsThcmmhQSClFeu8WaZhLI1rsZSr4nUNga2ueDD7aPCJ%2BwRidTW1mXfdCRoRKTG4NGWHxoUVWXEQiAy4aW8%2F1O2aYJUFrxTBlDZn4SGJruQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6beef2b96ac53747-MXP

GET
H2 200 gpas_aogetroy_pop.webp
nx-cdn.trgwl.com/Images/providers/PLAYTECH/ 10 KB
11 KB 645ms
644ms Image
image/webp 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/PLAYTECH/gpas_aogetroy_pop.webp?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5991342f8cb19585746f942d4937a1db02dccfd839809edb791ad83eb8afb03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:11 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 9774
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Dec 2021 18:16:00 GMT
server: cloudflare
etag: "07090a516f1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9qbwD1wXTIbcMptbN0llGt1kkJ0Ripw4IrdGY6eZGcs1U%2BiRS%2ByfW%2Febjj7LfwdjE8FWOsSPbWxpj8tNITNKwGpo7N1rz3KgP4k3wp31wvJKMtbnA0yanT1XywGc7Q3n%2FKBl5vkKdFRTb7Ggqk0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6beef2b96ac63747-MXP

GET
H2 200 SGLuckyFortuneCat.webp
nx-cdn.trgwl.com/Images/providers/HABANERO/ 21 KB
22 KB 1009ms
1007ms Image
image/webp 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/HABANERO/SGLuckyFortuneCat.webp?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb70134c1038b9202ef0dea6f2857c1eaa8928f42e8b0339185e2c9206e07eb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:11 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 21150
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Dec 2021 18:15:52 GMT
server: cloudflare
etag: "0bccba016f1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6dHXXezVyhanmaiaILsTe%2BcxHwZm7ELGzzun9vJfOMvFIi4KS1SflSVCEHPGnvOGqiWqMTiiNdqUeh1ef6%2FygO9t4OkpxaOIy0lCt374ysIP0Uj4yOJh%2BBH09ayq5AoiaVR3yohry9JlmCJ9RfI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6beef2b96ac73747-MXP

GET
H2 200 SMG_rugbyStarDeluxe.webp
nx-cdn.trgwl.com/Images/providers/MICROGAMING/ 25 KB
26 KB 856ms
854ms Image
image/webp 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/MICROGAMING/SMG_rugbyStarDeluxe.webp?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c879c4e61b57f4348613702e4ed173a074433907948d88e97df0345ef484c07d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:11 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 25484
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Dec 2021 18:15:56 GMT
server: cloudflare
etag: "0162ea316f1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zFB5NvSJBBCIPDWHfzLDauIYng4jE88OVzXCQSSAPOLIGZw9EeJqv6jjfi3bjCNjZwZGCW%2FsJ49tLrGtYOz7hvEl6DqKrftXFoiebBMFXoxO7j2ofUO%2B5b2ARfXKCBgFaIoJNYlbljCOubkteZI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6beef2b96ac83747-MXP

GET
H2 200 dreams-of-macau.webp
nx-cdn.trgwl.com/Images/providers/PGSOFT/ 25 KB
26 KB 985ms
983ms Image
image/webp 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/PGSOFT/dreams-of-macau.webp?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

999e38e52011747d3578ed4d82847f31c203a1773871857a5496b7e26bde2243

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:11 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 25830
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Dec 2021 18:15:58 GMT
server: cloudflare
etag: "0435fa416f1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9iXZ2%2Ba59DuVLbeOtkCFja6WydLow8cmqnvsb9KxH0c0vGWb5MH7oWQbCgrXRiVtGa%2Fv3i38q9ig5LXE4r362CxBR7uKOceHND7f45fI9yNpP3pdvrU8ca8%2FWoBYCzwNxS78eoRobMs5lfTq3W0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6beef2b96ac93747-MXP

GET
H2 200 vs25asgardjp.webp
nx-cdn.trgwl.com/Images/providers/PP/ 11 KB
12 KB 575ms
574ms Image
image/webp 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/PP/vs25asgardjp.webp?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77fda1edbda56a5fb44fe30fc661f37ee7cce159465ab2f66d9644b3fb9072db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:11 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 10876
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Dec 2021 18:16:04 GMT
server: cloudflare
etag: "0caf2a716f1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5WsyMo%2FngyY0TpU6IEP%2B%2FVibiXVy7LjwraHfVefcdESSDE01qaFnjdPqa9B7pW4YulRSeFt09%2FaxfQBUuVMdLPV5rkBftVmtE6EKEJscN%2FUQYw3XjFbuzp1xU2%2FicnjBK46E9wCab5tF37KZyFg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6beef2b96acb3747-MXP

GET
H2 200 vs10madamejp.webp
nx-cdn.trgwl.com/Images/providers/PP/ 12 KB
13 KB 606ms
605ms Image
image/webp 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/PP/vs10madamejp.webp?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bfdd4a0ab17fb7a70991c5c0fd3db38de2dc62e179b8f6a0eff1f7e0d50570f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:11 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 12182
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Dec 2021 18:16:02 GMT
server: cloudflare
etag: "09dc1a616f1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wh9uqtFabYu%2FM0VZLBiNyZQZZ8Aw04w0A1WDQGezSgXF2XEKXrUJNbnOnO7kM74oOmFzVnePD9ZN8At7jDspzxsNVICZxONvc%2FlG4eMHh%2FCigTzD6YK2DS2X%2BVBHii13V9SBRy29dAlfa2ZrYh0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6beef2b96acd3747-MXP

GET
H2 200 vs20fruitswjp.webp
nx-cdn.trgwl.com/Images/providers/PP/ 11 KB
12 KB 622ms
621ms Image
image/webp 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/PP/vs20fruitswjp.webp?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e97049e63a83130be85a9aefdc6666c3fff0e7b2f5b9dc26cec696ee80c125a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:11 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 10822
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Dec 2021 18:16:02 GMT
server: cloudflare
etag: "09dc1a616f1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cwXFUIVCReJehDM%2BEqVNgoj%2BXUPfmJSsPO3Cn%2BoyFz%2FlOpxXTjc8elGrNrQT9OjXX8AQv4HTsZwqiHdoGjUhU6CfdcbbEO1Znp%2BR8pv13gAhmtgcFLSBN0zJ%2FvHsxXL4gjDLc%2B9LuxLyd%2FrfEx0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6beef2b96ace3747-MXP

