www.0044789.com Open in urlscan Pro
104.21.45.173 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://0044789.com/
Effective URL:
https://www.0044789.com/
Submission: On November 23 via manual (November 23rd 2021, 7:42:42 pm UTC) from US — Scanned from DE

Summary HTTP 226 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 17 domains to perform 226 HTTP transactions. The main IP is 104.21.45.173, located in and belongs to CLOUDFLARENET, US. The main domain is www.0044789.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 31st 2021. Valid for: a year.

This is the only time www.0044789.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 3	104.21.45.173 104.21.45.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	18.66.242.23 18.66.242.23	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
13	2606:4700:303... 2606:4700:3037::ac43:9be7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
124	34.117.85.46 34.117.85.46	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
26	2606:4700:10:... 2606:4700:10::6816:1983	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	172.67.217.9 172.67.217.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::ac43:2642	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3035::6815:30ed	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:f9e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	75.2.9.70 75.2.9.70	16509 (AMAZON-02) (AMAZON-02)
226	20

3 104.21.45.173 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

0044789.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.0044789.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 18.66.242.23 (United States)

ASN16509 (AMAZON-02, US)

d1lzoljld5a2bc.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3037::ac43:9be7 (United States)

ASN13335 (CLOUDFLARENET, US)

chat789bet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

124 34.117.85.46 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 46.85.117.34.bc.googleusercontent.com

gic.x8gdkt99.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2606:4700:10::6816:1983 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vsa46.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.67.217.9 (United States)

ASN13335 (CLOUDFLARENET, US)

api.0044789.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:2642 (United States)

ASN13335 (CLOUDFLARENET, US)

va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vsa46.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:30ed (United States)

ASN13335 (CLOUDFLARENET, US)

sabasports.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:f9e (United States)

ASN13335 (CLOUDFLARENET, US)

tawk.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 75.2.9.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: a119a55988045f685.awsglobalaccelerator.com

cmbi.licimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
124	x8gdkt99.com gic.x8gdkt99.com	15 MB
29	cloudfront.net d1lzoljld5a2bc.cloudfront.net	676 KB
28	tawk.to embed.tawk.to va.tawk.to vsa46.tawk.to	208 KB
15	0044789.com 2 redirects 0044789.com www.0044789.com api.0044789.com	162 KB
13	chat789bet.com chat789bet.com	135 KB
3	googleapis.com fonts.googleapis.com	2 KB
3	cloudflare.com cdnjs.cloudflare.com	104 KB
2	licimg.com cmbi.licimg.com	29 KB
2	sabasports.vn sabasports.vn	759 B
2	google-analytics.com www.google-analytics.com	20 KB
1	gstatic.com fonts.gstatic.com	24 KB
1	jsdelivr.net cdn.jsdelivr.net	39 KB
1	tawk.link tawk.link	29 KB
1	google.de www.google.de	501 B
1	google.com www.google.com	501 B
1	doubleclick.net stats.g.doubleclick.net	442 B
1	googletagmanager.com www.googletagmanager.com	36 KB
226	17

	Domain	Requested by
124	gic.x8gdkt99.com	www.0044789.com d1lzoljld5a2bc.cloudfront.net
29	d1lzoljld5a2bc.cloudfront.net	www.0044789.com d1lzoljld5a2bc.cloudfront.net
21	embed.tawk.to	www.0044789.com embed.tawk.to
13	chat789bet.com	www.0044789.com chat789bet.com
12	api.0044789.com	d1lzoljld5a2bc.cloudfront.net
4	vsa46.tawk.to	embed.tawk.to
3	fonts.googleapis.com	embed.tawk.to
3	va.tawk.to	embed.tawk.to
3	cdnjs.cloudflare.com	d1lzoljld5a2bc.cloudfront.net cdnjs.cloudflare.com
2	cmbi.licimg.com
2	sabasports.vn	d1lzoljld5a2bc.cloudfront.net sabasports.vn
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	0044789.com	2 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.jsdelivr.net	embed.tawk.to
1	tawk.link
1	www.google.de	www.0044789.com
1	www.google.com	www.0044789.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	www.0044789.com
1	www.0044789.com
226	21

This site contains links to these domains. Also see Links.

Domain
sabasports.vn
thethao789.com
sex69.sex
789b.club
daily789.com
789b.live
www.facebook.com
zalo.me
t.me

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-31` - `2022-10-30`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
gic.x8gdkt99.com GTS CA 1D4	`2021-10-20` - `2022-01-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.licimg.com AlphaSSL CA - SHA256 - G2	`2021-06-29` - `2022-07-31`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.0044789.com/
Frame ID: 95FBE2A92F245DB024C275BDAE100920
Requests: 215 HTTP requests in this frame

Frame: https://sabasports.vn/nhan-dinh/gioi-thieu/?EVPInstanceName=fwdevpPlayer0
Frame ID: F856FFBDAB5B58C19FC939FBD7579EAA
Requests: 10 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/619c9c3d75b/css/min-widget.css
Frame ID: 2C9D0F4C8553916E9B8B396C4968B3CF
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/619c9c3d75b/css/bubble-widget.css
Frame ID: 10DC916E3914312631F1837F6A47D091
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/619c9c3d75b/css/message-preview.css
Frame ID: AA5DFE5F70C49B7C78CC38BC4ED19018
Requests: 2 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/619c9c3d75b/css/max-widget.css
Frame ID: FDA335D5539F96AED8CA92254BD61EB3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

789BET.COM789BET

Page URL History Show full URLs

http://0044789.com/ HTTP 301
https://0044789.com/ HTTP 301
https://www.0044789.com/ Page URL

Page Statistics

226
Requests

100 %
HTTPS

74 %
IPv6

17
Domains

21
Subdomains

20
IPs

4
Countries

17108 kB
Transfer

26646 kB
Size

7
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://sabasports.vn/
Title: RESULTS PREDICTION - BETS COMPARISON ALL OF THE WORLD'S BEST TOURNAMENTS

Search URL Search Domain Scan URL

URL: https://thethao789.com/nhan-dinh-bong-da/
Title: 789BET | THE LEADING BOOKMAKER IN VIETNAM

Search URL Search Domain Scan URL

URL: https://sex69.sex/
Title: COLLECTED HOT 18+ MOVIES | WATCH NOW

Search URL Search Domain Scan URL

URL: https://789b.club/
Title: Registration instructions

Search URL Search Domain Scan URL

URL: https://daily789.com/
Title: Affiliate

Search URL Search Domain Scan URL

URL: https://789b.live/#gsc.tab=0

Search URL Search Domain Scan URL

URL: https://www.facebook.com/6689bet/

Search URL Search Domain Scan URL

URL: https://zalo.me/3284270353060612561

Search URL Search Domain Scan URL

URL: https://zalo.me/0374305939

Search URL Search Domain Scan URL

URL: https://t.me/Cskh789bet

Search URL Search Domain Scan URL

URL: https://zalo.me/2379546822573811229

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://0044789.com/ HTTP 301
https://0044789.com/ HTTP 301
https://www.0044789.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

226 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.0044789.com/
Redirect Chain

http://0044789.com/
https://0044789.com/
https://www.0044789.com/

10 KB
3 KB

287ms
276ms

Document
text/html

104.21.45.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.0044789.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.45.173 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46485b65ba0197e72cd2a9d2ed53e31ba90cc80f75ce3f2ed1ebc5a39308f81a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 23 Nov 2021 19:42:32 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
last-modified: Tue, 23 Nov 2021 10:39:54 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K6ztRXW2OU5wb3iUT71q9vqgSJjJHw9tfYZO%2FuAlo%2FbggPZZNQwJhPkgjGlgzjKKNaBW%2B0E4v8FUn1dIJSk1IG5pLkwSynwKquBUTZJXZNWR92thVsO%2BUICOSKSeRZTiVfc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b2ce19c2cf74de8-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Tue, 23 Nov 2021 19:42:32 GMT
cache-control: max-age=3600
expires: Tue, 23 Nov 2021 20:42:32 GMT
location: https://www.0044789.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umvf00hvcsND95LOvG1pgnNhXZsk2MCSlhVTdizZ1pvACPYolb0IqQZKt%2BKKZOEMS%2B7%2BZcOJojIocXaynLE2HamhNBdflURzmeXldnWUNTHsOicT%2FYR4GVWJqrzzAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6b2ce19bfc614de8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 runtimechunk~main.1778a8de.js Show response
d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/ 10 KB
5 KB 69ms
26ms Script
application/javascript 18.66.242.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/runtimechunk~main.1778a8de.js
Requested by: Host: www.0044789.com
URL: https://www.0044789.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 862b37ddd70f1bd7c2d38ccbf02382d78e01a21792be2f9c86b6b762401e1878

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:10:06 GMT
content-encoding: gzip
last-modified: Tue, 23 Nov 2021 11:06:52 GMT
server: AmazonS3
age: 27147
etag: W/"5de1c825582f25eff53d1a9aca310821"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: x3LrYIGZQ_NrDshhDZJ1hd45YaI0FBZH
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
content-type: application/javascript
x-amz-cf-id: 56IDqDOVUJiLhU_E7mN48jjZP_iOKga6-5VQATq2uZJ2G82cGwoUIw==

GET
H2 200 main.d5afc53a.js Show response
d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/ 531 KB
135 KB 60ms
17ms Script
application/javascript 18.66.242.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/main.d5afc53a.js
Requested by: Host: www.0044789.com
URL: https://www.0044789.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e472c555cabcc44b154ada6f2ae8cf4f512b73799bdeff1987da5029065a8693

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:10:06 GMT
content-encoding: gzip
last-modified: Tue, 23 Nov 2021 11:06:50 GMT
server: AmazonS3
age: 27147
etag: W/"e3917a194d2ba0c41ed4dcbe815a581c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: su7ihmIyusl5StS5t4_tzavX.63qrDwf
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
content-type: application/javascript
x-amz-cf-id: ksjv0WeBjBG4Hi55ZoGykHjuDsZn_q505eGWRRiolxmLFKyCb_tMnQ==

GET
H2 200 main.d5afc53a.css
d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/ 17 KB
2 KB 57ms
14ms Stylesheet
text/css 18.66.242.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/main.d5afc53a.css
Requested by: Host: www.0044789.com
URL: https://www.0044789.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5bbd66f96f0929c435c17b7a4be87d6f456a764b6d08b22f766bff613ad92e24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 11:14:40 GMT
content-encoding: br
last-modified: Tue, 23 Nov 2021 11:04:42 GMT
server: AmazonS3
age: 30473
etag: W/"b7a390da52370388ce206c3d36b58349"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 5q2Ksewt0Een1GlR63G_b_ydtAoZ7SNh
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
content-type: text/css
x-amz-cf-id: oaWot8qeN5bN_8HYL_5o1CTOzLBEGHBGvYBePv2eUJvLKLAXJDRiQQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 55ms
30ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-154984877-2

Requested by

Host: www.0044789.com
URL: https://www.0044789.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7e70b15671af30f64bf6814da401ea00941f43a7166aa1affa4123b987567c77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36141
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 Nov 2021 19:42:32 GMT

GET
H2 200 jquery.min.js Show response
chat789bet.com/js/min/ 85 KB
31 KB 685ms
457ms Script
application/javascript 2606:4700:3037::ac43:9be7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chat789bet.com/js/min/jquery.min.js
Requested by: Host: www.0044789.com
URL: https://www.0044789.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9be7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:33 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 20 Sep 2017 09:09:39 GMT
server: cloudflare
etag: W/"4a34f02ff031d31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p6iP%2BTxJF1vpCiRLZj4vy8ENICKRr%2BnOXZWVoLMd4XE%2BA7viENXxnsCUfkBsmxGR55t3O5F0YVty3kPR8pCpGPT2Ifggkob3bUcv3KXBAAkihMFIiyYtLLG1NZbwDGWRi3EsRRs2TXOedKiH1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6b2ce19f7e504aa9-FRA
access-control-allow-headers: Content-Type

GET
H2 200 main.js Show response
chat789bet.com/js/ 128 KB
35 KB 691ms
462ms Script
application/javascript 2606:4700:3037::ac43:9be7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chat789bet.com/js/main.js
Requested by: Host: www.0044789.com
URL: https://www.0044789.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9be7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 87ff0e6524ba58f482ee293b2a119a36b2a10ca1fce920af43002f7a9c8aa4f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:33 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 04 Jun 2021 12:14:56 GMT
server: cloudflare
etag: W/"5c8d8d3b3b59d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZgiJDeuEobjZKIkvVLSXltJRl9vnOh6UEkt0uuN%2BmPQzJA3gy85%2BfaVZk5hEHqqIC4Xc9wcVKh61btvu4ccZ5nvXKAvrlw541fDdIUsvXcLARLAObrtfkmUdrzFvPYF4X%2F4A%2BRQPjTab3b78g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-polished: origSize=227566
cf-ray: 6b2ce19f7e514aa9-FRA
access-control-allow-headers: Content-Type
cf-bgj: minify

GET
H2 200 btn-cs2.png
gic.x8gdkt99.com/img/static/789bet/mobile/ 25 KB
25 KB 148ms
8ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/mobile/btn-cs2.png

Requested by

Host: www.0044789.com
URL: https://www.0044789.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

a3505bd6dd66aad5c98e4dab25045f4fa12024e5cf68062e0d53aa91cc0d696c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:53:31 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Tue, 28 Sep 2021 04:04:50 GMT
server: Tengine
age: 24541
etag: "61529462-6439"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 25657
x-xss-protection: 1; mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 36ms
12ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-154984877-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2485
date: Tue, 23 Nov 2021 19:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 23 Nov 2021 21:01:07 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 14ms
14ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1932336291&t=pageview&_s=1&dl=https%3A%2F%2Fwww.0044789.com%2F&ul=en-us&de=UTF-8&dt=789BET.COM&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1029014749&gjid=993888746&cid=172021760.1637696553&tid=UA-154984877-2&_gid=679964725.1637696553&_r=1&gtm=2ouba1&z=1359345701

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.0044789.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 19:42:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.0044789.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 48ms
16ms XHR
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-154984877-2&cid=172021760.1637696553&jid=1029014749&gjid=993888746&_gid=679964725.1637696553&_u=YEBAAUAAAAAAAC~&z=1036245623

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.0044789.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 23 Nov 2021 19:42:32 GMT
content-type: text/plain
access-control-allow-origin: https://www.0044789.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 90ms
66ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-154984877-2&cid=172021760.1637696553&jid=1029014749&_u=YEBAAUAAAAAAAC~&z=155259423

Requested by

Host: www.0044789.com
URL: https://www.0044789.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 19:42:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 67ms
44ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-154984877-2&cid=172021760.1637696553&jid=1029014749&_u=YEBAAUAAAAAAAC~&z=155259423

Requested by

Host: www.0044789.com
URL: https://www.0044789.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 19:42:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 default Show response
embed.tawk.to/5de5d8f6d96992700fca677d/ 2 KB
976 B 155ms
135ms Script
application/x-javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/5de5d8f6d96992700fca677d/default

Requested by

Host: www.0044789.com
URL: https://www.0044789.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f1ff23134e488054ee07d7a90e8be99de7d80c6b8665bbb257d5db16c6e4f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.0044789.com/
Origin: https://www.0044789.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
server: cloudflare
etag: W/"stable-v4-619c9c3d75b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 6b2ce1a29e6d5c2c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 i18n-en-US.14ace028.js Show response
d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/ 147 KB
32 KB 18ms
18ms Script
application/javascript 18.66.242.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/i18n-en-US.14ace028.js
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/runtimechunk~main.1778a8de.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9979ee317be535f7127478786b7eb448517154c4ed022e4696d4820b0ad38da0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: l22g88nVhJ8STJX8_vs2HTq4Zx2Ziqg4
content-encoding: br
last-modified: Fri, 19 Nov 2021 10:44:46 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: W/"1015a61c3fb96d9b1b5a6786681898cf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
date: Tue, 23 Nov 2021 19:42:33 GMT
x-amz-cf-id: KDCTxkYBkuc0f_AVeUVku3DEB47KuWmUM0Qx0hQgpRQVpKwad-Hfdw==

GET
H3 200 init.php Show response
chat789bet.com/include/ 5 KB
2 KB 541ms
523ms XHR
text/html 2606:4700:3037::ac43:9be7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chat789bet.com/include/init.php
Requested by: Host: chat789bet.com
URL: https://chat789bet.com/js/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9be7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.0, ASP.NET
Resource Hash: 0b7f8cc1fc0329854db4db405437c1a355e637cca85d6b4cb872960d1bed4d66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: Content-Type
x-powered-by: PHP/8.0.0, ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=292qiusEOCZG3oZMJqiJUSrrOr8Pz6BsVmbuGImgm8UDHYjgjGWQkXwBpKKJVwYYr0WglPuXSD%2B1FwVoi6cfNGzBe2b3%2B78%2BMHno7VAApOcPqzYHy8VixBorXF0YLHaG0bdm4qMrCxhNnCa8og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-ray: 6b2ce1a2cf211f39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 4726.de0ef8a8.js Show response
d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/ 30 KB
8 KB 23ms
22ms Script
application/javascript 18.66.242.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/4726.de0ef8a8.js
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/runtimechunk~main.1778a8de.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82730c7ccb9712641da9a12c51e644b42d6f2c8f8f6fa0cd385d9c18e376433b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: v6AbRDqYeQ5Ilei2Tow.tinPlR3W64Qm
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 10:44:42 GMT
server: AmazonS3
age: 30894
etag: W/"38c08a5491bfe69e4f4988cb1f106307"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
date: Tue, 23 Nov 2021 11:07:40 GMT
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: bbt0pdk76w8ZGmOemx7kJrnF1hPO736yBpoHBRJhL9qvKaBVz4wLAA==

GET
H2 200 2747.bf00903d.js Show response
d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/ 17 KB
5 KB 15ms
14ms Script
application/javascript 18.66.242.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/2747.bf00903d.js
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/runtimechunk~main.1778a8de.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 644c0cf90210a8792385583869bc6d6e69208f88d4d2a6c7099f8b92227f03ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: YIhrpPztqvyNPcIaMfXGO.ozJdIzGDg3
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 10:44:43 GMT
server: AmazonS3
age: 64297
etag: W/"ad50f80455d92aec007aabca3e5233dd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
date: Tue, 23 Nov 2021 01:50:57 GMT
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: iW7BFQoUlB7AKkbZb53d5Jjbly700csL0A_ymC0Nk_fygg-DrayZnw==

GET
H2 200 125.bcdbfd3a.js Show response
d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/ 80 KB
24 KB 21ms
20ms Script
application/javascript 18.66.242.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/125.bcdbfd3a.js
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/runtimechunk~main.1778a8de.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4363825b669197ebe99ed70d350951734cb3f4d7ff46409fce039062a59d006b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: XoTMV1C.OfY1UOnjg9b9.EPhfcA6kEh0
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 10:44:30 GMT
server: AmazonS3
age: 13485
etag: W/"0a8ee89d09751da0ba9955d61a250a12"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
date: Tue, 23 Nov 2021 15:57:49 GMT
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: lzuZAVtPIP8gVLdvxNWcAWZGpB0JBAeGgQHY0fIGUSRYU_ZOu0vkRw==

GET
H2 200 5313.0caae8b2.js Show response
d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/ 11 KB
4 KB 29ms
28ms Script
application/javascript 18.66.242.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/5313.0caae8b2.js
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/runtimechunk~main.1778a8de.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3863f2092572a4ec71880c5384595f72f2d7814676457d9128a36d9e5120d1b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: sAIDA2vSy4YaO1TpZKaf9r7zAJEHYI3y
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 10:44:31 GMT
server: AmazonS3
age: 68296
etag: W/"a8e54402d6b523163368c4bc451971b4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
date: Tue, 23 Nov 2021 00:44:18 GMT
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: upq8dDLtdK5LSqY4-LKfUf1Swdk-o3GGMtZZLOuJS-O8UrMj2QJfcQ==

GET
H2 200 7283.ac995d1e.js Show response
d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/ 44 KB
15 KB 13ms
12ms Script
application/javascript 18.66.242.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/7283.ac995d1e.js
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/runtimechunk~main.1778a8de.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f87c43062528d95f0e1ca33f8a91dae73e71584c7a0f9621db153d0e12546570

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: aMaxwt3MIKo8Z6lna3jiz921Iezg4OaN
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 10:44:33 GMT
server: AmazonS3
age: 83045
etag: W/"0309289907a2a44b01944f875ef3a510"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
date: Mon, 22 Nov 2021 20:38:29 GMT
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 1wuOw6UBqnI-4X_RER7kZG4XjFdhzuk9d5rmpXdxQ0fYFOsDJ-W-Iw==

GET
H2 200 3219.47197840.js Show response
d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/ 69 KB
17 KB 19ms
19ms Script
application/javascript 18.66.242.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/3219.47197840.js
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/runtimechunk~main.1778a8de.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a3673e1091a93904c80dcf417e59750be653c8654fbad630a4f498319cd6bc7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: JTAHC9WWvejmm3o1r5Pa_BdlMOMrzucp
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 10:44:34 GMT
server: AmazonS3
age: 13485
etag: W/"a7f24d7814e69e48ce1107d6be33ab47"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
date: Tue, 23 Nov 2021 15:57:49 GMT
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: DIZ_S3z9SPypNBuqmqQICEURm88KnWb-eel2NbVE6JPhtzfHj52a5g==

