urlscan.io logo urlscan.io
SecurityTrails logo

ad.gem88.win Open in urlscan Pro
2606:4700:3032::ac43:adae  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm...
Effective URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm...
Submission: On January 26 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 85 HTTP transactions. The main IP is 2606:4700:3032::ac43:adae, located in United States and belongs to CLOUDFLARENET, US. The main domain is ad.gem88.win. The Cisco Umbrella rank of the primary domain is 202230.
TLS certificate: Issued by GTS CA 1P5 on December 28th 2023. Valid for: 3 months.
This is the only time ad.gem88.win was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
62 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
4 23.200.88.195 20940 (AKAMAI-ASN1)
1 209.97.168.10 14061 (DIGITALOC...)
1 2400:6180:0:d... 14061 (DIGITALOC...)
1 2a03:2880:f01... 32934 (FACEBOOK)
2 2001:4860:480... 15169 (GOOGLE)
5 23.206.172.41 20940 (AKAMAI-ASN1)
85 11
1    2606:4700:3031::6815:5025 (United States)

ASN13335 (CLOUDFLARENET, US)
ad.gem88.win
62    2606:4700:3032::ac43:adae (United States)

ASN13335 (CLOUDFLARENET, US)
ad.gem88.win
1    2607:f8b0:4006:806::200a (Colchester, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:4004:c07::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2607:f8b0:4004:c09::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    23.200.88.195 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-200-88-195.deploy.static.akamaitechnologies.com
cdn.livechatinc.com
1    209.97.168.10 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
api4.storeip-shopify.com
1    2400:6180:0:d1::61a:e001 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
api6.storeip-shopify.com
1    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    23.206.172.41 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-206-172-41.deploy.static.akamaitechnologies.com
api.livechatinc.com
secure.livechatinc.com
accounts.livechatinc.com
Apex Domain
Subdomains		 Transfer
63 gem88.win
ad.gem88.win — Cisco Umbrella Rank: 202230
1 MB
9 livechatinc.com
cdn.livechatinc.com — Cisco Umbrella Rank: 5963
api.livechatinc.com — Cisco Umbrella Rank: 5415
secure.livechatinc.com — Cisco Umbrella Rank: 6663
accounts.livechatinc.com — Cisco Umbrella Rank: 7278
338 KB
3 gstatic.com
fonts.gstatic.com
70 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
288 B
2 storeip-shopify.com
api4.storeip-shopify.com — Cisco Umbrella Rank: 303905 Failed
api6.storeip-shopify.com — Cisco Umbrella Rank: 271266 Failed
476 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
160 KB
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
57 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
1 KB
0 gmwin.io Failed
gmwin.io Failed
85 9
Domain Requested by
63 ad.gem88.win 1 redirects ad.gem88.win
4 cdn.livechatinc.com ad.gem88.win
secure.livechatinc.com
3 api.livechatinc.com cdn.livechatinc.com
3 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com www.googletagmanager.com
2 www.googletagmanager.com ad.gem88.win
www.googletagmanager.com
1 accounts.livechatinc.com cdn.livechatinc.com
1 secure.livechatinc.com cdn.livechatinc.com
1 connect.facebook.net ad.gem88.win
1 api6.storeip-shopify.com ad.gem88.win
1 api4.storeip-shopify.com ad.gem88.win
1 fonts.googleapis.com ad.gem88.win
0 gmwin.io Failed ad.gem88.win
85 13

This site contains links to these domains. Also see Links.

Domain
web.gem88.win
Subject Issuer Validity Valid
gem88.win
GTS CA 1P5		 2023-12-28 -
2024-03-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
livechat.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-16 -
2024-08-15		 a year crt.sh
*.storeip-shopify.com
Sectigo RSA Domain Validation Secure Server CA		 2023-08-02 -
2024-08-02		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-05 -
2024-02-03		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Frame ID: 603A1D3F8FECAED0E20208C539B57BE7
Requests: 80 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=16649625&group=1&embedded=1&widget_version=3&unique_groups=0
Frame ID: F43E24C43B9CFEA528CF11D0B081AA26
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm... HTTP 301
    https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.livechatinc\.com/.*tracking\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

85
Requests

96 %
HTTPS

73 %
IPv6

9
Domains

13
Subdomains

11
IPs

2
Countries

1909 kB
Transfer

3640 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428 HTTP 301
    https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

85 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ad.gem88.win/
Redirect Chain
  • http://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
  • https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.18
Resource Hash
f197c1afac6573bbb722c97cb190a86beabdc6410f027f19ba267e677fe5eab7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84bbb1286aa84bcf-BUF
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 26 Jan 2024 21:01:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yV9MGdG3d%2B%2B94KJihmHYZyuMJcIHo3EB%2Bb4%2FQvtGVTOM%2B93VV%2Bo8A9vKiiPS%2FwYw%2FLbXFbQ9AtdqU5m8j1l1sQ%2Fdvwc%2B2ph8EVCZYeiQLxtazWg9ZDp%2FBocqCpw9Lgl4UtL%2FSFFBzWFnh80%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.1.18

Redirect headers

CF-RAY
84bbb1272a374bcf-BUF
Cache-Control
max-age=3600
Connection
keep-alive
Date
Fri, 26 Jan 2024 21:01:35 GMT
Expires
Fri, 26 Jan 2024 22:01:35 GMT
Location
https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7h4sxE2v6u0Vt9vObnU8A%2FlvP48mUMJC8rAN4vrF4GIAmEwS6TUeJBP7pY%2F6X1Q%2FOZ3mSiFgcx%2B78e5VpMMSwNVcDsPgnRoD1kiUF%2FXCXZZUFy7CgsMcR9SU2yodROvAefDI1GiyDI1gGy8%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:100,300,400,700,900
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6bb18753865e24b64d4ffdc33cf87d83ef112d23fe18adafab4dc99939f6e0c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 26 Jan 2024 21:01:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 26 Jan 2024 20:58:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Jan 2024 21:01:35 GMT
style.min.css
ad.gem88.win/build/ 		225 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.gem88.win/build/style.min.css?v=1.0.8
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a5dabcd9588c0e8c628952107c2c0bd572087ee84a8ea75ffddcda87d063a7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:36 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 24 May 2023 09:43:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"646ddc3f-383f9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3SRmD2%2B0s%2BuK%2BAOZOG5SZG%2FgHUu9uDHvJQi4boGcnL7mgt0qA%2BcQnEZ7VVpl97DzQaCUamD1zpbJ%2FngRiNHklQj88jkOA4ZYvra4rI8N5PH8%2Bxk3gA2WPOJu1ZSXgwIUIwVt14wPOcXWpkw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
84bbb12b8bad4bcf-BUF
alt-svc
h3=":443"; ma=86400
apphd.min.js
ad.gem88.win/build/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.gem88.win/build/apphd.min.js?v=1.0.0
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fddeffd4b4a71238d91e4d88e216ef4c20d77ab9010017d559c1c48220b1d69f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:36 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 24 Nov 2023 16:14:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6560cc01-15544"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qeOvbkXCiFoCdCkLEfOp3a%2FQF34VnnlciVwyyzVn3i1K1%2FDVhQ715HM06%2FtCyHqNZ2ALtFwqAUIYd6Esj%2FFqwETHMj01mN2aulh7w9d8uXQZ3RZNO7GVRMdWy0faXGwOwAjTCohEu32FhYk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
84bbb12b8bae4bcf-BUF
alt-svc
h3=":443"; ma=86400
thumb-header-lazy.png
ad.gem88.win/images/ 		199 B
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-header-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
595eb22f555f9317ce271066d3536a64b5628d8d99c22e8844c48297b770fce4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:36 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-c7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7VEECuYKWrTuBAXP9NJ2wmpMOIGIRfBtsgaTsooJrtMuZYLyGPVlE0KpTWRYpGFz%2BXz4kom8GLh1VTMp88c5OFizOHwBTscynE5CE6i7nuMK5FLYwN3ALo4FPgWeve3ymL3YrtoZZrmjdk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb12b8baf4bcf-BUF
alt-svc
h3=":443"; ma=86400
content-length
199
thumb-header-mb-lazy.png
ad.gem88.win/images/ 		189 B
487 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-header-mb-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab11db15dbc833f5586d15f59fa66b8cb1aa7d1086985d8c8b82b4b7d91f078c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:36 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-bd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GtgoFnwJfnnfmttm4Th3PIk%2Fc7in4aswdg92GKoVRMtfXCGCoiP%2FwA8tA0Lm2qYj9OsXdvVF8iUdNMcVZnvGOzN%2FWDTcFji9Gle5qrdRnYUPuezy1ufJx53%2FRoGM%2BsyJQlEjJqXJ6R9aHIk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb12b8bb04bcf-BUF
alt-svc
h3=":443"; ma=86400
content-length
189
jack-top-lazy.png
ad.gem88.win/images/ 		112 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/jack-top-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64e213916d9877bca7d7dae986f5f87c6fe7699316371c948913c216b93c41f2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:36 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-70"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=31oOnJRQHqCHka%2BbxLglZMF5tQRhYo8IO58roK8m5PJT1MMgXZ3ylBSepG3Z3Q6JK2%2Bf2AMmI4aPRHE6%2BCG9rmkVDMUjGbIYnLZV9li7ZVmUfT0kTe%2FTjwFpu9ioxcFydNvURpOAht7Q15g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb12e9bfe6aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
112
tab-lazy.png
ad.gem88.win/images/ 		110 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa715f294b6d9b97487327a36ebd9038d88d3832a31e35bc65d1f2e84d1cee2f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:36 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-6e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ccgTXsNaoR5%2Fjks5cqUTrg7EXOoCK9YjmizKZOnRnnAFTPOM2qJXHDoxfK1CoctbMymoEbZQsdjzSWAv3A71xtP1MCy55W%2BW%2F4q1ojtJmO5zxYd9rN%2Btvb6Ys2RnRi4fLS%2FfhFH%2FLqQFL7U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb12e9c006aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
110
tab-active-lazy.png
ad.gem88.win/images/ 		110 B
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-active-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45e64a2d90de9f35073296ea108245328541ba68b6553bbeb5ed5cb6a8528176