GET
H2 200 vs20doghousejp.webp
nx-cdn.trgwl.com/Images/providers/PP/ 10 KB
11 KB 584ms
583ms Image
image/webp 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/PP/vs20doghousejp.webp?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c2b9fe499aad0207e85de5b03fed03a223a335213272286c37e81bd3df16c75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:11 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 9918
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Dec 2021 18:16:02 GMT
server: cloudflare
etag: "09dc1a616f1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90yOfzixafBC6Az7AXIQT4oaKYqOe6SYSPe0fLBmJdicB8v9%2F9Tg3JSRM0SOkD5%2FRiKcsckLs5IVw1NWqjsy4O031IyzGAgoZ7zPg7ApZu5mQGKqsoUKIuWm%2BWxcuotZvxBv%2F8AIbLuWKFv7ofE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6beef2b96acf3747-MXP

GET
H2 200 vs1dragon8_jp.webp
nx-cdn.trgwl.com/Images/providers/PP/ 12 KB
13 KB 673ms
672ms Image
image/webp 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/PP/vs1dragon8_jp.webp?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f79201329472767c519bacc5174022241695cd8d1bf99ee8df17f6010bc16778

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:11 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 11802
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Dec 2021 18:16:02 GMT
server: cloudflare
etag: "09dc1a616f1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLZN%2B875x31tLQY4vpRWG2Q2QZ4z1Ls1LY14wfzCRWoFxj2d9YCkWKXPf2484MdnE8ln5%2BohktZTnpi1ruEyzuNLSRwenQn4vxEVQKcQHwQFcPIp1imKqzzquOQvT3T578cmPzqb%2FFFYI3%2FHMcQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6beef2b96ad13747-MXP

GET
H2 200 vs5aztecgems_jp.webp
nx-cdn.trgwl.com/Images/providers/PP/ 9 KB
10 KB 610ms
609ms Image
image/webp 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/providers/PP/vs5aztecgems_jp.webp?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07f43b40090c6fd85937ac59f4cf381bc005967c2f2458391ec24d720e7b7925

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:11 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 8958
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Dec 2021 18:16:04 GMT
server: cloudflare
etag: "0caf2a716f1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ruH5XBADQNVaeL3ELBYMJQkyxDmNPy72PwNVP5yyaDVdNNY71gmvN4XPgS%2B3hisaoNkNQsPy%2FbAdQRj%2B0RH4py5OMg%2FL3xBZa9zfVlI1%2FlstdWTpE1NRkIV%2BvFAr8bnaJ3%2Fq1hhMvGXDtAEAiFg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6beef2b96ad23747-MXP

GET
H2 200 YWS.webp
nx-cdn.trgwl.com/Images/apk-qrcodes/ 1020 B
2 KB 630ms
629ms Image
image/webp 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/apk-qrcodes/YWS.webp?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

411a93d94093d931a9661b9599a3257aa772be9bf16d7f241ebeb3046eb4dfd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:11 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 1020
x-xss-protection: 1; mode=block
last-modified: Sat, 24 Apr 2021 01:52:35 GMT
server: cloudflare
etag: "ffae5f7fac38d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6dBIhPEpbOSEeCxA%2FyJGVxOwLQiJvMFVrEENvR%2BYYQ%2FRZkPv56cwRLqwahfr2NvQSmfLkphnUerYNa%2FeSV7vvjUCEOuEARmUvAhCBFoH27guLKZtLGElUT%2FguVUfu7vxgejiSZ2j%2BbA0Nb6%2F8fY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6beef2b96ad33747-MXP

GET
H2 200 download-android-button.webp
nx-cdn.trgwl.com/Images/nexus-beta/dark-purple/desktop/home/ 1 KB
2 KB 682ms
681ms Image
image/webp 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-beta/dark-purple/desktop/home/download-android-button.webp?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

647f73170206161a1e3ecbe5dfeed0c4fd32c69daaa0272b9265f70bd2d57926

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:11 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 1124
x-xss-protection: 1; mode=block
last-modified: Mon, 24 May 2021 01:37:24 GMT
server: cloudflare
etag: "06293583d50d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gEp8HbZwJKM5kp6fGkfkCTXmuQ3QBmePOzkhZpyhwr18kiPH48V9yCcDeGfCtpXcXS%2BOvKbcWIVdgZsLNgR5QbNOkZedycUlF%2F1vMIDFUvXgQ1F0nPcrMg%2B0pP%2BdrslHea9%2BBK%2Fu6TIxbIWmV6U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6beef2b96ad53747-MXP

GET
H2 200 whatsapp.svg
nx-cdn.trgwl.com/Images/communications/ 1 KB
2 KB 592ms
591ms Image
image/svg+xml 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/communications/whatsapp.svg?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a5ec12896091137a7fc414bf6c8cf4d875038e5388a937da1b25b1450ebd181

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
last-modified: Wed, 14 Oct 2020 22:31:58 GMT
server: cloudflare
etag: W/"0c3abd379a2d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aX2bSie6lazdJhovrJHccqOTv0qLIAhLtVzyn3tvV0Kc5cQxWjJ23MM20f95u5Lj720CWzCEbVKP%2B3J8NCdGwjey4%2FIEpIC0d1z%2BQiE5VNTfLj8iLI5NhrXUluqwrlqFp5EGdMRri9BIk4bsO0A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 6beef2b96ad73747-MXP

GET
H2 200 telegram.svg
nx-cdn.trgwl.com/Images/communications/ 307 B
1 KB 685ms
684ms Image
image/svg+xml 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/communications/telegram.svg?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ee3beb98bdd022f21a47aed20a9581e407810acc36bbb10e5614dc3a6c53298

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
last-modified: Wed, 14 Oct 2020 22:31:58 GMT
server: cloudflare
etag: W/"0c3abd379a2d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hjannbsHw8XZfr8vO5yy6X3Da8heiS%2BWFBLI6zwt1SDpm8BiiL5EhNy%2B8Yi%2FipzrtIfKV6jMW8Z3sE6N%2F0ROcxDpicTXvgxmG%2FStdNOyAoME2zxWCUE2wTvfzR6jr0tb1QycDjoOtpgCqba%2FZR8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 6beef2b96ad83747-MXP