GET
H2 200 8820.b5bc793c.js Show response
d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/ 30 KB
11 KB 26ms
26ms Script
application/javascript 18.66.242.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/8820.b5bc793c.js
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/runtimechunk~main.1778a8de.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9eadf95091f401494f85e4229dec2880f04bd9653e2744c3948e3e1c2152f757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: uEzdxU1HsKdxdbtZDN6zB5y4daprgmv.
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 10:44:36 GMT
server: AmazonS3
age: 867
etag: W/"18b9583e71f4531c8bfedd3ee970cd80"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
date: Tue, 23 Nov 2021 19:28:07 GMT
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: SFApt407PU2h0vqSUdEi3QVBAVUp6jEnzQqvpa8hYBNmqX5zRRo1iA==

GET
H2 200 9361.c1f7061b.js Show response
d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/ 20 KB
7 KB 13ms
13ms Script
application/javascript 18.66.242.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/9361.c1f7061b.js
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/runtimechunk~main.1778a8de.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c9cf33d49eb2358d9ee94945d53ad38566cb0786ccf1a0bc9f8d6866ee8fb700

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: s9sSoi2iHjfoX5kIP7EZrEHRLUh0N.oj
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 10:44:37 GMT
server: AmazonS3
age: 68297
etag: W/"4c79dcff954bdbf7941176b2b7d74beb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
date: Tue, 23 Nov 2021 00:44:17 GMT
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: QpcT21XIKmJjuJenVX3aliQpu_FvSu0I5-08SX_Yn8RgZvxrd3e1QA==

GET
H2 200 556.9cb4b533.js Show response
d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/ 23 KB
7 KB 13ms
13ms Script
application/javascript 18.66.242.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/556.9cb4b533.js
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/runtimechunk~main.1778a8de.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e944b59257f98629fb0697c78d1edf328065bdc15456f24e9fc3afdb67880e38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: L2zHpzm_X3Lmdq3It0xb9ycS1YNFyekK
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 10:44:37 GMT
server: AmazonS3
age: 63832
etag: W/"d8c3aeeaee9c5a3a78ad244c3c0d5964"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
date: Tue, 23 Nov 2021 01:58:42 GMT
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: Ozma1LjTr74wU5QRMTPPWGBrCaKK-HsKhIpRfcsswqz1wGNBUOUQRQ==

GET
H2 200 8531.d550a969.js Show response
d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/ 661 KB
173 KB 21ms
20ms Script
application/javascript 18.66.242.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/8531.d550a969.js
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/runtimechunk~main.1778a8de.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03ce7ebfff30309a70f8fe7594cf8bf9bb7e0cf58f538eacd85c137d1312834e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: BqinMP_bn0cqF7aWv1LiChJSNdfS59an
content-encoding: gzip
last-modified: Mon, 22 Nov 2021 10:07:06 GMT
server: AmazonS3
age: 20503
etag: W/"dbe480713a5b4f7595b010d9bd7edf45"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
date: Tue, 23 Nov 2021 14:00:51 GMT
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: KD8Z27iHBENln0h9CL6ymtB4LAkhzUeAc941s_GOVPmRQkJMY9yblQ==

GET
H2 200 3987.9133bb0c.js Show response
d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/ 20 KB
5 KB 15ms
15ms Script
application/javascript 18.66.242.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/3987.9133bb0c.js
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/runtimechunk~main.1778a8de.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 307ee679d7e5d6ac7e01a6b03a5a596a4561f5c42d82838fff601df11ec5cc4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: gu8q_GLRD73j9jxZj_UC7pKeh87gKs1Q
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 10:44:46 GMT
server: AmazonS3
age: 58556
etag: W/"b091e9b1e595dd196f96d2c6349c814f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
date: Tue, 23 Nov 2021 03:26:38 GMT
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: mLnfa-OsSiMtwxIry5QiC9wOrZHNpoDzU11ywLzZUiSAJjAdRWCvDA==

GET
H2 200 1315.8ebd06bb.js Show response
d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/ 19 KB
6 KB 14ms
14ms Script
application/javascript 18.66.242.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/1315.8ebd06bb.js
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/runtimechunk~main.1778a8de.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e20e37a59f87a262f9c4c00f01473ec14e73bc3f1c6e461bcd18de0172df745a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: IEiLgeyrB0LLGfNlPt7O8bBYZGFlwkpy
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 10:44:49 GMT
server: AmazonS3
age: 64297
etag: W/"e599560ee8c1bb545285c5ff27df3584"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
date: Tue, 23 Nov 2021 01:50:57 GMT
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 8B2AXCOhgOrBzcWGa2jF41oOit4iq46u4f3rlpxzJugKtHbVlk4BRQ==

GET
H2 200 5037.10d994cd.js Show response
d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/ 142 KB
27 KB 15ms
15ms Script
application/javascript 18.66.242.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/5037.10d994cd.js
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/runtimechunk~main.1778a8de.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 34b634c0b17bb0389da17aae6d64c2802440177ea610e24222c5d42af937bcb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:47:40 GMT
content-encoding: gzip
last-modified: Tue, 23 Nov 2021 11:03:57 GMT
server: AmazonS3
age: 24894
etag: W/"74980e6ab7a549bc8c1e5afb8ffc7da3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: v.cjA_RroT0h4pyJSKmYEtQuhZUY.o2f
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
content-type: application/javascript
x-amz-cf-id: uJxjss9sQmwy8zw3YpoUY5ZjiMM-6x2dMwZiuPKtxl4422-DEhFbCA==

GET
H2 200 d-AppContainer.331681bb.css
d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/ 310 KB
48 KB 26ms
26ms Stylesheet
text/css 18.66.242.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-AppContainer.331681bb.css
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/runtimechunk~main.1778a8de.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 57df47a99790f4eeb22224de90360a66ecc5987f1c2328b8b7ad2ebe2b03e2d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:15:36 GMT
content-encoding: br
last-modified: Tue, 23 Nov 2021 11:04:42 GMT
server: AmazonS3
age: 26818
etag: W/"661e4c9206580c560b0274d42890e5d5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: kSL8K2gGh8QpP4JxmJ4rc7iw._4wgDco
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
content-type: text/css
x-amz-cf-id: 2o3Sk5olIa1yoftDkx97P6KUegXLjt0_ssOsIs9DamKE_DZgdb1auA==

GET
H2 200 d-AppContainer.331681bb.js Show response
d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/ 141 KB
29 KB 16ms
15ms Script
application/javascript 18.66.242.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/d-AppContainer.331681bb.js
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/runtimechunk~main.1778a8de.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7390361837ec7fc0a6eef661002829d5a1edd0b7f64d47522564e5280e8662e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:10:24 GMT
content-encoding: gzip
last-modified: Tue, 23 Nov 2021 11:06:53 GMT
server: AmazonS3
age: 27130
etag: W/"9bf29dfa3b97134dc2e382fe57ace21a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: Y3xjvHaDh8phXxEbgVf7cvmcjPT2jeYs
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
content-type: application/javascript
x-amz-cf-id: m0QbxLe0ZVmxtP5a3frEeLxoVTil2b79tCzMs-ODXeg67K0HejhMrg==

GET
H2 200 8920.536a074f.css
d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/ 7 KB
2 KB 30ms
29ms Stylesheet
text/css 18.66.242.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/8920.536a074f.css
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/runtimechunk~main.1778a8de.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 55de9aea931a301bc9bd025d5cab05f962026a3d0990f1cbe833ef4d5be193f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: jZZ40.6vtGHktWymKJW451xDNtYztU4R
content-encoding: br
last-modified: Mon, 22 Nov 2021 10:07:00 GMT
server: AmazonS3
age: 867
etag: W/"819245e5c7043705d4758cb155779c55"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
date: Tue, 23 Nov 2021 19:28:07 GMT
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: _zCUFkBpIJ6R53Ts8H8zmu60TARdlgqGp0SMrdN3NfmlzM_ZBrBIFw==

GET
H2 200 8920.536a074f.js Show response
d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/ 141 B
517 B 17ms
17ms Script
application/javascript 18.66.242.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/8920.536a074f.js
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/runtimechunk~main.1778a8de.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d71fdccba5c419e2857c6d199fd604479e62f5dbc8471ad631c580c504ec4d73

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: ZSKHhpAcPSbl3nUekemNlohwytfm.OY6
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
last-modified: Fri, 19 Nov 2021 10:44:32 GMT
server: AmazonS3
age: 49347
etag: "ba672409a887c782d4a5c1221b4c9bd7"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 23 Nov 2021 06:00:07 GMT
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 141
x-amz-cf-id: P8uBhErrV2_SYTAS-BRIETp6blnZlowLh5QEgPdR9dSqVfQ_CWk26A==

GET
H2 200 3283.31209e0b.css
d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/ 9 KB
2 KB 35ms
34ms Stylesheet
text/css 18.66.242.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/3283.31209e0b.css
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/runtimechunk~main.1778a8de.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68ffc6b38a5297af54d5668b186f4c6f13752a7e39c62068ea4822178dfa5a7d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: Pia5EMyCHdYQvfFrL9_DI6C8cq5sF2zH
content-encoding: br
last-modified: Fri, 19 Nov 2021 10:44:39 GMT
server: AmazonS3
age: 49776
etag: W/"9c4371d59890963d234aaad7ffd17fe7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
date: Tue, 23 Nov 2021 05:52:58 GMT
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: wYq1GxFL2gR5ssjfPX4vXMLlJsSYGRSoXmleDQk5Mkf2TQN4G99uJw==

GET
H2 200 3283.31209e0b.js Show response
d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/ 141 B
517 B 21ms
21ms Script
application/javascript 18.66.242.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/3283.31209e0b.js
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/runtimechunk~main.1778a8de.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5427a0989677c664a182ee558d36fec6a3e2ca14b25efd8f7bd8f18fa184a42c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: 9ab_ZBEOk3YWSJ0ZH5y4U4v0pT3EF7OO
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
last-modified: Fri, 19 Nov 2021 10:44:30 GMT
server: AmazonS3
age: 49347
etag: "61cd2adae9bd398c194bd4b5a0cb979c"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 23 Nov 2021 06:00:07 GMT
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 141
x-amz-cf-id: M92wWlZQ96kzLaOqIOLhza__TIJD-3soJ6rn-r2Q5fx5bdDIq1QoAg==

GET
H2 200 7088.29d3d569.css
d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/ 49 KB
2 KB 17ms
17ms Stylesheet
text/css 18.66.242.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/7088.29d3d569.css
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/runtimechunk~main.1778a8de.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: efbb55f89b07923b52df1e122f4f42aa4e43ab0f13be60711777cefc85d67bdf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: cjFbi9OvqwfiT_.kOOEGY96YndPI1jIU
content-encoding: br
last-modified: Thu, 18 Nov 2021 11:27:25 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: W/"59fca11347c142581ef20b1b3d227c61"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
date: Tue, 23 Nov 2021 19:42:33 GMT
x-amz-cf-id: jcqmAsGB4MZuAlD4ZbavyDQR3O_fCkElM8TFiM7ZDuFifto-c6QtOA==

GET
H2 200 3303.ccde2fd6.js Show response
d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/ 142 B
520 B 11ms
11ms Script
application/javascript 18.66.242.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/3303.ccde2fd6.js
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/runtimechunk~main.1778a8de.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 544aa3eb0220f0b92a95fe258a5e1a7504a67ced4fad452a5d01131020fbf87c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: UbTEUbn.z6Fme.FFwyppZgCwMySJo8Uz
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
last-modified: Fri, 19 Nov 2021 10:44:31 GMT
server: AmazonS3
age: 49347
etag: "6d27fd78f456051246de49879fbe9479"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 23 Nov 2021 06:00:07 GMT
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 142
x-amz-cf-id: UuVF2lrm3YDuChYdtChXsHkx2kUzeG1qSkvnU921XIHzpN3kHuKkzQ==

GET
H2 200 8167.93d5a357.js Show response
d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/ 147 KB
39 KB 13ms
12ms Script
application/javascript 18.66.242.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/8167.93d5a357.js
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/runtimechunk~main.1778a8de.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e57bec557285fc294829456287b3cd01b6b09123d4909dacfe276ffe86dc153

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 15:10:09 GMT
content-encoding: gzip
last-modified: Tue, 23 Nov 2021 11:03:47 GMT
server: AmazonS3
age: 16344
etag: W/"b5615bc1e74a468a086c0dd24f31c981"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 3ReeLXFrohjrjWNXsPbMOQwZcY1aV5QR
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
content-type: application/javascript
x-amz-cf-id: 3WaUR39EzoeAi5T7YOb3fFLprTZirPpQN-DopzCe6tLajhx-o1-6yA==

GET
H2 200 d-Home.6bb0d360.css
d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/ 25 KB
5 KB 33ms
32ms Stylesheet
text/css 18.66.242.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-Home.6bb0d360.css
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/runtimechunk~main.1778a8de.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24151e54cc24d65770c7948ff91ed9f2bc1baac50cde99a385f01dc5f3173787

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:15:39 GMT
content-encoding: br
last-modified: Tue, 23 Nov 2021 11:04:45 GMT
server: AmazonS3
age: 26815
etag: W/"6a7a88f48449426a7bd88eb35e194e6c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: WPqzBOFM4bq_HxnNxJIIoCs.D8l6OVNi
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
content-type: text/css
x-amz-cf-id: YchHTFj3vNw3qTyCva44_WfpGNsiX4vRj7LXiHa-EVjoJ9uYCgMiYg==

GET
H2 200 d-Home.6bb0d360.js Show response
d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/ 23 KB
7 KB 13ms
13ms Script
application/javascript 18.66.242.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/d-Home.6bb0d360.js
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/runtimechunk~main.1778a8de.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0905ddafe25bd90e97d04d313a9a7b102cde9618cb453bd61a81313db3a2acef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:47:43 GMT
content-encoding: gzip
last-modified: Tue, 23 Nov 2021 11:04:38 GMT
server: AmazonS3
age: 24890
etag: W/"59b6500e9d40157c837e72b334facbe3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 8X1h.la.Zc2UM9Jn7FTzJWVFyjxOJH_b
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
content-type: application/javascript
x-amz-cf-id: FYzbFUrnly0DAL3XYUaPVdSonGFTId74FSyGtrArrw493eaNOD2adA==

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/ 58 KB
11 KB 69ms
48ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/main.d5afc53a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1561086
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10491
timing-allow-origin: *
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-e7d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2FW3z0%2FGy1%2BCmVpBD2jV2lBSYAz%2Fmp1UwjHoR2Ul%2BX6WFIYjoDVucm4QUtqe8TiOsA5U%2Bvr%2BLk3PRp42lMQF0lnF2NI8QUPqUUC%2Bu7wvj01Pexeo0ylY0vg7ouYjc0FLObFrcA9dDCyaTrW8XL8joKf7"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b2ce1a40ca4536a-FRA
expires: Sun, 13 Nov 2022 19:42:33 GMT

GET
H2 200 floatingads Show response
api.0044789.com/789bet-ecp/api/v1/ 6 KB
1 KB 914ms
588ms XHR
application/json 172.67.217.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.0044789.com/789bet-ecp/api/v1/floatingads?lang=en-US
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/main.d5afc53a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.217.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d268276817369f9cd3e4c4a6b306e4a996b512faa1174fcf9b559958564d62c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PATCH, PUT, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ti0PTBsrocBDfivdHkDzJeHHiZG9FlPtEahe5aNunl8x3XNBVroyHrYtkPVP%2BUx1CmfPKMwKSGK8VsM3VNYMzpgQtCuy2w9XJp5261tPLBPOH3LjX7l8kOXKKbwM8bmaufs%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-token-renew
cf-ray: 6b2ce1a5ea7f4108-PRG
access-control-allow-headers: Accept, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Mx-ReqToken, X-Requested-With, X-Vendor-ID, X-Vendor-Key, X-Forwarded-For, X-token-renew
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 setting Show response
api.0044789.com/789bet-ecp/api/v1/register/ 10 KB
3 KB 972ms
646ms XHR
application/json 172.67.217.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.0044789.com/789bet-ecp/api/v1/register/setting
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/main.d5afc53a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.217.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7fc007eeb0532daa5fe85c4d7f515b9c02bac65305cc42620eb78df272a3753

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PATCH, PUT, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qC33AZxVAextrW2BzGg8tvID%2BBzagOTxlfYE7GRUN2ZMCeZGFWiJHTpJzUf1LBLyvmxtR4RPLlk6TIaRA80LHNwlxKwqxg0gJMQCyfSpx3gEjJ87YoEW8sEhFLJv6jk%2F2Eg%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-token-renew
cf-ray: 6b2ce1a5ea824108-PRG
access-control-allow-headers: Accept, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Mx-ReqToken, X-Requested-With, X-Vendor-ID, X-Vendor-Key, X-Forwarded-For, X-token-renew
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 allGameList Show response
api.0044789.com/789bet-ecp/api/v1/games/ 2 MB
139 KB 990ms
665ms XHR
application/json 172.67.217.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.0044789.com/789bet-ecp/api/v1/games/allGameList?limit=10000&offset=0&platform=2&sort=ASC&sortcolumn=producttypeid
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/main.d5afc53a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.217.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d93d70ac14b5317c1d4dfb148fc233b7327f551724fde68adeb468ee2990b53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PATCH, PUT, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SIryBJgv47zffg29JCfJBIJoTVWLMKa%2FEziSSAup8UUOEAAneRsX9E1W5PZ8ARrTJERA50%2BzxWfaBO%2Bho1QxPsNGtI%2Ffz0w8PlZk9lI5xqCGMt%2BZLMkRbVShd4w%2BnxEzAIA%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-token-renew
cf-ray: 6b2ce1a5ea854108-PRG
access-control-allow-headers: Accept, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Mx-ReqToken, X-Requested-With, X-Vendor-ID, X-Vendor-Key, X-Forwarded-For, X-token-renew
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 maintenance Show response
api.0044789.com/789bet-ecp/api/v1/gamesettings/ 23 KB
3 KB 898ms
573ms XHR
application/json 172.67.217.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.0044789.com/789bet-ecp/api/v1/gamesettings/maintenance
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/main.d5afc53a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.217.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42cf5f03163131c963a64457f5181412895ed005f20b240beb17bcfa1ddbf5f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PATCH, PUT, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJJsvYPsnU%2BBr2qN7tVq%2BEAac1t42ZkGazQA1Fpf4W5mmxDL7t5v3Jilfl4JQQ0Gn%2BVq1fkzqnfGQOrhwHorGEP%2Fooo2G6IMD4vg%2F7L%2B0HLp2V%2FrgGcPAbzHvYHVgBPuMyE%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-token-renew
cf-ray: 6b2ce1a5ea8d4108-PRG
access-control-allow-headers: Accept, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Mx-ReqToken, X-Requested-With, X-Vendor-ID, X-Vendor-Key, X-Forwarded-For, X-token-renew
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 ads Show response
api.0044789.com/789bet-ecp/api/v1/ 2 KB
988 B 894ms
570ms XHR
application/json 172.67.217.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.0044789.com/789bet-ecp/api/v1/ads?language=1&platform=2
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/main.d5afc53a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.217.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89748c2a7b7964388b9ee8c855a25786f4eb723ed90fd15c306393614740b713

