| cdn.ampproject.org/v0/amp-accordion-0.1.js | 216.58.207.193 | 200 OK | 5.8 kB |
URL GET HTTP/2cdn.ampproject.org/v0/amp-accordion-0.1.js IP216.58.207.193:443
CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint49:07:4A:21:AA:02:3C:78:A7:B4:D3:71:AA:98:EE:0F:2D:3F:5C:99 ValidityMon, 18 Mar 2024 19:42:57 GMT - Mon, 10 Jun 2024 19:42:56 GMT
File typeJavaScript source, ASCII text, with very long lines (17484) Hash5b25cb924ef9e32af7e51d2f55de8643 d373f3db056ea718b66096e7349570bbca952cc1 271b2b33082ea4ad5f0d06fa04191728a71f2741783e3e13396a3d9ae5e27d1a
GET /v0/amp-accordion-0.1.js HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gameterbaik.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 5838
date: Wed, 24 Apr 2024 07:35:22 GMT
expires: Wed, 24 Apr 2024 07:35:22 GMT
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "37b5d052ddf4213b"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.ampproject.org/v0.js | 216.58.207.193 | 200 OK | 73 kB |
IP216.58.207.193:443
CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint49:07:4A:21:AA:02:3C:78:A7:B4:D3:71:AA:98:EE:0F:2D:3F:5C:99 ValidityMon, 18 Mar 2024 19:42:57 GMT - Mon, 10 Jun 2024 19:42:56 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64654) Hash0aa2be56e68f4827cd30170c5219a044 cd63be95f241680fdbb1a5db740d1f9e20782b59 2178c2c7039c0f565fd638053998d92fdeba670af287085c106b4b54139f5f3a
GET /v0.js HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gameterbaik.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 73102
date: Wed, 24 Apr 2024 07:35:22 GMT
expires: Wed, 24 Apr 2024 07:35:22 GMT
cache-control: private, max-age=3000, stale-while-revalidate=1206600
etag: "aa2c955478cddb65"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.ampproject.org/v0/amp-base-carousel-0.1.js | 216.58.207.193 | 200 OK | 9.1 kB |
URL GET HTTP/2cdn.ampproject.org/v0/amp-base-carousel-0.1.js IP216.58.207.193:443
CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint49:07:4A:21:AA:02:3C:78:A7:B4:D3:71:AA:98:EE:0F:2D:3F:5C:99 ValidityMon, 18 Mar 2024 19:42:57 GMT - Mon, 10 Jun 2024 19:42:56 GMT
File typeJavaScript source, ASCII text, with very long lines (33611) Hash02874835d682cece48649fe56acc93ae 3481ed5be8bcc54683984587845f40fe64a079ae 746196518d00713080c65c59303bef55549d478b3e647de7fd46dd6d0a2b042b
GET /v0/amp-base-carousel-0.1.js HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gameterbaik.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 9133
date: Wed, 24 Apr 2024 07:35:22 GMT
expires: Wed, 24 Apr 2024 07:35:22 GMT
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "783c4f2300833473"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ik.imagekit.io/lindar/flicker-prod/header_chronicles_of_olympus_xup_01622987d1_ejjpyedmjpen_e3cb2494f0 | 54.230.111.31 | 200 OK | 132 kB |
URL GET HTTP/2ik.imagekit.io/lindar/flicker-prod/header_chronicles_of_olympus_xup_01622987d1_ejjpyedmjpen_e3cb2494f0 IP54.230.111.31:443
CertificateIssuerAmazon Subject*.imagekit.io Fingerprint3A:D1:F7:83:82:E1:2C:B8:11:26:86:4C:AF:B1:5B:72:62:FE:67:D4 ValidityTue, 23 Jan 2024 00:00:00 GMT - Wed, 19 Feb 2025 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1920x984, Scaling: [none]x[none], YUV color, decoders should clamp Size132 kB (131568 bytes) Hash09a0891000742603aecc21cbff193b02 a4eb04dac45bc03a5dc27a9679032f085d0d6aa2 6e97984c00d399b2fa49e6cb339b67d3b241b87d992044eb0c864d90bbf4b12f
GET /lindar/flicker-prod/header_chronicles_of_olympus_xup_01622987d1_ejjpyedmjpen_e3cb2494f0 HTTP/1.1
Host: ik.imagekit.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gameterbaik.lol/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/webp
content-length: 131568