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:36 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-6e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dM9%2BiKFZH2PZQUISh9LNfVabv9kkB8%2Fqia%2BbL0hBk%2FAThbR2toaAeu58fz2ptYZb8MFdupCHSvOSf2k6VoeHKnsPxx1MOcL9Bd6deoi0xhrI%2BWI8ubAglBztjy4CPOx2sQaubK8%2F4WtITUc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb12eec146aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
110
tab-full-lazy.png
ad.gem88.win/images/ 		111 B
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-full-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08e1ffda33d81046bf53cb65a20acc3dd4249e3c0e4e14b0e39f85e04194e98a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:36 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-6f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jvNAsi6FTazvGxOv6JMBwtcQMSe01brx7AxwDuJUxeYuNGSrj68XK4AYCXtEqkuajq4C0R1XHlCOZ5RRkvAM%2BIcPyz5nOG8gMaOljlg%2BIX9%2BFVHHry9DahK5eWMLllEyo22rWHMt3UHDY0c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb12efc166aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
111
btn-lazy.png
ad.gem88.win/images/ 		116 B
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd67f2b53732ab3114169952b7564c7535f82d1bdc74dd1862520e521c9c25b9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:36 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-74"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1niWSx%2B0m0jE%2FovYJgKH9%2FO9xp1Gd4x1CUVhuI2e4M3N0KZh%2Bbey4%2B6lOpWKLYabRfISgMBZA%2B%2BVGazYDgeETpTXTe4DNnfr3Hm3diZDSXbxHLrjTltIPqzUpd1onjfUZ7TSxjTj1SspJ1A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb12efc186aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
116
dacotaikhoan-lazy.png
ad.gem88.win/images/ 		110 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/dacotaikhoan-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8850ad2a073a4e12ff7984cdc1d8a1815020c76f2e7cd96656fe04d0e4e31f2a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:36 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 14:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644bd254-6e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V90jy1e6OtQtYSkMuQad810RSWn3NZhYgKMnFEY0Pqwnm%2FR8Ti373IUknCwGVq%2FMSocTvkgG4zN%2BZk4m1IVsivOSjkXjGbrwuyYkVMRnrYQrUu6yplO7o6ge8YJWKoBPfuksTyFhPSAB9Bg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb12efc1a6aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
110
btn-dl.png
ad.gem88.win/images/ 		145 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-dl.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0342a64f0d2ab3c294b31ca7b129729f4128731f037a4201fcd6e12a184d7cdc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:36 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-91"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEuTc0Uyl8FfhIvqpR7u4tMSX71P%2Fvlxy4bkIc2G3K0jCRt%2FvSpiaoSWCjN7VdddVJbCubSYqa8Z1gQl8LyC3OcNhpEDYNVCUemneuAMFY7JSjx6B%2Fk2QFWcBqxw7IA2A26in1LonP5thFs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb12efc1b6aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
145
thumb-thank-lazy.png
ad.gem88.win/images/ 		256 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-thank-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c91fd27f6f8293117478def18959bf5053f3dcf98ebb6347905974f6113f163

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:36 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-100"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fVmG6b9yJ%2Fvs90LrwTVK7eNU3aFOUctJiP43naKHC5B0VRnGFSfjxM6Mo6z%2F2Bk0AXL7LJRIr9PmXM6haSXOzep0K1Dtg3i7yE1muyxUlJcmVNS47kjbSDg9CaJ%2FBNGHE%2BxgMwOK2alrWmU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb12efc1c6aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
256
hoac-lazy.png
ad.gem88.win/images/ 		111 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/hoac-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de851a1267df76e4648aaa1059368f8156ab759db4ef70da4245dd6326e7cef8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:36 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 14:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644bd254-6f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWBuZlsNvEcQsgw5wdFo3cHRv7I81KrdoeRC9OPSxIxT86AyzPnxbarIryjgtP3Yk%2BS0DxnMxkJlYCgTgAr%2B%2BN7MSXMPMuhcMwUtgfUkNuMcUze4JTNPVR2%2B0gar0gLXqQ0AcTCJ%2FP082MA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb12efc1d6aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
111
game-lazy.png
ad.gem88.win/images/ 		117 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/game-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65c82fd39e63e481e8718fbc5507615e8d88331056eb7a3b5454ac94bd7faeab

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:36 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-75"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fV0P1DRbG8W1fc2H57W5YrCl8UkGHlA2Ww%2BeGMAF9QMkYbfZ10jtzeTTeESt4f8j7%2Bm7vOrJUTrmzjUfDAVSAnOuVQ27TfDl8NYGU7C7qpqZVw0HVKFtUNjSOQ6IzAsRI1ZpRcKEf%2F0ocP4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb12efc1e6aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
117
thumb-adv2-lazy.png
ad.gem88.win/images/ 		121 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-adv2-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa49fbae9156dc680c02ec2554ef484426e2a98f0f0d16b3050c951f1a031d67

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:36 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-79"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQH2GoVIKU%2BpwtguqBvHcSGgjPmjXZZjcUNxA1%2FJCVdzrBQ3c4FLA1GBrtdDPUfA%2Bm8GgRFxdY1JuZ9m9tCoKi34O37MCBh%2BixQ%2BNEEvNgNhIqWq5w%2Fj2bVDvx1GlzQJNPgVUZr%2FWku3eSw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb12efc206aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
121
loading-lazy.png
ad.gem88.win/images/ 		96 B
562 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/loading-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc3cade2468407b0311a0bb58b781b1ca93c01c1965c49e41ca133d694dfd316