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PATCH, PUT, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tki6YojUScRnOVjWM7VcZsP5TWwYuPQTJHB9L2snonrzoEe2W2aCzkPk%2BSyGsTIDIrlzfcHaFWlH5Lyp9LZ9iid0cEoqUeCGTqsifsP0Pgt46udWv6LVvUXfIJt9N1UK0Ag%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-token-renew
cf-ray: 6b2ce1a5ea884108-PRG
access-control-allow-headers: Accept, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Mx-ReqToken, X-Requested-With, X-Vendor-ID, X-Vendor-Key, X-Forwarded-For, X-token-renew
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 announcements Show response
api.0044789.com/789bet-ecp/api/v1/ 1 KB
998 B 899ms
574ms XHR
application/json 172.67.217.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.0044789.com/789bet-ecp/api/v1/announcements?anntype=2
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/main.d5afc53a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.217.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18e76ebeb4eee0b3c6cae98629331d4a0e235e5ed6d251b3dea30a753c69e4b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PATCH, PUT, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jwjcx5HV4S7np3TBEXzm173ANR55nL4dzm%2FIz9JgmSAoK4M6UGhJc6PlJxRXoIt4ByftVc9GjNZEqPvxH%2Fk9%2FPAglPs6eFcM6PGjMIwqGFOXj%2FUpVH4wwOOG3smyezn3JA%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-token-renew
cf-ray: 6b2ce1a5fa944108-PRG
access-control-allow-headers: Accept, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Mx-ReqToken, X-Requested-With, X-Vendor-ID, X-Vendor-Key, X-Forwarded-For, X-token-renew
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 announcements Show response
api.0044789.com/789bet-ecp/api/v1/ 10 KB
4 KB 612ms
288ms XHR
application/json 172.67.217.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.0044789.com/789bet-ecp/api/v1/announcements?anntype=1
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/main.d5afc53a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.217.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10fc5839d57e5f9a6e730bb0926da7559d06c5ccef2ec2ebe5dc439511c1e5f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PATCH, PUT, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TNkeBYCKVMmNRBVlCmvJiBEl1HycP2fNZK4wADYerHXAIGpoItxqBoaCzNXbc57iEoDG65vHKKKFrGcFdCd01VdLlS9tiO1nvX7lcGqnuGcPITBAerupPJUa5qHsy8t95W0%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-token-renew
cf-ray: 6b2ce1a5fa954108-PRG
access-control-allow-headers: Accept, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Mx-ReqToken, X-Requested-With, X-Vendor-ID, X-Vendor-Key, X-Forwarded-For, X-token-renew
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 activeshortcuts Show response
api.0044789.com/789bet-ecp/api/v1/settings/ 2 B
278 B 893ms
569ms XHR
application/json 172.67.217.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.0044789.com/789bet-ecp/api/v1/settings/activeshortcuts
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/main.d5afc53a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.217.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PATCH, PUT, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Alcru0CKSmH7o3lU5LHaWzMoPu6yQood1JER%2BMEZmgNV3d1%2Fv6GzLeeKS2vGkz%2B8gyrYIYiAhLKwepqZhu2CbCMDUM5i8EXbIrRG31o81ZgOBaD7uDl8LBL47L7rBSwgj%2Fk%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-token-renew
cf-ray: 6b2ce1a5ea8b4108-PRG
access-control-allow-headers: Accept, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Mx-ReqToken, X-Requested-With, X-Vendor-ID, X-Vendor-Key, X-Forwarded-For, X-token-renew
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 orders Show response
api.0044789.com/789bet-ecp/api/v1/staticpagesettings/Info/ 2 KB
758 B 951ms
628ms XHR
application/json 172.67.217.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.0044789.com/789bet-ecp/api/v1/staticpagesettings/Info/orders
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/main.d5afc53a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.217.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a73226fd2fc41c124ea66cd77d631b851b2ac5facdfb7b494fba9e4f2ebdd149

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PATCH, PUT, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PYzxHOlaLAknwA0A%2BMuCQ0eLFB34IURbp3MlsQBzhQeUTgJHS8Osu6iAA%2FGviS1fwpy4lxjCPF2coNB2a7qlwWfHy6sVKMCBuxCE0gFO6n4ov7WZOt%2F2FQ%2Fw3cytJPAN1rE%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-token-renew
cf-ray: 6b2ce1a5fa964108-PRG
access-control-allow-headers: Accept, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Mx-ReqToken, X-Requested-With, X-Vendor-ID, X-Vendor-Key, X-Forwarded-For, X-token-renew
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 orders Show response
api.0044789.com/789bet-ecp/api/v1/staticpagesettings/SignUp/ 11 B
286 B 880ms
556ms XHR
application/json 172.67.217.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.0044789.com/789bet-ecp/api/v1/staticpagesettings/SignUp/orders
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/main.d5afc53a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.217.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fe32e407a1038ee38753b70e5374b3a46d6ae9d5f16cd5b73c53abaca8f5ed0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PATCH, PUT, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Irzgpyobz470qJDXUF6yJATYAa%2FSrVE%2FNTWg142ttx5MlxGAv8QiRRoGj5Fd1g2rDd1a3Th5mREf87TYSi9%2B6mymxsJGv7Ed%2BLeFWytBCXqQuYCrLUfblmLx76nTzhsCCH0%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-token-renew
cf-ray: 6b2ce1a5ea914108-PRG
access-control-allow-headers: Accept, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Mx-ReqToken, X-Requested-With, X-Vendor-ID, X-Vendor-Key, X-Forwarded-For, X-token-renew
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 bg.png
gic.x8gdkt99.com/img/static/th/ 15 KB
15 KB 11ms
11ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/th/bg.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-AppContainer.331681bb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

7c033a9c5b65e4603b6ff89191536f9f361856b70be13a3ce39f0457efe641ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 06:03:43 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 20 Jan 2020 07:38:45 GMT
server: Tengine
age: 49130
etag: "5e255905-3c7f"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 15487
x-xss-protection: 1; mode=block

GET
H2 200 logo.png
gic.x8gdkt99.com/img/static/desktop/brand/789bet/ 16 KB
16 KB 16ms
13ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/brand/789bet/logo.png

Requested by

Host: www.0044789.com
URL: https://www.0044789.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

8bd77028b07b7b765f161b4dac969bd767dbc5645513662fa6d1a6dcd61e6a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 06:43:28 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 20 Jan 2020 07:38:37 GMT
server: Tengine
age: 46745
etag: "5e2558fd-40f3"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 16627
x-xss-protection: 1; mode=block

GET
H2 200 bg-footer.jpg
gic.x8gdkt99.com/img/static/789bet/custom/footer/ 76 KB
76 KB 14ms
11ms Image
image/jpeg 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/custom/footer/bg-footer.jpg

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-AppContainer.331681bb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

817819c23dc8810f48e7a1297e9e5c612a511d9803081b186981c0ca6dd8f36f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 06:03:43 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 07:26:05 GMT
server: Tengine
age: 49130
etag: "5ff2c30d-1310a"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 78090
x-xss-protection: 1; mode=block

GET
H2 200 float_shortcut-box3.png
gic.x8gdkt99.com/img/static/789bet/custom/float/ 29 KB
29 KB 23ms
21ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/custom/float/float_shortcut-box3.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-AppContainer.331681bb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

49775116c750ef4742a54b34e3cf3ca23fddbc77eed382be0aa4bf002bf9633c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 06:43:27 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Thu, 14 Oct 2021 09:52:08 GMT
server: Tengine
age: 46746
etag: "6167fdc8-742f"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 29743
x-xss-protection: 1; mode=block

GET
H2 200 aside-tai-app.png
gic.x8gdkt99.com/img/static/789bet/custom/float/ 36 KB
36 KB 22ms
20ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/custom/float/aside-tai-app.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-AppContainer.331681bb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

daf47a92fb7acc3f5f6867fd74b6a73670c44a7afeef4f65118fed47e82b6622

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 06:03:43 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 07:26:05 GMT
server: Tengine
age: 49130
etag: "5ff2c30d-9049"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 36937
x-xss-protection: 1; mode=block

GET
H2 200 aside-dang-ky.png
gic.x8gdkt99.com/img/static/789bet/custom/float/ 27 KB
27 KB 18ms
16ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/custom/float/aside-dang-ky.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-AppContainer.331681bb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

226a8a9c833fadb8330b91dc2903be461b949b045e990a9b571511ac147f110f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 06:43:30 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 07:26:05 GMT
server: Tengine
age: 46743
etag: "5ff2c30d-6a1a"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 27162
x-xss-protection: 1; mode=block

GET
H2 200 aside-dai-ly.png
gic.x8gdkt99.com/img/static/789bet/custom/float/ 26 KB
26 KB 23ms
22ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/custom/float/aside-dai-ly.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-AppContainer.331681bb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

03daf7a8569dbed85d0354765ab67c1b52e9375470f5660e3f89d66faea23b16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 06:03:43 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 07:26:05 GMT
server: Tengine
age: 49130
etag: "5ff2c30d-67d2"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 26578
x-xss-protection: 1; mode=block

GET
H2 200 aside-khuyen-mai.png
gic.x8gdkt99.com/img/static/789bet/custom/float/ 27 KB
27 KB 23ms
22ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/custom/float/aside-khuyen-mai.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-AppContainer.331681bb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

533461b193edbed6323b1c64dedf084dc094c2ac65c967717769e0be873b10d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 06:03:44 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 07:26:05 GMT
server: Tengine
age: 49129
etag: "5ff2c30d-6b01"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 27393
x-xss-protection: 1; mode=block

GET
H2 200 aside-quy-dinh.png
gic.x8gdkt99.com/img/static/789bet/custom/float/ 26 KB
27 KB 18ms
17ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/custom/float/aside-quy-dinh.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-AppContainer.331681bb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

1553a34cf0dc2e4a75bbade6917489c37f160cc92d696d5d9fbe93580ef4418f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 06:43:30 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 07:26:05 GMT
server: Tengine
age: 46743
etag: "5ff2c30d-69e3"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 27107
x-xss-protection: 1; mode=block

GET
H2 200 icon-close.png
gic.x8gdkt99.com/img/static/789bet/custom/float/ 193 B
267 B 21ms
20ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/custom/float/icon-close.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-AppContainer.331681bb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

9e970c41e0d55f68079dbe46168568134136cd34df77f79c4b10f14fa9f77f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 06:03:43 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 07:26:05 GMT
server: Tengine
age: 49130
etag: "5ff2c30d-c1"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 193
x-xss-protection: 1; mode=block

GET
H2 200 list Show response
api.0044789.com/789bet-ecp/api/v1/rewardActivity/ 14 KB
2 KB 904ms
594ms XHR
application/json 172.67.217.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.0044789.com/789bet-ecp/api/v1/rewardActivity/list?currency=VND2&locale=en-US&platform=2
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/main.d5afc53a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.217.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b52d72c118f0b57b8466bef7908134135f959237f048527bdeaba2585d293f58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PATCH, PUT, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9LRpPFZIdytMyo4xRpT5siXduI2ZRy4NwbKYYmImpJAVww46H%2FkQZ%2Fx47YwOYyCGyy8%2BBNSLo0zfzKkfwItZQqBbnq1ITaeB87KZafSWjqMFX0Jd67SPpMo54QDm%2FQkjBEA%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-token-renew
cf-ray: 6b2ce1a5ea904108-PRG
access-control-allow-headers: Accept, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Mx-ReqToken, X-Requested-With, X-Vendor-ID, X-Vendor-Key, X-Forwarded-For, X-token-renew
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 mini-game-logo.png
gic.x8gdkt99.com/img/static/game/en-US/AE_GAMING/ 168 KB
168 KB 14ms
14ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/game/en-US/AE_GAMING/mini-game-logo.png

Requested by

Host: www.0044789.com
URL: https://www.0044789.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

b7817203a1553cadb6e72a16ed45f37f6b83943037a3cf2e16a5be912f736664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 13:13:25 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 05:46:42 GMT
server: Tengine
age: 23348
etag: "60c055c2-29ec7"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 171719
x-xss-protection: 1; mode=block

GET
H2 200 aws_56.png
gic.x8gdkt99.com/img/static/game/en-US/AE_GAMING/ 105 KB
105 KB 11ms
11ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/game/en-US/AE_GAMING/aws_56.png

Requested by

Host: www.0044789.com
URL: https://www.0044789.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

48e435043523e38e0cdfecb4cb7f9b3e4a8ef19ebbd824f460295d3772771876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 13:35:30 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Fri, 09 Jul 2021 12:23:00 GMT
server: Tengine
age: 22023
etag: "60e83fa4-1a3ad"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 107437
x-xss-protection: 1; mode=block

GET
H2 200 aws_64.png
gic.x8gdkt99.com/img/static/game/en-US/AE_GAMING/ 130 KB
130 KB 13ms
13ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/game/en-US/AE_GAMING/aws_64.png

Requested by

Host: www.0044789.com
URL: https://www.0044789.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

5eb5a0a0c379b06865226e9a825e43bf7cb2be4020fcab4d4b3ba13c8e8cd69d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:45:44 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Fri, 03 Sep 2021 03:13:27 GMT
server: Tengine
age: 25009
etag: "613192d7-20865"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 133221
x-xss-protection: 1; mode=block

GET
H2 200 aws_59.png
gic.x8gdkt99.com/img/static/game/en-US/AE_GAMING/ 133 KB
134 KB 12ms
12ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/game/en-US/AE_GAMING/aws_59.png

Requested by

Host: www.0044789.com
URL: https://www.0044789.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

3ff69a27d502fca86bbbfe86817ad61f14e13c74ce0a322c3114a80a820a6cdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 11:58:41 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Fri, 03 Sep 2021 03:13:27 GMT
server: Tengine
age: 27832
etag: "613192d7-21594"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 136596
x-xss-protection: 1; mode=block

GET
H2 200 aws_65.png
gic.x8gdkt99.com/img/static/game/en-US/AE_GAMING/ 139 KB
139 KB 23ms
18ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/game/en-US/AE_GAMING/aws_65.png

Requested by

Host: www.0044789.com
URL: https://www.0044789.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

85fd0378b2914219ac08716d21fa2335694a6fe9094328d3de179a4dff8762c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 13:16:45 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Wed, 01 Sep 2021 09:11:19 GMT
server: Tengine
age: 23148
etag: "612f43b7-22d3c"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 142652
x-xss-protection: 1; mode=block

GET
H2 200 aws_70.png
gic.x8gdkt99.com/img/static/game/en-US/AE_GAMING/ 153 KB
153 KB 17ms
9ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/game/en-US/AE_GAMING/aws_70.png

Requested by

Host: www.0044789.com
URL: https://www.0044789.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

05921d984b321fb5299059d699cebc3a9f4ac95c422a527f0ce636ba76ab92e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:15:40 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Thu, 11 Nov 2021 09:45:29 GMT
server: Tengine
age: 26813
etag: "618ce639-262c9"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 156361
x-xss-protection: 1; mode=block

GET
H2 200 footerlogo_1.png
gic.x8gdkt99.com/img/static/789bet/custom/ 38 KB
39 KB 17ms
10ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/custom/footerlogo_1.png

Requested by

Host: www.0044789.com
URL: https://www.0044789.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

dba8cce6cb9a8f34b293dda987c4fae2682d1dd7952a859ec4ed75056b1c81ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 06:04:27 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Thu, 20 May 2021 04:22:38 GMT
server: Tengine
age: 49086
etag: "60a5e40e-99bb"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 39355
x-xss-protection: 1; mode=block

GET
H2 200 footerlogo_2.png
gic.x8gdkt99.com/img/static/789bet/custom/ 424 KB
424 KB 18ms
11ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/custom/footerlogo_2.png

Requested by

Host: www.0044789.com
URL: https://www.0044789.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

0def226314a55521605ee951146ee758d7c66b2fee7728a43abfb32359964683

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 06:03:44 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Thu, 20 May 2021 04:22:38 GMT
server: Tengine
age: 49129
etag: "60a5e40e-69e6f"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 433775
x-xss-protection: 1; mode=block

GET
H2 200 footerlogo_3.png
gic.x8gdkt99.com/img/static/789bet/custom/ 109 KB
109 KB 23ms
14ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/custom/footerlogo_3.png

Requested by

Host: www.0044789.com
URL: https://www.0044789.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

ab8541baef711689bb8c4131b9a2470c2ed28fb213842de1c278bbea027de038

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 13:26:28 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Thu, 20 May 2021 04:22:38 GMT
server: Tengine
age: 22565
etag: "60a5e40e-1b507"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 111879
x-xss-protection: 1; mode=block

GET
H2 200 footerlogo_4.png
gic.x8gdkt99.com/img/static/789bet/custom/ 53 KB
53 KB 20ms
11ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/custom/footerlogo_4.png

Requested by

Host: www.0044789.com
URL: https://www.0044789.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

32bfb46597bee314d9ab44740eae5d2b5517109d9e4ebcfd7f9784eef4e764a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 13:13:27 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Thu, 20 May 2021 04:22:38 GMT
server: Tengine
age: 23346
etag: "60a5e40e-d569"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 54633
x-xss-protection: 1; mode=block

GET
H2 200 vietcombank-logo.png
gic.x8gdkt99.com/img/static/789bet/custom/logo/ 4 KB
5 KB 19ms
11ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/custom/logo/vietcombank-logo.png

Requested by

Host: www.0044789.com
URL: https://www.0044789.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

fee12500ba7ccf4548e9ae4885c0b2d6ac554ad6b8d8c6a7ebca2202d3822d19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 06:03:44 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 07:26:05 GMT
server: Tengine
age: 49129
etag: "5ff2c30d-11dd"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 4573
x-xss-protection: 1; mode=block

GET
H2 200 bidv-logo.png
gic.x8gdkt99.com/img/static/789bet/custom/logo/ 5 KB
5 KB 20ms
12ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/custom/logo/bidv-logo.png

Requested by

Host: www.0044789.com
URL: https://www.0044789.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

206fc7cb8ab707a47cb9001784fe6e54a7644c2f153ca6108f36d1d729b2e387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:15:43 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 07:26:05 GMT
server: Tengine
age: 26810
etag: "5ff2c30d-1483"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 5251
x-xss-protection: 1; mode=block

GET
H2 200 acb-logo.png
gic.x8gdkt99.com/img/static/789bet/custom/logo/ 5 KB
5 KB 18ms
10ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/custom/logo/acb-logo.png

Requested by

Host: www.0044789.com
URL: https://www.0044789.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

6641efc12e2e1730e90db18b9757898ff3c9d0100fec9c099de5dc9ad40933db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 06:43:31 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 07:26:05 GMT
server: Tengine
age: 46742
etag: "5ff2c30d-1364"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 4964
x-xss-protection: 1; mode=block

GET
H2 200 techcombank-logo.png
gic.x8gdkt99.com/img/static/789bet/custom/logo/ 8 KB
8 KB 26ms
17ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/custom/logo/techcombank-logo.png

Requested by

Host: www.0044789.com
URL: https://www.0044789.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

44a68220884d21ea5483c6bb05d32c21b935d1102440727deecc37a5708b747c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 06:03:45 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 07:26:05 GMT
server: Tengine
age: 49128
etag: "5ff2c30d-1f68"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 8040
x-xss-protection: 1; mode=block

GET
H2 200 vietinbank-logo.png
gic.x8gdkt99.com/img/static/789bet/custom/logo/ 5 KB
5 KB 25ms
17ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/custom/logo/vietinbank-logo.png

Requested by

Host: www.0044789.com
URL: https://www.0044789.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

ae052954c54d759fd28b06de78890071de1a0d169e593095c32180f7d9df312e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 06:43:31 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 07:26:05 GMT
server: Tengine
age: 46742
etag: "5ff2c30d-1558"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 5464
x-xss-protection: 1; mode=block

GET
H2 200 sacombank-logo.png
gic.x8gdkt99.com/img/static/789bet/custom/logo/ 8 KB
9 KB 26ms
18ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/custom/logo/sacombank-logo.png

Requested by

Host: www.0044789.com
URL: https://www.0044789.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

74d0adc2d2ee0b99bca780d6b1e433c6050f947cc44e205ce1c700bbce158687

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 06:03:46 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 07:26:05 GMT
server: Tengine
age: 49127
etag: "5ff2c30d-21eb"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 8683
x-xss-protection: 1; mode=block

GET
H2 200 zalopay-logo.png
gic.x8gdkt99.com/img/static/789bet/custom/logo/ 3 KB
3 KB 25ms
17ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/custom/logo/zalopay-logo.png

Requested by

Host: www.0044789.com
URL: https://www.0044789.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

ab7e38bcb406361b40f17812e2f55fe89e9c1f32fed926f0169ebbbeffd1a9c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 06:43:31 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 07:26:05 GMT
server: Tengine
age: 46742
etag: "5ff2c30d-b1f"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 2847
x-xss-protection: 1; mode=block

GET
H2 200 momo-logo.png
gic.x8gdkt99.com/img/static/789bet/custom/logo/ 4 KB
4 KB 24ms
16ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/custom/logo/momo-logo.png

Requested by

Host: www.0044789.com
URL: https://www.0044789.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

dd95c2a63339d497c7e5d84c853be0eebb0b84f63f911621ee8aec90c1f39101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:15:43 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 07:26:05 GMT
server: Tengine
age: 26810
etag: "5ff2c30d-f51"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 3921
x-xss-protection: 1; mode=block

GET
H2 200 qr-zalo-3284270353060612561.png
gic.x8gdkt99.com/img/static/789bet/custom/info/ 128 KB
128 KB 40ms
33ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/custom/info/qr-zalo-3284270353060612561.png

Requested by

Host: www.0044789.com
URL: https://www.0044789.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

2a6456f429aee349d2acb22ebe72ccfb01834827730713fd104245bdb1fbf144

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 06:03:47 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 22 Nov 2021 05:01:10 GMT
server: Tengine
age: 49126
etag: "619b2416-1ffaa"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 130986
x-xss-protection: 1; mode=block

GET
H2 200 qr-0374305939.jpg
gic.x8gdkt99.com/img/static/789bet/custom/info/ 52 KB
52 KB 42ms
34ms Image
image/jpeg 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/custom/info/qr-0374305939.jpg

Requested by

Host: www.0044789.com
URL: https://www.0044789.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

52f9a21978756a69b5f4de7e913bacb37e82758e69b3afb16d9689e2e476c504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 06:03:47 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Sat, 09 Oct 2021 10:51:31 GMT
server: Tengine
age: 49126
etag: "61617433-cfbe"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 53182
x-xss-protection: 1; mode=block

GET
H2 200 qr-zalo-2379546822573811229.png
gic.x8gdkt99.com/img/static/789bet/custom/info/ 127 KB
127 KB 42ms
35ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/custom/info/qr-zalo-2379546822573811229.png