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: *
timing-allow-origin: *
x-server: ImageKit.io
x-request-id: d4ebf953-bab3-48bd-8087-0169b4125059
cache-control: public, s-maxage=31536000, max-age=31536000, must-revalidate
etag: "09a0891000742603aecc21cbff193b02"
last-modified: Wed, 21 Feb 2024 07:19:40 GMT
server-timing: transformation;dur=423,download;dur=301
date: Wed, 24 Apr 2024 07:35:22 GMT
vary: Accept,Save-Data
x-cache: Miss from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: ljD1_VD_g4h_58KDCiVYYzfglwW-jz8Zr2Ehvvl1RnNeqRXNhQolDQ==
X-Firefox-Spdy: h2
|
|
| cdn.ampproject.org/rtv/012404021934000/v0/amp-auto-lightbox-0.1.js | 216.58.207.193 | 200 OK | 3.0 kB |
URL GET HTTP/3cdn.ampproject.org/rtv/012404021934000/v0/amp-auto-lightbox-0.1.js IP216.58.207.193:443
CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint49:07:4A:21:AA:02:3C:78:A7:B4:D3:71:AA:98:EE:0F:2D:3F:5C:99 ValidityMon, 18 Mar 2024 19:42:57 GMT - Mon, 10 Jun 2024 19:42:56 GMT
File typeJavaScript source, ASCII text, with very long lines (7690) Hash5a1fe5027acdaaa505a2f65faf624e3d 8e71ce231ebea0015fde9aad9780a31abc341ef1 20f0500c17c818b7393cdd055cd8a8364f264fe1785a726f10af0fc352409f11
GET /rtv/012404021934000/v0/amp-auto-lightbox-0.1.js HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gameterbaik.lol
DNT: 1
Connection: keep-alive
Referer: https://gameterbaik.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 2971
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 03:36:49 GMT
expires: Wed, 23 Apr 2025 03:36:49 GMT
cache-control: public, max-age=31536000
age: 100714
etag: "4983f70303035d33"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| cdn.ampproject.org/rtv/012404021934000/v0/amp-loader-0.1.js | 216.58.207.193 | 200 OK | 3.9 kB |
URL GET HTTP/3cdn.ampproject.org/rtv/012404021934000/v0/amp-loader-0.1.js IP216.58.207.193:443
CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint49:07:4A:21:AA:02:3C:78:A7:B4:D3:71:AA:98:EE:0F:2D:3F:5C:99 ValidityMon, 18 Mar 2024 19:42:57 GMT - Mon, 10 Jun 2024 19:42:56 GMT
File typeJavaScript source, ASCII text, with very long lines (12614) Hash99d0b8fcdea2c5995139abaf283392bd fbd6bc486116a9ffbb8662b6a952dc0aeba10ae7 15d2fe411597796d07b83bdddc7f074fef90ab99bc47b7e85a020140459b8251
GET /rtv/012404021934000/v0/amp-loader-0.1.js HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gameterbaik.lol
DNT: 1
Connection: keep-alive
Referer: https://gameterbaik.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 3942
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 03:36:51 GMT
expires: Wed, 23 Apr 2025 03:36:51 GMT
cache-control: public, max-age=31536000
age: 100712
etag: "746b70bafab1ae1f"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| img.viva88athenae.com//sport-saba.png | 104.18.43.32 | 200 OK | 1.8 kB |
URL GET HTTP/2img.viva88athenae.com//sport-saba.png IP104.18.43.32:443
CertificateIssuerLet's Encrypt Subjectimg.viva88athenae.com Fingerprint5B:49:48:3D:1E:AD:DF:1A:D3:22:86:95:A4:CD:D2:D1:4F:07:68:5A ValidityThu, 29 Feb 2024 10:10:22 GMT - Wed, 29 May 2024 10:10:21 GMT
File typeRIFF (little-endian) data, Web/P image Hash9dc335c8ab6468b47a49e492aa97af52 e8982a717f2557a1242a1dfd4511ceec6b47cd70 277b290785f86422c338396b72410c9dfb7f0672b608e6808f41365b3579f26f
GET //sport-saba.png HTTP/1.1
Host: img.viva88athenae.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gameterbaik.lol/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 07:35:23 GMT
content-type: image/webp
content-length: 1770
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=5247
content-disposition: inline; filename="sport-saba.webp"
last-modified: Mon, 19 Dec 2022 07:31:08 GMT
vary: Accept
cf-cache-status: HIT
age: 3839