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:36 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-60"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nbSW%2BcSn9GR%2BK3HN7QyVkubh4MfJHC9lhISf2Oc0E%2F8NvgVxi%2Fz7sBszD0Ok8HPXm4eFMAOGZlq471ilBCZhaL2bHwtx9Pt4b9G1NbBtkBMwOyiS4%2F8GH1aYT0jNP6TtoK9%2FyCPwNzx826o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb12efc216aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
96
app.min.js
ad.gem88.win/build/ 		276 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.gem88.win/build/app.min.js?v=1.3.6
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
707a7ed66ec0a3a3a48dd9875948c4660ece2725b6b6aa03b635b2d30060aa1f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:36 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 24 Nov 2023 16:14:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6560cc01-44fd2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=itR8MLrfkeNGWXF%2FT6tkmRiSLTGZr3zGvoyfF8pxTak78yadaMMhf2QVKE0E%2FTtmgIJ3%2B50hCVSPnCo6ra3%2FeDJHSmiXg9GE6oZCYsrzvu6Ev3sd7vqnrOLsIRvJtcb51R1S53xOvZ29juE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
84bbb12efc156aed-BUF
alt-svc
h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		187 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P4HXMRQ
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c563b01db1c58687057f8d0565fdb4db2e401a403d32cde9024f16cbbfafce83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
67533
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 26 Jan 2024 21:01:37 GMT
tab-lazy.png
ad.gem88.win/images/ 		110 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa715f294b6d9b97487327a36ebd9038d88d3832a31e35bc65d1f2e84d1cee2f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:36 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-6e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T4pDMb6p6Q0HS%2Fdv3dZB3jWLcs9nIbWBkLQ9jXiKT2LOCBIxtnDWSyWn%2F1fTpZ6Od5zW8WaNQQV80vBifMB5xfKs1HldhWbIcfKis6L%2FLUK5Oc8N1FSrAEy3TTkJ4Ej63J26QxFCFOCB%2F%2BY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb12efc226aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
110
tab-active-lazy.png
ad.gem88.win/images/ 		110 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-active-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45e64a2d90de9f35073296ea108245328541ba68b6553bbeb5ed5cb6a8528176

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:36 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-6e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Z03bvX2yb1jzcRm9eGzZ%2F0RD6B%2FYWr%2F%2B9hLXVm%2FxLfFOPDByFrKzFMi0sEmlvKa7Gb%2BYpwasF5Sdnvot3hPfCVbkc1wUJX48X764W3XFufcXOtx1AJD77PY%2FoW%2FVtnte8RF3KKH49JjX2Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb12efc236aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
110
btn-lazy.png
ad.gem88.win/images/ 		116 B
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd67f2b53732ab3114169952b7564c7535f82d1bdc74dd1862520e521c9c25b9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:36 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-74"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ifX6rTZitfzI0ARo%2FpnMNVCjdYCeEzetyPvsaCBxEXTvwTxUgiRQeQ9W5MeUL5Pe01c3Y5tzT5IVAHcPzZPDf1%2BPwufQ5dmfxuhmbspYDngTjBoT59%2FS6g3gUSj9ifkJh4vTUXAD6fiTNVw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb12efc246aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
116
dacotaikhoan-lazy.png
ad.gem88.win/images/ 		110 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/dacotaikhoan-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8850ad2a073a4e12ff7984cdc1d8a1815020c76f2e7cd96656fe04d0e4e31f2a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:36 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 14:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644bd254-6e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gcxPkal7S46na%2Bcd3CZhPI6GPKNZaPDmEp8AUlbKdgIgH0ClltPPX1obArQFgFNxCR3fKBeez9W74Lr6fjFswPamSYFOjtpBbsbCPT3G%2B67UbyHvXjuyEUpBdVpc0u1vseJbbZD37ulKh9c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb12efc266aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
110
btn-dl.png
ad.gem88.win/images/ 		145 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-dl.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0342a64f0d2ab3c294b31ca7b129729f4128731f037a4201fcd6e12a184d7cdc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:36 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-91"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=It9raKRY17E5i3tbRLKTEeqPdLSXFXQ0MRjvVm7D6j9NQ2K7HQFrZ69Zmfn0ou%2BaQ5uOindQ6Ejrns2aLaOhbKp1%2F7knDRKHAaDwWnHxbW5EEyIeLPtjJ3fXixE%2BAJeyatqP2SeKSX5XRYg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb12efc276aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
145
game-lazy.png
ad.gem88.win/images/ 		117 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/game-lazy.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65c82fd39e63e481e8718fbc5507615e8d88331056eb7a3b5454ac94bd7faeab

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:36 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-75"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qG2IGESj%2BO3eDaFOoEa%2BLIVPncYihOHmhbBq%2FXtehpuo6kG%2BnB1sgIPQJ0Pk6lt012EQF8eTtxUmqs816JEc6k5r0Nnk4JlaogaWbNnPyBG%2FhaOvl0vxWFdQOG8srAKEWFR3KtshCDqIfO4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb12efc2a6aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
117
bg.jpg
ad.gem88.win/images/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/bg.jpg?v=1.1
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd7fe97d8b0b2a686e232ef2a8b711f5195bc543f5b660e684685c7e66b8f2f0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:36 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-f17e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WeFFkJAN0OB%2FPr0wFpbfl5fKMQBf2GtSHhOppBvJqpXdaKqQAX5Mz2iFLmxNPMHFbdbUN0WjbyyFolLiCwK44BBj9t5otc8iqi3jQLtelZA%2F5F95tgOGeTQYmXxVsN414rsOzRC%2B5fCa%2BBk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb12f0c306aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
61822
bg-jack.png
ad.gem88.win/images/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/bg-jack.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
762ead9dbd6081f969db272c17bb280daa359f45e2f82519531a2392ca4fcaf1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:36 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-cb3e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3o2C9tMIwSlvkS%2F%2FAhEI5QdmuehaW9rxHMVWwpQl%2F8GpWA0D%2BmT2WnWBGPGzJb4%2B%2FHUfavM6vh6PC4K5P7FNDeTm6DGSiScgnp0kreMxTBSCyLyXsudAE6O5%2BcP3RgTxp%2FzmFyWAknoDGck%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb12f0c316aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
52030
bg-form.png
ad.gem88.win/images/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/bg-form.png?v=1.0
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3ba98f60481267b1d7e20f2743d93ed2bba4daf00c9104801d8f51f4d7bf77c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:36 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-73f5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Je2Q4jE34sIzPkJ0MUGnK8OoGwlYE1u2K8hEH8DE6IDM2S1dSGpC%2FUKuNU07r2KMuQK1y7UQ%2BGx%2BH%2BspuqLImbwT%2F1vPM4%2BnZRbzAR%2B6JkljJA762Oj78hOE63huDDJ2g9JYlNA58EwOgm0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb12f0c326aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
29685
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ad.gem88.win
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 17:41:07 GMT
x-content-type-options
nosniff
age
98430
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jan 2025 17:41:07 GMT
tracking.js
cdn.livechatinc.com/ 		89 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/tracking.js
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/app.min.js?v=1.3.6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.88.195 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-88-195.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
de5b777102b32b22b3f991aa9b80a6717627320c5066c8a95c464f5ed3f48dba

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
MOcccbsyoY3U3zni.c1w1U0C4q61EgD7
content-encoding
br
date
Fri, 26 Jan 2024 21:01:37 GMT
last-modified
Thu, 25 Jan 2024 14:13:59 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
etag
W/"5207eeab3f165c63891a636c1077768b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=28800
x-amz-cf-id
k3Y3sRvWc34bCFF2ZurkNc7FPMhwNIYRlJtHHf9GTGNrzy6QcrU7_w==
content-length
27414
expires
Sat, 27 Jan 2024 05:01:37 GMT
collect
api4.storeip-shopify.com/sw/ 		0
0
collect
api6.storeip-shopify.com/sw/ 		0
0
res
api4.storeip-shopify.com/ca/ 		12 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api4.storeip-shopify.com/ca/res?command=storeClientIP&affId=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_source=clickadu&utm_medium=popunder&utm_campaign=anw&utm_term=1980428
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/app.min.js?v=1.3.6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.97.168.10 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 26 Jan 2024 21:01:37 GMT
server
nginx/1.16.1
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Authorization
access-control-allow-methods
GET, POST, OPTIONS
res
api6.storeip-shopify.com/ca/ 		12 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api6.storeip-shopify.com/ca/res?command=storeClientIP&affId=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_source=clickadu&utm_medium=popunder&utm_campaign=anw&utm_term=1980428
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/app.min.js?v=1.3.6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2400:6180:0:d1::61a:e001 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 26 Jan 2024 21:01:37 GMT
server
nginx/1.16.1
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Authorization
access-control-allow-methods
GET, POST, OPTIONS
collect
gmwin.io/sw/ 		0
0
get-rank.html
ad.gem88.win/ 		2 KB
858 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.gem88.win/get-rank.html?t=1706302897000
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/app.min.js?v=1.3.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.18
Resource Hash
7525736d739b59796b56174150af76f23d160430519ec5a288ec465d82de202f