Requested by

Host: www.0044789.com
URL: https://www.0044789.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

4df214e9ad07730bbb3aa5e5559f4334dbdb524c272e66c03ec3824b05665003

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 06:43:37 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 22 Nov 2021 05:01:10 GMT
server: Tengine
age: 46736
etag: "619b2416-1fcc0"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 130240
x-xss-protection: 1; mode=block

GET
H2 200 us.svg
gic.x8gdkt99.com/img/static/flags/1x1/ 5 KB
5 KB 9ms
9ms Image
image/svg+xml 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/flags/1x1/us.svg

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/7088.29d3d569.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

520d4402e91d1b879403e7585b6dd84dfc3f691346475d07ea7aea6eca7a63b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 05:47:36 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 20 Jan 2020 07:38:38 GMT
server: Tengine
age: 50097
etag: "5e2558fe-157d"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 5501
x-xss-protection: 1; mode=block

GET
H2 200 iconmps.a9f22028..ttf
d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/media/ 95 KB
57 KB 50ms
21ms Font
application/octet-stream 18.66.242.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/media/iconmps.a9f22028..ttf
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/3283.31209e0b.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 385455c7f55554fb2d4dcef5eb2a379475147fd63a954884f3a46240eb6ef7b0

Request headers

Referer: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/3283.31209e0b.css
Origin: https://www.0044789.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 11:18:52 GMT
content-encoding: br
last-modified: Tue, 23 Nov 2021 11:04:57 GMT
server: AmazonS3
age: 30221
etag: W/"80994e1d224f3581151f5e3785407572"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
x-amz-version-id: UL3.vcjix1.YaojLDgNTOC80oFbbaPhR
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: DUS51-P1
content-type: text/plain
x-amz-cf-id: 0W-NJPEdCC1Ny8C7mW1bEBu2DAfI4B-higNN_6_YWY8xL_C0Lf1Oiw==
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)

GET
H3 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/619c9c3d75b/js/ 121 B
506 B 39ms
20ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/619c9c3d75b/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5de5d8f6d96992700fca677d/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.0044789.com/
Origin: https://www.0044789.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 30223
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 23 Nov 2021 07:47:38 GMT
server: cloudflare
etag: W/"da5bb1dc647470204df0e49f5afac2de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6b2ce1a52dd95cb6-FRA

GET
H3 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/619c9c3d75b/js/ 76 KB
27 KB 79ms
61ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/619c9c3d75b/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5de5d8f6d96992700fca677d/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.0044789.com/
Origin: https://www.0044789.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 30223
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 23 Nov 2021 07:47:38 GMT
server: cloudflare
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6b2ce1a52ddd5cb6-FRA

GET
H3 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/619c9c3d75b/js/ 192 KB
57 KB 53ms
35ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/619c9c3d75b/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5de5d8f6d96992700fca677d/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fba2ac8608fe3ce05136e27ce4089b57f4354f5b1a277191c55c10540cc52f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.0044789.com/
Origin: https://www.0044789.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 30223
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 23 Nov 2021 07:47:38 GMT
server: cloudflare
etag: W/"92b2650ef9abd40c694a6fa1a15c3c48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6b2ce1a52dcf5cb6-FRA

GET
H3 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/619c9c3d75b/js/ 138 KB
34 KB 43ms
25ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/619c9c3d75b/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5de5d8f6d96992700fca677d/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0498c9f75d3ef4a8ace2206aa90714f9d6a414d59b45f3d7777c4a1b8570445

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.0044789.com/
Origin: https://www.0044789.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 30222
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 23 Nov 2021 07:47:38 GMT
server: cloudflare
etag: W/"292fed300fa7de725502754958646873"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6b2ce1a52dd25cb6-FRA

GET
H3 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/619c9c3d75b/js/ 2 KB
1 KB 42ms
24ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/619c9c3d75b/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5de5d8f6d96992700fca677d/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88f59339ba11be0922c30a708108e1d7c8ef99ef65fa6c2a29d7d35ccb1fd3cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.0044789.com/
Origin: https://www.0044789.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 30222
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 23 Nov 2021 07:47:38 GMT
server: cloudflare
etag: W/"2dd78055de2a9b4cbeb84e40614a8db9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6b2ce1a52dd65cb6-FRA

GET
H3 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/619c9c3d75b/js/ 151 B
494 B 85ms
68ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/619c9c3d75b/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5de5d8f6d96992700fca677d/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.0044789.com/
Origin: https://www.0044789.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 30222
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 23 Nov 2021 07:47:38 GMT
server: cloudflare
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6b2ce1a52ddf5cb6-FRA

POST
H2 200 register Show response
va.tawk.to/ 1 KB
2 KB 226ms
199ms Fetch
application/json 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/register

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619c9c3d75b/js/twk-chunk-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af53c4c578123e79955afe9a6bc9ba569d4ac6e28397942f5b99851983d49f91

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.0044789.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: visitor-application-preemptive-p9m6
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.0044789.com
vary: Accept-Encoding
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 6b2ce1a61e3e5cb0-FRA
access-control-allow-headers: content-type,x-tawk-token

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 4 KB
2 KB 523ms
515ms Fetch
application/json 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=5de5d8f6d96992700fca677d&widgetId=default&sv=undefined

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619c9c3d75b/js/twk-chunk-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f99ac3b65163541a0eaafe48e4756b7486c63b045367830071735443e5267ee3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: visitor-application-preemptive-zkpc
server: cloudflare
etag: W/"2-382-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=7200, s-maxage=1800
cf-ray: 6b2ce1a5ff625c2c-FRA
access-control-allow-headers: content-type,x-tawk-token

GET
H3 200 main.min.css
chat789bet.com/css/min/ 66 KB
14 KB 480ms
463ms Stylesheet
text/css 2606:4700:3037::ac43:9be7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chat789bet.com/css/min/main.min.css?v=3.3.0
Requested by: Host: chat789bet.com
URL: https://chat789bet.com/js/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9be7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 21c8f2696b8417d57cdcbc5c381bf45a4e445d2d6d879dd596743d2fe4f03733

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 04 Jun 2021 09:37:29 GMT
server: cloudflare
etag: W/"e9287f3c2559d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2F6ekDIFtYw22C9SH4CBGuoJbnIk%2Bq8%2BF2JwKh7sKyXBu%2Fpq%2BcwvHSYpdikLV5ThFggExkmwJ97ihrdQ9ODjWEhtnRTpz3LCgzngOurHJM5KVK2ggOUu155nlaDjGwSzT7bl2N05A5s6%2Ff%2FCHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6b2ce1a63ec34a9e-FRA
access-control-allow-headers: Content-Type

POST
H3 200 ajax.php Show response
chat789bet.com/include/ 3 KB
2 KB 266ms
266ms XHR
text/html 2606:4700:3037::ac43:9be7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chat789bet.com/include/ajax.php
Requested by: Host: chat789bet.com
URL: https://chat789bet.com/js/min/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9be7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.0, ASP.NET
Resource Hash: 0ccb478d99c70983a638dc63ab94060e6a31a8c2f8340349802a5a20dce023c1

Request headers

Accept: */*
Referer: https://www.0044789.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: Content-Type
x-powered-by: PHP/8.0.0, ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cj1%2FUiQMOTapyNzL%2Bma2qU16ybk5jLVDJElDghqPy8LYJR3DhZi5%2F8RFi%2BAUNxMzIjvSXZjbttULdl1ydgM8oybzg4hxIBv5nucZ%2FwNVgWzEwqnsJRDaAJ2cSJUJOLInmzf1vjR23THoSDwsGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-ray: 6b2ce1a62d911f39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 user.svg
chat789bet.com/media/ 575 B
979 B 471ms
463ms Image
image/svg+xml 2606:4700:3037::ac43:9be7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chat789bet.com/media/user.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9be7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: eeda9cb5f76cac3da30ced713ece45ce727a26b66de907e80332ebc662762b5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 08 Apr 2020 12:51:59 GMT
server: cloudflare
etag: W/"2afe147ea4dd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oKFsd1nP2OX6ZaRQa0wC8t1y4FJL3rECn0cntkBBttlAUKsUT%2FIG9C1eceU%2FosdUjJVvZDgoBhOKQSTmcoIWtbVZBL%2Fn%2F%2FL%2BdYVotgQUll3eewWMm1pFisLsPhrBp7NZB7M%2BRn7NHdqrjOwxlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6b2ce1a63ec54a9e-FRA
access-control-allow-headers: Content-Type

GET
H3 200 8038573.png
chat789bet.com/uploads/24-06-21/ 4 KB
5 KB 483ms
475ms Image
image/png 2606:4700:3037::ac43:9be7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chat789bet.com/uploads/24-06-21/8038573.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9be7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ee87eafae5c6c2cf07f3358f35f1ee1c54180e4fc39d6e76594ce1e4c222b36e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4433
last-modified: Thu, 24 Jun 2021 11:44:51 GMT
server: cloudflare
etag: "ef66dd57ee68d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ODUNMSi%2FeatibO800fyB3qzyBj22LzxRQCilRGqgcnEnlfKuriRzMzoVyI9NkPaSNWjSD6CccFsF87BzFD76eI5g3O8YOZJPSfDRYMgyJXUsToqlPHXyVy0haxmttunO%2F8TSphzJnwzQYyXlqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b2ce1a63ebf4a9e-FRA
access-control-allow-headers: Content-Type

GET
H3 200 7936106.png
chat789bet.com/uploads/28-06-21/ 9 KB
9 KB 485ms
478ms Image
image/png 2606:4700:3037::ac43:9be7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chat789bet.com/uploads/28-06-21/7936106.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9be7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f1204859c11895c0104ac5bbf7eb1360437b6e71e21d3c9482041d6a49305e4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9062
last-modified: Mon, 28 Jun 2021 06:18:36 GMT
server: cloudflare
etag: "a870996de56bd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9PJbwaHvta9v6VHH3WZ8mp1XsFSNwig0DErLPWFeVgywxl929lhzwacHV12levcAMBiG2KhuXKGBQQIqr0UDez7OLWJs6PdzzM0C5sa7ubtsnnnFCSDioT1BQrlrqWHUzaGzJ0AO3UZX79hKuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b2ce1a63eb84a9e-FRA
access-control-allow-headers: Content-Type

GET
H3 200 loader.svg
chat789bet.com/media/ 657 B
1 KB 469ms
461ms Image
image/svg+xml 2606:4700:3037::ac43:9be7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chat789bet.com/media/loader.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9be7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0aa0af4eb29e8ac243d5879f4b1b70cb4dcab4069686ee082ad9a11f16392cc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 08 Apr 2020 12:51:59 GMT
server: cloudflare
etag: W/"2925547ea4dd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m2rx61QZ1CznPcwCusvcZyB7zNaSBFmrhNkEuOyNo70SQVbCD1f4y2RpiHzeymxhiT7dD9Hx6MZNLRIIihaG2u5yKGP0oWeuBr8MLMg8LCN9SnWzxsB09xlaTPtG6lv3b2LSKP9LCJA0hkcJGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6b2ce1a63ebd4a9e-FRA
access-control-allow-headers: Content-Type

GET
H3 200 button-chat.svg
chat789bet.com/media/ 396 B
838 B 484ms
476ms Image
image/svg+xml 2606:4700:3037::ac43:9be7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chat789bet.com/media/button-chat.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9be7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5e8fc049f5a9b19d186895c468f38e1aa1a629c802b2f510cfc080c1dab4df61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 05 Sep 2020 14:56:20 GMT
server: cloudflare
etag: W/"aa49e2b69483d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xc8wypcqn%2FtAWtwdmXFTEp40uPV3%2BF4fT26uiF9%2Fp%2FJ0Td%2B1p6CHSIFhD1ZHDzMUavU686qbbMQLWxjidNjoJSL1AMLQf5v9FbzDLIr8c3is0Gqvb5wgGy3ZiELTO1Tcu9O4lTIIlnmRohnlew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6b2ce1a63eb94a9e-FRA
access-control-allow-headers: Content-Type

GET
H3 200 button-close.svg
chat789bet.com/media/ 237 B
781 B 482ms
474ms Image
image/svg+xml 2606:4700:3037::ac43:9be7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chat789bet.com/media/button-close.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9be7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2939d503669bca3ebe668a03346c2017ab68775ff88d162c39042339e75bb8f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 05 Sep 2020 14:56:40 GMT
server: cloudflare
etag: W/"233acec29483d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UcGT3zhzdj2W8QNsrM6sQzb8Ch19XIIEkhogYMCTNU0NdAT%2BHJS34JsVvt0YHjPpJ1oZeGPCxCHAyKNOkn%2Bdy2njNQJTJnIhjmFVcZrFsra2gP4QDnr7meVdG%2BrOXnenoORSO%2BTw0FCkLlndGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6b2ce1a63eba4a9e-FRA
access-control-allow-headers: Content-Type

GET
H3 206 sound.mp3
chat789bet.com/media/ 16 KB
16 KB 690ms
687ms Media
audio/mpeg 2606:4700:3037::ac43:9be7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chat789bet.com/media/sound.mp3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9be7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1ecd085b6d0693df4081d97f01b27b60d82418b83da600a340d6efd629f7c591

Request headers

Referer: https://www.0044789.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
Content-Range: bytes 0-16171/16172
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 16172
last-modified: Wed, 08 Apr 2020 12:51:58 GMT
server: cloudflare
etag: "45b9ab7da4dd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K1pTVFHrsOnO685dGPKRdpoR8iw%2FQGNrtXHZgp40u0bGGIgCDEmNmzg%2FElBq1oDuC1m87QxvYUFTP2%2F6L2GzCEODqCIkamolKwr67l0h6aBeruRZl4pfRqqHggX0Ar9nHrTX041%2F1wzlbYMtbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6b2ce1a63ed04a9e-FRA
access-control-allow-headers: Content-Type

GET
H3 206 sound-out.mp3
chat789bet.com/media/ 17 KB
17 KB 703ms
700ms Media
audio/mpeg 2606:4700:3037::ac43:9be7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chat789bet.com/media/sound-out.mp3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9be7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8679c992d10ed3daa402e1c839defa668a5c75e5aa76cd21af26a1c83dbb7a26

Request headers

Referer: https://www.0044789.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
Content-Range: bytes 0-17179/17180
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 17180
last-modified: Tue, 14 Apr 2020 11:16:45 GMT
server: cloudflare
etag: "aaa5aa2e4e12d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pHlVLDNqVZv9MK2gGsJyaSRkq7RBBLPTsU8ZHdNMinEHidF8%2BP0XndLFE7AJxCGgeynU4gpU4%2BVvnlZShxBHuM3Am%2FQtfHU4zrV9AW8k6gRq2V9jL0HqCzAifgsqRWNsNuxwjt1VKvpS3mgYzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6b2ce1a63ecc4a9e-FRA
access-control-allow-headers: Content-Type

GET
H3 200 vi.js Show response
embed.tawk.to/_s/v4/app/619c9c3d75b/languages/ 17 KB
5 KB 36ms
22ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/619c9c3d75b/languages/vi.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619c9c3d75b/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae3c9a6d9cb299a9ee66ce5827ff8541353d76a708ce6c096d68ed3755f7ebc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 33877
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 23 Nov 2021 07:47:38 GMT
server: cloudflare
etag: W/"ab36ba700496abfcd65fdebc7d70991b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6b2ce1a99f1d5b8c-FRA

GET
H2 200 / Show response
sabasports.vn/nhan-dinh/gioi-thieu/ Frame F856 177 B
759 B 847ms
527ms Document
text/html 2606:4700:3035::6815:30ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sabasports.vn/nhan-dinh/gioi-thieu/?EVPInstanceName=fwdevpPlayer0
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/main.d5afc53a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:30ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14b6bde477ba49bd64621710b165c031b99912720050d27c11d34ee8d85e9453

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/

Response headers

date: Tue, 23 Nov 2021 19:42:35 GMT
content-type: text/html; charset=UTF-8
last-modified: Wed, 27 Oct 2021 10:16:29 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QKUG%2BSXmE5R%2BAseMb32A7yGYO%2Bt02b94pPedloIehG55y54Ud7Q5nUv5eXlDGaqUbmL8jnW5ek9ykRpJzg8YzC20nyTe7gamcRi%2FX4Hep47KbU77ZCXuuXABWesxi4%2B3x3388%2B3vXCMRkQ6d"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b2ce1abacb32bb9-FRA
content-encoding: br

GET
H2 200 638672e1-5c1d-460f-8810-087ccabe6e95.jpg
gic.x8gdkt99.com/img/789bet/ads/ 710 KB
710 KB 254ms
253ms Image
image/jpeg 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/789bet/ads/638672e1-5c1d-460f-8810-087ccabe6e95.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

aacc874455999c8de8834a3ef99c8b9bec81e230eba01c953ec286e7a1ad99a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Thu, 18 Nov 2021 09:51:40 GMT
server: Tengine
etag: "6196222c-b1700"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 726784
x-xss-protection: 1; mode=block

GET
H2 200 369bd3d1-2fe4-4f79-ba4f-668f903f8b1c.jpg
gic.x8gdkt99.com/img/789bet/ads/ 527 KB
527 KB 247ms
246ms Image
image/jpeg 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/789bet/ads/369bd3d1-2fe4-4f79-ba4f-668f903f8b1c.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

cf427f256e5d44aef2765db91b0d9cfd1340c9d2f15334f2be3b9e7d0fbfe19d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Sat, 19 Jun 2021 07:47:33 GMT
server: Tengine
etag: "60cda115-83aed"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 539373
x-xss-protection: 1; mode=block

GET
H2 200 efd3dfb3-7870-4cd9-a243-8c8c8789e686.jpg
gic.x8gdkt99.com/img/789bet/ads/ 434 KB
434 KB 255ms
254ms Image
image/jpeg 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/789bet/ads/efd3dfb3-7870-4cd9-a243-8c8c8789e686.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

7079830d071839bda9da1fef71b1ad8761ace7f72d96c7099d8c6a1e5730b1b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Sat, 19 Jun 2021 07:50:04 GMT
server: Tengine
etag: "60cda1ac-6c766"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 444262
x-xss-protection: 1; mode=block

GET
H2 200 7118a188-bdae-4b2d-8655-7d7a99383445.jpg
gic.x8gdkt99.com/img/789bet/ads/ 571 KB
571 KB 254ms
252ms Image
image/jpeg 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/789bet/ads/7118a188-bdae-4b2d-8655-7d7a99383445.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

2ea9a24c2955a79386475728f261e6f38982124e001fa9aebaffdc8bb3447cdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Sat, 19 Jun 2021 06:12:06 GMT
server: Tengine
etag: "60cd8ab6-8eabc"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 584380
x-xss-protection: 1; mode=block

GET
H2 200 06ca8f1d-2692-403e-a501-e79c0664cc52.jpg
gic.x8gdkt99.com/img/789bet/ads/ 493 KB
494 KB 255ms
254ms Image
image/jpeg 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/789bet/ads/06ca8f1d-2692-403e-a501-e79c0664cc52.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

979946319d4246666edfeea4b9ec174b868d25e6fb3931c0d30fef2d184254b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Fri, 15 Oct 2021 06:55:13 GMT
server: Tengine
etag: "616925d1-7b561"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 505185
x-xss-protection: 1; mode=block

GET
H2 200 79deabf9-3c67-4b27-aa36-45d1b8c2cc5c.jpg
gic.x8gdkt99.com/img/789bet/ads/ 704 KB
704 KB 255ms
254ms Image
image/jpeg 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/789bet/ads/79deabf9-3c67-4b27-aa36-45d1b8c2cc5c.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

9182d77fc4eac92dd0fedecc9c3724e87589d96cd8089d936bf7efec1d968268

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Tue, 14 Sep 2021 13:02:03 GMT
server: Tengine
etag: "61409d4b-afeff"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 720639
x-xss-protection: 1; mode=block

GET
H2 200 animation.gif
gic.x8gdkt99.com/img/static/desktop/temp/home/ec22/ 6 MB
6 MB 49ms
48ms Image
image/gif 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/temp/home/ec22/animation.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

9364d25055d2e9833948e3a021ae9ea009ce5f28bbdec8fe85a722eff9f2daae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 07:13:25 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Thu, 06 Aug 2020 08:52:45 GMT
server: Tengine
age: 44949
etag: "5f2bc4dd-593bc9"
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 5848009
x-xss-protection: 1; mode=block

GET
H2 200 jackpot-bn.png
gic.x8gdkt99.com/img/static/desktop/temp/home/ec22/ 20 KB
20 KB 13ms
11ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/temp/home/ec22/jackpot-bn.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

545f418271886b06363660dd9e8332f28f5553bce6000d826ebefeb69d4859d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 07:13:25 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Thu, 06 Aug 2020 08:52:45 GMT
server: Tengine
age: 44949
etag: "5f2bc4dd-4fea"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 20458
x-xss-protection: 1; mode=block

