w88w981.com/
172.66.43.127301 Moved Permanently 0 B IP 172.66.43.127:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 18 Nov 2022 20:35:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.w88w981.com
CF-Ray: 76c37d9b2b06b521-OSL
Cache-Control: max-age=3600
Expires: Fri, 18 Nov 2022 21:35:06 GMT
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82X3Htry0jPXJBZZhj0nAiNWcxDr43p0vE%2BsBWI2pTADVQXpzMJUrGdUx1FYQWCiC8sstJcJkuJrKreSXRl5jEoKZ4kNkddCPDzsZzWll4TCBsTgAVa3pivZ%2FfW7"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d27590a1d3cbe1e9632b8ae92aaae3f4
202b34e8a0c3b88c8826fd56c6227b34f2cd6f46
6bcfa518476658128c1fb4ea2435c4e58531454cf97138dce7ece9def589aead
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BCFA518476658128C1FB4EA2435C4E58531454CF97138DCE7ECE9DEF589AEAD"
Last-Modified: Wed, 16 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17107
Expires: Sat, 19 Nov 2022 01:20:13 GMT
Date: Fri, 18 Nov 2022 20:35:06 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 67f53a639d57dd6237b5be86fe4f6c1b
287f09532dc331228d09c20b75f4160e91e9800a
41913a8af366685c42af59e9d8e02fccedbe68a3313d2d9fe353deb0c1019075
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2069
Cache-Control: max-age=138630
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 20:35:06 GMT
Etag: "63775eeb-1d7"
Expires: Sun, 20 Nov 2022 11:05:36 GMT
Last-Modified: Fri, 18 Nov 2022 10:31:07 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3a38b6dd8a4cc335c026aebf2ed348b6
8a386e0ccb0ca4dc502746c45b2ebc3aa3f83cf8
8b4040a645cec1841a00a22765eb3a74978559daf15c54bd4b41b6b48aab7f95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B4040A645CEC1841A00A22765EB3A74978559DAF15C54BD4B41B6B48AAB7F95"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4876
Expires: Fri, 18 Nov 2022 21:56:22 GMT
Date: Fri, 18 Nov 2022 20:35:06 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 18 Nov 2022 19:45:03 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3003
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: BUjpILpYJFJ8DKJrfZ6zvjGUyWbg/9J0QSayd+e9aC91D/rsVAu/dsqvuT9sYTi32Ek+l9u0NX6jT2DfllrzBg==
x-amz-request-id: VAMV759X08N5A5QM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 18 Nov 2022 20:15:44 GMT
age: 1162
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 18 Nov 2022 20:35:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 9046fa206d029520fdc43133e9e03ea3
adb1a7ae961ef2096cc05ec1b7720acbb23bbca1
81ece25f04df22f2c417a5dae3e0766a713fa66631e2064bc2f96515abc3cf76
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=170003
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 20:35:06 GMT
Etag: "6377e18d-116"
Expires: Sun, 20 Nov 2022 19:48:29 GMT
Last-Modified: Fri, 18 Nov 2022 19:48:29 GMT
Server: nginx
Content-Length: 278
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 18 Nov 2022 19:44:49 GMT
cache-control: public,max-age=3600
age: 3017
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fe40cc6ea871d80382b6082111393fbe
281f75d0a35dc8ef908bb0500e57abd86bd5388e
6d15422cdf7a6d72d06497188f27af893682314e82ac8a189a0ee2d798cb62d7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1260
Cache-Control: max-age=132769
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 20:35:07 GMT
Etag: "63774b30-1d7"
Expires: Sun, 20 Nov 2022 09:27:56 GMT
Last-Modified: Fri, 18 Nov 2022 09:06:56 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 16bbadb18616687351d4047aedc2ab45
979123c7ad6726befbbab2c07b50ecca31aa2d18
de8231c6ee426b7a76ebf574998dec11ce908efc0a745c2182fb7b61c5915e9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 20:35:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-160363484-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-160363484-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash b779f5fdba01796a54c897e7131666b5
67ca32baf2e6c966083ac16762bef1005724c0ed
c19033d02beeee340ff1d5ce29bd8fc0ca04f94de1c34eb9ac5ec70480629099
GET /gtag/js?id=UA-160363484-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 18 Nov 2022 20:35:07 GMT
expires: Fri, 18 Nov 2022 20:35:07 GMT
cache-control: private, max-age=900
last-modified: Fri, 18 Nov 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43679
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 16bbadb18616687351d4047aedc2ab45
979123c7ad6726befbbab2c07b50ecca31aa2d18
de8231c6ee426b7a76ebf574998dec11ce908efc0a745c2182fb7b61c5915e9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 20:35:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
34.215.91.121101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.91.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IUfrOp/jIH/kTSvxiy8F+Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8oLMcoxyDWhj685QQ5ZuekK8gmU=
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash f4ece9c980cc4dcf815567bba6893305
2882e6b51c30b7a71a689df9e62d54d69e449a7d
01e5e5b015cea11f44a3bc218a697296df98f35a9dfd53d3bac1cdfe9c38a1a3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=163528
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 20:35:07 GMT
Etag: "6377c843-116"
Expires: Sun, 20 Nov 2022 18:00:35 GMT
Last-Modified: Fri, 18 Nov 2022 18:00:35 GMT
Server: nginx
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash f4ece9c980cc4dcf815567bba6893305
2882e6b51c30b7a71a689df9e62d54d69e449a7d
01e5e5b015cea11f44a3bc218a697296df98f35a9dfd53d3bac1cdfe9c38a1a3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=163528
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 20:35:07 GMT
Etag: "6377c843-116"
Expires: Sun, 20 Nov 2022 18:00:35 GMT
Last-Modified: Fri, 18 Nov 2022 18:00:35 GMT
Server: nginx
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash f4ece9c980cc4dcf815567bba6893305
2882e6b51c30b7a71a689df9e62d54d69e449a7d
01e5e5b015cea11f44a3bc218a697296df98f35a9dfd53d3bac1cdfe9c38a1a3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=163528
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 20:35:07 GMT
Etag: "6377c843-116"
Expires: Sun, 20 Nov 2022 18:00:35 GMT
Last-Modified: Fri, 18 Nov 2022 18:00:35 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash f4ece9c980cc4dcf815567bba6893305
2882e6b51c30b7a71a689df9e62d54d69e449a7d
01e5e5b015cea11f44a3bc218a697296df98f35a9dfd53d3bac1cdfe9c38a1a3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=163528
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 20:35:07 GMT
Etag: "6377c843-116"
Expires: Sun, 20 Nov 2022 18:00:35 GMT
Last-Modified: Fri, 18 Nov 2022 18:00:35 GMT
Server: nginx
Content-Length: 278
www.w88w981.com/_static/_css/img/caret.gif?0.0.911
172.66.40.129200 OK 1.1 kB URL HTTP/2 www.w88w981.com/_static/_css/img/caret.gif?0.0.911
IP 172.66.40.129:0
File type GIF image data, version 89a, 7 x 4\012- data
Hash b1742752b8a8e54f58b368c17afc91b8
ebca9da3f04541af7b12187237d42105e317140c
1162678ada94d3cabdda96ef7640df3ac6d77609a751dcceb2fcca0174691cef
Analyzer Verdict Alert fortinet Phishing
GET /_static/_css/img/caret.gif?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/gif
content-length: 1101
cf-ray: 76c37da25b6eb511-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=14400