GET
H/1.1 200
OK js Show response
tickers.playtech.com/ Frame 36B5 8 KB
8 KB 497ms
124ms Script
application/json 213.187.229.56
PTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://tickers.playtech.com/js?info=2&casino=winforfun88&currency=USD
Requested by: Host: 172.104.55.173
URL: https://172.104.55.173/bundles/Home/desktop-js?v=Z_ce32yiYgPWDn0rPN8MfXPoT8Fa3IuYkqVIwUOPyE01
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.187.229.56 , Canada, ASN43937 (PTNET, EE),
Reverse DNS
Software: /
Resource Hash: 5422995cd48d8c6d6e5de3a489d6d2bb2f9eeb9b23721d77f56925912a9b1599

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 08:58:11 GMT
Age: 177
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=299
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 8258

GET
H2 200 default Show response
embed.tawk.to/5cac3bd653f1e453fb8cd93b/ 2 KB
969 B 529ms
484ms Script
application/x-javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/5cac3bd653f1e453fb8cd93b/default

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1e472a15ea48f58b00cc27eb808f0514fd5f6a4118092eae2620f83472e46a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://172.104.55.173/
Origin: https://172.104.55.173
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
server: cloudflare
etag: W/"stable-v4-61adcafd0e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 6beef2bc5db983a2-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1

200
OK

bundle.js Show response
static.getbutton.io/widget/
Redirect Chain

https://static.getbutton.io/widget-send-button/js/init.js
https://static.getbutton.io/widget/bundle.js

266 KB
85 KB

49ms
48ms

Script
application/javascript

78.46.57.120
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getbutton.io/widget/bundle.js
Requested by: Host: 172.104.55.173
URL: https://172.104.55.173/
Protocol: HTTP/1.1
Server: 78.46.57.120 Naumburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.120.57.46.78.clients.your-server.de
Software: nginx/1.6.2 /
Resource Hash: ce62c40dd07ad8d31490b1e1d55c60055c5a51dc27abc05c4f1c278e3ac9991e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 08:58:11 GMT
Content-Encoding: gzip
Last-Modified: Fri, 03 Dec 2021 17:22:37 GMT
Server: nginx/1.6.2
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Connection: keep-alive
Expires: Fri, 17 Dec 2021 11:58:11 GMT

Redirect headers

Location: https://static.getbutton.io/widget/bundle.js
Date: Fri, 17 Dec 2021 08:58:11 GMT
Server: nginx/1.6.2
Connection: keep-alive
Content-Length: 160
Content-Type: text/html

GET
H2 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/61adcafd0e1/js/ 121 B
287 B 485ms
484ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5cac3bd653f1e453fb8cd93b/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://172.104.55.173/
Origin: https://172.104.55.173
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 06 Dec 2021 08:35:43 GMT
server: cloudflare
etag: W/"da5bb1dc647470204df0e49f5afac2de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6beef2c5db4483a2-MXP

GET
H2 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/61adcafd0e1/js/ 76 KB
27 KB 626ms
625ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5cac3bd653f1e453fb8cd93b/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://172.104.55.173/
Origin: https://172.104.55.173
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 06 Dec 2021 08:35:43 GMT
server: cloudflare
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6beef2c5db4783a2-MXP

GET
H2 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/61adcafd0e1/js/ 192 KB
57 KB 735ms
734ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5cac3bd653f1e453fb8cd93b/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f22599e0d24b748f3aec60adf9492df18846939f6ce308e4e5f69381e8d84088

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://172.104.55.173/
Origin: https://172.104.55.173
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 06 Dec 2021 08:35:43 GMT
server: cloudflare
etag: W/"cf569d9832af4fd97c3fff711e9fa129"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6beef2c5db4a83a2-MXP

GET
H2 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/61adcafd0e1/js/ 138 KB
34 KB 606ms
605ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5cac3bd653f1e453fb8cd93b/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933904924e79e827fdc488b13b79beb38a01b64d48671ce82b62c9f65419ab90

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://172.104.55.173/
Origin: https://172.104.55.173
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 06 Dec 2021 08:35:43 GMT
server: cloudflare
etag: W/"c5af63ebce0319205496d81655bc9430"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6beef2c5db4c83a2-MXP

GET
H2 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/61adcafd0e1/js/ 2 KB
1 KB 485ms
485ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5cac3bd653f1e453fb8cd93b/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a22795598e7834a70f36a718e180cc5d566a871c3b4d8e10e2e860092af9fcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://172.104.55.173/
Origin: https://172.104.55.173
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 06 Dec 2021 08:35:43 GMT
server: cloudflare
etag: W/"917d1c5b4a1b3097223233ed9cc4514f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6beef2c5db4d83a2-MXP

GET
H2 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/61adcafd0e1/js/ 151 B
207 B 489ms
488ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5cac3bd653f1e453fb8cd93b/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://172.104.55.173/
Origin: https://172.104.55.173
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 06 Dec 2021 08:35:43 GMT
server: cloudflare
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6beef2c5db4f83a2-MXP

POST
H2 200 register Show response
va.tawk.to/ 1 KB
2 KB 262ms
213ms Fetch
application/json 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/register

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff78352ea0782287f261e87505660ff8852b48f6de78e4920f1c1150e2d0243e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://172.104.55.173/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 17 Dec 2021 08:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: visitor-application-preemptive-9903
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://172.104.55.173
vary: Accept-Encoding
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 6beef2cb1e05375d-MXP
access-control-allow-headers: content-type,x-tawk-token

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 3 KB
1 KB 526ms
514ms Fetch
application/json 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=5cac3bd653f1e453fb8cd93b&widgetId=default&sv=undefined

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb2d339d5782b699cf681f70116f6f6ad11be77cca78901b8b75913b5b1a3424

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: visitor-application-preemptive-w57q
server: cloudflare
etag: W/"2-12-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=7200, s-maxage=1800
cf-ray: 6beef2caddc383a2-MXP
access-control-allow-headers: content-type,x-tawk-token