GET
H3 200 upcomingSporting Show response
api.0044789.com/789bet-ecp/api/v1/ 4 KB
1 KB 603ms
574ms XHR
application/json 172.67.217.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.0044789.com/789bet-ecp/api/v1/upcomingSporting?size=3
Requested by: Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/js/main.d5afc53a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.217.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7f79bd0cb1af198ca7b3f0b1cc361b56757efa03921238d3527f36e974f6d52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:35 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PATCH, PUT, HEAD
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pdzqpjy8vMRZGjKx7eSLeiBnuqN%2FfGMVoucBg%2F%2BCNtYbjzFMxtCuzu2Fks4YQmDvFRJT0zr5zIqK0nHntCsaqdOHvJ52j3atwgBNYk4vSeoKP3lhTELaIz0KKKH6UKoCatQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-token-renew
cf-ray: 6b2ce1a9ce9d4119-PRG
access-control-allow-headers: Accept, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Mx-ReqToken, X-Requested-With, X-Vendor-ID, X-Vendor-Key, X-Forwarded-For, X-token-renew
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 xoso-icon.png
gic.x8gdkt99.com/img/static/789bet/custom/icon/ 2 KB
2 KB 246ms
245ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/custom/icon/xoso-icon.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-Home.6bb0d360.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

71ef7d5fe27824e46402c33c5513a38d7b331cc7ef0fcefd5b9edcfa0b7ded42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 07:26:05 GMT
server: Tengine
etag: "5ff2c30d-90e"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 2318
x-xss-protection: 1; mode=block

GET
H2 200 xoso.jpg
gic.x8gdkt99.com/img/static/789bet/custom/banner/ 107 KB
108 KB 249ms
247ms Image
image/jpeg 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/custom/banner/xoso.jpg

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-Home.6bb0d360.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

bbf2626d6e976a0f13e3ddce37c0337368c3b132925a268aab82a46081a3ba1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 07:26:05 GMT
server: Tengine
etag: "5ff2c30d-1ad56"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 109910
x-xss-protection: 1; mode=block

GET
H2 200 cockfighting-icon.png
gic.x8gdkt99.com/img/static/789bet/custom/icon/ 2 KB
2 KB 251ms
250ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/custom/icon/cockfighting-icon.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-Home.6bb0d360.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

7e4f1204445556d7a0b42d4066ba0221c5f1526925f03f2e53c249de997eff4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 07:26:05 GMT
server: Tengine
age: 0
etag: "5ff2c30d-822"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 2082
x-xss-protection: 1; mode=block

GET
H2 200 daga.jpg
gic.x8gdkt99.com/img/static/789bet/custom/banner/ 102 KB
102 KB 249ms
248ms Image
image/jpeg 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/custom/banner/daga.jpg

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-Home.6bb0d360.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

b58e8b657d33bf1e2e0a217c69d85bfb251d4601507a7865d23d9a4054f49cbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 07:26:05 GMT
server: Tengine
etag: "5ff2c30d-198ce"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 104654
x-xss-protection: 1; mode=block

GET
H2 200 slotgamre-1.png
gic.x8gdkt99.com/img/static/789bet/custom/top-hu/ 139 KB
139 KB 484ms
483ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/custom/top-hu/slotgamre-1.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

44ce9b90d44125ebbff44b241c64abd21490f913ccdcf2d75017763d24a2c18a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 07:26:05 GMT
server: Tengine
etag: "5ff2c30d-22b90"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 142224
x-xss-protection: 1; mode=block

GET
H2 200 slotgamre-2.png
gic.x8gdkt99.com/img/static/789bet/custom/top-hu/ 123 KB
123 KB 482ms
481ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/custom/top-hu/slotgamre-2.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

1bf7793a2a5954fe069121a43d0be3ca85ff8c643512a652711ca74c348a6806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 07:26:05 GMT
server: Tengine
etag: "5ff2c30d-1ec60"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 126048
x-xss-protection: 1; mode=block

GET
H2 200 icon_champions.svg
gic.x8gdkt99.com/img/static/desktop/temp/home/ec22/ 32 KB
32 KB 12ms
11ms Image
image/svg+xml 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/temp/home/ec22/icon_champions.svg

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-Home.6bb0d360.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

1daa9aeed508a21751effcafb008901249ac71333b8411f05829ba9a715e44e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 07:13:27 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Wed, 22 Jul 2020 03:19:01 GMT
server: Tengine
age: 44947
etag: "5f17b025-7f4f"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 32591
x-xss-protection: 1; mode=block

GET
H2 200 star.png
gic.x8gdkt99.com/img/static/desktop/temp/home/ec22/ 84 KB
84 KB 14ms
13ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/temp/home/ec22/star.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-Home.6bb0d360.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

3038260a601ccdd8713c05690b9ea8361995a0f2a919e3695e4e8615b7561779

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 07:13:27 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Thu, 23 Jul 2020 02:58:10 GMT
server: Tengine
age: 44947
etag: "5f18fcc2-150db"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 86235
x-xss-protection: 1; mode=block

GET
H2 200 games_money.png
gic.x8gdkt99.com/img/static/desktop/temp/home/ec22/ 4 KB
4 KB 12ms
12ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/temp/home/ec22/games_money.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-Home.6bb0d360.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

9886a54f907a2a838103f0630b0785c428f3e7043b968ebea9c89ea8e06b3026

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 07:13:27 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Thu, 23 Jul 2020 02:58:10 GMT
server: Tengine
age: 44947
etag: "5f18fcc2-e1e"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 3614
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 236 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5cc66e29cfcdfee566f695160e728503373f7e0fb4eae3a79d30133a4d905c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cate1_news1.jpg
gic.x8gdkt99.com/img/static/789bet/custom/news/ 116 KB
116 KB 486ms
485ms Image
image/jpeg 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/custom/news/cate1_news1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

2dbe24b8ee1358b68bce58cf447bdfcec9f911b2c5ea38c3e37d00a9f6b44a93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Fri, 08 Jan 2021 03:32:02 GMT
server: Tengine
age: 0
etag: "5ff7d232-1d127"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 119079
x-xss-protection: 1; mode=block

GET
H2 200 cate1_news2.jpg
gic.x8gdkt99.com/img/static/789bet/custom/news/ 33 KB
33 KB 487ms
487ms Image
image/jpeg 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/custom/news/cate1_news2.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

08d2910ef7aaa954d961b3a29a45c812cde3cffc11299401642c3de0c184b9e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Fri, 08 Jan 2021 03:32:02 GMT
server: Tengine
etag: "5ff7d232-83ff"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 33791
x-xss-protection: 1; mode=block

GET
H2 200 cate1_news3.jpg
gic.x8gdkt99.com/img/static/789bet/custom/news/ 44 KB
44 KB 247ms
247ms Image
image/jpeg 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/custom/news/cate1_news3.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

f05f75aaa19eb798167a3935991525477c14fd5878605fbeb3d93963b79eee9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Fri, 08 Jan 2021 03:32:02 GMT
server: Tengine
etag: "5ff7d232-afcc"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 45004
x-xss-protection: 1; mode=block

GET
H2 200 cate1_news4.jpg
gic.x8gdkt99.com/img/static/789bet/custom/news/ 47 KB
47 KB 248ms
248ms Image
image/jpeg 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/custom/news/cate1_news4.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

cbde0bd4cdf57cda37654d4c2d17dd074d6c3d9bf808815e34447723fefaca9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Fri, 08 Jan 2021 03:32:02 GMT
server: Tengine
etag: "5ff7d232-bbf9"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 48121
x-xss-protection: 1; mode=block

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 78 KB
79 KB 29ms
19ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de18f83fe5e106b0ff08097632c801d3b2a5744cb2040302314b3ed08d5c0c8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Origin: https://www.0044789.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 86506
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 80300
timing-allow-origin: *
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-139ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C11cKBFscBgbRibBJ4rExGf2xweS%2BahrxSqvlSv%2BSXvjzbUCzVOazTEsCraq%2B8vjQJAxQGidGgTKFTlc6bhJ5vPhcoJNf9VapQHL%2BJt5yOMaqXUgZK9pr3EjOJklqAXAu%2Fkr3o81bSK3djXndRJ46vt%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b2ce1a9cd135c62-FRA
expires: Sun, 13 Nov 2022 19:42:34 GMT

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 13 KB
14 KB 90ms
80ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6df2ce1dd3eb2bb0e0e5418aa6cdf26ff6cd382363f5d72b56d1befbec4131e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Origin: https://www.0044789.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 518545
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13548
timing-allow-origin: *
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-34ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bk7EQlVyjwbMu6q5n6d373y4eGxlmxNdPLjfHsz3kdPIG4DY06QRk3E5MUCPNX6%2BQVRedsvEvV%2FXLQYedSPzXYLQQwKk%2BTRNYJNp9pkx%2BO8Z8CjZxm89dEs7JMFE%2BkkKrUmGpFKvg%2BF1QEYePlSCtm0T"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b2ce1a9cd155c62-FRA
expires: Sun, 13 Nov 2022 19:42:34 GMT

GET
H2 200 redLottery__redBag__RED.png
gic.x8gdkt99.com/img/static/red-envelope/ 21 KB
21 KB 120ms
119ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/red-envelope/redLottery__redBag__RED.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

1ec121cc7acf73e0a7820d68f1d2c1489a6c62c6cfbc6aff17fe334f070d59f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:15:47 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Thu, 18 Jun 2020 03:37:12 GMT
server: Tengine
age: 26807
etag: "5eeae168-5379"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 21369
x-xss-protection: 1; mode=block

GET
H2 200 event_roulette.png
gic.x8gdkt99.com/img/static/event/ 64 KB
65 KB 121ms
121ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/event/event_roulette.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

b436f67c010727e22f74ebefae0667199c47f6a2272e0f09091354a24f9c9bc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 15:45:29 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Fri, 04 Jun 2021 12:20:14 GMT
server: Tengine
age: 14225
etag: "60ba1a7e-101d7"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 66007
x-xss-protection: 1; mode=block

GET
H2 200 event_rank.png
gic.x8gdkt99.com/img/static/event/ 27 KB
27 KB 122ms
122ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/event/event_rank.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

d9ffa941505101a850c302e25823d32ce53244400bcdb79d89b39e1435e827a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 15:45:29 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Fri, 04 Jun 2021 12:20:14 GMT
server: Tengine
age: 14225
etag: "60ba1a7e-6d61"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 28001
x-xss-protection: 1; mode=block

GET
H2 200 logo.png
gic.x8gdkt99.com/img/static/desktop/brand/789bet/ 16 KB
16 KB 115ms
114ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/brand/789bet/logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

8bd77028b07b7b765f161b4dac969bd767dbc5645513662fa6d1a6dcd61e6a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:33 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 20 Jan 2020 07:38:37 GMT
server: Tengine
age: 1
etag: "5e2558fd-40f3"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 16627
x-xss-protection: 1; mode=block

GET
H2 200 34dd871f-0f9c-4af4-ad4f-300030eb1545.jpg
gic.x8gdkt99.com/img/789bet/floatingads/ 472 KB
473 KB 274ms
273ms Image
image/jpeg 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/789bet/floatingads/34dd871f-0f9c-4af4-ad4f-300030eb1545.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

827f1d89ebac10b551edf79aa30ed390d97658db3bba7912f548a78cc4a95731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Thu, 18 Nov 2021 04:55:06 GMT
server: Tengine
etag: "6195dcaa-7612e"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 483630
x-xss-protection: 1; mode=block

GET
H3 200 twk-chunk-2d0d2b7c.js Show response
embed.tawk.to/_s/v4/app/619c9c3d75b/js/ 7 KB
2 KB 32ms
31ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/619c9c3d75b/js/twk-chunk-2d0d2b7c.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619c9c3d75b/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0258bf0904baa243eb5f64f1607f3f568ac3aa3290b3f50f673968c71344c37d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 33921
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 23 Nov 2021 07:47:38 GMT
server: cloudflare
etag: W/"722cffb3daa1570354cb1b80cb4846c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6b2ce1aa69055b8c-FRA

GET
H3 200 twk-chunk-2d224aff.js Show response
embed.tawk.to/_s/v4/app/619c9c3d75b/js/ 16 KB
5 KB 24ms
24ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/619c9c3d75b/js/twk-chunk-2d224aff.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619c9c3d75b/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc4bcbaa05af7e5e39f23d66d53eed1a629122863355321524bef18226159f3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 33921
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 23 Nov 2021 07:47:38 GMT
server: cloudflare
etag: W/"6a4937c7e4da7a7d316c7200c5849582"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6b2ce1aa690a5b8c-FRA

GET
H3 200 twk-chunk-f1596d96.js Show response
embed.tawk.to/_s/v4/app/619c9c3d75b/js/ 10 KB
4 KB 24ms
24ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/619c9c3d75b/js/twk-chunk-f1596d96.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619c9c3d75b/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e213e65c763380d18a7ceef40c02e137cbd1187c127ef0cb1cc210b7b4d57025

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 33920
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 23 Nov 2021 07:47:38 GMT
server: cloudflare
etag: W/"7a54bc6f49c95a2887d1295d5df3153a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6b2ce1aa690d5b8c-FRA

GET
H3 200 twk-chunk-48f46bef.js Show response
embed.tawk.to/_s/v4/app/619c9c3d75b/js/ 16 KB
5 KB 28ms
28ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/619c9c3d75b/js/twk-chunk-48f46bef.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619c9c3d75b/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d0a579d159eaa2f54ccab7e39447a1f73c2ad8555050dbf5eca2de3e6a8fa94

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 33921
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 23 Nov 2021 07:47:38 GMT
server: cloudflare
etag: W/"62c5e605d8883ede99cf3eacd8a9c75a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6b2ce1aa69105b8c-FRA

GET
H3 200 twk-chunk-4fe9d5dd.js Show response
embed.tawk.to/_s/v4/app/619c9c3d75b/js/ 942 B
817 B 36ms
35ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/619c9c3d75b/js/twk-chunk-4fe9d5dd.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619c9c3d75b/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 33921
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 23 Nov 2021 07:47:38 GMT
server: cloudflare
etag: W/"5f434bdd806571a4e1b385bee9316ff6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6b2ce1aa69145b8c-FRA

GET
H3 200 twk-chunk-2d0b9454.js Show response
embed.tawk.to/_s/v4/app/619c9c3d75b/js/ 546 B
706 B 22ms
22ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/619c9c3d75b/js/twk-chunk-2d0b9454.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619c9c3d75b/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 33921
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 23 Nov 2021 07:47:38 GMT
server: cloudflare
etag: W/"09c3819d373bd4178a620d721429fada"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6b2ce1aa69165b8c-FRA

GET
H3 200 twk-chunk-f163fcd0.js Show response
embed.tawk.to/_s/v4/app/619c9c3d75b/js/ 11 KB
4 KB 36ms
35ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/619c9c3d75b/js/twk-chunk-f163fcd0.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619c9c3d75b/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb94ebe9718dddddc412d9054b58d2ec39bea39d4f40e2181bafc4fb21120c19

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 33921
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 23 Nov 2021 07:47:38 GMT
server: cloudflare
etag: W/"5d825157bfbb4872b9ce8ea19e5eb7e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6b2ce1aa69185b8c-FRA

GET
H3 200 twk-chunk-49eb0da8.js Show response
embed.tawk.to/_s/v4/app/619c9c3d75b/js/ 66 KB
15 KB 37ms
37ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/619c9c3d75b/js/twk-chunk-49eb0da8.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619c9c3d75b/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58cb4d0e354cc6e12bab771c01286315893b2a40c8bee12f8c09cf56386cd6ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 33921
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 23 Nov 2021 07:47:38 GMT
server: cloudflare
etag: W/"0e3b4974549a81c9614c171f66edb91e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6b2ce1aa691c5b8c-FRA

GET
H2 200 / Show response
vsa46.tawk.to/s/ 101 B
200 B 527ms
486ms XHR
application/octet-stream 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vsa46.tawk.to/s/?k=619d442ace40c32e3e905a75&cver=0&pop=false&asver=200257&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI1ZGU1ZDhmNmQ5Njk5MjcwMGZjYTY3N2QiLCJ2aWQiOiI3ZDI1YjhjMWVlYWYyZDUyOTNhZGNhM2ViMTFkMjllMTdhMzY4ODg2NzUzMjFhMjdhOTdlY2U1NWFlODYzYmU5IiwiaWF0IjoxNjM3Njk2NTU0LCJleHAiOjE2Mzc2OTgzNTQsImp0aSI6IlZlS0FQMUFza1QwYXdLNEQ0ZW9jYSJ9.-A61-vazxvlgJgbQaxGOeTL1Q79J-b52pDAaJJnPXCD9xkKNPZHoFJWIOcJnbkeMGEbRUqtIrIqmixFi-lZQOQ&EIO=3&transport=polling&__t=NrEKaQ5

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619c9c3d75b/js/twk-chunk-vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a3154242048886042ccbf02251b012eb412f151d00f4292bf1fb31cf4a68af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:35 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://www.0044789.com
access-control-allow-credentials: true
cf-ray: 6b2ce1aabc205cb0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 101

GET
H3 200 min-widget.css
embed.tawk.to/_s/v4/app/619c9c3d75b/css/ Frame 2C9D 24 KB
5 KB 26ms
25ms Stylesheet
text/css 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/619c9c3d75b/css/min-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619c9c3d75b/js/twk-chunk-2d0d2b7c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34533e0e1da75160a7daf8a64a6c8e84d3ee9b9265695cfdf0ce3ce7ccac0139

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 33921
cf-polished: origSize=25050
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 23 Nov 2021 07:47:37 GMT
server: cloudflare
etag: W/"ca07acfc9643befa104a07a93067f7c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6b2ce1aafa665b8c-FRA
cf-bgj: minify

GET
H3 200 bubble-widget.css
embed.tawk.to/_s/v4/app/619c9c3d75b/css/ Frame 10DC 13 KB
3 KB 21ms
21ms Stylesheet
text/css 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/619c9c3d75b/css/bubble-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619c9c3d75b/js/twk-chunk-2d0d2b7c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 33920
cf-polished: origSize=13594
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 23 Nov 2021 07:47:37 GMT
server: cloudflare
etag: W/"ce7913b80c763449b3895d46419f7a6b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6b2ce1ab0a845b8c-FRA
cf-bgj: minify

GET
H3 200 message-preview.css
embed.tawk.to/_s/v4/app/619c9c3d75b/css/ Frame AA5D 37 KB
8 KB 22ms
22ms Stylesheet
text/css 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/619c9c3d75b/css/message-preview.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619c9c3d75b/js/twk-chunk-2d0d2b7c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c441a4185403c04c6660b68f8e08dbb2c1006c6a0f792fd454216a35b73fc867

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 33921
cf-polished: origSize=37650
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 23 Nov 2021 07:47:37 GMT
server: cloudflare
etag: W/"792b46302ed8c4acdf03169ba30069fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6b2ce1ab1ab45b8c-FRA
cf-bgj: minify

GET
H3 200 max-widget.css
embed.tawk.to/_s/v4/app/619c9c3d75b/css/ Frame FDA3 72 KB
14 KB 19ms
18ms Stylesheet
text/css 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/619c9c3d75b/css/max-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619c9c3d75b/js/twk-chunk-2d0d2b7c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89ab7fd53e99ea2991d6e35b55bc1771aab327d0e7a1ffb016a1a7c8f000cd28

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 33920
cf-polished: origSize=74104
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 23 Nov 2021 07:47:37 GMT
server: cloudflare
etag: W/"987828ebb230aff2aaeab0ac82354266"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 6b2ce1ab4b055b8c-FRA
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ Frame 2C9D 7 KB
665 B 44ms
17ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619c9c3d75b/css/min-widget.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6cb55dbfadd93b87021f5281d31950151aa41e0b067c0c134f60331fa5243e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://embed.tawk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 18:09:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Nov 2021 19:42:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Nov 2021 19:42:34 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AA5D 7 KB
665 B 40ms
17ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619c9c3d75b/css/message-preview.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6cb55dbfadd93b87021f5281d31950151aa41e0b067c0c134f60331fa5243e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://embed.tawk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 18:16:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Nov 2021 19:42:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Nov 2021 19:42:34 GMT

GET
H2 200 af8728c7f5ec315bab4114f6f16a3725ace816de
tawk.link/5de5d8f6d96992700fca677d/var/chat_bubble/ Frame 10DC 28 KB
29 KB 96ms
29ms Image
application/octet-stream 2606:4700:20::681a:f9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tawk.link/5de5d8f6d96992700fca677d/var/chat_bubble/af8728c7f5ec315bab4114f6f16a3725ace816de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

2e2a9e8e74db737f5f7e3ffa34f960680c95d5d5476b85e8264ef1fc03b53972

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
cf-cache-status: HIT
last-modified: Thu, 18 Nov 2021 06:38:08 GMT
server: cloudflare
age: 479066
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l2BWEAG7Pc6hvDHBrUvuV7Z35wGvwleOgPyhv%2F23Ys1guCrCRMRUk%2FvpkNje3g3oJqaHEDky%2Ff7L31pOi%2FdAidDobbboXwAT5YI7f8wRG0oY3wICM3Yn7xVVZqbNJuMcToYSGPaQaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=600
cf-ray: 6b2ce1abdacd4eda-FRA

GET
H3 200 tawk-font-icon-2.woff2
embed.tawk.to/_s/v4/assets/fonts/ Frame 10DC 10 KB
11 KB 468ms
467ms Font
font/woff2 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/assets/fonts/tawk-font-icon-2.woff2?55755728=