etag: "087ad5a43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:18 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
svr: 04
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xAIOGBOJNcAPt%2FC4DdlzApnq1DVZKojI2BH1yKcj%2FC8ecV8z7QXW%2Bte3biyyrMJVpn29GZjS2YPXxKzjnaY2pBxjhpmtFzwAPsVHOxlhQcArKyQX3u00RNY0QvJ%2FMYg0VA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash f4ece9c980cc4dcf815567bba6893305
2882e6b51c30b7a71a689df9e62d54d69e449a7d
01e5e5b015cea11f44a3bc218a697296df98f35a9dfd53d3bac1cdfe9c38a1a3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=163528
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 20:35:07 GMT
Etag: "6377c843-116"
Expires: Sun, 20 Nov 2022 18:00:35 GMT
Last-Modified: Fri, 18 Nov 2022 18:00:35 GMT
Server: nginx
Content-Length: 278
www.w88w981.com/_static/sports/img/popup/eSports-European-V1.png?0.0.911
172.66.40.129200 OK 24 kB URL HTTP/2 www.w88w981.com/_static/sports/img/popup/eSports-European-V1.png?0.0.911
IP 172.66.40.129:0
File type PNG image data, 345 x 218, 8-bit colormap, non-interlaced\012- data
Hash b65d3d95cc08ae55f3c1601201611309
bf727d5c17c052358a67bdee2b75a25316e9bd9c
63468cbe5c39e4e13e83d046ef61d4953ce902794ca080bc5768ab7bc6e943eb
Analyzer Verdict Alert fortinet Phishing
GET /_static/sports/img/popup/eSports-European-V1.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/png
content-length: 24007
cf-ray: 76c37da30c74b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "092187643fbd51:0"
last-modified: Mon, 16 Mar 2020 03:32:04 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FnkefZt4HCUEBgImGj0WbnHT9379od2YqtQy3W6uSZmBNo%2FfeU4D%2BYLPGNdtb%2BVXA3uj%2F23n7aSo2aHX4duV%2BZO0OOB3RGg%2B7Qb6SHfQXda3mh3fRxQA5K09GQIVGccMsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/casino/img/android_w.png?0.0.911
172.66.40.129200 OK 1.2 kB URL HTTP/2 www.w88w981.com/_static/casino/img/android_w.png?0.0.911
IP 172.66.40.129:0
File type PNG image data, 16 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash 93181cb5c1a379e22c08fb154a4bf1d4
e5341639821359fd6b5c52c2e6740aff50954c74
fd6ecd89a6e6c09ff9b88c2f4f0f75bc88c7efdc5bf9a0b98595bd187d758991
Analyzer Verdict Alert fortinet Phishing
GET /_static/casino/img/android_w.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/png
content-length: 1221
cf-ray: 76c37da2fc4eb511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "052ae238a7ad51:0"
last-modified: Fri, 04 Oct 2019 08:03:00 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z4EB4xmDZwWFWfC65HBb2p7xrz18UfBo8Cpl2RaswkUK1TXBrK8cuTXw50%2B8FbhLjlEWKzWQFRRCYVcS9jKyqNZn2hVmQqwkXkS10Rt9PINIuMLS3M0IjTn83J0PJMRwFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/_css/img/loading.gif?0.0.911
172.66.40.129200 OK 664 B URL HTTP/2 www.w88w981.com/_static/_css/img/loading.gif?0.0.911
IP 172.66.40.129:0
File type GIF image data, version 89a, 16 x 16\012- data
Hash 688252da9aaef89006e069aedfb7a441
34104d97e153d958e2f557c66cf6ca5f08126fef
a79735e265e912ce6393d569f8f91e8f17c236b35ce82430ce7eb1b4ba9a8ded
GET /_static/_css/img/loading.gif?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/gif
content-length: 664
cf-ray: 76c37da31c8db511-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=14400
etag: "087ad5a43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
svr: 04
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7rbBmd9gg7QEbM2lzaZIDoYS%2B1MXdC%2FXum4%2BWp4qBBvhHvL23CWt3LMJSvxx%2FkBzmcVkD8qVD%2BXxRugcVjTF7m%2Bbuz818QBFQ4ls2uQ7PuQ1HgRo7CJEtl2HcmqiJvyoTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/sports/img/popup/eSports-Asian-V1.png?0.0.911
172.66.40.129200 OK 18 kB URL HTTP/2 www.w88w981.com/_static/sports/img/popup/eSports-Asian-V1.png?0.0.911
IP 172.66.40.129:0
File type PNG image data, 345 x 218, 8-bit colormap, non-interlaced\012- data
Hash 8ebd1df16bd1afba7d6c2de1ab6dd4c0
7c2032b9951826a7deb93bbbccb27d1622e551ce
3515539e43a5995ba04206419ee2e3b9cd98ff1bf0816d7b5f325b866ff10272
Analyzer Verdict Alert fortinet Phishing
GET /_static/sports/img/popup/eSports-Asian-V1.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/png
content-length: 18134
cf-ray: 76c37da30c66b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "065e77443fbd51:0"
last-modified: Mon, 16 Mar 2020 03:32:02 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WzhWMKb5tekUkEu5v5hHa6j1HYBOyvoEhCP0c7%2FzqSG16quYLea%2FjCihKCBsE%2BNSFOpqFWbGSIQ56RPYRs15vkE6rifJffXQoC7gV%2Bt1p5DnotQi3tWRsJyJ3kLau2aHlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/games/popup/img/Popup-BigSlot-CN.jpg?0.0.911
172.66.40.129200 OK 69 kB URL HTTP/2 www.w88w981.com/_static/games/popup/img/Popup-BigSlot-CN.jpg?0.0.911
IP 172.66.40.129:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x353, components 3\012- data
Hash 6e0065df276abc188b72d75009a42cc7
15d12ebaed586e2a46ea0b2c2ed59840e57f584c
d4bbfc020fea1317222f1f0941ab1184ce319874429d42e630feca2b64bb819f
Analyzer Verdict Alert fortinet Phishing
GET /_static/games/popup/img/Popup-BigSlot-CN.jpg?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/jpeg
content-length: 68922
cf-ray: 76c37da30c79b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "02a8f6c43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:48 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
cf-bgj: h2pri
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=npgBadaluB3vnDD4VOr0oFxbzZxXnNKfaLprnPz0kKTfb0DM3pV3NBd5%2Bv3S7zKJufoV%2BLrR5IaH%2FH41s%2FqbNRSg8KuuuMYEV6cKo0Zb6hrKSOkxNIGwjDl%2Fk99UdSv5eg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/sports/img/popup/eSports-European-V2-New-EN.png?0.0.911
172.66.40.129200 OK 12 kB URL HTTP/2 www.w88w981.com/_static/sports/img/popup/eSports-European-V2-New-EN.png?0.0.911
IP 172.66.40.129:0
File type PNG image data, 345 x 218, 8-bit colormap, non-interlaced\012- data
Hash 5f9937fe713a8faa52bebfd7fed1c0c5
8b1fa68322fcbc5b7795a3086fa1506673bcc625
cc797be6804b336dba867d2bff3aa7bb4ce97350bae786917413a1269d1071e0
GET /_static/sports/img/popup/eSports-European-V2-New-EN.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/png
content-length: 11531
cf-ray: 76c37da30c71b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "092187643fbd51:0"
last-modified: Mon, 16 Mar 2020 03:32:04 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rBdmTzERu6H65c0VAiydvZcBlnplPycOBD8RblJVi%2BgCWrMAISCOqBUsud0xO6rD7h9og4iKwEw3Zf8jNFs0CUDVUxm4Cr6Aj9zEDK2%2BSozibcQbSXBH8Ye7WZYJ3CXmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/footer/downloadbar/img/v2/close.png?0.0.911
172.66.40.129200 OK 645 B URL HTTP/2 www.w88w981.com/_static/footer/downloadbar/img/v2/close.png?0.0.911
IP 172.66.40.129:0
File type PNG image data, 25 x 25, 8-bit colormap, non-interlaced\012- data
Hash d73dd3ff8ef50e35817c776e8f41a104
ede6bd2757a5afbe46cfc7c659c580629c8f2f72
c6e7b180843805053ef8ea779392301f4b1247aa0d1c0be0e21e55969fa801f6
GET /_static/footer/downloadbar/img/v2/close.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/png
content-length: 645
cf-ray: 76c37da36cf3b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0c256343fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:32 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 04