expires: Wed, 24 Apr 2024 11:35:23 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
set-cookie: __cf_bm=uj2scY8LN.ZTEPVbEycjN9tbEyqhJu9fhu6D0B7tZkI-1713944123-1.0.1.1-0auYB4HQBsJHscPXmSpwFP8vjtgwnfwOWoNmXg9sZiQi3U6QerL_Be.alqO7uisECeBx6WUJVkEm2gGwPhiBgQ; path=/; expires=Wed, 24-Apr-24 08:05:23 GMT; domain=.viva88athenae.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 87946a929cfdb523-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.viva88athenae.com//slot-pg.png | 104.18.43.32 | 200 OK | 1.7 kB |
URL GET HTTP/2img.viva88athenae.com//slot-pg.png IP104.18.43.32:443
CertificateIssuerLet's Encrypt Subjectimg.viva88athenae.com Fingerprint5B:49:48:3D:1E:AD:DF:1A:D3:22:86:95:A4:CD:D2:D1:4F:07:68:5A ValidityThu, 29 Feb 2024 10:10:22 GMT - Wed, 29 May 2024 10:10:21 GMT
File typeRIFF (little-endian) data, Web/P image Hash86ec152055228538f1a8f8943f179a97 ef30830c693272695c7cf5f2ac12679c75a2db18 a643c08a5d025958c4499731c62c3cc78663aa9c6bd2d567bbff38b4637b339b
GET //slot-pg.png HTTP/1.1
Host: img.viva88athenae.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gameterbaik.lol/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 07:35:23 GMT
content-type: image/webp
content-length: 1740
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=5084
content-disposition: inline; filename="slot-pg.webp"
last-modified: Tue, 08 Jun 2021 09:18:38 GMT
vary: Accept
cf-cache-status: HIT
age: 3840
expires: Wed, 24 Apr 2024 11:35:23 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
set-cookie: __cf_bm=P0xO5P6Moh.aTqQF2yDDWFqU4v1Qd22tK2asec3uLxU-1713944123-1.0.1.1-iXsdLK.CCelXZR7gO3jl8g6SuLjBOcCNeFmWIqkjT_yHvs2Z7RmqsJWRWohrsuMdiMlkwbyB0NSHWjj7eWyaew; path=/; expires=Wed, 24-Apr-24 08:05:23 GMT; domain=.viva88athenae.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 87946a929cfcb523-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.viva88athenae.com//icon-togel1.png | 104.18.43.32 | 200 OK | 1.9 kB |
URL GET HTTP/2img.viva88athenae.com//icon-togel1.png IP104.18.43.32:443
CertificateIssuerLet's Encrypt Subjectimg.viva88athenae.com Fingerprint5B:49:48:3D:1E:AD:DF:1A:D3:22:86:95:A4:CD:D2:D1:4F:07:68:5A ValidityThu, 29 Feb 2024 10:10:22 GMT - Wed, 29 May 2024 10:10:21 GMT
File typeRIFF (little-endian) data, Web/P image Hash6b306d736a18621948e272f5e0fa5da4 fd3152657117384a997cfce3748c52398a5bc58d b91d8ddbd317eef3393479d983082ba6a8161c4c2b36e2caf544530a23600ce8
GET //icon-togel1.png HTTP/1.1
Host: img.viva88athenae.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gameterbaik.lol/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 07:35:23 GMT
content-type: image/webp
content-length: 1916
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=3573
content-disposition: inline; filename="icon-togel1.webp"
last-modified: Mon, 18 Dec 2023 06:25:25 GMT
vary: Accept
cf-cache-status: HIT
age: 6557
expires: Wed, 24 Apr 2024 11:35:23 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
set-cookie: __cf_bm=yh_FgchE5AGUXRXvKsY.FvovI1ljJbn.mblslRnRwGw-1713944123-1.0.1.1-7AYSnneyGSABgiPcTEDmY8MRSdm1d5oYkFkJYnAiGi2W9BBFisZnMuruNaJYssuZdYzPIZu36yxYK7iMzF.XUg; path=/; expires=Wed, 24-Apr-24 08:05:23 GMT; domain=.viva88athenae.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 87946a92ad12b523-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.viva88athenae.com//live-sbo.png | 104.18.43.32 | 200 OK | 1.3 kB |
URL GET HTTP/2img.viva88athenae.com//live-sbo.png IP104.18.43.32:443
CertificateIssuerLet's Encrypt Subjectimg.viva88athenae.com Fingerprint5B:49:48:3D:1E:AD:DF:1A:D3:22:86:95:A4:CD:D2:D1:4F:07:68:5A ValidityThu, 29 Feb 2024 10:10:22 GMT - Wed, 29 May 2024 10:10:21 GMT