GET
H3 200 en.js Show response
embed.tawk.to/_s/v4/app/61adcafd0e1/languages/ 16 KB
4 KB 43ms
25ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61adcafd0e1/languages/en.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2a37b3244a9a215cc8c90b8bc11388c4fd8b2dd23d415acfccf16e3224250d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 949015
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 06 Dec 2021 08:35:43 GMT
server: cloudflare
etag: W/"5a13c5b16c3caf8b986d6b915fd4b13e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6beef2ce391e59d1-MXP

GET
H3 200 twk-chunk-2d0d2b7c.js Show response
embed.tawk.to/_s/v4/app/61adcafd0e1/js/ 7 KB
2 KB 23ms
23ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-2d0d2b7c.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0258bf0904baa243eb5f64f1607f3f568ac3aa3290b3f50f673968c71344c37d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 949019
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 06 Dec 2021 08:35:43 GMT
server: cloudflare
etag: W/"722cffb3daa1570354cb1b80cb4846c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6beef2ce697159d1-MXP

GET
H3 200 twk-chunk-2d224aff.js Show response
embed.tawk.to/_s/v4/app/61adcafd0e1/js/ 16 KB
5 KB 25ms
24ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-2d224aff.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cc67ffca1890f893665ac67d1cb92f6f9886bc63b2a5c47e74be40a8a6ba2a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 949019
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 06 Dec 2021 08:35:43 GMT
server: cloudflare
etag: W/"6706fab732e36ad7168da061e15ca9c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6beef2ce697359d1-MXP

GET
H3 200 twk-chunk-f1596d96.js Show response
embed.tawk.to/_s/v4/app/61adcafd0e1/js/ 10 KB
4 KB 39ms
38ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-f1596d96.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

486974c9792917ab23dc7b712fccc068ebbf68c71c9ab9325321fd5350c643dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 949010
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 06 Dec 2021 08:35:43 GMT
server: cloudflare
etag: W/"7ab31362d93cd9403ba656eb650fcac2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6beef2ce697559d1-MXP

GET
H3 200 twk-chunk-48f46bef.js Show response
embed.tawk.to/_s/v4/app/61adcafd0e1/js/ 16 KB
5 KB 24ms
24ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-48f46bef.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b615bb1b4b553f931f07aa0b25fff28776079afe9bf1b07c5b7d8983d59c10c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 949019
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 06 Dec 2021 08:35:43 GMT
server: cloudflare
etag: W/"45368aac145cc907271bddd98ff38f79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6beef2ce697759d1-MXP

GET
H3 200 twk-chunk-4fe9d5dd.js Show response
embed.tawk.to/_s/v4/app/61adcafd0e1/js/ 942 B
819 B 22ms
22ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-4fe9d5dd.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 949019
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 06 Dec 2021 08:35:43 GMT
server: cloudflare
etag: W/"5f434bdd806571a4e1b385bee9316ff6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6beef2ce697a59d1-MXP

GET
H3 200 twk-chunk-2d0b9454.js Show response
embed.tawk.to/_s/v4/app/61adcafd0e1/js/ 546 B
707 B 40ms
40ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-2d0b9454.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 949019
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 06 Dec 2021 08:35:43 GMT
server: cloudflare
etag: W/"09c3819d373bd4178a620d721429fada"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6beef2ce697b59d1-MXP

GET
H3 200 twk-chunk-f163fcd0.js Show response
embed.tawk.to/_s/v4/app/61adcafd0e1/js/ 11 KB
4 KB 38ms
38ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-f163fcd0.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb94ebe9718dddddc412d9054b58d2ec39bea39d4f40e2181bafc4fb21120c19

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 949019
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 06 Dec 2021 08:35:43 GMT
server: cloudflare
etag: W/"5d825157bfbb4872b9ce8ea19e5eb7e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6beef2ce697d59d1-MXP

GET
H3 200 twk-chunk-32507910.js Show response
embed.tawk.to/_s/v4/app/61adcafd0e1/js/ 69 KB
16 KB 40ms
40ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-32507910.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b54adfacfbd58ffa1154d771cbb8eea48203698a86d82525590710d0953c495a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 949019
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 06 Dec 2021 08:35:43 GMT
server: cloudflare
etag: W/"a147cbd01f475b3dfee036242da85abd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6beef2ce697e59d1-MXP

GET
H2 200 / Show response
vsb34.tawk.to/s/ 101 B
201 B 168ms
159ms XHR
application/octet-stream 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vsb34.tawk.to/s/?k=61bc512550ea2c21f5478b09&cver=0&pop=false&asver=65760&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI1Y2FjM2JkNjUzZjFlNDUzZmI4Y2Q5M2IiLCJ2aWQiOiI3ZDcyZjFhNWEwZWYzYjNjMDQzM2RjZDJlZmRiYzlkNTlmYTQ2MjZiYzg3Y2YzNDU3NDg5NzRjYjQ4Mzg5ODdjIiwiaWF0IjoxNjM5NzMxNDkzLCJleHAiOjE2Mzk3MzMyOTMsImp0aSI6IkVLWU5KcktidExKalpSNzFBYTIteiJ9.MK62c_GMDRb_fijccR5AW3zEgLPD7nSQLvWyvxfVYj8fNG1cfqagHxZi8CTc4G5OOFrsmU7R09FvfbfyCwm40w&EIO=3&transport=polling&__t=Nt7dFp-

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1737b76c3d605a6b6ef27a9e1912efeaad1ee739701aad490cb2529c5f802f91

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:14 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://172.104.55.173
access-control-allow-credentials: true
cf-ray: 6beef2ce7b42375d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 101

GET
H3 200 min-widget.css
embed.tawk.to/_s/v4/app/61adcafd0e1/css/ Frame 46F6 24 KB
5 KB 24ms
24ms Stylesheet
text/css 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61adcafd0e1/css/min-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-2d0d2b7c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34533e0e1da75160a7daf8a64a6c8e84d3ee9b9265695cfdf0ce3ce7ccac0139

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 949019
cf-polished: origSize=25050
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 06 Dec 2021 08:35:43 GMT
server: cloudflare
etag: W/"ca07acfc9643befa104a07a93067f7c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6beef2ceaa1359d1-MXP
cf-bgj: minify

GET
H3 200 message-preview.css
embed.tawk.to/_s/v4/app/61adcafd0e1/css/ Frame 59BD 37 KB
8 KB 29ms
28ms Stylesheet
text/css 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61adcafd0e1/css/message-preview.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-2d0d2b7c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c441a4185403c04c6660b68f8e08dbb2c1006c6a0f792fd454216a35b73fc867