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=baPseOzcA12nKMobd%2FoV%2BGqnUcf3%2Bd77X4nnvTv5NsgnwyfJLvA2dhbWd0zaRiGG%2FQNoCZOFzzFLO2AKyE1JG%2ByIx6KhP5pxzCJU%2B9Rt6okVtOxZ1n87l6peIHPdHSWZkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/footer/img/backtotop.png?0.0.911
172.66.40.129200 OK 674 B URL HTTP/2 www.w88w981.com/_static/footer/img/backtotop.png?0.0.911
IP 172.66.40.129:0
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash 27fa0fb316755fd9f17895fbba2275fd
138e13e21a41d70a0b265b1b587bd8f6a1351177
8d7f9d1223ccd2afda1fcdef71ccbff9d84ed91f9588bd50405d2cae1b20bcc1
Analyzer Verdict Alert fortinet Phishing
GET /_static/footer/img/backtotop.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/png
content-length: 674
cf-ray: 76c37da36d01b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0c256343fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:32 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 04
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w6y%2F%2FZ5Cg%2BkPB3TVNqEzDSRycK3K1SrM%2F6nOMUbYq70oOVTdAaLUXZREzlx8Ng2I0fiXDy4AdUK172iioLtLVL4N4uaG3e%2BTuy%2F%2F9pEgvPu%2FJQaoBeeInsFVCNGAmy6TLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/mobile/img/v2/W88Lite-Android-EN.png?0.0.911
172.66.40.129200 OK 4.7 kB URL HTTP/2 www.w88w981.com/_static/mobile/img/v2/W88Lite-Android-EN.png?0.0.911
IP 172.66.40.129:0
File type PNG image data, 200 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash c517d63acea5a5e052520e911c5fe002
bd27eab59b0ee262aa55eb74f506a7545a59bf37
a542508bf961754d665552c69a9e5d75defbc477e25561ca6fcd55efaf95b9be
Analyzer Verdict Alert fortinet Phishing
GET /_static/mobile/img/v2/W88Lite-Android-EN.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/png
content-length: 4691
cf-ray: 76c37da2fc48b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "038b67343fbd51:0"
last-modified: Mon, 16 Mar 2020 03:32:00 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 01
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=liBmv8X83QXaKsM%2BrS1Qn%2FWSNohRrnRlPEkyijEmMLYUKraXVSOzQyFr4IA2SuAHfZNrubU2FuWvy2ivG25MyPPR5wZPZnZkEUR83OAvW9hJj7gu69OONPAGvJI%2BWeLlwA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/footer/livechat/img/contact/floating-App-empty-right.png?0.0.911
172.66.40.129200 OK 547 B URL HTTP/2 www.w88w981.com/_static/footer/livechat/img/contact/floating-App-empty-right.png?0.0.911
IP 172.66.40.129:0
File type PNG image data, 168 x 138, 8-bit colormap, non-interlaced\012- data
Hash b7871d377421ab2b06c73aa716ecbf00
ffd743753bbdfea6177963a7d5a6475346f4bcdc
d6fa74a4323d8e1c20c4e21bca961c2ae299780248f9d60cd36bd93c883bb3d2
GET /_static/footer/livechat/img/contact/floating-App-empty-right.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/png
content-length: 547
cf-ray: 76c37da36cfdb511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "07e49329cc3d61:0"
last-modified: Thu, 26 Nov 2020 02:31:08 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 04
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2F4qgn42CtzMQrp%2FXi6R6ywfiW3iIejIIkoRMV%2FDzipxewW2dGddXXcwS4rd1yPpHowfowOb5itUtUnvQUzf6lZi3nL4nSUimPHRGNtTR80XcmZTZM39kxtrcrt1zQ71lQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/games/bravado/thumbnail/w88-slots-Senorita-Bingo.jpg?0.0.911
172.66.40.129200 OK 11 kB URL HTTP/2 www.w88w981.com/_static/games/bravado/thumbnail/w88-slots-Senorita-Bingo.jpg?0.0.911
IP 172.66.40.129:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 146x189, components 3\012- data
Hash e1a03991b69de74f01dbe94f8edf1bbe
ffb699f35f6b6792edf1f2c1ba9a9ec26d521110
5b824eb73333d1ba9a2f4a81b3c6fc295e739209e8d588ef59655436a00a7ebf
Analyzer Verdict Alert fortinet Phishing
GET /_static/games/bravado/thumbnail/w88-slots-Senorita-Bingo.jpg?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/jpeg
content-length: 11164
cf-ray: 76c37da36d00b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0115fbf17e8d81:0"
last-modified: Tue, 25 Oct 2022 02:16:10 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 09
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MILdZSBTRwGTJUhpIimrJPemhVO71wssagfO52aEvscWHnzBaswcEqGCcZf08EQNhuGPw4q5PBo5dHvZ6ioda11jpf9CKscwm7chOEJ4f3GUh71srIFVKVTm5quIlrgM1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/img/blank.png?0.0.911
172.66.40.129200 OK 95 B URL HTTP/2 www.w88w981.com/_static/img/blank.png?0.0.911
IP 172.66.40.129:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Analyzer Verdict Alert fortinet Phishing
GET /_static/img/blank.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/png
content-length: 95
cf-ray: 76c37da37d14b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0b1227043fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:54 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 04
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BA7Ic2qnVayrV%2B9Ik0NSNKw9O6MJC8wDpjXPFY5FEEh6WUZKGEUOlPbfW6gYLfWABNU5PZJ73rPPoCWmPtDq87pD23465G5%2Fj%2Fi%2FpPmcOCmMrk3DwVOouwXJg99Fxl00zA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/sports/img/popup/eSports-Asian-V2-New-EN.png?0.0.911
172.66.40.129200 OK 20 kB URL HTTP/2 www.w88w981.com/_static/sports/img/popup/eSports-Asian-V2-New-EN.png?0.0.911
IP 172.66.40.129:0
File type PNG image data, 345 x 218, 8-bit colormap, non-interlaced\012- data
Hash b3808c16301217883141a45947820e69
6412796091faad03edde1b96f951945fe05a18fa
d2449c45e41fe62a40ca451c6272d6ac8089673026593e7f8fdd19d06de3aaea
GET /_static/sports/img/popup/eSports-Asian-V2-New-EN.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/png
content-length: 19500
cf-ray: 76c37da2fc54b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "065e77443fbd51:0"
last-modified: Mon, 16 Mar 2020 03:32:02 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ydz9LdJnRe56rp8mL3EU34f8fEtKkIlxoqLuImic80p9swgZja0gEwbkNm%2FNZGMJW0qKWKKLH0yP8iW6qkHDu2bvl7%2BQBfzt%2FCBWE7v0dAZ5Vqtvrnu7w79y3%2BF4tv%2FYVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/home/popup/img/w88lite-pop-up-banner-en.jpg?0.0.911
172.66.40.129200 OK 53 kB URL HTTP/2 www.w88w981.com/_static/home/popup/img/w88lite-pop-up-banner-en.jpg?0.0.911
IP 172.66.40.129:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 512x288, components 3\012- data
Hash ff7cf366502fc2aa5850be72d782ab36
38f4437a05e4af0bd23c2c12c360a72c4444fdd1
22d026dd777436e1ff6dd8b0a331feafb9f602f9c4833e4628668499dd9cc7f9
Analyzer Verdict Alert fortinet Phishing
GET /_static/home/popup/img/w88lite-pop-up-banner-en.jpg?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/jpeg
content-length: 52553
cf-ray: 76c37da2fc42b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0b1227043fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:54 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: h2pri
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 01
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6pfcV7CRbGl4MFh3pSiO2QXYCfhJuLmZYSwdUCyW71sfb80SdGtWFEl95EJjXR1QXGxsXZg5zK5zftlhIsY7DOooYWDtXTz5l%2Bd4%2F7pS2THveRYFYEI5r8ZjfoMd8zqOaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/fishing/img/W88-Web-Popup-Ocean-Explorer-202208-EN.png?0.0.911
172.66.40.129200 OK 73 kB URL HTTP/2 www.w88w981.com/_static/fishing/img/W88-Web-Popup-Ocean-Explorer-202208-EN.png?0.0.911