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
X-CSRF-TOKEN
9c930a3233f304da29f8f2ba6ae0d3c5
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.1.18
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQ0uJXKovOqlLZ1FAuEg6muMPOwUhO%2FXuB1%2F8p%2FdEXR4ntnywaqSK5277Ygz1KW4d6u6c742%2FgRGS7zyrTEa0VF9VfrAn7Nl%2BbXuXbfzIzJhJXVUUooz8F5UVvZUDwyFNKk05g3Z5K74OD4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
84bbb1331d606aed-BUF
alt-svc
h3=":443"; ma=86400
notifications.html
ad.gem88.win/ 		1 KB
774 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.gem88.win/notifications.html
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/app.min.js?v=1.3.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.18
Resource Hash
fbb66a6d1a22666f5497ebac652b3f3fe4d2b85cb50f1027ad4a21235a2f652b

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
X-CSRF-TOKEN
9c930a3233f304da29f8f2ba6ae0d3c5
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.1.18
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FA06%2BD7Wspn5gdT9vVR3O7ri%2BwFGCqjhOzVR5RF3QH3vRnfYZi71FpSxUTXZahEmOFQzH%2F8TuBda5UikPKy9GixTRoaVVUb1ZLHd7APQHKglfCHNwSPGSd3SsBfRXtUJdYk9KpvBx8M5JJ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
84bbb1331d616aed-BUF
alt-svc
h3=":443"; ma=86400
thumb-header.webp
ad.gem88.win/images/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-header.webp?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
637bc10ddc6784ea531a496255c1d649b56800f5e26dcdc2f41c31c244353761

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 16 May 2023 09:46:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64635110-108d6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v5Iyhhy6qL241tFpW1xhy7xz58IRDD6uIJ2BugRBHnj2YPwKpR%2BWMIlTzV6keGGS2hdpU4rMfAm2VZDuwKs6CuIPh3Pb2i7tnjUAe02Lo%2BydADhGyS2uPpxbNIqyh9JP0F1lWvwRmqHANrs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1332d636aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
67798
thumb-header-mb.webp
ad.gem88.win/images/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-header-mb.webp?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698a7dd29e741793552da6fd4cc98192ad6da8478aeaa0443e27f57f4e9481b4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 09:37:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b93de-e102"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=POxmcmriizbi8uEU6NvnXw0yoBPbeNFx1ooUJNjwgXLSckXiYQ8fuAdrtJGQ2lm2pcaMHj2mwKbrVq9d%2BcXA8BXi83EtwPR0D5FT7%2FA7tDyW3pOEYt5sgj%2BMrZLK5yADyGIMazlUqz5hehw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1332d656aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
57602
jack-top.png
ad.gem88.win/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/jack-top.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
150e991344277d2ed02609b431389e719a7133fc719ad8caf9e5b24740e8d694

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-2101"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ryQ04SWMIF3zOyuEapNI2hMEpoki7Lw2T0arN19ncQ95%2BIKooA43neDGbnNhC36Bqtk2QUE7bRpSjMUi%2BQKfJpHdVwU5ZARBTPs158OS23zNR3Br2zW8FCPZnd4jFsoe2Kaq5d7%2FThpCcA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1332d666aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
8449
tab-dangky.png
ad.gem88.win/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-dangky.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3717be19007b1fd3ccc6c03c33d310ea8e7d3e4d51bc8ba27e617b5f5b477403

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-187a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dAFV57iF6Kggso6Ww9NZtVqctFNRaLuD9CT%2FyYvycG0UypnM2%2Fv3MA%2BCEBVlGeQ6Pjj4s8Jmf8G%2F0WcrEPol2qM0MJz%2Bi3PiO0PSl63Tf88IDwPUqG%2Fy2jEg%2B0ogehJwC5MhtM1Y1veKyNs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1332d676aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
6266
tab-dangky-active.png
ad.gem88.win/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-dangky-active.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40e20d0623dba65f3a7be919bd1b4213c5759ea7d362598e2fffcd03ecb72ade

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-1e90"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yeKEHciuCG7viBUWR00qyGtR%2Bb1adU9tl%2BTGhlHUfLijRugWheqmavbqQSggqdZp2Y%2BquPHgSubovmS3ivd%2FLAYGYosT%2Bt2yOKtTEoyMhc76VCrmfNhuz70svhXCPbUnUTqwpsi36J4kfhc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1332d686aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
7824
tab-dangky-full.png
ad.gem88.win/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-dangky-full.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6658297a10eb33e2d3d139f9cea73e2885635495fa475cc4f1fdf41c2ebac72

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-2723"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L77ux3xjRiU43UV89pZGdSB01z%2BSgs%2FTLcL0NP83wGz7qNyUq3Fb3xia6pv%2FsBLEjpy1O%2FgiTy1jcKzuGb6YC4O62ea19mmd8G3lF3M468ECnFd9fzQmfIMecugoNDOIT%2BJFe9UnAVGdr%2F8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1332d6a6aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
10019
tab-dangnhap.png
ad.gem88.win/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-dangnhap.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a82b32ea4fcf428a441750c401b3a4752f501995403538889c6d697db4e265e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-1947"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LjyYVFJDWg8O2H0q4r5V7T3D%2FDV0xoeK04nWoUzqy3md2bjAIpSJGnWtGSLRM3gx8hGvzzuxCQfk4S%2F%2F4vJUGbwJ33fnhhDQI0OPCC8sHzSNiIYQBnHQgzpJNJUD%2Bbe6RSs%2Fp%2FV2NmgokPI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1332d6b6aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
6471
tab-dangnhap-active.png
ad.gem88.win/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-dangnhap-active.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e66619ac22c40ebb4b8ac9284325bb301e77423dee32a5bf091a8d0e8894ff45

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-1fb5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zpmYKCHEyzlIYhWfPG9a8Pqzbx63zcG1rE2bDveQckYHDBo%2BPGOG3IN7SZDEW%2BHPCORnZ8LJe2saMkEOFsWpxDb2SCKDzb8MSL9kG2qPaniUiS0qGZS8NESMqtb3KcP1qKt5pYG5NPENJsI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1332d6c6aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
8117
tab-choinhanhweb.png
ad.gem88.win/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/tab-choinhanhweb.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df4c4d50f9082a8d502245115432b004535b78dfc6dcc5d4f206e875fabc5575

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-20e9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ww92eAxu6kz6xwDzliBnWSWO6NzPBQd7NETDDkHujSKMi3sIVW%2FfNhtulco7Rhk%2BcBzrh2QK8rESHZBI6W7h5VPDgSuhymaPiVmtHuO9EDTiJYMAR8AeY6PHpHBKHMpOMnbvDiju51%2BZQK4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1332d6d6aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
8425
btn-dangky.png
ad.gem88.win/images/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-dangky.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3c6d54c27cb6f6eb3986a10b70080fce7c6378d873340cb9856a7d41e556127

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-61c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7NHjMBZv6K0r7wJSaYNqAUvlVv5sgBIv38iPkUpSY%2BcV75tE5wpxKaEu9VAaSfqrlbGzUgDh4beFJbMhoWQtKVrr2ZoaHGQxkcKuzdJFMZiOD61RXyXh1YlJybTiDenG%2BYPdWOGHZ2dtHHs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1332d6e6aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
25026
btn-dangnhap.png
ad.gem88.win/images/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-dangnhap.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36c64ee60a979a9056c04de2092ff68c0744e24029d7add30fc6c7342d3e47fb

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-599c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mBReLiY5ErkBJxaIp0%2BeNztXkWgHTJstiJ4YrM3JjVCC51cqgzdIFrGhH%2FN0IjgzzrlpSIGEaPyPj0FZZTq7kCk6To9v0LgkPNulE4%2Fe%2BpjboccTrrIBqXqEv6bOSEga45Ra8%2FpLrAf0nBY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1332d6f6aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
22940
dacotaikhoan-v2.png
ad.gem88.win/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/dacotaikhoan-v2.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1334fc4f83d8709a632ab9fd8d22c4e2868b30534f58d11f8a029456666dcc71