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619c9c3d75b/css/bubble-widget.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://embed.tawk.to/_s/v4/app/619c9c3d75b/css/bubble-widget.css
Origin: https://www.0044789.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:35 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10520
last-modified: Sat, 22 May 2021 07:25:13 GMT
server: cloudflare
etag: "054b3b66812d0a4b87ffc6776f0a42f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
accept-ranges: bytes
cf-ray: 6b2ce1ab7a1a5cb6-FRA

GET
H2 200 css
fonts.googleapis.com/ Frame FDA3 7 KB
1 KB 20ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619c9c3d75b/css/max-widget.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6cb55dbfadd93b87021f5281d31950151aa41e0b067c0c134f60331fa5243e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://embed.tawk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 18:11:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Nov 2021 19:42:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Nov 2021 19:42:34 GMT

GET
H2 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 295 KB
39 KB 51ms
30ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619c9c3d75b/js/twk-chunk-vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2501743
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19120-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6b2ce1abfbdb6957-FRA

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ Frame 2C9D 23 KB
24 KB 33ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.0044789.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:26:28 GMT
x-content-type-options: nosniff
age: 80166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 22 Nov 2022 21:26:28 GMT

GET
H2 200 sub-sports-saba.png
gic.x8gdkt99.com/img/static/desktop/sub-menu/ 37 KB
37 KB 12ms
11ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/sub-menu/sub-sports-saba.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

b02dd6001f6ae95da85edd87e3406bd44bf55067c3ffd732ac810de74772fc60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:15:44 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Wed, 08 Sep 2021 05:02:39 GMT
server: Tengine
age: 26811
etag: "613843ef-93ca"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 37834
x-xss-protection: 1; mode=block

GET
H2 200 sub-sports-ugaming.png
gic.x8gdkt99.com/img/static/desktop/sub-menu/ 35 KB
35 KB 9ms
8ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/sub-menu/sub-sports-ugaming.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

42730bb6eb12bd4b3b538a75cf12083af01ada88d5d21af46758040cfd38b912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:15:44 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Wed, 08 Sep 2021 05:02:39 GMT
server: Tengine
age: 26811
etag: "613843ef-8d06"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 36102
x-xss-protection: 1; mode=block

GET
H2 200 fd406a5c-7c57-4d01-b931-60b1563c4ea2.png
gic.x8gdkt99.com/img/789bet/menuBarSetting/ 74 KB
74 KB 14ms
13ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/789bet/menuBarSetting/fd406a5c-7c57-4d01-b931-60b1563c4ea2.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

52f8ba38b18a99c0ac541ee20b8e4b3cb5040c135af6eca9dd1ace1765dcd30c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 06:03:49 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Thu, 23 Sep 2021 03:56:11 GMT
server: Tengine
age: 49126
etag: "614bfadb-1292b"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 76075
x-xss-protection: 1; mode=block

GET
H2 200 18c1dff2-ae19-4c0e-9764-ca803a8ff6f0.png
gic.x8gdkt99.com/img/789bet/menuBarSetting/ 149 KB
149 KB 15ms
11ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/789bet/menuBarSetting/18c1dff2-ae19-4c0e-9764-ca803a8ff6f0.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

3de59e87db198e91281d2e8f3fa2976b139b0a762dff0508517c1382488c61b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:15:44 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Thu, 23 Sep 2021 03:56:11 GMT
server: Tengine
age: 26811
etag: "614bfadb-25356"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 152406
x-xss-protection: 1; mode=block

GET
H2 200 sub-sports-bti.png
gic.x8gdkt99.com/img/static/desktop/sub-menu/ 40 KB
40 KB 25ms
16ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/sub-menu/sub-sports-bti.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

ed706c2986c9f95ba978a083def38fe449dc8b969925f6e963ccdd6c75a8931e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 06:03:49 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Wed, 08 Sep 2021 05:02:39 GMT
server: Tengine
age: 49126
etag: "613843ef-9f60"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 40800
x-xss-protection: 1; mode=block

GET
H2 200 7d0d4bab-99e6-437e-b25e-16e70163c50b.png
gic.x8gdkt99.com/img/789bet/menuBarSetting/ 50 KB
50 KB 26ms
15ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/789bet/menuBarSetting/7d0d4bab-99e6-437e-b25e-16e70163c50b.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

e218e3257ea6bd8da126a3e95f9fb0818fe7e5124c5faeb2809f014a16cc1e7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:15:44 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Wed, 10 Nov 2021 12:42:45 GMT
server: Tengine
age: 26811
etag: "618bbe45-c7a8"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 51112
x-xss-protection: 1; mode=block

GET
H2 200 44d10e84-9a2a-42ee-b8fd-df90b07786b0.png
gic.x8gdkt99.com/img/789bet/menuBarSetting/ 51 KB
52 KB 30ms
16ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/789bet/menuBarSetting/44d10e84-9a2a-42ee-b8fd-df90b07786b0.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

860bd64d0aa6be6db6d929e6ce8754115fac96c371fc2b32a53fc549604f0194

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:15:44 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Wed, 10 Nov 2021 12:42:45 GMT
server: Tengine
age: 26811
etag: "618bbe45-cdd3"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 52691
x-xss-protection: 1; mode=block

GET
H2 200 dd96005a-3e6b-41f1-ae60-cd0f84aa8c28.png
gic.x8gdkt99.com/img/789bet/menuBarSetting/ 34 KB
34 KB 35ms
22ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/789bet/menuBarSetting/dd96005a-3e6b-41f1-ae60-cd0f84aa8c28.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

c5a4af3b51b46c797e14e4ed7b6ae62ec509cd3a3a780f7c7ea355f8221550e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:53:36 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Wed, 10 Nov 2021 12:42:45 GMT
server: Tengine
age: 24539
etag: "618bbe45-877f"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 34687
x-xss-protection: 1; mode=block

GET
H2 200 6946c369-0544-4b2c-85d4-15a272fe5cdb.png
gic.x8gdkt99.com/img/789bet/menuBarSetting/ 51 KB
51 KB 29ms
16ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/789bet/menuBarSetting/6946c369-0544-4b2c-85d4-15a272fe5cdb.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

639aa4c8ad661a11e224477b370b429755c069a93bea83b84b0a170cc3a2663b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 06:43:32 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Wed, 10 Nov 2021 12:42:45 GMT
server: Tengine
age: 46743
etag: "618bbe45-cd34"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 52532
x-xss-protection: 1; mode=block

GET
H2 200 eece2371-9104-44a4-89d4-70f62bea2861.png
gic.x8gdkt99.com/img/789bet/menuBarSetting/ 50 KB
50 KB 29ms
17ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/789bet/menuBarSetting/eece2371-9104-44a4-89d4-70f62bea2861.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

21f189b7cde357b5f7d2ab45861f8f483753db06a34af426f564a9cdd7ae908a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 06:03:50 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Wed, 10 Nov 2021 12:42:45 GMT
server: Tengine
age: 49125
etag: "618bbe45-c8f0"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 51440
x-xss-protection: 1; mode=block

GET
H2 200 9dd5aff4-53d3-4382-ac1f-d664d4e4000d.png
gic.x8gdkt99.com/img/789bet/menuBarSetting/ 41 KB
41 KB 28ms
16ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/789bet/menuBarSetting/9dd5aff4-53d3-4382-ac1f-d664d4e4000d.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

e7c665d507094cd8f0ea91c7c3768f165373634055521a1750a9a6bd686937ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 06:03:50 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Wed, 10 Nov 2021 12:42:45 GMT
server: Tengine
age: 49125
etag: "618bbe45-a25e"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 41566
x-xss-protection: 1; mode=block

GET
H2 200 c3225b3f-6c93-4be2-b19d-47070efd1005.png
gic.x8gdkt99.com/img/789bet/menuBarSetting/ 40 KB
40 KB 34ms
22ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/789bet/menuBarSetting/c3225b3f-6c93-4be2-b19d-47070efd1005.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

e77be405da82c9e4c5919d61155e8feb6f9d92de687869371cae9ab04f9b9bc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:53:41 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Wed, 10 Nov 2021 12:42:45 GMT
server: Tengine
age: 24534
etag: "618bbe45-a077"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 41079
x-xss-protection: 1; mode=block

GET
H2 200 827ab9bf-08d7-448a-b10d-a2ee663d6b14.png
gic.x8gdkt99.com/img/789bet/menuBarSetting/ 38 KB
39 KB 55ms
43ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/789bet/menuBarSetting/827ab9bf-08d7-448a-b10d-a2ee663d6b14.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

c6a34398510c9d19472a3d7055ad9c84889bc3ce3c8b1e278c8e944e599be42a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 06:43:37 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Wed, 10 Nov 2021 13:41:01 GMT
server: Tengine
age: 46738
etag: "618bcbed-9985"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 39301
x-xss-protection: 1; mode=block

GET
H2 200 60af6836-9015-454f-b8a5-35904517ccab.png
gic.x8gdkt99.com/img/789bet/menuBarSetting/ 35 KB
35 KB 50ms
38ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/789bet/menuBarSetting/60af6836-9015-454f-b8a5-35904517ccab.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

535179cc6c3736a3aabf97c371c03b29d3c2cd0d4afd33e868e7d9ff08c652bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 13:13:33 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Tue, 16 Nov 2021 13:06:59 GMT
server: Tengine
age: 23342
etag: "6193acf3-8a4e"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 35406
x-xss-protection: 1; mode=block

GET
H2 200 sub-egame-ae_gaming.png
gic.x8gdkt99.com/img/static/desktop/sub-menu/ 105 KB
105 KB 39ms
28ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/sub-menu/sub-egame-ae_gaming.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

bee6941ed516b5992b64a009f9a2fc0130192920c3d4326a67386718c4204633

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:15:44 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 03:26:29 GMT
server: Tengine
age: 26811
etag: "608f6d65-1a2ed"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 107245
x-xss-protection: 1; mode=block

GET
H2 200 sub-egame-cq9.png
gic.x8gdkt99.com/img/static/desktop/sub-menu/ 30 KB
30 KB 52ms
41ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/sub-menu/sub-egame-cq9.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

ac2d20b60512eb6f28f11020788ae9845f0506429e74567dd7171c06f2dd3b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 13:44:09 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 20 Jan 2020 07:38:37 GMT
server: Tengine
age: 21506
etag: "5e2558fd-78cc"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 30924
x-xss-protection: 1; mode=block

GET
H2 200 sub-egame-mg.png
gic.x8gdkt99.com/img/static/desktop/sub-menu/ 26 KB
26 KB 50ms
40ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/sub-menu/sub-egame-mg.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

d9e5778ccf19e2f8f0ba30faed6afb41131bcabc1d1e9256a6d9d03b912fd299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:53:41 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 20 Jan 2020 07:38:37 GMT
server: Tengine
age: 24534
etag: "5e2558fd-6841"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 26689
x-xss-protection: 1; mode=block

GET
H2 200 sub-egame-pp.png
gic.x8gdkt99.com/img/static/desktop/sub-menu/ 31 KB
31 KB 44ms
34ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/sub-menu/sub-egame-pp.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

13d55abd832b8736ff6f17bf7f647b1c99f516f2ca9c0560390e85751ddb88db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 13:13:29 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 10:13:53 GMT
server: Tengine
age: 23346
etag: "5f4e1ee1-7c3c"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 31804
x-xss-protection: 1; mode=block

GET
H2 200 sub-egame-jdb.png
gic.x8gdkt99.com/img/static/desktop/sub-menu/ 30 KB
30 KB 46ms
36ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/sub-menu/sub-egame-jdb.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

95b2a1141516341bc25bff44592f0344675315ab893c5db938a79c817cdccdeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:15:45 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 20 Jan 2020 07:38:37 GMT
server: Tengine
age: 26810
etag: "5e2558fd-768a"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 30346
x-xss-protection: 1; mode=block

GET
H2 200 sub-egame-ameba.png
gic.x8gdkt99.com/img/static/desktop/sub-menu/ 28 KB
28 KB 35ms
24ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/sub-menu/sub-egame-ameba.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

b367cd106e944ee1de969e10f449c09af67976576504e289768ebf5f4c8c63dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:15:45 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 20 Jan 2020 07:38:37 GMT
server: Tengine
age: 26810
etag: "5e2558fd-7130"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 28976
x-xss-protection: 1; mode=block

GET
H2 200 sub-egame-rt.png
gic.x8gdkt99.com/img/static/desktop/sub-menu/ 27 KB
27 KB 35ms
25ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/sub-menu/sub-egame-rt.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

d6f56211af56ba717c38b88388039241f2b99346fb9d4d3ad5d736962174bd16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:15:45 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 20 Jan 2020 07:38:37 GMT
server: Tengine
age: 26810
etag: "5e2558fd-6a41"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 27201
x-xss-protection: 1; mode=block

GET
H2 200 sub-egame-rich88.png
gic.x8gdkt99.com/img/static/desktop/sub-menu/ 107 KB
107 KB 36ms
26ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/sub-menu/sub-egame-rich88.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

64407d4e939630f9c17d1fc9529aa88eb898f54be87413a1a3c733c3f176d0f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:15:45 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Wed, 30 Dec 2020 04:47:42 GMT
server: Tengine
age: 26810
etag: "5fec066e-1ac76"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 109686
x-xss-protection: 1; mode=block

GET
H2 200 sub-egame-simpleplay.png
gic.x8gdkt99.com/img/static/desktop/sub-menu/ 23 KB
23 KB 50ms
40ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/sub-menu/sub-egame-simpleplay.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

fd4c0d9fe7e65a74397a8e2d8a70515df49e7267efb85ddcdd611edf4590cb81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:15:45 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 20 Jan 2020 07:38:37 GMT
server: Tengine
age: 26810
etag: "5e2558fd-5aeb"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 23275
x-xss-protection: 1; mode=block

GET
H2 200 sub-egame-pt.png
gic.x8gdkt99.com/img/static/desktop/sub-menu/ 101 KB
101 KB 47ms
37ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/sub-menu/sub-egame-pt.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

529e6c27cf731ff4f0ec4068357d13790db77eb1fd0840c9e16ee85c42a9f216

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:53:42 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Thu, 20 May 2021 07:59:02 GMT
server: Tengine
age: 24533
etag: "60a616c6-19325"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 103205
x-xss-protection: 1; mode=block

GET
H2 200 sub-egame-sea.png
gic.x8gdkt99.com/img/static/desktop/sub-menu/ 83 KB
83 KB 49ms
39ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/sub-menu/sub-egame-sea.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

dfd45c14ca3a174fdbdb0e50b91589bfc45fa1de09225c45a57eed6819c196f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 14:11:21 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Tue, 31 Mar 2020 06:59:56 GMT
server: Tengine
age: 19874
etag: "5e82ea6c-14ca3"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 85155
x-xss-protection: 1; mode=block

GET
H2 200 sub-chess-rich88.png
gic.x8gdkt99.com/img/static/desktop/sub-menu/ 145 KB
145 KB 44ms
34ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/sub-menu/sub-chess-rich88.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

361c07d73a4d8a9b25c157e7ce448d567212f259e87d05d75ef99bfd6891ed74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:53:42 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Tue, 23 Feb 2021 03:25:35 GMT
server: Tengine
age: 24533
etag: "603475af-242e6"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 148198
x-xss-protection: 1; mode=block

GET
H2 200 sub-chess-lc.png
gic.x8gdkt99.com/img/static/desktop/sub-menu/ 156 KB
156 KB 45ms
35ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/sub-menu/sub-chess-lc.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

b69fafadfbcf102b7733131a7dca18bb7ee67873e4b4981e4d5888085c6088a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:15:46 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Tue, 27 Oct 2020 09:01:34 GMT
server: Tengine
age: 26809
etag: "5f97e1ee-26f56"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 159574
x-xss-protection: 1; mode=block

GET
H2 200 sub-chess-kingmaker.png
gic.x8gdkt99.com/img/static/desktop/sub-menu/ 42 KB
43 KB 44ms
35ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/sub-menu/sub-chess-kingmaker.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

f6a6b807f9640c04c8159f222b84469669b60da97562f84bb7e24ad7eef33efb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:15:45 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 20 Jan 2020 07:38:37 GMT
server: Tengine
age: 26810
etag: "5e2558fd-a9c4"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 43460
x-xss-protection: 1; mode=block

GET
H2 200 sub-chess-saba.png
gic.x8gdkt99.com/img/static/desktop/sub-menu/ 42 KB
42 KB 40ms
31ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/sub-menu/sub-chess-saba.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

015361f22c7e15437f2b6f5b6d9cbbf5c262de03a1172a7adcd183487a98d314

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 13:13:30 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 05 Jul 2021 09:16:55 GMT
server: Tengine
age: 23345
etag: "60e2ce07-a870"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 43120
x-xss-protection: 1; mode=block

GET
H2 200 sub-mpg-cq9.png
gic.x8gdkt99.com/img/static/desktop/sub-menu/ 28 KB
29 KB 38ms
29ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/sub-menu/sub-mpg-cq9.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

61b7c5de716f2a0074f4793a9832d7b6927f436938f7e663a04e02b0e3456093

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:15:46 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 20 Jan 2020 07:38:37 GMT
server: Tengine
age: 26809
etag: "5e2558fd-71ae"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 29102
x-xss-protection: 1; mode=block

GET
H2 200 sub-mpg-jdb.png
gic.x8gdkt99.com/img/static/desktop/sub-menu/ 40 KB
40 KB 44ms
35ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/sub-menu/sub-mpg-jdb.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

3631d5460d399bd92abfc2e8c12c14598404bdaf315ebb9339fa2ca68f70d4b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:15:46 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 20 Jan 2020 07:38:37 GMT
server: Tengine
age: 26809
etag: "5e2558fd-a06a"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 41066
x-xss-protection: 1; mode=block

GET
H2 200 sub-mpg-yl.png
gic.x8gdkt99.com/img/static/desktop/sub-menu/ 27 KB
27 KB 45ms
37ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/sub-menu/sub-mpg-yl.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

7fac282cdbbe6ea80da8176c94bda566c9aec49358b3d8f4737499a4ac13fb5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:15:46 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 06:54:56 GMT
server: Tengine
age: 26809
etag: "605ae240-6cd1"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 27857
x-xss-protection: 1; mode=block

GET
H2 200 sub-mpg-jili.png
gic.x8gdkt99.com/img/static/desktop/sub-menu/ 24 KB
24 KB 40ms
30ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/sub-menu/sub-mpg-jili.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

ff0be046f283ef57e7f5ba69e5e6bd836ac42d8da0e72904f8ab7084e74c2f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:15:46 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 07:00:23 GMT
server: Tengine
age: 26809
etag: "606ffb87-5fbb"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 24507
x-xss-protection: 1; mode=block

GET
H2 200 sub-mpg-fc.png
gic.x8gdkt99.com/img/static/desktop/sub-menu/ 30 KB
30 KB 46ms
37ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/sub-menu/sub-mpg-fc.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

3bc67830907531e4118d514211863bd3babd4d5763772c9e09afa3801d8d6124

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 13:13:30 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 02:33:08 GMT
server: Tengine
age: 23345
etag: "605bf664-7604"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 30212
x-xss-protection: 1; mode=block

GET
H2 200 sub-animal-sv.png
gic.x8gdkt99.com/img/static/desktop/sub-menu/ 25 KB
26 KB 40ms
31ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/sub-menu/sub-animal-sv.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

1ca9d38ef1c86486af4021a9fd5bd1f6ba9193fd2f995dcab261e265de954d30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:53:42 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 20 Jan 2020 07:38:37 GMT
server: Tengine
age: 24533
etag: "5e2558fd-65c6"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 26054
x-xss-protection: 1; mode=block

GET
H2 200 sub-animal-trc.png
gic.x8gdkt99.com/img/static/desktop/sub-menu/ 25 KB
25 KB 34ms
25ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/sub-menu/sub-animal-trc.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

148dc24d28d1a4e30abfc11e93769a56a63e39307a069ef47633b02f9aecff54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 18:35:42 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 20 Jan 2020 07:38:37 GMT
server: Tengine
age: 4013
etag: "5e2558fd-6499"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 25753
x-xss-protection: 1; mode=block

GET
H2 200 16deea75-1b23-4232-8325-dd0599c37c9d.png
gic.x8gdkt99.com/img/789bet/menuBarSetting/ 221 KB
221 KB 37ms
28ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/789bet/menuBarSetting/16deea75-1b23-4232-8325-dd0599c37c9d.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

5312908512ccf6b84186c2031ee96822fc289514a61579c472cfdfbab55a8612

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:15:46 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Thu, 23 Sep 2021 03:56:40 GMT
server: Tengine
age: 26809
etag: "614bfaf8-37376"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 226166
x-xss-protection: 1; mode=block

GET
H2 200 sub-lottery-gpi.png
gic.x8gdkt99.com/img/static/desktop/sub-menu/ 25 KB
25 KB 43ms
34ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/sub-menu/sub-lottery-gpi.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

f5c368d5e62198e7eecb6c6d218afedb1f9272ac597f315ad13e721deedccabc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:53:42 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Tue, 16 Jun 2020 03:54:56 GMT
server: Tengine
age: 24533
etag: "5ee84290-6524"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 25892
x-xss-protection: 1; mode=block