File typeRIFF (little-endian) data, Web/P image Hashd82d79c98d9d30be3526d638e7eb2189 3c1054d400925292bc9c0bdca6f9d6b4b8cc7d50 1f379fc8801fe0287a907763ef57ebcf097aef6dd3773500df5f938aed097dc9
GET //live-sbo.png HTTP/1.1
Host: img.viva88athenae.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gameterbaik.lol/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 07:35:23 GMT
content-type: image/webp
content-length: 1316
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=2322
content-disposition: inline; filename="live-sbo.webp"
last-modified: Tue, 14 Mar 2023 10:02:25 GMT
vary: Accept
cf-cache-status: HIT
age: 6556
expires: Wed, 24 Apr 2024 11:35:23 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
set-cookie: __cf_bm=cKXW.1BpHbIxSE3GVC9M7RVcCctCJW0U.h0CutViZvc-1713944123-1.0.1.1-ip4xmXhNuVRYh60W4trAx_rKn1Y.ZZLzvIERsMvG40n5kMVJA1piL7CPO799NqMuNUeUleJZGjOEhgF5gQDbjQ; path=/; expires=Wed, 24-Apr-24 08:05:23 GMT; domain=.viva88athenae.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 87946a92ad0cb523-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.viva88athenae.com//live-sg.png | 104.18.43.32 | 200 OK | 2.8 kB |
URL GET HTTP/2img.viva88athenae.com//live-sg.png IP104.18.43.32:443
CertificateIssuerLet's Encrypt Subjectimg.viva88athenae.com Fingerprint5B:49:48:3D:1E:AD:DF:1A:D3:22:86:95:A4:CD:D2:D1:4F:07:68:5A ValidityThu, 29 Feb 2024 10:10:22 GMT - Wed, 29 May 2024 10:10:21 GMT
File typeRIFF (little-endian) data, Web/P image Hash5fde10bbbfdf170112f4bc9859955ed5 e73a68c4221288b52a848a67801f9bcd387ba2ea 60bb4f59c40e9ef9f1d2be56a2a7324a8750e339de1efb9b96840314b8581628
GET //live-sg.png HTTP/1.1
Host: img.viva88athenae.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gameterbaik.lol/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 07:35:23 GMT
content-type: image/webp
content-length: 2814
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=11259
content-disposition: inline; filename="live-sg.webp"
last-modified: Thu, 10 Dec 2020 08:44:39 GMT
vary: Accept
cf-cache-status: HIT
age: 6556
expires: Wed, 24 Apr 2024 11:35:23 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
set-cookie: __cf_bm=.6MuJ0iMw6SsBS8rxZFdE2LpxpIMQCktHRhlXCH54F8-1713944123-1.0.1.1-UFto0CuPpFgkzIkRf7YIi8863GL8SGaJ_wLqpMt12YCbDawDAHg67dDoQwpDmyCvNMFNtFmjGHUTPIcIRhQpdA; path=/; expires=Wed, 24-Apr-24 08:05:23 GMT; domain=.viva88athenae.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 87946a92bd18b523-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| i.ibb.co/DQScMYm/undefined-Imgur.png | 162.19.58.156 | 200 OK | 8.2 kB |
URL GET HTTP/2i.ibb.co/DQScMYm/undefined-Imgur.png IP162.19.58.156:443
CertificateIssuerLet's Encrypt Subjectibb.co Fingerprint0C:8B:6F:2F:B8:9F:91:1E:3A:DD:B1:1B:45:47:B4:65:FD:56:73:3D ValidityMon, 22 Apr 2024 06:29:44 GMT - Sun, 21 Jul 2024 06:29:43 GMT
File typePNG image data, 225 x 225, 8-bit/color RGBA, non-interlaced Hash8374ba9d113e4f4ba55fbdc0da2a068c 450ba201437340381f6a0c1da05daf8607db4016 b33cdeec8741caa8b3224b4191b89403ea5aea54be652581257cc326ea438d33
GET /DQScMYm/undefined-Imgur.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gameterbaik.lol/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 07:35:23 GMT
content-type: image/png
content-length: 8199
last-modified: Wed, 27 Mar 2024 07:23:10 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| sg-res.9appsdownloading.com/sg/res/jpg/3b/de/58e40703b789d9176f431f0662e0-2rh2.jpg?x-oss-process=style/mq200 | 54.230.111.85 | 200 OK | 12 kB |
URL GET HTTP/2sg-res.9appsdownloading.com/sg/res/jpg/3b/de/58e40703b789d9176f431f0662e0-2rh2.jpg?x-oss-process=style/mq200 IP54.230.111.85:443