IP 172.66.40.129:0
File type PNG image data, 600 x 353, 8-bit colormap, non-interlaced\012- data
Hash a2e568d463839059ddc1ccdd044e528b
103a329a75a5edf1c23804d86f9329dc96565a07
d5c2b20604ac0e8eda658da93b268674404d5c94d33b8c13387acb04a6d4f2a5
Analyzer Verdict Alert fortinet Phishing
GET /_static/fishing/img/W88-Web-Popup-Ocean-Explorer-202208-EN.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/png
content-length: 73309
cf-ray: 76c37da31c85b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "02635d61eb2d81:0"
last-modified: Wed, 17 Aug 2022 09:50:52 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SVx3nCO7CD4VZfOe%2Bb1IEO%2FTRxqF5vqcA8OmpPmYHLcZCi5oUMBmPErUay0Qi0pwQbJSpVblX9hvZ6%2BcX1vTgBe7laVOAQg0%2FqA6v%2Bmt7p9wW6O0TayxTFsBn8pFav3XEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/sports/fantasy/img/side-banner-EN.png?0.0.911
172.66.40.129200 OK 25 kB URL HTTP/2 www.w88w981.com/_static/sports/fantasy/img/side-banner-EN.png?0.0.911
IP 172.66.40.129:0
File type PNG image data, 321 x 255, 8-bit colormap, non-interlaced\012- data
Hash 25ab19848bf37c261f7a33406fa79229
1097b416458264a38ada8452256302d9acd437ee
77df654570ad63357ca22aea17d51ce967c93ac151364ebc87324c093a2290fb
Analyzer Verdict Alert fortinet Phishing
GET /_static/sports/fantasy/img/side-banner-EN.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/png
content-length: 24994
cf-ray: 76c37da37d16b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0d155cf5a21d71:0"
last-modified: Thu, 25 Mar 2021 09:39:54 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eSbrta47cjoBc4BjeGzpM%2FeyV9k%2BXI3tNqDkFAuFUTSXs5i0ERWNffYFc587W0z0hqwQJczJ60zq9FYqFizj%2BihvuWb3IH05Bpzgikr4LL4aaXKlwHgl5beYSR36u8h49Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/sports/fantasy/img/Popup-EURO2020-EN.png?0.0.911
172.66.40.129200 OK 112 kB URL HTTP/2 www.w88w981.com/_static/sports/fantasy/img/Popup-EURO2020-EN.png?0.0.911
IP 172.66.40.129:0
File type PNG image data, 794 x 630, 8-bit colormap, non-interlaced\012- data
Size 112 kB (111903 bytes)
Hash 2fae1455e75832b4eae8269684940b0c
6afebb9a7caa050a2d2c62e284c8a390e4531a62
648cc5a61ac6b7a9c528c5e39d29fb50ae20866c40fdcd07b7eeeb4ca3604c2a
Analyzer Verdict Alert fortinet Phishing
GET /_static/sports/fantasy/img/Popup-EURO2020-EN.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/png
content-length: 111903
cf-ray: 76c37da31c7fb511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0d155cf5a21d71:0"
last-modified: Thu, 25 Mar 2021 09:39:54 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TnjaPiDfW9ZotYn9W%2FsY1mggRjAoAk%2FYbHn%2B2QCMTh3Ks8OkgihmCpX6T9wpmXbrLg%2BUN1s5SMXV52WL2SmcdGgzGcEtgo7WZNrimdTzN4e7NgfPb%2BP4uV81GGwbaST90Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/footer/logo/grey/right/GoDadd_SSL_off.gif?0.0.911
172.66.40.161200 OK 3.6 kB URL HTTP/2 cdn.w88ux.net/_static/footer/logo/grey/right/GoDadd_SSL_off.gif?0.0.911
IP 172.66.40.161:0
File type GIF image data, version 89a, 132 x 24\012- data
Hash 5045eabf16540556435967bff1add2c0
4bb89bf78a7c4d829d25b62da2e7db97c511e052
19eb58d4c794b39fac99e5ccd38d5c9d4bceca3ade0986defdb0b6a659156a25
GET /_static/footer/logo/grey/right/GoDadd_SSL_off.gif?0.0.911 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/gif
content-length: 3645
cf-ray: 76c37da3cffdb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "1a33e345b69d71:0"
last-modified: Tue, 23 Feb 2021 07:34:09 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fBFJOpvrV%2BEcd01ppqCB%2Fj38c2lSNJEBbHNc%2BzBfaiiPx9PveLiAGNMJNmABRTm%2BzSPBaZPwU%2BCKy0Mi8xDASl2UAnmbZFVHxQdVZH25cbqyFQ4MC7TtjsbPxjbRJhY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/footer/logo/grey/left/wordpress_off.gif?0.0.911
172.66.40.161200 OK 2.7 kB URL HTTP/2 cdn.w88ux.net/_static/footer/logo/grey/left/wordpress_off.gif?0.0.911
IP 172.66.40.161:0
File type GIF image data, version 89a, 34 x 34\012- data
Hash 51ae524d8110f01491893b6a2fde95ec
e186ad8bfa4a38670bb076a9521ca14fc7b8a13f
87aaad7ade48234c8695f9d970087302faa600bca9e706bf6d32acc5e9a14be8
GET /_static/footer/logo/grey/left/wordpress_off.gif?0.0.911 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/gif
content-length: 2693
cf-ray: 76c37da3cfedb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "829bc5b1b99d71:0"
last-modified: Tue, 23 Feb 2021 07:58:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y4qaJLODo2kKEwHxSkXA1oZR3yh3QEv6MWukrTQNRjc%2BHJCMZY011v%2BoY%2BwaJxbiA5IlDLKyK98HTsmgOStvL3hda4Kjua6A65LvNzVR0RhN2UDL8GezAn6Dgw30xls%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/footer/logo/grey/right/iTech_labs_off.gif?0.0.911
172.66.40.161200 OK 2.5 kB URL HTTP/2 cdn.w88ux.net/_static/footer/logo/grey/right/iTech_labs_off.gif?0.0.911
IP 172.66.40.161:0
File type GIF image data, version 89a, 25 x 23\012- data
Hash 1f9e7ee959a31b1316e8759008664686
e403a0da8316ca4e7cc906a6633741b075f59b65
6b98579e274f7f7d8137574d58c2013a98976dfc3298af9117d3e31e3a845504
GET /_static/footer/logo/grey/right/iTech_labs_off.gif?0.0.911 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/gif
content-length: 2494
cf-ray: 76c37da3cffab4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "a237746b69d71:0"
last-modified: Tue, 23 Feb 2021 07:34:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OrlW99m5rY%2BStfc2NQLMBEVZXDla4qSo1aRvfTscFGPQVKbHkwPhtk53mqchIul%2Frxj8OuLp%2F1Cr53Y54tJfb%2BSSav6RYVnvKq6%2FQ6sZoCWe%2BYRqT6TdmpH5dhC8ELE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/promotions/img/close.png?0.0.911
172.66.40.161200 OK 334 B URL HTTP/2 cdn.w88ux.net/_static/promotions/img/close.png?0.0.911
IP 172.66.40.161:0
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash cf9a587c079584073aa29c67656db53b
b934af48c2b5fc47ab9bd69a7885bbec55af1880
cd2f4da1e2a2352b1f61dd4766e71f06ccedc684eec7497f6ef6157a3df9e431
GET /_static/promotions/img/close.png?0.0.911 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/png
content-length: 334
cf-ray: 76c37da3cfe6b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "8d4883a14b3ad61:0"
last-modified: Thu, 04 Jun 2020 08:39:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ay8KFgsrEetuCW%2FSWjNKUjTICXBxBlOX3yPo2kcj2s5VNPexypFu09mnMWEAGio8ULnGzjKL5Cd0M%2B2v6GI91mrdH%2BakgHI7aqRPNXRJef3OUGmk1S0Mg6Y7bD0qsH8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/footer/logo/grey/middle/neteller_off.gif?0.0.911
172.66.40.161200 OK 2.1 kB URL HTTP/2 cdn.w88ux.net/_static/footer/logo/grey/middle/neteller_off.gif?0.0.911
IP 172.66.40.161:0
File type GIF image data, version 89a, 82 x 34\012- data
Hash 436be4b145fe272b9d36f9c3c9a48d80
e8c7b42498f8bf71bb883bc41344e0dbd8f80a37
7d45f0c02bb96839b4d8250686c320ef50865515d968df10c48ea72a770b158c
GET /_static/footer/logo/grey/middle/neteller_off.gif?0.0.911 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/gif
content-length: 2099
cf-ray: 76c37da3c801b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "2ec84342b69d71:0"
last-modified: Tue, 23 Feb 2021 07:34:03 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B6MQnH18j2V6HGbf07HFmxKdd8yIJ6MDsMMGdwOY6nDaE8aP%2BOZjrnhVNizUKiV8zSpdNcqhCUcQqxwjALkL6CbZHSf4lboaV%2FPTjtSrzwtKKMuYI8wBxMYPtQNF1Mc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/footer/logo/grey/left/Facebook_off.gif?0.0.911