GET
H2 200 sub-lottery-gw.png
gic.x8gdkt99.com/img/static/desktop/sub-menu/ 128 KB
128 KB 40ms
31ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/sub-menu/sub-lottery-gw.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

b8973b58381af44ad2d4bbd0c5cae36a1020118388998ea8088209f8ed6091e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 13:13:31 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Sat, 20 Jun 2020 03:17:38 GMT
server: Tengine
age: 23344
etag: "5eed7fd2-1fe8d"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 130701
x-xss-protection: 1; mode=block

GET
H2 200 sub-esports-tf.png
gic.x8gdkt99.com/img/static/desktop/sub-menu/ 36 KB
36 KB 33ms
25ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/sub-menu/sub-esports-tf.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

40c3b61bd9d487ab17a2d34ef867b06d1cd34abd32a35ade243bf3947b71e27c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:53:42 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Tue, 16 Jun 2020 03:54:56 GMT
server: Tengine
age: 24533
etag: "5ee84290-9091"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 37009
x-xss-protection: 1; mode=block

GET
H2 200 ae_gaming.png
gic.x8gdkt99.com/img/static/gplogo/egame/ 32 KB
33 KB 53ms
47ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/gplogo/egame/ae_gaming.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-AppContainer.331681bb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

35eda180a272192ef4227ac0464a573011579f4bbbb143e4badf78803b5f7c25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:15:41 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 06:30:53 GMT
server: Tengine
age: 26814
etag: "608f989d-819d"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 33181
x-xss-protection: 1; mode=block

GET
H2 200 ae_lot.png
gic.x8gdkt99.com/img/static/gplogo/lottery/ 24 KB
24 KB 53ms
45ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/gplogo/lottery/ae_lot.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-AppContainer.331681bb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

6a3ed6dfbb80483bd83aca75835ca52fe6306b4aae715fe3789a473152e4823a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:15:40 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 12 Jul 2021 03:18:06 GMT
server: Tengine
age: 26815
etag: "60ebb46e-5e63"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 24163
x-xss-protection: 1; mode=block

GET
H2 200 footer-logos.png
gic.x8gdkt99.com/img/static/desktop/ 38 KB
38 KB 54ms
46ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/desktop/footer-logos.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-AppContainer.331681bb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

98a4683214e6d0d6a50d589cc31fbc33a610c31d412db2bc1f94af7c73728262

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:53:36 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 04:24:09 GMT
server: Tengine
age: 24539
etag: "60a34169-993f"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 39231
x-xss-protection: 1; mode=block

GET
H2 200 BTI.png
gic.x8gdkt99.com/img/static/ec-app/ 17 KB
17 KB 54ms
46ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/ec-app/BTI.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-AppContainer.331681bb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

f3a1f58454f85a3b3a9676d3d2a50c04cda8449f3d67f8fc8f172063c70346a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 06:03:48 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 20 Jan 2020 07:38:37 GMT
server: Tengine
age: 49127
etag: "5e2558fd-425c"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 16988
x-xss-protection: 1; mode=block

GET
H2 200 CMDBET.png
gic.x8gdkt99.com/img/static/game/zh-CN/CMDBET/ 34 KB
34 KB 54ms
46ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/game/zh-CN/CMDBET/CMDBET.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-AppContainer.331681bb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

08807a7c05729b2277381e37a2c7ae8a054a2d31349fd721bba40822f3c4a2c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:53:42 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 20 Jan 2020 07:38:42 GMT
server: Tengine
age: 24533
etag: "5e255902-866e"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 34414
x-xss-protection: 1; mode=block

GET
H2 200 dg.png
gic.x8gdkt99.com/img/static/game/zh-CN/DG/ 42 KB
43 KB 54ms
47ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/game/zh-CN/DG/dg.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-AppContainer.331681bb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

f12b62d90efc2add1f9da7cea42d43ede531b123d158281cdd9106207f1064b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 13:13:26 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 20 Jan 2020 07:38:42 GMT
server: Tengine
age: 23349
etag: "5e255902-a9b1"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 43441
x-xss-protection: 1; mode=block

GET
H2 200 evo.png
gic.x8gdkt99.com/img/static/game/zh-CN/EVO/ 14 KB
15 KB 55ms
47ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/game/zh-CN/EVO/evo.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-AppContainer.331681bb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

805b61409cc5fa90c3e372e28c7e91e0e3bb5a3ec0f2a6bcf2060528c991521a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 14:11:34 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Tue, 10 Mar 2020 10:12:45 GMT
server: Tengine
age: 19861
etag: "5e67681d-39c2"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 14786
x-xss-protection: 1; mode=block

GET
H2 200 fc.png
gic.x8gdkt99.com/img/static/gplogo/egame/ 18 KB
18 KB 55ms
47ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/gplogo/egame/fc.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-AppContainer.331681bb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

cfcfc02cb6d5ccefa49395abf07c46d8f7471d055b462dd8c73d1b945e181082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:53:42 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Tue, 23 Mar 2021 02:58:19 GMT
server: Tengine
age: 24533
etag: "6059594b-487c"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 18556
x-xss-protection: 1; mode=block

GET
H2 200 gpi.png
gic.x8gdkt99.com/img/static/gplogo/lottery/ 24 KB
24 KB 55ms
48ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/gplogo/lottery/gpi.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-AppContainer.331681bb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

a787431e5c88c8d1976e2921a247394f0f7a2501520b40bf75a59b4f36cb6704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 06:03:54 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Fri, 08 May 2020 08:08:37 GMT
server: Tengine
age: 49121
etag: "5eb51385-607e"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 24702
x-xss-protection: 1; mode=block

GET
H2 200 gw.png
gic.x8gdkt99.com/img/static/gplogo/lottery/ 34 KB
34 KB 56ms
48ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/gplogo/lottery/gw.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-AppContainer.331681bb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

4a010bc238af86a0e0ff4b32a9dbc6b5a3e60976acb4629fe5477a851e812fa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:15:41 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 03:33:25 GMT
server: Tengine
age: 26814
etag: "5ed86b85-871b"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 34587
x-xss-protection: 1; mode=block

GET
H2 200 jili.png
gic.x8gdkt99.com/img/static/gplogo/egame/ 38 KB
38 KB 56ms
49ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/gplogo/egame/jili.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-AppContainer.331681bb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

acf157b44b0262f4dba16e5bd75a39e6853c2e916b1ec2bb799a89722d2563b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 13:13:26 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 02 Nov 2020 07:09:11 GMT
server: Tengine
age: 23349
etag: "5f9fb097-9701"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 38657
x-xss-protection: 1; mode=block

GET
H2 200 kingmaker.png
gic.x8gdkt99.com/img/static/gplogo/chess/ 10 KB
10 KB 57ms
50ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/gplogo/chess/kingmaker.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-AppContainer.331681bb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

935fd764637d8a4829d80f7caea307aed0a4b5138c1f96a85a12e2680257f675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 13:44:09 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 20 Jan 2020 07:38:45 GMT
server: Tengine
age: 21506
etag: "5e255905-28b3"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 10419
x-xss-protection: 1; mode=block

GET
H2 200 lc.png
gic.x8gdkt99.com/img/static/gplogo/chess/ 77 KB
77 KB 57ms
49ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/gplogo/chess/lc.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-AppContainer.331681bb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

04bd434bc383bbc1aa88bcd0f372fd42da999ec407a3a4f5f513b48eac824d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:15:41 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Thu, 29 Oct 2020 06:52:54 GMT
server: Tengine
age: 26814
etag: "5f9a66c6-13503"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 79107
x-xss-protection: 1; mode=block

GET
H2 200 pp.png
gic.x8gdkt99.com/img/static/gplogo/egame/ 12 KB
12 KB 57ms
49ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/gplogo/egame/pp.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-AppContainer.331681bb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

fe7631e2ac8739ea6f637767a9e076fdc3d3f2715595ed8bce61341139e1338b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 18:35:42 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Wed, 16 Sep 2020 09:57:56 GMT
server: Tengine
age: 4013
etag: "5f61e1a4-3008"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 12296
x-xss-protection: 1; mode=block

GET
H2 200 rich88.png
gic.x8gdkt99.com/img/static/gplogo/egame/ 12 KB
12 KB 57ms
49ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/gplogo/egame/rich88.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-AppContainer.331681bb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

12591070831924c5a7cf08a67f80cd88b8f36105225deba5ca0fe6f9bb44aeb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:15:41 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Wed, 30 Dec 2020 04:47:42 GMT
server: Tengine
age: 26814
etag: "5fec066e-3121"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 12577
x-xss-protection: 1; mode=block

GET
H2 200 saba.png
gic.x8gdkt99.com/img/static/gplogo/sports/ 10 KB
10 KB 58ms
50ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/gplogo/sports/saba.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-AppContainer.331681bb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

fa987218e7efeb82927c252873dafde48f4f8da99e47480827e2b29ea34b854d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:15:50 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 14 Sep 2020 03:35:18 GMT
server: Tengine
age: 26805
etag: "5f5ee4f6-2695"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 9877
x-xss-protection: 1; mode=block

GET
H2 200 SBOBET.png
gic.x8gdkt99.com/img/static/game/zh-CN/SBOBET/ 7 KB
7 KB 58ms
50ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/game/zh-CN/SBOBET/SBOBET.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-AppContainer.331681bb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

ab57700fdb599421cc9fc2a1c973c8e1feaabbe7d5dcd942e380a4e65e265e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 13:44:09 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Tue, 02 Jun 2020 03:46:04 GMT
server: Tengine
age: 21506
etag: "5ed5cb7c-1a99"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 6809
x-xss-protection: 1; mode=block

GET
H2 200 sea.png
gic.x8gdkt99.com/img/static/gplogo/egame/ 6 KB
6 KB 58ms
51ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/gplogo/egame/sea.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-AppContainer.331681bb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

7c2d514402d1dbfe1af1d99eacd1de576ac96b8c70a5f0ae752e5559927dced1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 14:11:34 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Fri, 06 Mar 2020 10:30:58 GMT
server: Tengine
age: 19861
etag: "5e622662-171a"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 5914
x-xss-protection: 1; mode=block

GET
H2 200 sexybcrt.png
gic.x8gdkt99.com/img/static/gplogo/live/ 65 KB
65 KB 58ms
51ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/gplogo/live/sexybcrt.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-AppContainer.331681bb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

9e8c7b16bdb225dccb52875fdc17333b66159aa14575289046f8eb2aeeb1c4e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:15:41 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 04:32:12 GMT
server: Tengine
age: 26814
etag: "606fd8cc-102a4"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 66212
x-xss-protection: 1; mode=block

GET
H2 200 simpleplay.png
gic.x8gdkt99.com/img/static/gplogo/egame/ 11 KB
11 KB 59ms
52ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/gplogo/egame/simpleplay.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-AppContainer.331681bb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

e3feea5e1a1569b0cfd1891be48152bd07631d3bdc18b0c49d51427219533dac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 13:13:27 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 20 Jan 2020 07:38:45 GMT
server: Tengine
age: 23348
etag: "5e255905-2a8b"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 10891
x-xss-protection: 1; mode=block

GET
H2 200 tf.png
gic.x8gdkt99.com/img/static/gplogo/esports/ 38 KB
38 KB 69ms
62ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/gplogo/esports/tf.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-AppContainer.331681bb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

ea4ae56d306fedc6c7ec89e1121bdc2d52e234e4c6c0671d5d6797bc46a34090

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:15:41 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 14 Sep 2020 03:35:18 GMT
server: Tengine
age: 26814
etag: "5f5ee4f6-98a4"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 39076
x-xss-protection: 1; mode=block

GET
H2 200 wm.png
gic.x8gdkt99.com/img/static/game/zh-CN/WM/ 14 KB
14 KB 69ms
62ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/game/zh-CN/WM/wm.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-AppContainer.331681bb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

185804562463c3857353b2f821d9ed7089883f80361ab79cc35a0babb00da763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:15:42 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 20 Jan 2020 07:38:44 GMT
server: Tengine
age: 26813
etag: "5e255904-377a"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 14202
x-xss-protection: 1; mode=block

GET
H2 200 yl.png
gic.x8gdkt99.com/img/static/yabo/mobile/gplogo/ 8 KB
8 KB 69ms
62ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/yabo/mobile/gplogo/yl.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-AppContainer.331681bb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

95fa17bbb864a1bcec4b2fadcc343b6b4918a4e6ef4a9c60832a175e9db47587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:09:56 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Tue, 23 Mar 2021 08:08:17 GMT
server: Tengine
age: 55959
etag: "6059a1f1-1e13"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 7699
x-xss-protection: 1; mode=block

GET
H3 200 / Show response
vsa46.tawk.to/s/ 77 B
384 B 132ms
129ms XHR
application/octet-stream 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619c9c3d75b/js/twk-chunk-vendors.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f9d46ba167500c9eab853ef7c787f50da240ae4b1a72fe92150c8d23cd12d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:35 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://www.0044789.com
access-control-allow-credentials: true
cf-ray: 6b2ce1ae7a105b8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77

GET
H2 200 bg_hotmatch.png
gic.x8gdkt99.com/img/static/789bet/custom/bg/ 9 KB
9 KB 248ms
244ms Image
image/png 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/custom/bg/bg_hotmatch.png

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-Home.6bb0d360.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

6ed61bed7d68960c626fa531acb773748b8046410a19d3dfcd0f61c28261a916

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:35 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 07:26:05 GMT
server: Tengine
age: 0
etag: "5ff2c30d-237a"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 9082
x-xss-protection: 1; mode=block

GET
H2 200 T_8977.png
cmbi.licimg.com/TeamImg/ 13 KB
13 KB 1127ms
136ms Image
image/png 75.2.9.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmbi.licimg.com/TeamImg/T_8977.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.9.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a119a55988045f685.awsglobalaccelerator.com
Software: nginx /
Resource Hash: 3f9bf04839c7fd298477bebd5e8cdfa7f4dc77a812d5f8a8106e9a38ce39cc49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23-Nov-21 16:01:26 GMT
via: mly edge
server: nginx
age: 13270
access-control-max-age: 86400
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
x-mly-cache: HIT-cn2poseidon-mb1
cache-control: max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *
content-length: 12809

GET
H2 200 T_1977.png
cmbi.licimg.com/TeamImg/ 15 KB
16 KB 1122ms
131ms Image
image/png 75.2.9.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmbi.licimg.com/TeamImg/T_1977.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.9.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a119a55988045f685.awsglobalaccelerator.com
Software: nginx /
Resource Hash: 2973bca5a0a9325899724218fc2bb20f89aa3e8e0802796eea1b0fa88e6d5de7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23-Nov-21 16:01:26 GMT
via: mly edge
server: nginx
age: 13270
access-control-max-age: 86400
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
x-mly-cache: HIT-cn2poseidon-mb1
cache-control: max-age=259200
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *
content-length: 15852

GET
H2 200 prev.svg
gic.x8gdkt99.com/img/static/789bet/custom/bg/ 559 B
656 B 480ms
477ms Image
image/svg+xml 34.117.85.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gic.x8gdkt99.com/img/static/789bet/custom/bg/prev.svg

Requested by

Host: d1lzoljld5a2bc.cloudfront.net
URL: https://d1lzoljld5a2bc.cloudfront.net/ea19c953a07bc914958eb35ab850a429/static/stylesheets/d-Home.6bb0d360.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.85.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.85.117.34.bc.googleusercontent.com

Software

Tengine /

Resource Hash

ada63f03cfe73c662bb7ecb042ff404e985e40705b30428d9acdf0a8ce546170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1lzoljld5a2bc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:35 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 07:26:05 GMT
server: Tengine
age: 0
etag: "5ff2c30d-22f"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public,max-age=28800
accept-ranges: bytes
alt-svc: clear
content-length: 559
x-xss-protection: 1; mode=block

POST
H3 200 v3 Show response
va.tawk.to/log-performance/ 5 B
384 B 251ms
250ms Fetch
text/html 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619c9c3d75b/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.0044789.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 23 Nov 2021 19:42:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: visitor-application-preemptive-qzbf
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.0044789.com
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 6b2ce1af5d065cb6-FRA
access-control-allow-headers: content-type,x-tawk-token

GET
H3 200 / Show response
vsa46.tawk.to/s/ 4 B
310 B 622ms
622ms XHR
application/octet-stream 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619c9c3d75b/js/twk-chunk-vendors.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.0044789.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:36 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://www.0044789.com
access-control-allow-credentials: true
cf-ray: 6b2ce1af5bfe5b8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4

GET
H3 206 Gioi-Thieu-789BET.mp4
sabasports.vn/wp-content/uploads/2021/09/ Frame F856 5 MB
0 42ms
23ms Media
video/mp4 2606:4700:3035::6815:30ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sabasports.vn/wp-content/uploads/2021/09/Gioi-Thieu-789BET.mp4
Requested by: Host: sabasports.vn
URL: https://sabasports.vn/nhan-dinh/gioi-thieu/?EVPInstanceName=fwdevpPlayer0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:30ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://sabasports.vn/nhan-dinh/gioi-thieu/?EVPInstanceName=fwdevpPlayer0
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 23 Nov 2021 19:42:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 498929
Content-Range: bytes 0-6939854/6939855
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 6939855
last-modified: Tue, 28 Sep 2021 12:57:53 GMT
server: cloudflare
etag: "69e4cf-61531151-b910126cf1b3dc4a;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TgqdKHcq7wHimkPb4F0YiYJZRJV%2Faogx7TM2kw73Qxq9kVgBMwTiWbnGMjPst2OuHjuR5tf5a8biRx3mSA16p60%2Fjl4zmPUExOXj1gEEWUiXPCmtuNk%2BqF14JQx8WguGZwxVlQ8H78KuJNMP"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 6b2ce1afcdad434b-FRA
expires: Sun, 30 Oct 2022 17:13:07 GMT

GET
DATA 200
OK truncated
/ Frame F856 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F856 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F856 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F856 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F856 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F856 515 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F856 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F856 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 200 / Show response
vsa46.tawk.to/s/ 2 B
303 B 128ms
128ms XHR
text/html 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/619c9c3d75b/js/twk-chunk-vendors.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.0044789.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: text/plain;charset=UTF-8