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 949019
cf-polished: origSize=37650
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 06 Dec 2021 08:35:43 GMT
server: cloudflare
etag: W/"792b46302ed8c4acdf03169ba30069fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6beef2ceea8659d1-MXP
cf-bgj: minify

GET
H3 200 bubble-widget.css
embed.tawk.to/_s/v4/app/61adcafd0e1/css/ Frame F4A5 13 KB
3 KB 30ms
30ms Stylesheet
text/css 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61adcafd0e1/css/bubble-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-2d0d2b7c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 949010
cf-polished: origSize=13594
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 06 Dec 2021 08:35:43 GMT
server: cloudflare
etag: W/"ce7913b80c763449b3895d46419f7a6b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6beef2cefa9b59d1-MXP
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ Frame 46F6 7 KB
1 KB 110ms
35ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/css/min-widget.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6cb55dbfadd93b87021f5281d31950151aa41e0b067c0c134f60331fa5243e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://embed.tawk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 08:10:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 17 Dec 2021 08:58:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Dec 2021 08:58:14 GMT

GET
H3 200 max-widget.css
embed.tawk.to/_s/v4/app/61adcafd0e1/css/ Frame 0D78 72 KB
14 KB 24ms
24ms Stylesheet
text/css 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/61adcafd0e1/css/max-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-2d0d2b7c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89ab7fd53e99ea2991d6e35b55bc1771aab327d0e7a1ffb016a1a7c8f000cd28

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 949019
cf-polished: origSize=74104
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 06 Dec 2021 08:35:43 GMT
server: cloudflare
etag: W/"987828ebb230aff2aaeab0ac82354266"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6beef2cf0ac359d1-MXP
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ Frame 59BD 7 KB
665 B 93ms
36ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/css/message-preview.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6cb55dbfadd93b87021f5281d31950151aa41e0b067c0c134f60331fa5243e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://embed.tawk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 08:14:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 17 Dec 2021 08:58:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Dec 2021 08:58:14 GMT

GET
H2 200 c983d26f20f6d020e5b4456b0e08d58059541b3a
tawk.link/5cac3bd653f1e453fb8cd93b/var/chat_bubble/ Frame F4A5 35 KB
35 KB 793ms
746ms Image
application/octet-stream 2606:4700:20::ac43:4761
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tawk.link/5cac3bd653f1e453fb8cd93b/var/chat_bubble/c983d26f20f6d020e5b4456b0e08d58059541b3a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4761 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

69fdb226b5c0cf22bfe60286b53c299f78f28cc356920b86034c0957907915e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:15 GMT
cf-cache-status: MISS
last-modified: Fri, 17 Dec 2021 08:58:15 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jKsAJV4USu7w4n85FfZAjr3SlaNsRIiLuuE9dlWueUwTQe1C05HUQXnp3j4Jaz8cXSoBRrGk%2FBqo8Z2gMMnkKsc7QAjLDAtSX7%2FfJ6xZSHdfCQcnPosOWIfPCpZuBb8HiteVU2aAFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=600
cf-ray: 6beef2cf7b9483a8-MXP

GET
H3 200 tawk-font-icon-2.woff2
embed.tawk.to/_s/v4/assets/fonts/ Frame F4A5 10 KB
11 KB 160ms
160ms Font
font/woff2 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/assets/fonts/tawk-font-icon-2.woff2?55755728=

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/css/bubble-widget.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://embed.tawk.to/_s/v4/app/61adcafd0e1/css/bubble-widget.css
Origin: https://172.104.55.173
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:14 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10520
last-modified: Sat, 22 May 2021 07:25:13 GMT
server: cloudflare
etag: "054b3b66812d0a4b87ffc6776f0a42f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
accept-ranges: bytes
cf-ray: 6beef2cf3ec0839a-MXP

GET
H2 200 css
fonts.googleapis.com/ Frame 0D78 7 KB
665 B 67ms
36ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/css/max-widget.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6cb55dbfadd93b87021f5281d31950151aa41e0b067c0c134f60331fa5243e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://embed.tawk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 08:13:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 17 Dec 2021 08:58:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Dec 2021 08:58:14 GMT

GET
H3 200 / Show response
vsb34.tawk.to/s/ 77 B
384 B 172ms
171ms XHR
application/octet-stream 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-vendors.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6d96cb6f9e6e7d46ba4c95ea87f67cddfd88660ec3fe2e1d1dc2fd519e20f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:14 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://172.104.55.173
access-control-allow-credentials: true
cf-ray: 6beef2cf8bb159d1-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77

GET
H2 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 295 KB
39 KB 69ms
31ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4536680
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19164-FRA, cache-mxp6921-MXP
timing-allow-origin: *
server: cloudflare
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6beef2cfffaad600-MXP

GET
H2 200 live-chat.svg
nx-cdn.trgwl.com/Images/nexus-beta/dark-purple/desktop/layout/ 588 B
2 KB 552ms
552ms Image
image/svg+xml 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-beta/dark-purple/desktop/layout/live-chat.svg?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/Content/nexus-beta-desktop-css?v=nUy2eENMekRRfoH9S-kX8JUvnNJMPpfQj3xzdl7oDVo1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

667ee8612b9502ae0c6f0b8eac253c8bca307446262f7ac5c2cc1a84b50d9d65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 20:01:16 GMT
server: cloudflare
etag: W/"0ce75e4e5c8d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6OIvnZ2tVyi8QMGTr35qRqDfjBhdc5Swb%2BjiTN8LP2yTJnOtegVHFXL9BQmQUCbfXjWkZnGJ0rBT35kZ8KHWQFs1Vghj9bjyXGakVWMChF4NTT56rFTLRJc9Zdss1V8ojxJQH3JbIc0k5oiJpis%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 6beef2cfbdc03747-MXP