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 16 May 2023 09:46:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64635110-157b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O4eLULZtCXoEJhDbT5b2UX6SPgU5IE6THwNzXATh9v3PkNd47tXEtwBmtt1%2F4uv9HstOQ2qVtDiVJlBPR6fV%2BCNqx7hy9d%2B5HV9rdk7k0cC%2BVMbG4Qfgdb4JoWbcz8leIsrKdoxcr6UY4aI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1332d706aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
5499
btn-playweb.png
ad.gem88.win/images/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-playweb.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbcad0512f42296a7388501662662ef64652a9daa3fb39147352b657b61acb9c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-f69b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BPQIjRwUp1YsmdZX5IaYq1bNNpXzZenzaKty0wMqgTW1earWTy9O%2BicDHasSlzeZyGko2nPopzwbwJqosSvjYPnEAmf0QqV499dm6Tr%2FMPkd%2BfHyQiKaEHYNfIuYLUYyaWCrSIrepZnUoYo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1332d716aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
63131
thumb-thank.png
ad.gem88.win/images/ 		225 KB
225 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-thank.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c9d6b9b0ae9bc6c9c0059e96e8d679b82a868c59ec1e9bee350bc6e2edf2186

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-38349"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zHhM3f4Ck5cU%2BNGGGzzMNpnmm2%2FuBX8YDF2a6%2FW3J%2BVy2m7oP8Kyvsmmr9RggXmgmi6e8PppYP54SQBBif2bun4o6mIDfZxTubmHPFeuuDD%2BoCjffmaPYKO69EICofBfL1Hu4wlqogt5U14%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1332d726aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
230217
dacotaikhoan.png
ad.gem88.win/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/dacotaikhoan.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c5da9fa4f696362b6832648e51af1420004535e4e8267bf0dbbf289dbb51669

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 14:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644bd254-2d24"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a1EfJ1A8XrxCGC0U7jB5YLDYx0TCnGkDnT5%2Fkg0i0cFn%2BNMSLoDCJ%2BM59lwDofjwIgkrTozkLoatU9JKrRIPSZJKqL0p%2BacOH2N8uo6ecD1sHrqOYKJIISGKfSMrf1rmVarO2EScl5i3zII%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1332d736aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
11556
btn-android.png
ad.gem88.win/images/ 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-android.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0210b490fceb299ba4561c1fc0a13f330191f5ee0aa4a17a4e700abe1037b85

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-1c1c8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XxngMcFTfbHBs3Yb%2BFfpSO%2FUR37LXoYB%2FnVQssZqgpZg9LGXIup7PtLrUNSr1KyXTIrOj%2B%2BZG2IerIDbl%2F1tg0d4uqj96jcYsDWtDoPjKBV98OwNTindgXMog%2FR%2FvdBpE3YWh69%2FUXQIBsQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1332d746aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
115144
btn-ios.png
ad.gem88.win/images/ 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/btn-ios.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9ce5a276819119f1b6223228d236ffdf3d8d83014b08a4e1c909310fd261f3d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-1c02e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=22hE26x7bwbb0Ej5TZArX1jFK8L5T0waEDuAi67tVI3L9YquEm1bP8e1OPb6RjYRwV96fUG1x7ky5kgQUaJStLLAlrOhiLSV3DKTBmPZyt38YOfrJV%2FkoWAC6c%2FH0QA4NSHfgxiZfT4tUlE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1332d756aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
114734
hoac.png
ad.gem88.win/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/hoac.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae34e2543ec92b8c440339855cf1829b8107fdecb3280d43ba905b59715f6fc0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 14:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644bd254-fd8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HT%2FWUdNt3G3VA%2BgQ2UvbqVsLnnstZT5btepG7NnF0MN3W5aGCNnlbTjJsVXtDyPbCcgH%2F3aOnwAmgJO%2Bizu0V3yYPhXvrYfUse%2BbjA9RhI0WLc%2Be6b3p%2BuiVV9XY3oLm6F44rjuht7OB3T0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1332d766aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
4056
game1.png
ad.gem88.win/images/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/game1.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bc27df30f2056611a375e141bbd6ed4de7f7574a0acc2f265cd52fa8a7d72e6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-8ac6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b2rDkiFvuD0D9tzxcUAk3fir2766%2BhWcK78fT2fJtdwmFkkz06UJp0EVh7QJ1r8GpfHGqnHw68aTXVkzG8F2ddfOMZAD7bUkoALH7hBNaq0iwCnpZAMknbZrof3N3PyFScPdoB0WV766Qvg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1332d776aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
35526
game2.png
ad.gem88.win/images/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/game2.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9d251e4fae4ce41096ac504dcc8277b13509f3b21716fa6bf2bbbf248299428

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-83a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzZk%2B%2Frx35GButVsFsD8NwNqr8aSJa%2FEKudUakDHD8VHCQiwx9IMjW0LXlStDhsuGZHNV1IZs9MtTDrb%2F0Q48Nj97vitIzHO%2FLHD5jTg41XR%2Bd7QQ%2BXGYEjMo1tDl6XRacoWJNkUxuwwpLQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1332d786aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
33705
game3.png
ad.gem88.win/images/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/game3.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a914ae4cdbc9c034bb19398eee3bff1effe990f4f934cd704842fd4b79ab01

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-8898"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FmsbguCkJTODd3%2Beij91ZbMoLRzHBUKTh1r8Xmy379rKXlwVkhGd%2B%2BAyXJfxBKnCVoFhf040F0d8THhlvaFKyuWMNILDyoZEdlXuMoaHZO%2BUuxsOwzes3vWvfQ9uPaAwikRc9dxHNAN21ws%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1332d796aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
34968
game4.png
ad.gem88.win/images/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/game4.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb2489c0eeffa420686b1bb54575790cadfeb3344d2063ac26bb38d4e1ee9c5b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-5a8c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XPU8ZZMiIez%2BMGB3qSQBi67aYXjdPvcY3dKM6cB5A4k0QxdeKZGYO8WmMJ4BxrmEC5KxuZHxcgdeoH0gqO98ovBR97hjbJYiukNmq6Qnyi3fTtGNEMcw7bm6FFOxSzxfmOei0KmdCAhkttM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1332d7a6aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
23180
thumb-adv2.png
ad.gem88.win/images/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/thumb-adv2.png?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bca08b5abefcb969515978e1a62cdc71eedb282539de0a93da72ef604ddfb905

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-8eed"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cn73bBE%2B1SQeSo6VWZYcX01V3rhnOa1VEch1RrKvoFec57xybdcbtZAEgf5DXO5VxOxBvKNc6AxkzYDDla4N5szsiimmlLnG%2FGpmfcpogu%2F6a9DgcjA2kGgGjyGQ9%2BvjdynxOFFYWFHYYLM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1332d7b6aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
36589
loading.gif
ad.gem88.win/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/loading.gif?v=1.0.4
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ade47c7bfe9cb00a16c8b4fa265aa07e8fa676f051e23d1d8a4fbfdb86fef1b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-663"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6Dp6GafvLQ2wL8SZycI3p3wH6uEwYHT4k7cACsboVnpbY36%2BhRpgvW4RIMU2yREEIajJD2ixMIApAeyy8mS2%2FTdXKmtNDQqyJdN0UAcV%2FNdiPMi%2BrxyWJUsQt%2FVGcrx3S1gpDbRKAxQy38%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1332d7c6aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
1635
icon-user.png
ad.gem88.win/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/icon-user.png?v=1.0
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25adcb5829f4e373982ac7be939819c77761f28132c5728725638d766d49b06b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-784"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Q%2FRCUJ2SW4c4xgSGBWdR%2Bj4JQfjUZGYI86Qlpcafa7WwWJ9iZqUJF01TUpp79dkCPhwWaD0ldhPNXYP71y8JBZt3GR8h45buS5l%2FB2rjZ3cqtr1MFSuvia0hDRrGA00dC4XaGOGZOK2rm0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1332d7d6aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
1924
bg-input.png
ad.gem88.win/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/bg-input.png?v=1.0
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b7d1a33f8a26fadb03580db340f76f5fed5e5b765d0563048687638f7a0269b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-b45"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hFzALYe7Z00QM%2BTPOI%2BwKSsndJhbQKdKIKfPiQJi7PGVl1X3P1i4YaHPIyAuYDpdDYm459WVy2RSLd5SCCFRmCeSG3wrf5rF2XAtlH0pY7xBHfxXsR2SAkd7XAE4ntFWcA2ESeh8UKZvpoo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1332d7e6aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
2885
icon-lock.png
ad.gem88.win/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/icon-lock.png?v=1.0
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41841244ce6ed4f465cfb868c420edeb0f64c532c5a31329bcdacf8c7841d852