Response headers

date: Tue, 23 Nov 2021 19:42:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: text/html
access-control-allow-origin: https://www.0044789.com
access-control-allow-credentials: true
cf-ray: 6b2ce1b28a465b8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.0044789.com/	1970-01-20 16:26:08	Name: _ga Value: GA1.2.172021760.1637696553
.0044789.com/	1970-01-19 22:56:22	Name: _gid Value: GA1.2.679964725.1637696553
.0044789.com/	1970-01-19 22:54:56	Name: _gat_gtag_UA_154984877_2 Value: 1
va.tawk.to/	1969-12-31 23:59:59	Name: ss Value: mtqg9j8sgo
va.tawk.to/	1970-01-20 03:14:08	Name: tawkUUID Value: mAeYQvsmIcx6pm1ZkXIxCKtzAxG3X58SEnIEPwpQcv1Ep%2BVynfgIsJX1INoVUY0%2F%7C%7C2
www.0044789.com/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0
.0044789.com/	1970-01-20 03:14:08	Name: __tawkuuid Value: e::0044789.com::y4jJvcqgpO2INuQ6tNHOlc9uteuMTF90gMkoc8oVa+PklHAt6zVkW5p7Blv0XDQS::2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0044789.com
api.0044789.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
chat789bet.com
cmbi.licimg.com
d1lzoljld5a2bc.cloudfront.net
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
gic.x8gdkt99.com
sabasports.vn
stats.g.doubleclick.net
tawk.link
va.tawk.to
vsa46.tawk.to
www.0044789.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.21.45.173
172.67.217.9
18.66.242.23
2606:4700:10::6816:1983
2606:4700:10::ac43:2642
2606:4700:20::681a:f9e
2606:4700:3035::6815:30ed
2606:4700:3037::ac43:9be7
2606:4700::6810:125e
2606:4700::6810:5714
2a00:1450:4001:80e::2003
2a00:1450:4001:811::200a
2a00:1450:4001:829::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c0a::9b
34.117.85.46
75.2.9.70
015361f22c7e15437f2b6f5b6d9cbbf5c262de03a1172a7adcd183487a98d314
0258bf0904baa243eb5f64f1607f3f568ac3aa3290b3f50f673968c71344c37d
03ce7ebfff30309a70f8fe7594cf8bf9bb7e0cf58f538eacd85c137d1312834e
03daf7a8569dbed85d0354765ab67c1b52e9375470f5660e3f89d66faea23b16
04bd434bc383bbc1aa88bcd0f372fd42da999ec407a3a4f5f513b48eac824d67
05921d984b321fb5299059d699cebc3a9f4ac95c422a527f0ce636ba76ab92e1
08807a7c05729b2277381e37a2c7ae8a054a2d31349fd721bba40822f3c4a2c0
08d2910ef7aaa954d961b3a29a45c812cde3cffc11299401642c3de0c184b9e4
0905ddafe25bd90e97d04d313a9a7b102cde9618cb453bd61a81313db3a2acef
0a3154242048886042ccbf02251b012eb412f151d00f4292bf1fb31cf4a68af1
0aa0af4eb29e8ac243d5879f4b1b70cb4dcab4069686ee082ad9a11f16392cc1
0b7f8cc1fc0329854db4db405437c1a355e637cca85d6b4cb872960d1bed4d66
0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093
0ccb478d99c70983a638dc63ab94060e6a31a8c2f8340349802a5a20dce023c1
0def226314a55521605ee951146ee758d7c66b2fee7728a43abfb32359964683
0e57bec557285fc294829456287b3cd01b6b09123d4909dacfe276ffe86dc153
10fc5839d57e5f9a6e730bb0926da7559d06c5ccef2ec2ebe5dc439511c1e5f0
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94
12591070831924c5a7cf08a67f80cd88b8f36105225deba5ca0fe6f9bb44aeb7
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
13d55abd832b8736ff6f17bf7f647b1c99f516f2ca9c0560390e85751ddb88db
148dc24d28d1a4e30abfc11e93769a56a63e39307a069ef47633b02f9aecff54
14b6bde477ba49bd64621710b165c031b99912720050d27c11d34ee8d85e9453
1553a34cf0dc2e4a75bbade6917489c37f160cc92d696d5d9fbe93580ef4418f
185804562463c3857353b2f821d9ed7089883f80361ab79cc35a0babb00da763
18e76ebeb4eee0b3c6cae98629331d4a0e235e5ed6d251b3dea30a753c69e4b5
1bf7793a2a5954fe069121a43d0be3ca85ff8c643512a652711ca74c348a6806
1ca9d38ef1c86486af4021a9fd5bd1f6ba9193fd2f995dcab261e265de954d30
1daa9aeed508a21751effcafb008901249ac71333b8411f05829ba9a715e44e7
1ec121cc7acf73e0a7820d68f1d2c1489a6c62c6cfbc6aff17fe334f070d59f1
1ecd085b6d0693df4081d97f01b27b60d82418b83da600a340d6efd629f7c591
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
206fc7cb8ab707a47cb9001784fe6e54a7644c2f153ca6108f36d1d729b2e387
21c8f2696b8417d57cdcbc5c381bf45a4e445d2d6d879dd596743d2fe4f03733
21f189b7cde357b5f7d2ab45861f8f483753db06a34af426f564a9cdd7ae908a
226a8a9c833fadb8330b91dc2903be461b949b045e990a9b571511ac147f110f
24151e54cc24d65770c7948ff91ed9f2bc1baac50cde99a385f01dc5f3173787
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2939d503669bca3ebe668a03346c2017ab68775ff88d162c39042339e75bb8f5
2973bca5a0a9325899724218fc2bb20f89aa3e8e0802796eea1b0fa88e6d5de7
2a6456f429aee349d2acb22ebe72ccfb01834827730713fd104245bdb1fbf144
2dbe24b8ee1358b68bce58cf447bdfcec9f911b2c5ea38c3e37d00a9f6b44a93
2e2a9e8e74db737f5f7e3ffa34f960680c95d5d5476b85e8264ef1fc03b53972
2ea9a24c2955a79386475728f261e6f38982124e001fa9aebaffdc8bb3447cdb
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
2fba2ac8608fe3ce05136e27ce4089b57f4354f5b1a277191c55c10540cc52f4
3038260a601ccdd8713c05690b9ea8361995a0f2a919e3695e4e8615b7561779
307ee679d7e5d6ac7e01a6b03a5a596a4561f5c42d82838fff601df11ec5cc4b
32bfb46597bee314d9ab44740eae5d2b5517109d9e4ebcfd7f9784eef4e764a9
34533e0e1da75160a7daf8a64a6c8e84d3ee9b9265695cfdf0ce3ce7ccac0139
34b634c0b17bb0389da17aae6d64c2802440177ea610e24222c5d42af937bcb4
35eda180a272192ef4227ac0464a573011579f4bbbb143e4badf78803b5f7c25
361c07d73a4d8a9b25c157e7ce448d567212f259e87d05d75ef99bfd6891ed74
3631d5460d399bd92abfc2e8c12c14598404bdaf315ebb9339fa2ca68f70d4b0
385455c7f55554fb2d4dcef5eb2a379475147fd63a954884f3a46240eb6ef7b0
3863f2092572a4ec71880c5384595f72f2d7814676457d9128a36d9e5120d1b9
3bc67830907531e4118d514211863bd3babd4d5763772c9e09afa3801d8d6124
3de59e87db198e91281d2e8f3fa2976b139b0a762dff0508517c1382488c61b1
3f9bf04839c7fd298477bebd5e8cdfa7f4dc77a812d5f8a8106e9a38ce39cc49
3ff69a27d502fca86bbbfe86817ad61f14e13c74ce0a322c3114a80a820a6cdb
40c3b61bd9d487ab17a2d34ef867b06d1cd34abd32a35ade243bf3947b71e27c
42730bb6eb12bd4b3b538a75cf12083af01ada88d5d21af46758040cfd38b912
42cf5f03163131c963a64457f5181412895ed005f20b240beb17bcfa1ddbf5f2
4363825b669197ebe99ed70d350951734cb3f4d7ff46409fce039062a59d006b
44a68220884d21ea5483c6bb05d32c21b935d1102440727deecc37a5708b747c
44ce9b90d44125ebbff44b241c64abd21490f913ccdcf2d75017763d24a2c18a
46485b65ba0197e72cd2a9d2ed53e31ba90cc80f75ce3f2ed1ebc5a39308f81a
48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c
48e435043523e38e0cdfecb4cb7f9b3e4a8ef19ebbd824f460295d3772771876
49775116c750ef4742a54b34e3cf3ca23fddbc77eed382be0aa4bf002bf9633c
4a010bc238af86a0e0ff4b32a9dbc6b5a3e60976acb4629fe5477a851e812fa2
4a3673e1091a93904c80dcf417e59750be653c8654fbad630a4f498319cd6bc7
4df214e9ad07730bbb3aa5e5559f4334dbdb524c272e66c03ec3824b05665003
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
520d4402e91d1b879403e7585b6dd84dfc3f691346475d07ea7aea6eca7a63b0
529e6c27cf731ff4f0ec4068357d13790db77eb1fd0840c9e16ee85c42a9f216
52f8ba38b18a99c0ac541ee20b8e4b3cb5040c135af6eca9dd1ace1765dcd30c
52f9a21978756a69b5f4de7e913bacb37e82758e69b3afb16d9689e2e476c504
5312908512ccf6b84186c2031ee96822fc289514a61579c472cfdfbab55a8612
533461b193edbed6323b1c64dedf084dc094c2ac65c967717769e0be873b10d6
535179cc6c3736a3aabf97c371c03b29d3c2cd0d4afd33e868e7d9ff08c652bb
5427a0989677c664a182ee558d36fec6a3e2ca14b25efd8f7bd8f18fa184a42c
544aa3eb0220f0b92a95fe258a5e1a7504a67ced4fad452a5d01131020fbf87c
545f418271886b06363660dd9e8332f28f5553bce6000d826ebefeb69d4859d3
55de9aea931a301bc9bd025d5cab05f962026a3d0990f1cbe833ef4d5be193f5
57df47a99790f4eeb22224de90360a66ecc5987f1c2328b8b7ad2ebe2b03e2d5
58cb4d0e354cc6e12bab771c01286315893b2a40c8bee12f8c09cf56386cd6ab
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5bbd66f96f0929c435c17b7a4be87d6f456a764b6d08b22f766bff613ad92e24
5e8fc049f5a9b19d186895c468f38e1aa1a629c802b2f510cfc080c1dab4df61
5eb5a0a0c379b06865226e9a825e43bf7cb2be4020fcab4d4b3ba13c8e8cd69d
5f1ff23134e488054ee07d7a90e8be99de7d80c6b8665bbb257d5db16c6e4f2c
61b7c5de716f2a0074f4793a9832d7b6927f436938f7e663a04e02b0e3456093
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
639aa4c8ad661a11e224477b370b429755c069a93bea83b84b0a170cc3a2663b
64407d4e939630f9c17d1fc9529aa88eb898f54be87413a1a3c733c3f176d0f1
644c0cf90210a8792385583869bc6d6e69208f88d4d2a6c7099f8b92227f03ac
6641efc12e2e1730e90db18b9757898ff3c9d0100fec9c099de5dc9ad40933db
68ffc6b38a5297af54d5668b186f4c6f13752a7e39c62068ea4822178dfa5a7d
6a3ed6dfbb80483bd83aca75835ca52fe6306b4aae715fe3789a473152e4823a
6cb55dbfadd93b87021f5281d31950151aa41e0b067c0c134f60331fa5243e89
6d0a579d159eaa2f54ccab7e39447a1f73c2ad8555050dbf5eca2de3e6a8fa94
6df2ce1dd3eb2bb0e0e5418aa6cdf26ff6cd382363f5d72b56d1befbec4131e5
6ed61bed7d68960c626fa531acb773748b8046410a19d3dfcd0f61c28261a916
6f9d46ba167500c9eab853ef7c787f50da240ae4b1a72fe92150c8d23cd12d3d
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
7079830d071839bda9da1fef71b1ad8761ace7f72d96c7099d8c6a1e5730b1b6
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
71ef7d5fe27824e46402c33c5513a38d7b331cc7ef0fcefd5b9edcfa0b7ded42
7390361837ec7fc0a6eef661002829d5a1edd0b7f64d47522564e5280e8662e3
74d0adc2d2ee0b99bca780d6b1e433c6050f947cc44e205ce1c700bbce158687
7c033a9c5b65e4603b6ff89191536f9f361856b70be13a3ce39f0457efe641ee
7c2d514402d1dbfe1af1d99eacd1de576ac96b8c70a5f0ae752e5559927dced1
7d268276817369f9cd3e4c4a6b306e4a996b512faa1174fcf9b559958564d62c
7d93d70ac14b5317c1d4dfb148fc233b7327f551724fde68adeb468ee2990b53
7e4f1204445556d7a0b42d4066ba0221c5f1526925f03f2e53c249de997eff4c
7e70b15671af30f64bf6814da401ea00941f43a7166aa1affa4123b987567c77
7fac282cdbbe6ea80da8176c94bda566c9aec49358b3d8f4737499a4ac13fb5a
805b61409cc5fa90c3e372e28c7e91e0e3bb5a3ec0f2a6bcf2060528c991521a
817819c23dc8810f48e7a1297e9e5c612a511d9803081b186981c0ca6dd8f36f
82730c7ccb9712641da9a12c51e644b42d6f2c8f8f6fa0cd385d9c18e376433b
827f1d89ebac10b551edf79aa30ed390d97658db3bba7912f548a78cc4a95731
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85fd0378b2914219ac08716d21fa2335694a6fe9094328d3de179a4dff8762c7
860bd64d0aa6be6db6d929e6ce8754115fac96c371fc2b32a53fc549604f0194
862b37ddd70f1bd7c2d38ccbf02382d78e01a21792be2f9c86b6b762401e1878
8679c992d10ed3daa402e1c839defa668a5c75e5aa76cd21af26a1c83dbb7a26
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87ff0e6524ba58f482ee293b2a119a36b2a10ca1fce920af43002f7a9c8aa4f5
88f59339ba11be0922c30a708108e1d7c8ef99ef65fa6c2a29d7d35ccb1fd3cd
89748c2a7b7964388b9ee8c855a25786f4eb723ed90fd15c306393614740b713
89ab7fd53e99ea2991d6e35b55bc1771aab327d0e7a1ffb016a1a7c8f000cd28
8bd77028b07b7b765f161b4dac969bd767dbc5645513662fa6d1a6dcd61e6a4d
8fe32e407a1038ee38753b70e5374b3a46d6ae9d5f16cd5b73c53abaca8f5ed0
9182d77fc4eac92dd0fedecc9c3724e87589d96cd8089d936bf7efec1d968268
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
935fd764637d8a4829d80f7caea307aed0a4b5138c1f96a85a12e2680257f675
9364d25055d2e9833948e3a021ae9ea009ce5f28bbdec8fe85a722eff9f2daae
95b2a1141516341bc25bff44592f0344675315ab893c5db938a79c817cdccdeb
95fa17bbb864a1bcec4b2fadcc343b6b4918a4e6ef4a9c60832a175e9db47587
979946319d4246666edfeea4b9ec174b868d25e6fb3931c0d30fef2d184254b8
9886a54f907a2a838103f0630b0785c428f3e7043b968ebea9c89ea8e06b3026
98a4683214e6d0d6a50d589cc31fbc33a610c31d412db2bc1f94af7c73728262
9979ee317be535f7127478786b7eb448517154c4ed022e4696d4820b0ad38da0
9e8c7b16bdb225dccb52875fdc17333b66159aa14575289046f8eb2aeeb1c4e3
9e970c41e0d55f68079dbe46168568134136cd34df77f79c4b10f14fa9f77f1c
9eadf95091f401494f85e4229dec2880f04bd9653e2744c3948e3e1c2152f757
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3505bd6dd66aad5c98e4dab25045f4fa12024e5cf68062e0d53aa91cc0d696c
a73226fd2fc41c124ea66cd77d631b851b2ac5facdfb7b494fba9e4f2ebdd149
a787431e5c88c8d1976e2921a247394f0f7a2501520b40bf75a59b4f36cb6704
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
aacc874455999c8de8834a3ef99c8b9bec81e230eba01c953ec286e7a1ad99a5
ab57700fdb599421cc9fc2a1c973c8e1feaabbe7d5dcd942e380a4e65e265e1d
ab7e38bcb406361b40f17812e2f55fe89e9c1f32fed926f0169ebbbeffd1a9c4
ab8541baef711689bb8c4131b9a2470c2ed28fb213842de1c278bbea027de038
ac2d20b60512eb6f28f11020788ae9845f0506429e74567dd7171c06f2dd3b5d
acf157b44b0262f4dba16e5bd75a39e6853c2e916b1ec2bb799a89722d2563b0
ada63f03cfe73c662bb7ecb042ff404e985e40705b30428d9acdf0a8ce546170
ae052954c54d759fd28b06de78890071de1a0d169e593095c32180f7d9df312e
ae3c9a6d9cb299a9ee66ce5827ff8541353d76a708ce6c096d68ed3755f7ebc0
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
af53c4c578123e79955afe9a6bc9ba569d4ac6e28397942f5b99851983d49f91
b02dd6001f6ae95da85edd87e3406bd44bf55067c3ffd732ac810de74772fc60
b367cd106e944ee1de969e10f449c09af67976576504e289768ebf5f4c8c63dc
b436f67c010727e22f74ebefae0667199c47f6a2272e0f09091354a24f9c9bc3
b52d72c118f0b57b8466bef7908134135f959237f048527bdeaba2585d293f58
b58e8b657d33bf1e2e0a217c69d85bfb251d4601507a7865d23d9a4054f49cbb
b69fafadfbcf102b7733131a7dca18bb7ee67873e4b4981e4d5888085c6088a3
b7817203a1553cadb6e72a16ed45f37f6b83943037a3cf2e16a5be912f736664
b7f79bd0cb1af198ca7b3f0b1cc361b56757efa03921238d3527f36e974f6d52
b7fc007eeb0532daa5fe85c4d7f515b9c02bac65305cc42620eb78df272a3753
b8973b58381af44ad2d4bbd0c5cae36a1020118388998ea8088209f8ed6091e9
bb94ebe9718dddddc412d9054b58d2ec39bea39d4f40e2181bafc4fb21120c19
bbf2626d6e976a0f13e3ddce37c0337368c3b132925a268aab82a46081a3ba1a
bee6941ed516b5992b64a009f9a2fc0130192920c3d4326a67386718c4204633
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c441a4185403c04c6660b68f8e08dbb2c1006c6a0f792fd454216a35b73fc867
c5a4af3b51b46c797e14e4ed7b6ae62ec509cd3a3a780f7c7ea355f8221550e8
c6a34398510c9d19472a3d7055ad9c84889bc3ce3c8b1e278c8e944e599be42a
c9cf33d49eb2358d9ee94945d53ad38566cb0786ccf1a0bc9f8d6866ee8fb700
cbde0bd4cdf57cda37654d4c2d17dd074d6c3d9bf808815e34447723fefaca9b
cf427f256e5d44aef2765db91b0d9cfd1340c9d2f15334f2be3b9e7d0fbfe19d
cfcfc02cb6d5ccefa49395abf07c46d8f7471d055b462dd8c73d1b945e181082
d5cc66e29cfcdfee566f695160e728503373f7e0fb4eae3a79d30133a4d905c9
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d6f56211af56ba717c38b88388039241f2b99346fb9d4d3ad5d736962174bd16
d71fdccba5c419e2857c6d199fd604479e62f5dbc8471ad631c580c504ec4d73
d9e5778ccf19e2f8f0ba30faed6afb41131bcabc1d1e9256a6d9d03b912fd299
d9ffa941505101a850c302e25823d32ce53244400bcdb79d89b39e1435e827a1
daf47a92fb7acc3f5f6867fd74b6a73670c44a7afeef4f65118fed47e82b6622
dba8cce6cb9a8f34b293dda987c4fae2682d1dd7952a859ec4ed75056b1c81ef
dd95c2a63339d497c7e5d84c853be0eebb0b84f63f911621ee8aec90c1f39101
de18f83fe5e106b0ff08097632c801d3b2a5744cb2040302314b3ed08d5c0c8e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfd45c14ca3a174fdbdb0e50b91589bfc45fa1de09225c45a57eed6819c196f5
e0498c9f75d3ef4a8ace2206aa90714f9d6a414d59b45f3d7777c4a1b8570445
e20e37a59f87a262f9c4c00f01473ec14e73bc3f1c6e461bcd18de0172df745a
e213e65c763380d18a7ceef40c02e137cbd1187c127ef0cb1cc210b7b4d57025
e218e3257ea6bd8da126a3e95f9fb0818fe7e5124c5faeb2809f014a16cc1e7e
e3feea5e1a1569b0cfd1891be48152bd07631d3bdc18b0c49d51427219533dac
e472c555cabcc44b154ada6f2ae8cf4f512b73799bdeff1987da5029065a8693
e77be405da82c9e4c5919d61155e8feb6f9d92de687869371cae9ab04f9b9bc0
e7c665d507094cd8f0ea91c7c3768f165373634055521a1750a9a6bd686937ed
e944b59257f98629fb0697c78d1edf328065bdc15456f24e9fc3afdb67880e38
ea4ae56d306fedc6c7ec89e1121bdc2d52e234e4c6c0671d5d6797bc46a34090
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ed706c2986c9f95ba978a083def38fe449dc8b969925f6e963ccdd6c75a8931e
ee87eafae5c6c2cf07f3358f35f1ee1c54180e4fc39d6e76594ce1e4c222b36e
eeda9cb5f76cac3da30ced713ece45ce727a26b66de907e80332ebc662762b5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbb55f89b07923b52df1e122f4f42aa4e43ab0f13be60711777cefc85d67bdf
f05f75aaa19eb798167a3935991525477c14fd5878605fbeb3d93963b79eee9c
f1204859c11895c0104ac5bbf7eb1360437b6e71e21d3c9482041d6a49305e4e
f12b62d90efc2add1f9da7cea42d43ede531b123d158281cdd9106207f1064b0
f3a1f58454f85a3b3a9676d3d2a50c04cda8449f3d67f8fc8f172063c70346a1
f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f5c368d5e62198e7eecb6c6d218afedb1f9272ac597f315ad13e721deedccabc
f6a6b807f9640c04c8159f222b84469669b60da97562f84bb7e24ad7eef33efb
f87c43062528d95f0e1ca33f8a91dae73e71584c7a0f9621db153d0e12546570
f99ac3b65163541a0eaafe48e4756b7486c63b045367830071735443e5267ee3
fa987218e7efeb82927c252873dafde48f4f8da99e47480827e2b29ea34b854d
fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867
fc4bcbaa05af7e5e39f23d66d53eed1a629122863355321524bef18226159f3d
fd4c0d9fe7e65a74397a8e2d8a70515df49e7267efb85ddcdd611edf4590cb81
fe7631e2ac8739ea6f637767a9e076fdc3d3f2715595ed8bce61341139e1338b
fee12500ba7ccf4548e9ae4885c0b2d6ac554ad6b8d8c6a7ebca2202d3822d19
ff0be046f283ef57e7f5ba69e5e6bd836ac42d8da0e72904f8ab7084e74c2f97

www.0044789.com Open in urlscan Pro 104.21.45.173 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

226 Requests

100 %HTTPS

74 %IPv6

17 Domains

21 Subdomains

20 IPs

4 Countries

17108 kBTransfer

26646 kBSize

7 Cookies

11 Outgoing links

Page URL History

Redirected requests

226 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.0044789.com Open in urlscan Pro
104.21.45.173 Public Scan

Screenshot
Live screenshot

Full Image

226
Requests

100 %
HTTPS

74 %
IPv6

17
Domains

21
Subdomains

20
IPs

4
Countries

17108 kB
Transfer

26646 kB
Size

7
Cookies

226 HTTP transactions
9 data transactions