GET
H2 200 mobile.svg
nx-cdn.trgwl.com/Images/nexus-beta/dark-purple/desktop/layout/ 733 B
1 KB 650ms
649ms Image
image/svg+xml 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-beta/dark-purple/desktop/layout/mobile.svg?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/Content/nexus-beta-desktop-css?v=nUy2eENMekRRfoH9S-kX8JUvnNJMPpfQj3xzdl7oDVo1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbf8ea136cb9875f6548ddfeb8eaf0290fab91b50610dfdd8583f5bc8644e04d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Dec 2020 00:03:04 GMT
server: cloudflare
etag: W/"06c135775c7d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CGoOxYtCXMOmDBhcnF6jd2bN83ENk8SYNn2PldtZ2umj%2F2PpDqZKD05juSrzw1ipBRep4%2BgN0R%2BvHH3VUH7kjmQoXM1IRZvutdfbNEUG4HLYy6FONNCBrDKdb51Or2yfyfnoocuPancufc9et%2Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 6beef2cfbdc13747-MXP

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ Frame 46F6 23 KB
24 KB 100ms
30ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://172.104.55.173
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:26:28 GMT
x-content-type-options: nosniff
age: 300706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 13 Dec 2022 21:26:28 GMT

POST
H3 200 v3 Show response
va.tawk.to/log-performance/ 5 B
383 B 162ms
162ms Fetch
text/html 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://172.104.55.173/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 17 Dec 2021 08:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: visitor-application-preemptive-tw1n
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://172.104.55.173
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 6beef2d0aa1c839a-MXP
access-control-allow-headers: content-type,x-tawk-token

GET
H3 200 / Show response
vsb34.tawk.to/s/ 4 B
309 B 588ms
588ms XHR
application/octet-stream 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-vendors.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:15 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://172.104.55.173
access-control-allow-credentials: true
cf-ray: 6beef2d0adf259d1-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4

GET
H2 200 live-chat.svg
nx-cdn.trgwl.com/Images/nexus-beta/dark-purple/desktop/layout/ 588 B
1 KB 563ms
563ms Image
image/svg+xml 2606:4700:20::681a:dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/nexus-beta/dark-purple/desktop/layout/live-chat.svg?v=20211105

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/Content/nexus-beta-desktop-css?v=nUy2eENMekRRfoH9S-kX8JUvnNJMPpfQj3xzdl7oDVo1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:dbc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

667ee8612b9502ae0c6f0b8eac253c8bca307446262f7ac5c2cc1a84b50d9d65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Dec 2020 20:01:16 GMT
server: cloudflare
etag: W/"0ce75e4e5c8d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aOtrr%2FBC%2BkChY%2BaE7RgKrT9E7FfJztVoEil2H5Y4H3x4aQImMMeXld5pL%2FbW1uTxBxlZNqFdXHwvkOLDz%2F7%2BRDz1TUHl67CGzVRmOFhT4IgnYnDHlLri0VzByY0EhJ1tRFT%2Bs9GCJRoJaudiXpI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 6beef2d37b533747-MXP

GET
H2 200 6c2e73618fe88faa50174cb95360876ee17770c4.jpg
tawk.link/5cac3bd653f1e453fb8cd93b/var/trigger-images/ Frame 59BD 37 KB
38 KB 718ms
718ms Image
image/jpeg 2606:4700:20::ac43:4761
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tawk.link/5cac3bd653f1e453fb8cd93b/var/trigger-images/6c2e73618fe88faa50174cb95360876ee17770c4.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4761 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b1320215f90a034805a0a1685d1ee96d2ef1efeb5945c105ed2e7cefab2aaf5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:15 GMT
cf-cache-status: MISS
last-modified: Fri, 17 Dec 2021 08:58:15 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KhsQoYzy0ahsPibaKg51qpUYy1SyAllcyyNKCovhg6EUSs%2FDqiQ5tCNaw%2F7K9GW2NDyPjh5Vc5ehzDGppePNwMd4v2VLqDF%2BssgZXMiR97X1QHjaaIHQEM62ZK%2BMyWv0fAcNbOCdMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=600
cf-ray: 6beef2d5999c83a8-MXP

GET
H3 200 tawk-font-icon-2.woff2
embed.tawk.to/_s/v4/assets/fonts/ Frame 59BD 10 KB
11 KB 26ms
26ms Font
font/woff2 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/assets/fonts/tawk-font-icon-2.woff2?55755728=

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/css/message-preview.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://embed.tawk.to/_s/v4/app/61adcafd0e1/css/message-preview.css
Origin: https://172.104.55.173
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:15 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10520
last-modified: Sat, 22 May 2021 07:25:13 GMT
server: cloudflare
etag: "054b3b66812d0a4b87ffc6776f0a42f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
accept-ranges: bytes
cf-ray: 6beef2d59c9b839a-MXP

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ Frame 59BD 23 KB
23 KB 72ms
26ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://172.104.55.173
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:26:28 GMT
x-content-type-options: nosniff
age: 300707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 13 Dec 2022 21:26:28 GMT

POST
H/1.1 200
OK online Show response
172.104.55.173/session/ 56 B
2 KB 340ms
340ms XHR
application/json 172.104.55.173
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://172.104.55.173/session/online

Requested by

Host: 172.104.55.173
URL: https://172.104.55.173/bundles/nexus-beta-desktop-js?v=33ASXlGxsN4ippHWmRJzMwFU1PH-qlvBe9uQ3JR2TWY1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.104.55.173 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

li1635-173.members.linode.com

Software

nginx /

Resource Hash

1ada54267efab66fc4e94fc1449d3fca7b2a03801c9c8bc0d3acc39e1f1f8a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://172.104.55.173/
X-Requested-With: XMLHttpRequest
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

Date: Fri, 17 Dec 2021 08:58:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552001; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1jNPZBHJ8GRaaWSlmZ3TnsHVM2M4tYLztV0fmVg0R0xU7EN%2BgWP9x2rynTHcWDf%2BzWlyVWQKoF27Qfz4IDnYkUbXg0eLP6f4POFMtAUM2FxBhd1iB3RuAinvzt6lBJn4vaiA8h835DXL8%2BRCK0XJPiY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/json; charset=utf-8
Cache-Control: private, s-maxage=0
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6beef2dbbc67d98c-SIN
X-Xss-Protection: 1; mode=block