CertificateIssuerAmazon Subject*.9appsdownloading.com Fingerprint3F:1D:D0:D1:A7:5F:85:04:C5:2D:C7:79:51:EF:A3:DF:2E:C3:25:8C ValidityThu, 04 Jan 2024 00:00:00 GMT - Sat, 01 Feb 2025 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp Hashb643ccd006ffcc876e16e2f948ed504a 9b25b4e4a70fdebaa657b9d64da3216fb4fd6dc7 3dc859543c18102fe7e3bb18b2e06c7425860298e179f52786b6b86e8994766e
GET /sg/res/jpg/3b/de/58e40703b789d9176f431f0662e0-2rh2.jpg?x-oss-process=style/mq200 HTTP/1.1
Host: sg-res.9appsdownloading.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gameterbaik.lol/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/webp
content-length: 12128
server: AliyunOSS
date: Wed, 24 Apr 2024 07:35:23 GMT
x-oss-request-id: 6628B63B4562B73237B0D249
etag: "3BDE58E40703B789D9176F431F0662E0"
last-modified: Fri, 14 Jan 2022 16:55:05 GMT
x-oss-object-type: Normal
x-oss-storage-class: Standard
x-oss-server-time: 113
x-oss-hash-crc64ecma: 10696314527801250346
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4E1UW9X_WvMwUqD3g8ua8yzdv1X2wl6Y65wexkqNIRTUAbBIBAkziQ==
cache-control: public, max-age=1382400
X-Firefox-Spdy: h2
|
|
| gameterbaik.lol/7.png | 172.67.154.127 | 200 OK | 46 kB |
IP172.67.154.127:443
CertificateIssuerLet's Encrypt Subjectgameterbaik.lol Fingerprint9B:24:91:47:1D:0B:37:E2:04:70:7D:56:6E:39:D1:65:2D:C2:0D:7F ValiditySun, 17 Mar 2024 15:41:42 GMT - Sat, 15 Jun 2024 15:41:41 GMT
File typePNG image data, 618 x 618, 8-bit/color RGBA, non-interlaced Hash44dbe001d9f61cd3785b02c0d77f3961 14d8bd23bff4eb7ac634a0b50d45b2e3f994d7b1 eed1f5527a51916359f5df8a6f48823d3716b17482a56239558e36fad65108d1
GET /7.png HTTP/1.1
Host: gameterbaik.lol
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gameterbaik.lol/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 07:35:23 GMT
content-type: image/png
content-length: 46175
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 07:35:23 GMT
last-modified: Wed, 27 Mar 2024 06:59:23 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7LBNeogfqLq07dsHcgMTvFgRQTf588wIlAp5BxrNsPKtvuhNOwOvTxc789pc8eE9Dj%2BP8rlzIYKhPL4%2BiMTdnp%2FHzHQdbYUddZaKQ3g4g3H%2FYg2GptqOBlnzbq56djM2VE4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87946a912f0756c1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gameterbaik.lol/7.png | 172.67.154.127 | 200 OK | 46 kB |
IP172.67.154.127:443
CertificateIssuerLet's Encrypt Subjectgameterbaik.lol Fingerprint9B:24:91:47:1D:0B:37:E2:04:70:7D:56:6E:39:D1:65:2D:C2:0D:7F ValiditySun, 17 Mar 2024 15:41:42 GMT - Sat, 15 Jun 2024 15:41:41 GMT
File typePNG image data, 618 x 618, 8-bit/color RGBA, non-interlaced Hash44dbe001d9f61cd3785b02c0d77f3961 14d8bd23bff4eb7ac634a0b50d45b2e3f994d7b1 eed1f5527a51916359f5df8a6f48823d3716b17482a56239558e36fad65108d1
GET /7.png HTTP/1.1
Host: gameterbaik.lol
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gameterbaik.lol/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 07:35:23 GMT
content-type: image/png
content-length: 46175
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 07:35:23 GMT
last-modified: Wed, 27 Mar 2024 06:59:23 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6uUehComHR07m7SVPoKBrePPs38VqmJspC741FOPvco9D1PH3pqsPMsU0v95vPbhkx5WLJXrtGmYd8AmRXtu436y7CGqcn%2FLPWcXfz%2FV65XvQTFzKm8NiWlWfa51Lk6a2MY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87946a915f3956c1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| i.ibb.co/VCfsZZH/jMcaLAY.png | 162.19.58.156 | 200 OK | 183 kB |
URL GET HTTP/2i.ibb.co/VCfsZZH/jMcaLAY.png IP162.19.58.156:443
CertificateIssuerLet's Encrypt Subjectibb.co Fingerprint0C:8B:6F:2F:B8:9F:91:1E:3A:DD:B1:1B:45:47:B4:65:FD:56:73:3D ValidityMon, 22 Apr 2024 06:29:44 GMT - Sun, 21 Jul 2024 06:29:43 GMT