172.66.40.161200 OK 1.8 kB URL HTTP/2 cdn.w88ux.net/_static/footer/logo/grey/left/Facebook_off.gif?0.0.911
IP 172.66.40.161:0
File type GIF image data, version 89a, 17 x 34\012- data
Hash 1c7cd6006161ccbaeff85bef04dceafd
187e460103946d8aaa862d95d0595ad36f9d2940
9e06cd28b9220315fa45ef8a1762f2f2ad0f9ceda6c337bbaeae3a7692143880
GET /_static/footer/logo/grey/left/Facebook_off.gif?0.0.911 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/gif
content-length: 1841
cf-ray: 76c37da3d812b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "2e1a743cb69d71:0"
last-modified: Tue, 23 Feb 2021 07:33:53 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KUT3a9MEAPs2pUVsD2CcKpPNnivzi53mXgYOI1gjcqvRZE0513mAS2f8ciYH62oPx8ALtq%2BQDc6Sv4pgFG%2BR7OODietLRi5sA%2BbEirQyBwLZbCW%2B%2FKxzhvytfopPhcE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/footer/logo/grey/right/gli_off.gif?0.0.911
172.66.40.161200 OK 2.9 kB URL HTTP/2 cdn.w88ux.net/_static/footer/logo/grey/right/gli_off.gif?0.0.911
IP 172.66.40.161:0
File type GIF image data, version 89a, 38 x 36\012- data
Hash 1eafa1a9b7f6835709f1a5570c50e86a
79debb272f7df152bf0f5d1e38ecdce0e472db49
2a45435616f406cc6ff83c9f2874974f49012a476291b2d32f1c4971bc173fbf
GET /_static/footer/logo/grey/right/gli_off.gif?0.0.911 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/gif
content-length: 2866
cf-ray: 76c37da3cff4b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "afbdc4b9b99d71:0"
last-modified: Tue, 23 Feb 2021 07:58:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=alBM7GXotMolNhWpET7uVM%2FE0Mc2f0ldtbbQBCxByO9FFGfkVEMNezzQC7cNM1CJ8KG%2BBnOWD%2FiJcrmUU%2F7xusbLcntcPz5s4OTvO%2Fzul0Jea8%2FjYAax8SHLrgHuVqA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/footer/logo/grey/left/twitter_off.gif?0.0.911
172.66.40.161200 OK 2.3 kB URL HTTP/2 cdn.w88ux.net/_static/footer/logo/grey/left/twitter_off.gif?0.0.911
IP 172.66.40.161:0
File type GIF image data, version 89a, 43 x 34\012- data
Hash c121efb505c6b7ecb44e07c98d431e9e
94a94ab4c5c17a89f855a5e2add58afe90bae86e
33fa4a58bdc4eaf5b872ad01300a7a74f3bc32ba546c879873d8dd22afc38c30
GET /_static/footer/logo/grey/left/twitter_off.gif?0.0.911 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/gif
content-length: 2338
cf-ray: 76c37da3c802b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "f099373db69d71:0"
last-modified: Tue, 23 Feb 2021 07:33:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5T6HLRg5RYGi9FBSbA422Ibxfzl7P7PgH8%2BgNy8iMSMQOdA%2FKP87v0sGUTLbjqEF0GoyisRHlY6sCmUSqOvf8RSnQVj7KB%2Fo3GFa7r4%2Brhq2h8V6iPP0A9%2BX6Ad3qxk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/footer/logo/grey/middle/AFA_off.png?0.0.911
172.66.40.161200 OK 4.5 kB URL HTTP/2 cdn.w88ux.net/_static/footer/logo/grey/middle/AFA_off.png?0.0.911
IP 172.66.40.161:0
File type PNG image data, 126 x 126, 8-bit/color RGBA, non-interlaced\012- data
Hash 23e7037916e7d7ed6273ca9d10c31fcb
895ec83a6ef6fcec57aa69b424ac416a598a2bf6
29b27feeff7bb9af251ca18bfb6997d07711c408101ddb580a296c1716002a9b
GET /_static/footer/logo/grey/middle/AFA_off.png?0.0.911 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/png
content-length: 4511
cf-ray: 76c37da3d80ab4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "43ec2ea2db11d81:0"
last-modified: Tue, 25 Jan 2022 11:06:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCmheCHqCgYwf9rBy3HsOhQ6n6PizGJ2D9%2BQUQ5ftyAmhK2D6q%2FD1eZ4Cl%2Bwa8ugxnR2YqX9KIWegGNpaFe1iIHGJFMbOCYdUkL9VwCsHHQ3owdQo1jAl3kI6UzkGeY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/footer/logo/grey/middle/Fulham_off.png?0.0.911
172.66.40.161200 OK 4.2 kB URL HTTP/2 cdn.w88ux.net/_static/footer/logo/grey/middle/Fulham_off.png?0.0.911
IP 172.66.40.161:0
File type PNG image data, 96 x 127, 8-bit/color RGBA, non-interlaced\012- data
Hash 8bb2988e379421f3543944985a65c86c
14a2a09d1286a32618ba4901fbf501bdac2bffb7
5a08a248b8a87dc3561cdd52e278e00321129f6ce78ba58737648e5c2f207f06
GET /_static/footer/logo/grey/middle/Fulham_off.png?0.0.911 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/png
content-length: 4215
cf-ray: 76c37da478d8b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "4d742393a1a0d81:0"
last-modified: Tue, 26 Jul 2022 03:41:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t88RBCnfgwKEdc9TzcweLHn5e4bOH4MmTtVUeL6XtpNwNRFu1wWn6oCYx9Kkx9YFyawvZcu2QgdzQgdeHWQGIt0vc3Z2MRVx0ltaNuj1BNG5CbAcdfunVZMmp%2BxbD3w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/game/crazy_fishing/W88-Web-Popup-Crazyfish-EN.jpg?0.0.911
172.66.40.129200 OK 82 kB URL HTTP/2 www.w88w981.com/_static/game/crazy_fishing/W88-Web-Popup-Crazyfish-EN.jpg?0.0.911
IP 172.66.40.129:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 600x353, components 3\012- data
Hash f1c7175c57727bc1e731aa9cf4249a50
4e6e1fb184d0c860fc0000c4bcaa1b65d28673ec
f47d7e9d7f91de2ea0992a2da68569cbd45c2840fe1f778f42974f1c01d688f1
Analyzer Verdict Alert fortinet Phishing
GET /_static/game/crazy_fishing/W88-Web-Popup-Crazyfish-EN.jpg?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/jpeg
content-length: 81922
cf-ray: 76c37da31c84b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0446aa7c24d71:0"
last-modified: Mon, 29 Mar 2021 09:15:20 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lwm%2F5G%2FIHGPjRmS%2BoqgLn4%2BeWdCzv2az4d3%2FnEuOl7KoNRwLiZU7%2FWVjYYcVw0JlzSUuGy7DI0Ues8osakt4OGyH1B%2Fbl8RNGwI8XEnRIg9VCRtdQQqx3PrhUhEDaw8KWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/footer/logo/grey/right/HLEvolution_off.gif?0.0.911
172.66.40.161200 OK 1.7 kB URL HTTP/2 cdn.w88ux.net/_static/footer/logo/grey/right/HLEvolution_off.gif?0.0.911
IP 172.66.40.161:0
File type GIF image data, version 89a, 29 x 25\012- data
Hash 7d986f24fe0b72489e69a9a4eb3415f4
e54cfb3718f72fd1d5697e27830c84313d806bc3
5958081330b5e6f9c30622f931f915c0e0a2c4fdea21e6cc3f4cdd3cd7c6dd68
GET /_static/footer/logo/grey/right/HLEvolution_off.gif?0.0.911 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: image/gif
content-length: 1734
cf-ray: 76c37da3cff1b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "96f34446b69d71:0"
last-modified: Tue, 23 Feb 2021 07:34:09 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sa5O2al6MwCOC99IsqnkAqTfaJDgut8foRDxIcbN9ZSJEQjk1mME3CkRSfpsHCIFOLuOoK%2BD1ptd%2B%2F5mQi2BZO8mZZXuGNPSteGQONam7kHvVa0RUV3SOr3Heyw7O58%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17140
Expires: Sat, 19 Nov 2022 01:20:48 GMT
Date: Fri, 18 Nov 2022 20:35:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17140
Expires: Sat, 19 Nov 2022 01:20:48 GMT
Date: Fri, 18 Nov 2022 20:35:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17140
Expires: Sat, 19 Nov 2022 01:20:48 GMT
Date: Fri, 18 Nov 2022 20:35:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17140
Expires: Sat, 19 Nov 2022 01:20:48 GMT
Date: Fri, 18 Nov 2022 20:35:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17140
Expires: Sat, 19 Nov 2022 01:20:48 GMT
Date: Fri, 18 Nov 2022 20:35:08 GMT
Connection: keep-alive
cdn.w88ux.net/_static/footer/logo/grey/right/GAME_PLAY_off.gif?0.0.911
172.66.40.161200 OK 2.9 kB URL HTTP/2 cdn.w88ux.net/_static/footer/logo/grey/right/GAME_PLAY_off.gif?0.0.911