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-6d3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0DktM%2FmUXy9C7i2Yfq8NKM0dbXug1QDgk2ob6gzIVDSOkDBzBpYKAUHhpJOA2o%2F1iQpr2heRT7rqc7Om1z6DksBqa0tXIHpTYDPYLtS0LlStiiAeYXBhfgDU1yWIUvlkM0TV7eAlxAWurk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1332d7f6aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
1747
fa-regular-400.woff2
ad.gem88.win/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ad.gem88.win/webfonts/fa-regular-400.woff2
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9

Request headers

Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
Origin
https://ad.gem88.win
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-350c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aGMy7HCNGgnwmMQRswEh1b6gWfh9iwwwBNEnXuSOZmA0n0b5MREqKlYCsifwzfjTvTg3LFVIbS%2BN7SwtxL%2BEIK2pwjVllx%2FUwcPSNGvAb1tcGNzZbe8QjSGZl3AcCKkgHAF7qwpbyhssfLE%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb1332d806aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
13580
JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ad.gem88.win
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 17:36:19 GMT
x-content-type-options
nosniff
age
98718
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27812
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:37:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jan 2025 17:36:19 GMT
JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26a448d7f02e7b021d15ba5d546ce57d822e6c7728420eb089a23adf10ea26ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ad.gem88.win
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 17:31:05 GMT
x-content-type-options
nosniff
age
99032
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9512
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:58:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jan 2025 17:31:05 GMT
js
www.googletagmanager.com/gtag/ 		288 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R9056WVBMG&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4HXMRQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ecd3bb0fb15df1df34cf2715bb188b2b85e8e0f0aeef882b69bf84f1c51ccfe0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96130
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 26 Jan 2024 21:01:37 GMT
fbevents.js
connect.facebook.net/en_US/ 		213 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4101e4fa9bdc7ecb354caf1649d251f838a10b437009900ecc30321fe472b154
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 26 Jan 2024 21:01:37 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57022
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
bvMRdtq+u9NHiC+pyFBS1FA22GKz8XRg9z5euxarrZVI2DYieGauIHLVTxCimQpIzxoqndFEjWM9FyAWW1xw+A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
243 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-R9056WVBMG&gtm=45je41o0v9118954187z89118949234&_p=1706302896456&gcd=11l1l1l1l1&dma=0&cid=1594490079.1706302897&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706302897&sct=1&seg=0&dl=https%3A%2F%2Fad.gem88.win%2F%3Fa%3D0b08d04b25bcd0ad4484c0f9dbd56c4e%26utm_campaign%3Danw%26utm_source%3Dclickadu%26utm_medium%3Dpopunder%26utm_term%3D1980428&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2138
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R9056WVBMG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 21:01:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ad.gem88.win
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
get_dynamic_configuration
api.livechatinc.com/v3.6/customer/action/ 		402 B
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=16649625&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fad.gem88.win%2F%3Fa%3D0b08d04b25bcd0ad4484c0f9dbd56c4e%26utm_campaign%3Danw%26utm_source%3Dclickadu%26utm_medium%3Dpopunder%26utm_term%3D1980428&channel_type=code&jsonp=__3ha61tounhe
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.172.41 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-172-41.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
99f1bb38b7822688cbbed4f3001c86b82f632d92eeb410e8348806eaff13914d
Security Headers
Name Value
Content-Security-Policy frame-ancestors ;
X-Frame-Options allow-from

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
frame-ancestors ;
date
Fri, 26 Jan 2024 21:01:37 GMT
content-length
402
vary
Accept-Encoding
x-frame-options
allow-from
content-type
application/javascript; charset=UTF-8
icon-jacktop1.png
ad.gem88.win/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/icon-jacktop1.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eed0f9e2fc88385306cc4d2aa8bcd1fc329e7354a29a265809094ba409045ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-b71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WAZzYZue%2BtZEC9T2paeRRb9F57j7Ac%2Fqujueen1boe8fQUBQYxeiNBBsNmSjlJRA6B3gJ9qc7i8WVv7E3DFHBhpWsguoq%2FhhZjpMd%2ByWLQxmLynUVqq%2BcyUXDohn%2FGgegH0RC2l9c6AcoAg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb134fdf86aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
2929
icon-jacktop2.png
ad.gem88.win/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/icon-jacktop2.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed522d1bf5b935ecb33a5896bbf3d84e910104318a5b41c9b9f1e5ab3f72dc01

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-950"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XML5sRa%2BOJSnvY%2BOENA%2FVlS2J8N1igXnPAMTdT9BPil3PygbbNsWbtASGG1U8ONQm0uZcujXlA6pmiHIr6EerO8BsBD0knPwocjXK%2Br1%2FCZqJQVbwRgRACcBy6KTakgno%2BL28tQEjD%2BzD3c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb134fdf96aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
2384
icon-jacktop3.png
ad.gem88.win/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/icon-jacktop3.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6155fdbd8360064763e6e9eba26ee73353d2fe4754b58ae921a9541ccb40ca6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 28 Apr 2023 07:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644b7738-874"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VNfyMnB1Ol3ixNYhTAfCJUJN9Z9pT12GJbaNDQ0sVcjTu8cHIc%2BmcL88%2Ff1Izq0JYnGLyWJ0TFPhWH69TyNNqn2bRIxi8DkNfZb9DKm6ejDv%2Fmlf%2B4vXoNl6U4fYWk%2FJzvlSC6I51oV5tm4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb134fdfb6aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
2164
icon-jacktop4.png
ad.gem88.win/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/icon-jacktop4.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
647be14a6401e00f3d516ae4415fcd53940ce6602d4efa9594a3572e949e6a8c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-5fe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vjit%2FTn3u04ceA4lwQvPgQtZbg5Zsnittj2GwM71hSwD7Fqy879kq3XOAGkEE4bHVHKO2%2FvvwFFHNBaPuONdLCBLBrbyityU5ouLd8JCSyvEwA%2Bpbd%2FKew6h2Quwhu9O0ON5ef%2FSFpvWwv8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb134fdfc6aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
1534
icon-jacktop5.png
ad.gem88.win/images/ 		934 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.gem88.win/images/icon-jacktop5.png
Requested by
Host: ad.gem88.win
URL: https://ad.gem88.win/build/style.min.css?v=1.0.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:adae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
306b373301556d58c2ea00c4b5a45e65f61859ee5f4f812e4708b74c41af1d48

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.gem88.win/build/style.min.css?v=1.0.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:37 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Apr 2023 13:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64452f19-3a6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HMSgIzHTOkSa68i2DOxE5CHclWBYDkuvoNBz70JF2drVZzaQ%2BWgV3viY%2F1AG44aO8MtZY6rzrL%2F7Jhqivt36p7ylJFLuTngZRgzlWvQ4WrskSXTfqem4rF5pUx89QoP7rWH%2BUfPMHPyWLVQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84bbb134fdfd6aed-BUF
alt-svc
h3=":443"; ma=86400
content-length
934
get_configuration
api.livechatinc.com/v3.4/customer/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=ef2f11e4-1091-4034-ac21-61891ac28f7e&version=116.0.2.50.156.93.2.3.4.26.3.4.1064&group_id=1&jsonp=__lc_static_config
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.172.41 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-172-41.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
30125e3c72c23b56d3b4c74bd29c2ce9947e5cdd286dc442b01e145fabbe48b2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:38 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
legacy
2024-05-31
cache-control
public, max-age=600
content-length
1721
expires
Fri, 26 Jan 2024 21:11:38 GMT
open_chat
secure.livechatinc.com/customer/action/ Frame F43E 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.livechatinc.com/customer/action/open_chat?license_id=16649625&group=1&embedded=1&widget_version=3&unique_groups=0
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.172.41 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-172-41.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7dc5c3312081faba5473707cf05aa56ee6913aee78bdab46c3a79c54d214b09b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-length
2614
content-type
text/html; charset=utf-8
date
Fri, 26 Jan 2024 21:01:38 GMT
vary
Accept-Encoding
get_localization
api.livechatinc.com/v3.4/customer/action/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=ef2f11e4-1091-4034-ac21-61891ac28f7e&version=075b79d72a19c7c515c01775c17428ae_280255cebfb378fb1b940cc57366633a&language=vi&group_id=1&jsonp=__lc_localization
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.172.41 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-172-41.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
20fe76e9a86514a99ecd09e63a268f5c7492efea04cbefdd611d3e737ef5c9d3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:01:38 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
legacy
2024-05-31
cache-control
public, max-age=600
content-length
4673
expires
Fri, 26 Jan 2024 21:11:38 GMT
0.5dc5f2c2.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame F43E 		209 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/widget/static/js/0.5dc5f2c2.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=16649625&group=1&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.88.195 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-88-195.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
39d26d3eba5a1e793cb88055d3576c215c35cb694519b0e894a4b368f3498f79