File typePNG image data, 639 x 230, 8-bit/color RGBA, non-interlaced Size183 kB (182752 bytes) Hash39e0400f85ba4aa5e1c022a37a2f1d45 03db405dfd4a9a432f0688f2a4d8b607ca5b99e4 b9a5be5bdb7ca5238bd53f03c9f67603478a39a70c58857a58b35eb7a65f182e
GET /VCfsZZH/jMcaLAY.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gameterbaik.lol/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 07:35:23 GMT
content-type: image/png
content-length: 182752
last-modified: Thu, 28 Mar 2024 16:40:43 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| i.ibb.co/mNQCmVV/logo-1572138563.gif | 162.19.58.156 | 200 OK | 238 kB |
URL GET HTTP/2i.ibb.co/mNQCmVV/logo-1572138563.gif IP162.19.58.156:443
CertificateIssuerLet's Encrypt Subjectibb.co Fingerprint0C:8B:6F:2F:B8:9F:91:1E:3A:DD:B1:1B:45:47:B4:65:FD:56:73:3D ValidityMon, 22 Apr 2024 06:29:44 GMT - Sun, 21 Jul 2024 06:29:43 GMT
File typeGIF image data, version 89a, 250 x 98 Size238 kB (238127 bytes) Hashbb9e2c4e7d801f4401d4291a659c9c78 1df4d7b400a988ab4d92628bd3e1e5baff5efa6d b806b36aa6b902b0927d770cc0072b1d94511b836a8ad12664411e0e4560a920
GET /mNQCmVV/logo-1572138563.gif HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gameterbaik.lol/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 07:35:23 GMT
content-type: image/gif
content-length: 238127
last-modified: Wed, 27 Mar 2024 06:44:37 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| i.pinimg.com/originals/18/e7/f3/18e7f38cb79e1b0d7cb9c11e979420f6.jpg | 199.232.40.84 | 200 OK | 166 kB |
URL GET HTTP/2i.pinimg.com/originals/18/e7/f3/18e7f38cb79e1b0d7cb9c11e979420f6.jpg IP199.232.40.84:443
CertificateIssuerDigiCert Inc Subject*.pinterest.com Fingerprint4D:02:6D:A8:DF:FA:2E:1C:D3:43:46:EF:CF:92:F1:7A:41:8F:BA:0B ValidityMon, 31 Jul 2023 00:00:00 GMT - Wed, 07 Aug 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1080x1080, components 3 Size166 kB (165602 bytes) Hash88f944734b51ae13b618d060dc03baf7 73d6a53eb0affbe051ee79cc24194059c2840b8c efe1f69ea333de7aef91ff16d7990dd47de3257fa19230cc7198083300bbff65
GET /originals/18/e7/f3/18e7f38cb79e1b0d7cb9c11e979420f6.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gameterbaik.lol/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-replication-status: COMPLETED
etag: "88f944734b51ae13b618d060dc03baf7"
x-amz-server-side-encryption: AES256
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600
date: Wed, 24 Apr 2024 07:35:24 GMT
content-length: 165602
X-Firefox-Spdy: h2
|
|
| go-mamibet66.xyz/img/telegram.gif | 66.29.153.243 | 200 OK | 256 kB |
URL GET HTTP/2go-mamibet66.xyz/img/telegram.gif IP66.29.153.243:443
CertificateIssuerSectigo Limited Subjectgo-mamibet66.xyz Fingerprint4B:AE:51:8A:81:88:5F:F4:AB:C2:29:A6:22:CD:B2:D3:99:2C:46:C4 ValiditySun, 24 Dec 2023 00:00:00 GMT - Tue, 24 Dec 2024 23:59:59 GMT
File typeGIF image data, version 89a, 350 x 350 Size256 kB (255580 bytes) Hash73611fc5a4ff533ffa5069fe2fbeddc7 e2705eed5028dde87f64354181c48fa0b23f7590 1f17c717474da98182ccc9331f1a87e593b6173891055db6b98adad07adbeb8d
GET /img/telegram.gif HTTP/1.1
Host: go-mamibet66.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gameterbaik.lol/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 07:35:23 GMT
content-type: image/gif
last-modified: Wed, 31 Jan 2024 12:17:56 GMT
accept-ranges: bytes
content-length: 255580
date: Wed, 24 Apr 2024 07:35:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
|
|
| go-mamibet66.xyz/img/whatsapp.gif | 66.29.153.243 | 200 OK | 693 kB |
URL GET HTTP/2go-mamibet66.xyz/img/whatsapp.gif IP66.29.153.243:443
CertificateIssuerSectigo Limited Subjectgo-mamibet66.xyz Fingerprint4B:AE:51:8A:81:88:5F:F4:AB:C2:29:A6:22:CD:B2:D3:99:2C:46:C4 ValiditySun, 24 Dec 2023 00:00:00 GMT - Tue, 24 Dec 2024 23:59:59 GMT