IP 172.66.40.161:0
File type GIF image data, version 89a, 112 x 27\012- data
Hash 4b531a5dfc99e8349f61d08ef4ad789f
b7b0aa932f548b56eaeebeda53bbc49f688f5a7f
e1bcc747336fa0a86c5a9297a6838ce0ab8fb0af0dad9e8838e959048dff7885
GET /_static/footer/logo/grey/right/GAME_PLAY_off.gif?0.0.911 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: image/gif
content-length: 2902
cf-ray: 76c37da3cfefb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "a1624f45b69d71:0"
last-modified: Tue, 23 Feb 2021 07:34:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ARP0V74SteQ1YBC7x11r6T2qvLuTdoqDDLhFL7z8XNMzsFWtEcidwZ2O7dYMC47reD699t49ZlX1%2BrLIK3kX37B0vRJRMSL6W%2Bu9bi%2FwyAtgE10KDVqJG%2FJvnmVwyJE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/footer/logo/grey/right/Payouts_reviewed_off.gif?0.0.911
172.66.40.161200 OK 3.1 kB URL HTTP/2 cdn.w88ux.net/_static/footer/logo/grey/right/Payouts_reviewed_off.gif?0.0.911
IP 172.66.40.161:0
File type GIF image data, version 89a, 70 x 23\012- data
Hash 33ace231c9e5681784c58c5f0e123ebd
a2d733ffaf697c2e9a42d592cb599de3702aec95
d436ebf9f75e4efd7eb1c0f535a192a89d3b37d5354a54dceadafbb279e1358a
GET /_static/footer/logo/grey/right/Payouts_reviewed_off.gif?0.0.911 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: image/gif
content-length: 3083
cf-ray: 76c37da3cff9b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "21833a47b69d71:0"
last-modified: Tue, 23 Feb 2021 07:34:11 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UcoXj7GOALygwX2DQ1BnzDeJs0rgUaw8s7o27XIG0e%2FEGAJxa6ZXH3oURQKAHsK%2F%2F%2F7BQIp2PD37hoV7gfeqCpcWCFWVLQm74PUvq47sxNcigxyJslaXTbtG7x4u73o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/footer/logo/grey/right/bmm_compliance_off.gif?0.0.911
172.66.40.161200 OK 2.4 kB URL HTTP/2 cdn.w88ux.net/_static/footer/logo/grey/right/bmm_compliance_off.gif?0.0.911
IP 172.66.40.161:0
File type GIF image data, version 89a, 73 x 23\012- data
Hash 9b05fa38dbedccd7a2514f591ede41e4
4d63f36effcf8c87270fe6ac9e6ebc2eaba5c0ba
71e90a52c6f0066e5a552976a0e3e5be71fd7decc66aa0da6904625a5462ad83
GET /_static/footer/logo/grey/right/bmm_compliance_off.gif?0.0.911 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: image/gif
content-length: 2392
cf-ray: 76c37da3cff6b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "1c6bb444b69d71:0"
last-modified: Tue, 23 Feb 2021 07:34:07 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZ2i8fTbNj2kEnWvKT57oGXZsPVDmCR%2BEBHPKsEtcP%2FWtq%2BnJdp1%2FkPD%2BjvmVYEONJyNW53jhTSDhPno4M7eeb8RSkk1r0O1yU%2BGRrfPrlcAR%2FV%2B5QhRO3FXjJZK%2F%2Fg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f1b43b0-5ba1-4c6c-9a53-bfae9befdd7d.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f1b43b0-5ba1-4c6c-9a53-bfae9befdd7d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a9d32fa3866dd741de610a61a93ad893
4cb2141b1ef1e5bf19a3b355995dcd8fa36f695e
4492338de536cfae6fb42fd37170c60f4fbc281a2a924efe6d2b5af352cd102c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f1b43b0-5ba1-4c6c-9a53-bfae9befdd7d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6344
x-amzn-requestid: cac35b04-be3b-4ae1-bb5e-8cedcd7a7db4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: btqOVFCXIAMFcOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63755728-45c28fa333b748520be29b57;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 21:33:28 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: mhgNSp1_LsVmn00ULm116flMHpnfE6G6JABrJwXH5i4q-isv_W1-Ig==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:34:18 GMT
age: 82850
etag: "4cb2141b1ef1e5bf19a3b355995dcd8fa36f695e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd26f9e-1666-47e7-91b0-4b371ede5e61.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd26f9e-1666-47e7-91b0-4b371ede5e61.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30ad43f65949e7e22e73292e3d684f3d
9404b0071027ac7ec0055a9edfbd607e3a8ae501
b97961cbd2245f9927c1c0406451449d28cca24c98c534cace78321ac62eeeb2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd26f9e-1666-47e7-91b0-4b371ede5e61.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5955
x-amzn-requestid: fe915fbe-b1dc-4fbd-8a10-1cb46e08f56c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: btqPjHloIAMFidw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63755730-16deb73f48305b0139b1d9bd;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 21:33:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qtpQ9y_8ohoqKpvTx-mWM439VyjZnpmTKKCEAEnknL3CVN8ZkiJaYQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:39:46 GMT
age: 82522
etag: "9404b0071027ac7ec0055a9edfbd607e3a8ae501"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.w88w981.com/_static/js/qr.download.js?0.0.911
172.66.40.129200 OK 14 kB URL HTTP/2 www.w88w981.com/_static/js/qr.download.js?0.0.911
IP 172.66.40.129:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (369)
Hash 88bc83a2a6383436aab9d70e3a1f3949
6b2d0792548e4afd22509ae279dd415272f0693c
0ad70959a22675e309c7a0afc8c55d11fcc8e4294d3140e68c146757706af17d
GET /_static/js/qr.download.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da36d07b511-OSL
cache-control: max-age=14400
etag: W/"0af356fa5f4d81:0"
last-modified: Thu, 10 Nov 2022 01:40:38 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 04
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2t7HTF%2BMo1Fyz9I26iWHzXPLw9b4zIx8o2btDwouJASCWu946eOo1W53TvkvZptjwp%2BCVQBgfgZ8O%2BR8DEvto%2BKkdTuuQL5rR0EQMEMr026ByN0JpzBfV3qTC3UJn%2Fs%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20ddb38f-d459-45e6-9351-068a5306b3a1.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20ddb38f-d459-45e6-9351-068a5306b3a1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7d16e5ff718353c095d266b080fe547f
fa7c5c9a1d16355859196271f3d13f3850931888
9a94d8eb20cc56d0898b1e2b80c0006ebbef75c15ad94e907050c5be4e19a960
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20ddb38f-d459-45e6-9351-068a5306b3a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10349
x-amzn-requestid: fc85e078-a81a-4fed-899e-15249961f59c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-7tHGLIAMF00Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7d-4224d193517794684fcdc0ad;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UK-XD_8EcfPwfLb-QVwfLr8aG-sqVBoUJcbPb5hKAlQS68eOxdgM5g==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:03:27 GMT
age: 81101
etag: "fa7c5c9a1d16355859196271f3d13f3850931888"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e93b023-2729-4761-a4ea-05612c0917fb.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e93b023-2729-4761-a4ea-05612c0917fb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d0b6106f00f9fd8b89c2d484a559a1a
399ac393209dcdac7d2188d7aa8d95f04570ef7c
5d8151c9eb558f4a2b8bd2952c6845606ddb0c27e36f6e49aca7e60908cd9fe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e93b023-2729-4761-a4ea-05612c0917fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3759
x-amzn-requestid: 8c91ac59-89dc-4218-b69f-0cebb29f301b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-wJHgxoAMF-hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab33-4dac305614a92bc52c038222;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:44:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mb2-PTjNmt06Wd5jOjQ5WoLY-0NgI80CKPXtwgzBt4n5km8Pu_WN0Q==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:50:49 GMT