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
uYA6jbT227F8MDfo8xw0rcZS_FxwPTFl
content-encoding
br
date
Fri, 26 Jan 2024 21:01:38 GMT
last-modified
Wed, 24 Jan 2024 11:54:36 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
etag
W/"8e16a491d4092798d51fc0b239ddcc39"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
L1FMOUywg7ftssmmHGHBecDH_uWJicFOZLK0jEyzB7uClAUUjBSkqA==
content-length
66404
expires
Sat, 25 Jan 2025 21:01:38 GMT
1.96e1aea4.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame F43E 		328 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/widget/static/js/1.96e1aea4.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=16649625&group=1&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.88.195 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-88-195.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
96ee529d1c4cb148b1489b318aa07589836a40a4e3587a75de8b6f651f6ef605

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
3od1pR008NiXO7xyXz6HXUIar9TaQzr.
content-encoding
br
date
Fri, 26 Jan 2024 21:01:38 GMT
last-modified
Thu, 25 Jan 2024 14:14:01 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
etag
W/"3b4eeffb8e4912e719da28446585e843"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
SfS_srL8tCqQCMWTN-Pl0p9zEJCDqIIED4oRlBvz5sF7IzjTRVVFJQ==
content-length
94505
expires
Sat, 25 Jan 2025 21:01:38 GMT
iframe.968650b8.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame F43E 		528 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/widget/static/js/iframe.968650b8.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=16649625&group=1&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.88.195 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-88-195.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
323f9e0dbba09e9ce07263ea4e32395848a8cf9c83ddc90d2aabcd68b828e6ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
UQZjkbKwDjiiCcpU.Wtwl5PkoFFxbITx
content-encoding
br
date
Fri, 26 Jan 2024 21:01:38 GMT
last-modified
Thu, 25 Jan 2024 14:14:02 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
etag
W/"d46e2de9e93b83f2721736516d65ffaa"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
nE-FZ_nOziFi-WGekEtuw9CbTiVMdw27jtb_pfSnTLTzFsmip4NtSw==
content-length
144626
expires
Sat, 25 Jan 2025 21:01:38 GMT
token
accounts.livechatinc.com/v2/customer/ Frame F43E 		195 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.livechatinc.com/v2/customer/token
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/widget/static/js/0.5dc5f2c2.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.172.41 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-172-41.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c6b9696216157028047d7af0856de55a1b2dde8153beca5247f4cb1e124e68fa

Request headers

Referer
https://secure.livechatinc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 21:01:38 GMT
content-type
application/json
access-control-allow-origin
https://secure.livechatinc.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
195
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-R9056WVBMG&gtm=45je41o0v9118954187&_p=1706302896456&gcd=11l1l1l1l1&dma=0&cid=1594490079.1706302897&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1706302897&sct=1&seg=0&dl=https%3A%2F%2Fad.gem88.win%2F%3Fa%3D0b08d04b25bcd0ad4484c0f9dbd56c4e%26utm_campaign%3Danw%26utm_source%3Dclickadu%26utm_medium%3Dpopunder%26utm_term%3D1980428&dt=&en=scroll&epn.percent_scrolled=90&_et=10&tfd=7152
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R9056WVBMG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 21:01:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ad.gem88.win
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api4.storeip-shopify.com
URL
https://api4.storeip-shopify.com/sw/collect?aff_id=0b08d04b25bcd0ad4484c0f9dbd56c4e
Domain
api6.storeip-shopify.com
URL
https://api6.storeip-shopify.com/sw/collect?aff_id=0b08d04b25bcd0ad4484c0f9dbd56c4e
Domain
gmwin.io
URL
https://gmwin.io/sw/collect?aff_id=0b08d04b25bcd0ad4484c0f9dbd56c4e

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 string| aff_id function| setCookiesLogIpv4 function| setCookiesLogIpv6 function| $ function| jQuery object| dataLayer boolean| isCHPlay boolean| isAppStore boolean| isApk boolean| isIpa number| isAction boolean| isRegis string| v object| iv object| key object| conf string| affId string| userAgent object| urlParams boolean| openCHplay boolean| ipv4Res boolean| ipv6Res string| query_string function| checkResp function| logIps function| parseUTM string| app_id object| session function| onRegFrmSubmit function| onLoginFrmSubmit function| onLogin function| onRegister boolean| isMobile object| notifications boolean| isIPadPro boolean| autofill object| idgame object| totaljackpot number| total object| namegames function| lazyLoading function| onPlayWeb boolean| jackpotRunning function| onJackpot number| notificationTimer boolean| notificationInit boolean| notificationCall boolean| notificationRunning function| onNotifications function| showInfo function| setEncrypt function| onDownloadAndroid function| onDownloadIos function| setCookiesTracking boolean| ipv4 boolean| ipv6 object| LC_API number| t function| getIP object| bootstrap function| Fingerprint2 object| CryptoJS function| UAParser object| __lc object| google_tag_manager object| google_tag_data string| myDomainPV string| idPixelPV string| srcPV function| fbq function| _fbq function| onYouTubeIframeAPIReady object| gaGlobal boolean| __lc_inited object| notijackpot

7 Cookies

Domain/Path Name / Value
.accounts.livechatinc.com/v2/customer/token Name: __lc_cid
Value: 3468438a-0bbd-46ce-b858-62dd91446d4b
.accounts.livechatinc.com/v2/customer/token Name: __lc_cst
Value: 28d86b361bea3dd6002c8dc249e13e782126cf8f1f32abd63d7bbab9cfa2d2f082287e1f6ababe27de6342824395e97f5880cdf4705314e0b3f39dcfbccd
.accounts.livechatinc.com/customer/token Name: __lc_cid
Value: 3468438a-0bbd-46ce-b858-62dd91446d4b
.accounts.livechatinc.com/customer/token Name: __lc_cst
Value: 28d86b361bea3dd6002c8dc249e13e782126cf8f1f32abd63d7bbab9cfa2d2f082287e1f6ababe27de6342824395e97f5880cdf4705314e0b3f39dcfbccd
.gem88.win/ Name: _ga
Value: GA1.1.1594490079.1706302897
.gem88.win/ Name: _ga_R9056WVBMG
Value: GS1.1.1706302897.1.0.1706302897.0.0.0
accounts.livechatinc.com/ Name: __oauth_redirect_detector
Value: counter=1&t=1706302928&tag=5f532de99a12e2a751c4713dc7a39d081887c6d2