GET
H2 200 id_cbd_dfa66d4a-86b0-4066-843a-38448d635f71_1612072010200.png
api2-yws.tr8ngames.com/images/ 30 KB
0 820ms
820ms Image
image/png 2606:4700:20::ac43:4a58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api2-yws.tr8ngames.com/images/id_cbd_dfa66d4a-86b0-4066-843a-38448d635f71_1612072010200.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://172.104.55.173/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 08:58:18 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-length: 384120
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Feb 2021 05:41:22 GMT
server: cloudflare
etag: "59f32a34eff9d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M3%2BXSZoTpndrpyRmz4Eq%2B52jShul%2BaeCIMC8f2EmYILXJcmbUsFC2qypXYlSG21EFxeh3nDxVX1K0QGCIAehvGrUhNiDVmYXMFcYhKg3BsGL1BGquR2SI8sjTgSyZ9inV9eezLSnsx7JxANTCqmdIgtbDho%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 6beef2e52d5f3748-MXP

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
172.104.55.173/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: gmyglzhsmgd45fyeb2v232er
172.104.55.173/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: 0qlQ1yVhzR_Jikw6KUSSKeq1qDh986aOfmO4qXnhklnnUfaeEL06Bzcv_MjtRyTSffComw5etOdEz3lWxu56dszE7Sl0nCvzRt15ZeHHb6U1
va.tawk.to/	1969-12-31 23:59:59	Name: ss Value: w9hiv8slym
va.tawk.to/	1970-01-20 03:48:03	Name: tawkUUID Value: mSvzBlDslhMpBuJ%2Fe72iSiB3St7Jc6Aa6mCYGDcF8jt8wi9BDiTGZ1YS0n%2FP2MDd%7C%7C2
172.104.55.173/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0
172.104.55.173/	1970-01-20 03:48:03	Name: __tawkuuid Value: e::172.104.55.173::BszeEu5LanTpVe+w16VCVhfLCAwAmEV7LC8SoFqa2DT7hL3LsmnCzAGbHJccApTo::2
172.104.55.173/	1970-01-19 23:38:56	Name: AWSALBTG Value: RyKo6v8Kul/Q5cvOf7Ao/v9kpefUjatJ9hvWHN8t65dNup0AGCQ+eILVUQQNfw3bAXpfwWwROAvM1KX2I5IAet/U34vAgyC6RXomLuxE550AF9XoVXJmTMiEAXAHqMZhavQL94niWp5cNhT9KiHv0wzqwwmxc804YqgRWjeGDEyq4gmp3Fo=
172.104.55.173/	1970-01-19 23:38:56	Name: AWSALB Value: QnetFJYzNt7jkmKxjoFmYdamAX2L0lag86/3twUle2bkCAg4T8MmOdDZpNuJnKqgaUiG7zNayovYi58ORvyC2uw8igOyDoePuXJKEVvEJ/0swlaaHuDsAy+nvLrP