File typeGIF image data, version 89a, 459 x 498 Size693 kB (692891 bytes) Hashb24b0ae3a471d1c1e7af2b110308c220 c87cf89776d2889593919634eea8fbf5dff7368f 9e960d6621486455b5d55343e39bf30a7e25cd5d3ed3a953eb2c6a6b66e62861
GET /img/whatsapp.gif HTTP/1.1
Host: go-mamibet66.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gameterbaik.lol/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 07:35:23 GMT
content-type: image/gif
last-modified: Wed, 31 Jan 2024 12:18:04 GMT
accept-ranges: bytes
content-length: 692891
date: Wed, 24 Apr 2024 07:35:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
|
|
| blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh5jgVsaLBAJW_Rap7MZBjq9Eb_75Ai5BTib4W_D0v0F6rq7g5UsgkkZhs0ZycMjNlPHQMgTlC1-IIS8ClpbVyDYUOa9LFtQhF2B8vOuhhYouG6n_4EN2FUnjzUQCs6ApX90xwY5oV6Q_b8Uh_Inxi-Q2nT1BdfKD-Of4ojYMtcheLazrg0zSWIs_O9VKs/s200/araslot-facebook.gif | 142.250.74.97 | 200 OK | 217 kB |
URL GET HTTP/2blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh5jgVsaLBAJW_Rap7MZBjq9Eb_75Ai5BTib4W_D0v0F6rq7g5UsgkkZhs0ZycMjNlPHQMgTlC1-IIS8ClpbVyDYUOa9LFtQhF2B8vOuhhYouG6n_4EN2FUnjzUQCs6ApX90xwY5oV6Q_b8Uh_Inxi-Q2nT1BdfKD-Of4ojYMtcheLazrg0zSWIs_O9VKs/s200/araslot-facebook.gif IP142.250.74.97:443
CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint6E:66:E1:45:85:5C:3A:EB:60:4A:8E:EF:62:B8:7C:E3:C7:1B:FA:47 ValidityMon, 18 Mar 2024 20:34:07 GMT - Mon, 10 Jun 2024 20:34:06 GMT
File typeGIF image data, version 89a, 200 x 200 Size217 kB (217078 bytes) Hash57a9912d72791a4cc7f7c7f06bbb901d 7b420a49cc84b6ef345833028e7e447bd3679fb5 452793d368dc3e332f531e88d2ca6b626dc7bb44c0995ca7633b49e962bc48ac
GET /img/b/R29vZ2xl/AVvXsEh5jgVsaLBAJW_Rap7MZBjq9Eb_75Ai5BTib4W_D0v0F6rq7g5UsgkkZhs0ZycMjNlPHQMgTlC1-IIS8ClpbVyDYUOa9LFtQhF2B8vOuhhYouG6n_4EN2FUnjzUQCs6ApX90xwY5oV6Q_b8Uh_Inxi-Q2nT1BdfKD-Of4ojYMtcheLazrg0zSWIs_O9VKs/s200/araslot-facebook.gif HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gameterbaik.lol/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/gif
vary: Origin
access-control-expose-headers: Content-Length
etag: "v1c"
expires: Thu, 25 Apr 2024 07:35:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="araslot-facebook.gif"
x-content-type-options: nosniff
date: Wed, 24 Apr 2024 07:35:25 GMT
server: fife
content-length: 217078
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 89.187.28.84/wp-content/uploads/2023/02/Starlight-Princess-Info-Gacor.webp | 89.187.28.84 | 200 OK | 42 kB |
URL GET HTTP/289.187.28.84/wp-content/uploads/2023/02/Starlight-Princess-Info-Gacor.webp IP89.187.28.84:443
CertificateIssuerZeroSSL Subject89.187.28.84 Fingerprint49:CF:C9:73:4C:5E:4D:D7:B9:CC:44:99:F6:AB:70:8D:97:49:C6:FF ValidityMon, 01 Apr 2024 00:00:00 GMT - Tue, 01 Apr 2025 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash65439544094816518bb910d98cdb4f30 1040f9afc92e9fa1a9cf90cb94dd5f7ef95bc227 9864b69a0edbef1185066c7e58983b17f61cf9d1220fc5820978a91bf81e0979
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2023/02/Starlight-Princess-Info-Gacor.webp HTTP/1.1
Host: 89.187.28.84
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gameterbaik.lol/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 07:35:24 GMT
etag: "a432-63f8898b-140742;;;"
last-modified: Fri, 24 Feb 2023 09:55:23 GMT
content-type: image/webp
content-length: 42034
accept-ranges: bytes
date: Wed, 24 Apr 2024 07:35:24 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
|
|
| blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjQkQ6-m85MZrPN8PbvILYqSm5TJZyxQTc7E-AVV5ZUCJHAtc3Eu2OuSXjOvz59W22frWE8l0tS6ojeDh_V67Lvm0yC2vIRpv4RTyXw7ud-YaWlJ2ULWxqp9_vSWk1b8-QGfINiWgCjw19p0c3xNtKzvtB1bWqDMzTsxhWD8O90rRjeah-A9jXWkewN3N8/s320/18-26-48-450-512-unscreen.gif | 142.250.74.97 | 200 OK | 1.7 MB |