age: 81859
etag: "399ac393209dcdac7d2188d7aa8d95f04570ef7c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 032386e5c9dffff1ba1ee5e8a322d438
dd4fd6c803a9b333bace9a541c6bd183d0c56bb9
0e9f559a0aa7e114c5810a27ba243c0da7b44dc0bf7aec2b7ab32b8f0e2b536c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11667
x-amzn-requestid: 4778d1bd-28c3-4665-89da-046e356087f0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyD1HE-oAMF0QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-53c7330c5fd36d3c4d9e6aed;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CHi9V7-WaWmG6Y0249CZJnhe_RjvleaGFVXoOnJ62cjrcXoLLKwzgw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 18:45:50 GMT
age: 6558
etag: "dd4fd6c803a9b333bace9a541c6bd183d0c56bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/footer/logo/grey/middle/Milestone_off.png?0.0.911
172.66.40.161200 OK 3.8 kB URL HTTP/2 cdn.w88ux.net/_static/footer/logo/grey/middle/Milestone_off.png?0.0.911
IP 172.66.40.161:0
File type PNG image data, 96 x 126, 8-bit/color RGBA, non-interlaced\012- data
Hash c4c9c08aaa474d5f56fd2488153465b7
422514c8115a75eb632cb9de2467ed0942914056
f1082b351cf23eb4edd964ec834a35beaefad277dcbad69dbd288b1b013f3d0a
GET /_static/footer/logo/grey/middle/Milestone_off.png?0.0.911 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: image/png
content-length: 3781
cf-ray: 76c37da458b7b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "6844dd41b69d71:0"
last-modified: Tue, 23 Feb 2021 07:34:02 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2FElxT4LSQgxFvqIhDWc6NtJXLOsUV2xVYMm%2FoilpPBWg7P88UyI4mOg%2F9T12%2B3BUw1fDjIW6HxKbuaflmDCP%2BvXIG2jMEw%2FhZWn9ITdzOz6LjB%2B7Wr4c3etuBgCf1w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/js/ko.footer.contacts.js?0.0.911
172.66.40.129200 OK 12 kB URL HTTP/2 www.w88w981.com/_static/js/ko.footer.contacts.js?0.0.911
IP 172.66.40.129:0
Hash d13060dab95b59b709a83996ca200bb5
424dc65d0f737def8bd2a9edcf1888b0b0763634
07c15a0d014433249d21478175bdea969c831e6d47d1ceb04f78c3f770e57754
Analyzer Verdict Alert fortinet Phishing
GET /_static/js/ko.footer.contacts.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da35ce5b511-OSL
cache-control: max-age=14400
etag: W/"0af356fa5f4d81:0"
last-modified: Thu, 10 Nov 2022 01:40:38 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 04
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9pq0i5LrF6ToTlXZIEAYt6E%2Fs94wVYuaQkSl2A1OoD2FcLrmThxmv3%2BTHEXSzWVN%2BFHeK6SK%2BzfbBaGD1G%2FPENQqkov4VcCD7hgnZY1aeF326s9Oa2VFtldQiLb5EgpRHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
cdn.w88ux.net/logo/W88-Logo-black-EN.png?0.0.911
172.66.40.161200 OK 13 kB URL HTTP/2 cdn.w88ux.net/logo/W88-Logo-black-EN.png?0.0.911
IP 172.66.40.161:0
File type PNG image data, 442 x 80, 8-bit colormap, non-interlaced\012- data
Hash b69a8dfca077612aaf805fa573df1aaf
89624f1fe741b5a0cdf77b3a737f23a8216f417d
a07baf5bbb302668883c94e51f662332c7cf9ed1f3f1c43c7629babc89f58c61
GET /logo/W88-Logo-black-EN.png?0.0.911 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: image/png
content-length: 13088
cf-ray: 76c37da9a838b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "e5c14eb90f2d81:0"
last-modified: Mon, 07 Nov 2022 10:08:43 GMT
vary: Accept-Encoding
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0q1lPOh0ryxBvwDCNbwMrkFIHDEOhRqadU%2BmSHrRqEmHSIVp6vXRLLVLSyjlJ8RoKkOBOj%2FkQ936WIdj1SLDuonEB8ZeoQn%2BUMoL0gMLDlWiKweSm6%2BqQmroNJT48bo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/_css/img/sprite.png
172.66.40.129200 OK 8.3 kB URL HTTP/2 www.w88w981.com/_static/_css/img/sprite.png
IP 172.66.40.129:0
File type PNG image data, 1444 x 104, 8-bit colormap, non-interlaced\012- data
Hash 47285c087a948f6025c46f3fa49901e6
93e6793dd184bba06b8d21ea27e31798059f1709
174d0d2943db8cf951cfe3cbbb1ee1fd60a8a35912a79a1e7957fb2995bfe466
GET /_static/_css/img/sprite.png HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/_static/_css/sprite.css?0.0.911
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: image/png
content-length: 8270
cf-ray: 76c37da9ae93b511-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=14400
etag: "087ad5a43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:18 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofet2fouNUQguz0bjXB8jMWHIE1rfS1vf2LVVqxsd9ehnmf4w2fyH%2FVUkCON2oalC23oJpkGzRLqX6I0fq30ZEBfkhzmImdiDX96BY9FWt1AfKpYkGkQ1fKU6OLdxE20jA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/footer/logo/webbrower.png?0.0.911
172.66.40.161200 OK 12 kB URL HTTP/2 cdn.w88ux.net/_static/footer/logo/webbrower.png?0.0.911
IP 172.66.40.161:0
File type PNG image data, 209 x 260, 8-bit/color RGBA, non-interlaced\012- data
Hash ea3bbc246ca64ea8f3a024884dc93628
9735f213247ff60d5863d79a0bdd5480c5cb4cf2
e933a3ec106cdbbe528ae990e2f1a1dc6b806db1b8ca80af137e4c8ef45c6e35
GET /_static/footer/logo/webbrower.png?0.0.911 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: image/png
content-length: 11725
cf-ray: 76c37da9c877b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "5820433bc99d71:0"
last-modified: Tue, 23 Feb 2021 09:49:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYklFTffmqHDPoSk2betMqFtEQBCih2Bh5w2BYbGbsg1gvmJeIG0cIyK%2BUr%2FErv07PY5hEBQp%2FhDt7866SB4jC0UtVVthLQFPASkVen8ggxwON2lT4KphXMgD%2B2Zr30%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/_css/img/footer_line.gif
172.66.40.129200 OK 43 B URL HTTP/2 www.w88w981.com/_static/_css/img/footer_line.gif
IP 172.66.40.129:0
File type GIF image data, version 89a, 3 x 1\012- data
Hash 58e100f572ebffde6b3a9fc4990ed0b3
0006b1d912843ed3f405a3eab7ee6319601bcfea
bb5877cb22e83eb48f4fa4beadf06cf86011658ff7abc9b75d6867f793e33985
GET /_static/_css/img/footer_line.gif HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/_static/_css/Main.css?0.0.911
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: image/gif
content-length: 43
cf-ray: 76c37da9be9eb511-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=14400
etag: "087ad5a43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:18 GMT
vary: Accept-Encoding
cf-cache-status: MISS
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=daGEZQSGwovh6w87zektqPrgX%2Brb%2F7XOSMEvqkUAt9rQAV4NQlZY65ix5lLTyoIW5SNqNe1kz988u961ksARVwt42vlkMCfNzpxgN1osCwhEAVx14DxBUb7mvtJxD6aelA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/promotions/img/close.png
172.66.40.129200 OK 1.5 kB URL HTTP/2 www.w88w981.com/_static/promotions/img/close.png
IP 172.66.40.129:0
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 61678c6462dfa8e9d545dab9fa698666
b3bce07181ef50e1d7c78b7374677aa09b647efe
9ff729ccc3e0a1b61114df0d875fc9210f01bbf87e6268598a28dec3a33e8de3
GET /_static/promotions/img/close.png HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: image/png
content-length: 1475
cf-ray: 76c37daa3f72b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0db6c3a8bc6cf1:0"