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api2-yws.tr8ngames.com/images/ Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2-yws.tr8ngames.com
cdn.jsdelivr.net
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
nx-cdn.trgwl.com
static.getbutton.io
tawk.link
tickers.playtech.com
va.tawk.to
vsb34.tawk.to
172.104.55.173
213.187.229.56
2606:4700:10::6816:1983
2606:4700:10::ac43:2642
2606:4700:20::681a:dbc
2606:4700:20::ac43:4761
2606:4700:20::ac43:4a58
2606:4700::6810:5514
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2003
78.46.57.120
01f26c1fdfbd986fa23c802d8e5b125b97afe4a9a556fdcf93c33fe888e9b29e
0258bf0904baa243eb5f64f1607f3f568ac3aa3290b3f50f673968c71344c37d
02abb0760798a67710669ecc1d86c28d79a7e813b1dee18bf93c7b7ac23f8b4f
03ce852b13f4cb306a91a2413a9662aee0c4317bdf816efd828e6a672c0236dd
040bf02b560fb5befb82f5c6fdda73b2fa533162470d1ce7b75a7acd63ae6066
06b69dedfc425949e247970db4d7b2464c78bf61caf59165fc42fa393e128953
07f43b40090c6fd85937ac59f4cf381bc005967c2f2458391ec24d720e7b7925
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
14a476b4063060fbd351019ef660102b5de76dd77fb7ce1e3049987dfc856bbb
1737b76c3d605a6b6ef27a9e1912efeaad1ee739701aad490cb2529c5f802f91
198b1cec1f6538854534bfaf1a77c3ba191f8ffb0cb2eed0c9be9513d1b55b31
1a22795598e7834a70f36a718e180cc5d566a871c3b4d8e10e2e860092af9fcf
1ada54267efab66fc4e94fc1449d3fca7b2a03801c9c8bc0d3acc39e1f1f8a2e
1b17d8cae3802fe84512f3efe7735236b350f21b2005a27e9719a99b28d02f4e
1b81a90d317b70f82719218970659a41b488eae52d89f93401a41bcc7b23f44e
1c39fbe2913ec3a15d82e5817e820273c5ca61fc18e2cb8cae299d4209396994
1e5ac8f0c39a0d860bee7590a6fcbc147f7760f889bd27fc8b4be09edfccf78a
25e9cb2c38a9e51dd0e0a6f39b1bfe1a6f59bb7e88507ad82c34ab2b2b9e4288
2991f771f85700b7f88a8944a66afcd96199467920eec36cbb7ea77b6028f1dc
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
3065c3d99e92d80e5c5b7c19607522d645d6a3f8dbcb581cef3722a3ac834b19
34533e0e1da75160a7daf8a64a6c8e84d3ee9b9265695cfdf0ce3ce7ccac0139
35f7e2b1d4141dab556de2e30a4af4af068494cf4c8dbc3b16a307e6675243d3
3a5ec12896091137a7fc414bf6c8cf4d875038e5388a937da1b25b1450ebd181
3bd442f522979abdef45cbcef2279d7453d8c0d62c796f4cda7947574cbcba4d
3bfdd4a0ab17fb7a70991c5c0fd3db38de2dc62e179b8f6a0eff1f7e0d50570f
411a93d94093d931a9661b9599a3257aa772be9bf16d7f241ebeb3046eb4dfd8
4147d90124650418cd05066c006af47d978d6fcae6f495d08713771fd3e76aa0
41c04af3b1f1e46cb3f253b4ba1c559517a9fd1c18e06ebecdf8ba56b53ad2df
466c2f7ee824f745aff52913e5f722ff6ea7adf798793784b453d83eb1a5493a
48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c
486974c9792917ab23dc7b712fccc068ebbf68c71c9ab9325321fd5350c643dc
4c84a59d8ac9622955ac083deb37570601e4a83db7b73b7bc9f8216c8a779f8e
5422995cd48d8c6d6e5de3a489d6d2bb2f9eeb9b23721d77f56925912a9b1599
5549f5525c20d57edc7d3ae822ad6d3cb4d5fc2c0ff2921b7c487587999f4367
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
642ef5aec86961d7777b10d275f354c767cc604c2390afc2790f2a40ec25cecc
647f73170206161a1e3ecbe5dfeed0c4fd32c69daaa0272b9265f70bd2d57926
667ee8612b9502ae0c6f0b8eac253c8bca307446262f7ac5c2cc1a84b50d9d65
69fdb226b5c0cf22bfe60286b53c299f78f28cc356920b86034c0957907915e3
6cb55dbfadd93b87021f5281d31950151aa41e0b067c0c134f60331fa5243e89
6ee3beb98bdd022f21a47aed20a9581e407810acc36bbb10e5614dc3a6c53298
6f2c8847ac341b5546e83cada7984e117b88c1cc5c97e5231ba7f9c1ffa9f8b2
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
71c12656535e99119c2a952c10554cd6f47c6923d2d96155a7833276e68992af
76d5e56574836f2db9840d269bec80da1ee37b7a736f7b1aa73bd6275eef3369
77fda1edbda56a5fb44fe30fc661f37ee7cce159465ab2f66d9644b3fb9072db
7ade929071b57665452d1d4abde2ed8b52a8daa3d2ea88a34690cc769c8f344c
889fb5de61adf571aea24b94dcc0931018c81137c2e46a39c158e63dc3483730
89ab7fd53e99ea2991d6e35b55bc1771aab327d0e7a1ffb016a1a7c8f000cd28
8cc67ffca1890f893665ac67d1cb92f6f9886bc63b2a5c47e74be40a8a6ba2a8
913b1b967e7e580acef74960e763a7cf534f559ece42776697403669f9cb3875
933904924e79e827fdc488b13b79beb38a01b64d48671ce82b62c9f65419ab90
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f
999e38e52011747d3578ed4d82847f31c203a1773871857a5496b7e26bde2243
9c2b9fe499aad0207e85de5b03fed03a223a335213272286c37e81bd3df16c75
9f3e6456694935c28fa4fbe90929d439c8c9585c96d3a60ebc6c7f1227cf7ad7
a1e472a15ea48f58b00cc27eb808f0514fd5f6a4118092eae2620f83472e46a2
a6d96cb6f9e6e7d46ba4c95ea87f67cddfd88660ec3fe2e1d1dc2fd519e20f97
a76237e4323193bd7cf8bc0614642e3c0a55dd7bba9e132580b55e731a9d22d7
a7aedc6ca549c685e560d1bd7a05840960b9589b35261a9bdeaf20bcefbf8df9
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
b1320215f90a034805a0a1685d1ee96d2ef1efeb5945c105ed2e7cefab2aaf5b
b54adfacfbd58ffa1154d771cbb8eea48203698a86d82525590710d0953c495a
b615bb1b4b553f931f07aa0b25fff28776079afe9bf1b07c5b7d8983d59c10c8
ba8145cf848d2c72f03c234538c70eef27c8b12f4594da3dec4e48a74217eb12
bb2d339d5782b699cf681f70116f6f6ad11be77cca78901b8b75913b5b1a3424
bb94ebe9718dddddc412d9054b58d2ec39bea39d4f40e2181bafc4fb21120c19
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c441a4185403c04c6660b68f8e08dbb2c1006c6a0f792fd454216a35b73fc867
c4549533789cd22c67e36646d183e2349bc205ceb6b22af1d9421c83ac95df9a
c78efbcc2ad2825c8f24702f16c32b27c731d6fcfc3dc4dd984134c6173d8a7d
c879c4e61b57f4348613702e4ed173a074433907948d88e97df0345ef484c07d
cbf8ea136cb9875f6548ddfeb8eaf0290fab91b50610dfdd8583f5bc8644e04d
ce62c40dd07ad8d31490b1e1d55c60055c5a51dc27abc05c4f1c278e3ac9991e
d2a37b3244a9a215cc8c90b8bc11388c4fd8b2dd23d415acfccf16e3224250d7
d5991342f8cb19585746f942d4937a1db02dccfd839809edb791ad83eb8afb03
d5ba42e0367d7c161f16f79fc29ae4c858b792fe9e1cf0a2d5f5549604dbc586
d88699a4dd8647afc4b35e0850bc824d1b981879936130299bb85ad685913435
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e97049e63a83130be85a9aefdc6666c3fff0e7b2f5b9dc26cec696ee80c125a9
eb70134c1038b9202ef0dea6f2857c1eaa8928f42e8b0339185e2c9206e07eb8
f22599e0d24b748f3aec60adf9492df18846939f6ce308e4e5f69381e8d84088
f271481d02f476a7466c2cd2827b3e462d2c22d4d414702155c97e0857d2527a
f471a9cfc54aa4b64c5e26fb49415a6c2264caf0287dade88797a4b4f79e7a90
f4d4206926650ac5f4dba4ee3f3f51a89f6fcaf895e677807486c8ce616f946f
f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f79201329472767c519bacc5174022241695cd8d1bf99ee8df17f6010bc16778
fa1e2abf03fae481aac90a92038552d55518c2cd36d7400370ebd357e1c1126f
fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867
ff78352ea0782287f261e87505660ff8852b48f6de78e4920f1c1150e2d0243e

172.104.55.173 Open in urlscan Pro 172.104.55.173 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

101 Requests

99 %HTTPS

73 %IPv6

9 Domains

11 Subdomains

11 IPs

4 Countries

2215 kBTransfer

3749 kBSize

8 Cookies

6 Outgoing links

Redirected requests

101 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

172.104.55.173 Open in urlscan Pro
172.104.55.173 Public Scan

Screenshot
Live screenshot

Full Image

101
Requests

99 %
HTTPS

73 %
IPv6

9
Domains

11
Subdomains

11
IPs

4
Countries

2215 kB
Transfer

3749 kB
Size

8
Cookies

101 HTTP transactions
0 data transactions