URL GET HTTP/2blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjQkQ6-m85MZrPN8PbvILYqSm5TJZyxQTc7E-AVV5ZUCJHAtc3Eu2OuSXjOvz59W22frWE8l0tS6ojeDh_V67Lvm0yC2vIRpv4RTyXw7ud-YaWlJ2ULWxqp9_vSWk1b8-QGfINiWgCjw19p0c3xNtKzvtB1bWqDMzTsxhWD8O90rRjeah-A9jXWkewN3N8/s320/18-26-48-450-512-unscreen.gif IP142.250.74.97:443
CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint6E:66:E1:45:85:5C:3A:EB:60:4A:8E:EF:62:B8:7C:E3:C7:1B:FA:47 ValidityMon, 18 Mar 2024 20:34:07 GMT - Mon, 10 Jun 2024 20:34:06 GMT
File typeGIF image data, version 89a, 320 x 320 Size1.7 MB (1696276 bytes) Hash801c167b9278132053922c688db0b425 06805c0b687c673528e76856b9f498a7d46ddd21 5d752d441d7d325dd5b0de7d07d3116c183faf2f89915f677d8d982a444e5b8a
GET /img/b/R29vZ2xl/AVvXsEjQkQ6-m85MZrPN8PbvILYqSm5TJZyxQTc7E-AVV5ZUCJHAtc3Eu2OuSXjOvz59W22frWE8l0tS6ojeDh_V67Lvm0yC2vIRpv4RTyXw7ud-YaWlJ2ULWxqp9_vSWk1b8-QGfINiWgCjw19p0c3xNtKzvtB1bWqDMzTsxhWD8O90rRjeah-A9jXWkewN3N8/s320/18-26-48-450-512-unscreen.gif HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gameterbaik.lol/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/gif
vary: Origin
access-control-expose-headers: Content-Length
etag: "v24"
expires: Thu, 25 Apr 2024 07:35:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="18-26-48-450-512-unscreen.gif"
x-content-type-options: nosniff
date: Wed, 24 Apr 2024 07:35:26 GMT
server: fife
content-length: 1696276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.doctorallenwellness.com/pp/vs20olympx.jpg | 0.0.0.0 | | 0 B |
URL GET www.doctorallenwellness.com/pp/vs20olympx.jpg IP0.0.0.0:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pp/vs20olympx.jpg HTTP/1.1
Host: www.doctorallenwellness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gameterbaik.lol/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| | 172.67.154.127 | 200 OK | 25 kB |
URL User Request GET HTTP/2IP172.67.154.127:443
CertificateIssuerLet's Encrypt Subjectgameterbaik.lol Fingerprint9B:24:91:47:1D:0B:37:E2:04:70:7D:56:6E:39:D1:65:2D:C2:0D:7F ValiditySun, 17 Mar 2024 15:41:42 GMT - Sat, 15 Jun 2024 15:41:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: gameterbaik.lol
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 07:35:22 GMT
content-type: text/html
last-modified: Thu, 28 Mar 2024 17:01:51 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QN6t%2BLHyNv%2FOqFkLnOlRTHEdMHSz4VOYNNYmjGzzxtdemz%2FvnA2cpEXhtoGmAukM5ywEplLqyJh46QCSPUpkU4zLnVEcGvs5d77u5C02ZG23GRNrIxlQPGK1gOP4UTmtOwA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87946a882c1f56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| rdforva.com/wp-content/uploads/2023/02/Starlight-Princess-Info-Gacor.webp | 188.114.96.1 | 301 Moved Permanently | 42 kB |
URL GET HTTP/2rdforva.com/wp-content/uploads/2023/02/Starlight-Princess-Info-Gacor.webp IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectrdforva.com Fingerprint67:70:55:CF:62:4D:9B:15:57:EF:4D:EF:BF:FB:68:36:CC:30:EF:BE ValiditySat, 13 Apr 2024 22:09:01 GMT - Fri, 12 Jul 2024 22:09:00 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/uploads/2023/02/Starlight-Princess-Info-Gacor.webp HTTP/1.1
Host: rdforva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gameterbaik.lol/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Wed, 24 Apr 2024 07:35:23 GMT
content-type: text/html
location: https://89.187.28.84/wp-content/uploads/2023/02/Starlight-Princess-Info-Gacor.webp
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YE292Omk7rdxg9BuX4mVF7md4Rkl%2BKcvDgemMKZw9F9LeTeEdjF6uhWSPJY3UFgRBdUHWobn0mAgRnuK1yKQ6VGnszkYkY2XsXZS3Oz9Z2tSMhcCQjrDLd74kdAdOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87946a92bda456cc-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|