6 Console Messages

Source Level URL
Text
javascript error URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Message:
Access to XMLHttpRequest at 'https://api4.storeip-shopify.com/sw/collect?aff_id=0b08d04b25bcd0ad4484c0f9dbd56c4e' from origin 'https://ad.gem88.win' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api4.storeip-shopify.com/sw/collect?aff_id=0b08d04b25bcd0ad4484c0f9dbd56c4e
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://ad.gem88.win/?a=0b08d04b25bcd0ad4484c0f9dbd56c4e&utm_campaign=anw&utm_source=clickadu&utm_medium=popunder&utm_term=1980428
Message:
Access to XMLHttpRequest at 'https://api6.storeip-shopify.com/sw/collect?aff_id=0b08d04b25bcd0ad4484c0f9dbd56c4e' from origin 'https://ad.gem88.win' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api6.storeip-shopify.com/sw/collect?aff_id=0b08d04b25bcd0ad4484c0f9dbd56c4e
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://cdn.livechatinc.com/widget/static/js/iframe.968650b8.chunk.js
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other warning URL: https://cdn.livechatinc.com/tracking.js
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.livechatinc.com
ad.gem88.win
api.livechatinc.com
api4.storeip-shopify.com
api6.storeip-shopify.com
cdn.livechatinc.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
gmwin.io
secure.livechatinc.com
www.google-analytics.com
www.googletagmanager.com
api4.storeip-shopify.com
api6.storeip-shopify.com
gmwin.io
2001:4860:4802:34::178
209.97.168.10
23.200.88.195
23.206.172.41
2400:6180:0:d1::61a:e001
2606:4700:3031::6815:5025
2606:4700:3032::ac43:adae
2607:f8b0:4004:c07::61
2607:f8b0:4004:c09::5e
2607:f8b0:4006:806::200a
2a03:2880:f012:8:face:b00c:0:1
0342a64f0d2ab3c294b31ca7b129729f4128731f037a4201fcd6e12a184d7cdc
08e1ffda33d81046bf53cb65a20acc3dd4249e3c0e4e14b0e39f85e04194e98a
11a5dabcd9588c0e8c628952107c2c0bd572087ee84a8ea75ffddcda87d063a7
1334fc4f83d8709a632ab9fd8d22c4e2868b30534f58d11f8a029456666dcc71
150e991344277d2ed02609b431389e719a7133fc719ad8caf9e5b24740e8d694
1c9d6b9b0ae9bc6c9c0059e96e8d679b82a868c59ec1e9bee350bc6e2edf2186
20fe76e9a86514a99ecd09e63a268f5c7492efea04cbefdd611d3e737ef5c9d3
25adcb5829f4e373982ac7be939819c77761f28132c5728725638d766d49b06b
26a448d7f02e7b021d15ba5d546ce57d822e6c7728420eb089a23adf10ea26ef
2bc27df30f2056611a375e141bbd6ed4de7f7574a0acc2f265cd52fa8a7d72e6
30125e3c72c23b56d3b4c74bd29c2ce9947e5cdd286dc442b01e145fabbe48b2
306b373301556d58c2ea00c4b5a45e65f61859ee5f4f812e4708b74c41af1d48
323f9e0dbba09e9ce07263ea4e32395848a8cf9c83ddc90d2aabcd68b828e6ce
36c64ee60a979a9056c04de2092ff68c0744e24029d7add30fc6c7342d3e47fb
3717be19007b1fd3ccc6c03c33d310ea8e7d3e4d51bc8ba27e617b5f5b477403
39d26d3eba5a1e793cb88055d3576c215c35cb694519b0e894a4b368f3498f79
3c5da9fa4f696362b6832648e51af1420004535e4e8267bf0dbbf289dbb51669
40e20d0623dba65f3a7be919bd1b4213c5759ea7d362598e2fffcd03ecb72ade
4101e4fa9bdc7ecb354caf1649d251f838a10b437009900ecc30321fe472b154
41841244ce6ed4f465cfb868c420edeb0f64c532c5a31329bcdacf8c7841d852
45e64a2d90de9f35073296ea108245328541ba68b6553bbeb5ed5cb6a8528176
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e
595eb22f555f9317ce271066d3536a64b5628d8d99c22e8844c48297b770fce4
5ade47c7bfe9cb00a16c8b4fa265aa07e8fa676f051e23d1d8a4fbfdb86fef1b
5b7d1a33f8a26fadb03580db340f76f5fed5e5b765d0563048687638f7a0269b
5eed0f9e2fc88385306cc4d2aa8bcd1fc329e7354a29a265809094ba409045ce
637bc10ddc6784ea531a496255c1d649b56800f5e26dcdc2f41c31c244353761
647be14a6401e00f3d516ae4415fcd53940ce6602d4efa9594a3572e949e6a8c
64e213916d9877bca7d7dae986f5f87c6fe7699316371c948913c216b93c41f2
65c82fd39e63e481e8718fbc5507615e8d88331056eb7a3b5454ac94bd7faeab
698a7dd29e741793552da6fd4cc98192ad6da8478aeaa0443e27f57f4e9481b4
6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9
6bb18753865e24b64d4ffdc33cf87d83ef112d23fe18adafab4dc99939f6e0c6
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
707a7ed66ec0a3a3a48dd9875948c4660ece2725b6b6aa03b635b2d30060aa1f
7525736d739b59796b56174150af76f23d160430519ec5a288ec465d82de202f
762ead9dbd6081f969db272c17bb280daa359f45e2f82519531a2392ca4fcaf1
7a82b32ea4fcf428a441750c401b3a4752f501995403538889c6d697db4e265e
7dc5c3312081faba5473707cf05aa56ee6913aee78bdab46c3a79c54d214b09b
85a914ae4cdbc9c034bb19398eee3bff1effe990f4f934cd704842fd4b79ab01
8850ad2a073a4e12ff7984cdc1d8a1815020c76f2e7cd96656fe04d0e4e31f2a
96ee529d1c4cb148b1489b318aa07589836a40a4e3587a75de8b6f651f6ef605
99f1bb38b7822688cbbed4f3001c86b82f632d92eeb410e8348806eaff13914d
9c91fd27f6f8293117478def18959bf5053f3dcf98ebb6347905974f6113f163
ab11db15dbc833f5586d15f59fa66b8cb1aa7d1086985d8c8b82b4b7d91f078c
ae34e2543ec92b8c440339855cf1829b8107fdecb3280d43ba905b59715f6fc0
b0210b490fceb299ba4561c1fc0a13f330191f5ee0aa4a17a4e700abe1037b85
b6658297a10eb33e2d3d139f9cea73e2885635495fa475cc4f1fdf41c2ebac72
bb2489c0eeffa420686b1bb54575790cadfeb3344d2063ac26bb38d4e1ee9c5b
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bca08b5abefcb969515978e1a62cdc71eedb282539de0a93da72ef604ddfb905
c3ba98f60481267b1d7e20f2743d93ed2bba4daf00c9104801d8f51f4d7bf77c
c563b01db1c58687057f8d0565fdb4db2e401a403d32cde9024f16cbbfafce83
c6b9696216157028047d7af0856de55a1b2dde8153beca5247f4cb1e124e68fa
cbcad0512f42296a7388501662662ef64652a9daa3fb39147352b657b61acb9c
dd7fe97d8b0b2a686e232ef2a8b711f5195bc543f5b660e684685c7e66b8f2f0
de5b777102b32b22b3f991aa9b80a6717627320c5066c8a95c464f5ed3f48dba
de851a1267df76e4648aaa1059368f8156ab759db4ef70da4245dd6326e7cef8
df4c4d50f9082a8d502245115432b004535b78dfc6dcc5d4f206e875fabc5575
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66619ac22c40ebb4b8ac9284325bb301e77423dee32a5bf091a8d0e8894ff45
e9ce5a276819119f1b6223228d236ffdf3d8d83014b08a4e1c909310fd261f3d
ecd3bb0fb15df1df34cf2715bb188b2b85e8e0f0aeef882b69bf84f1c51ccfe0
ed522d1bf5b935ecb33a5896bbf3d84e910104318a5b41c9b9f1e5ab3f72dc01
f197c1afac6573bbb722c97cb190a86beabdc6410f027f19ba267e677fe5eab7
f3c6d54c27cb6f6eb3986a10b70080fce7c6378d873340cb9856a7d41e556127
f6155fdbd8360064763e6e9eba26ee73353d2fe4754b58ae921a9541ccb40ca6
f9d251e4fae4ce41096ac504dcc8277b13509f3b21716fa6bf2bbbf248299428
fa49fbae9156dc680c02ec2554ef484426e2a98f0f0d16b3050c951f1a031d67
fa715f294b6d9b97487327a36ebd9038d88d3832a31e35bc65d1f2e84d1cee2f
fbb66a6d1a22666f5497ebac652b3f3fe4d2b85cb50f1027ad4a21235a2f652b
fc3cade2468407b0311a0bb58b781b1ca93c01c1965c49e41ca133d694dfd316
fd67f2b53732ab3114169952b7564c7535f82d1bdc74dd1862520e521c9c25b9
fddeffd4b4a71238d91e4d88e216ef4c20d77ab9010017d559c1c48220b1d69f