last-modified: Tue, 02 Sep 2014 08:52:30 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GxaXvDlVx%2BzH1V6KzyfyZ0G6imFRcGYBI0MhqZ3hTtWDt3GTkuKJTgx84d9zVAtoD%2FcJpvA6xmbF7Vxk1QZ89ycojRumf%2Bwb87teMeEPmgtJhYgYMJqRS7GtzG2XFcnFhg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/img/2fa/Enter-Code-Icon.png
172.66.40.129200 OK 2.7 kB URL HTTP/2 www.w88w981.com/_static/img/2fa/Enter-Code-Icon.png
IP 172.66.40.129:0
File type PNG image data, 183 x 116, 8-bit/color RGBA, non-interlaced\012- data
Hash dce0d0eb5176a3af28371028f17eb7c2
adc7d5bbc77b4ad9cefdff49e2684a5d12b2fb3b
b856c0c4930b2e26d4d5bd158b35d6a52c1b74a53079d564c5cb14c208a0fa2b
GET /_static/img/2fa/Enter-Code-Icon.png HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: image/png
content-length: 2722
cf-ray: 76c37daa3f7ab511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "03ea145d4d71:0"
last-modified: Tue, 16 Feb 2021 02:41:48 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=szQImP2hiQCaZ3huu1RP8hSEH5eIwrW0beWhxIxH6ZI0vF364HpbS8vdZRtXMrMHjk0zXOfpMC1YupwabpR6fwIOcftmcs0VvokzDA1ubpJr0OfKB1HZHGLhF5drxxue1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/footer/downloadbar/img/Download-Centre-Floating-Box-before-EN.png?0.0.911
172.66.40.129200 OK 5.6 kB URL HTTP/2 www.w88w981.com/_static/footer/downloadbar/img/Download-Centre-Floating-Box-before-EN.png?0.0.911
IP 172.66.40.129:0
File type PNG image data, 307 x 236, 8-bit colormap, non-interlaced\012- data
Hash 8fb27c6adbc04ce78205230c8efd46ad
bd43a7639020c5313086009a7c18adab9b16ac97
f31f38a93482f15ed355846a7a4e3103d3dbe5ea3ae45b19fe58a3c55fc9651f
GET /_static/footer/downloadbar/img/Download-Centre-Floating-Box-before-EN.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: image/png
content-length: 5555
cf-ray: 76c37daa3f6cb511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0c256343fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:32 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2BitPk067LXu%2Fzai5wVR4VJ5xSurAt5RTZ%2Fng%2Bvc3gQWzLoCXKC0ofSPkvvkScdwq1rJFfTuHicydQ4vEdSFWFSZ%2FC9mKwGnTwj9guE%2F9TDXphcEQeTnlNheDLWndY5OzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/_css/din-regular/din-regular-webfont.ttf
172.66.40.129200 OK 40 kB URL HTTP/2 www.w88w981.com/_static/_css/din-regular/din-regular-webfont.ttf
IP 172.66.40.129:0
File type TrueType Font data, 17 tables, 1st "FFTM", 9 names, Microsoft, language 0x409, \251 Dutch Design: Albert-Jan Pool, 1995. Published by FontShop International FontFont release 1\012- data
Hash 9e5eb61423331dc4fe8c9c9c8a0302b7
989a67f1ad1cf221658dcea469e56f9bec820c57
09a0193e234571c340eb1de4462635db96155a949c07203f0a604e0a31bd28df
Analyzer Verdict Alert fortinet Phishing
GET /_static/_css/din-regular/din-regular-webfont.ttf HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/_static/_css/din-regular/stylesheet.css?0.0.911
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: application/octet-stream
content-length: 39480
cf-ray: 76c37da9ceb4b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "087ad5a43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:18 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofrwkOh5KotT3lTzxFJ61BAu8%2BMyH2RIIR0qNsGLz3DcUlmel%2B8scCJ20lbfqhjKjDEClOzTQctMLVIs9Jnl%2FHSNOcs5lR41h%2F47t6iwkS286cpgWGp9OB6O5Z4rLD8G7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/_css/hotmatch.css?0.0.911
172.66.40.129200 OK 4.4 kB URL HTTP/2 www.w88w981.com/_static/_css/hotmatch.css?0.0.911
IP 172.66.40.129:0
Hash 7f036fc93087884a22cd660d06da1edd
bb82c30b0e8dfdec832d092b3672845e9743ef3a
884807fccd896b36cf5f684ccdc45c641d5b368bb8ffcbb0fa139356b31dfd13
GET /_static/_css/hotmatch.css?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: image/png
content-length: 3250
cf-ray: 76c37daa5fa3b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0a61eac1e93d61:0"
last-modified: Fri, 25 Sep 2020 09:31:40 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X0wJ3CakxxfpRSvbT1%2BFICIF%2Bwm97LhrVSG1IqEemVLPQkacgswnBaWU5jxUmmTEh5lH1cXjxDGezKBGfyg43DzdTzz%2B6aUeJ5GpgwPJkPPJqwr5ntTMG3MMv6SrtUXyMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/menu/img/ClubMassimo-MG-CN.png?0.0.911
172.66.40.129302 Found 6.2 kB URL HTTP/2 www.w88w981.com/_static/menu/img/ClubMassimo-MG-CN.png?0.0.911
IP 172.66.40.129:0
Hash 23a59bbbf9f198c9a30ffa9d36edf391
b033ee307e0ed4a6d6b57cd24396dc59d0a08c65
069fa3eafbcd5dfdfc309c65f8ecf56543b9504b5189105ae9a7a9e990bd573f
Analyzer Verdict Alert fortinet Phishing
GET /_static/menu/img/ClubMassimo-MG-CN.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: text/html; charset=UTF-8
location: http://www.w88w981.com/_static/message/404.html
cf-ray: 76c37da2ec12b511-OSL
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: BYPASS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oHJIHZW0FYYbWFEzcl9YdKyRtBJlVC6vYFBTOYdqHq7a8ygw2xOHrPamOsffL7rZustFECx1uOjTAc3pfXoRL58P5y1mNp1tXDxgBTCoOjv74W1CPJRHI7qz9ax89nRGUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_secure/ajax/api/handler/timer
172.66.40.129200 OK 35 B URL HTTP/2 www.w88w981.com/_secure/ajax/api/handler/timer
IP 172.66.40.129:0
File type ASCII text, with no line terminators
Hash 8c97139d2108c9e0da41ec54e94ba803
00e2a709ee96007c6f9d428fdc5d7cf017698f0d
46aabacac367ed403dd2c09fcab78f85d0653dc11300f8c711e15569f8705880
Analyzer Verdict Alert fortinet Phishing
GET /_secure/ajax/api/handler/timer HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: application/json; charset=utf-8
content-length: 35
cf-ray: 76c37daa2f6ab511-OSL
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
request-context: appId=cid-v1:befc641a-1b45-4261-8b4f-ca637b9caad0
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JdIBE8yV8vWQRE4K0tl0bIRm5Lk%2F1pftAhNeHnzSLySNrrBzJ081AounCKZRrW19JgcxLY1M%2FYgx7XjByEtg0dqYUzP1ZfByvzMu3L%2FhdSp5Gjvp0C1fsahXOzdh8m1b%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/home/btm/img/Dividing-line-grey.png?0.0.911
172.66.40.129200 OK 2.7 kB URL HTTP/2 www.w88w981.com/_static/home/btm/img/Dividing-line-grey.png?0.0.911
IP 172.66.40.129:0
File type PNG image data, 1280 x 562, 8-bit colormap, non-interlaced\012- data
Hash 14250d20e980f74818375c282f8b0ee2
b40aece998ea2e2cd678c00e72ffcae5d4a31222
e591834490daedbcb1a3f3211c0a540d7f9dd739af8e84112b688696c0e96d9f
GET /_static/home/btm/img/Dividing-line-grey.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: image/png
content-length: 2674
cf-ray: 76c37daa8fe7b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "05139a0d189d71:0"
last-modified: Thu, 05 Aug 2021 08:12:26 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0lZpYFMUhfL1OuZCDug3THE%2FBX6u1qJf0Knfpj00t3%2FhdslLBhcjkyX7c64Hn6J8y5EqbNUopuXDN9cPie8liBj35KT%2FgTh5lEMyp1SmBqX1K2BJ6HewJIAcInWZ8pvd5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_secure/ajax/api/member/livechat/link/en-us?referrerUrl=https%253A%252F%252Fwww.w88w981.com%252F
172.66.40.129200 OK 37 B URL HTTP/2 www.w88w981.com/_secure/ajax/api/member/livechat/link/en-us?referrerUrl=https%253A%252F%252Fwww.w88w981.com%252F
IP 172.66.40.129:0
File type ASCII text, with no line terminators
Hash 2cc7a383ae26e697193bc1ec8b32c05f
fc490a03874be0621ea07a1d5b0be573799f50e2
0f7177bc00d2a0b1e08c9ebc64abf487e427cd6b4a603100ca3a621cb5f7367f
GET /_secure/ajax/api/member/livechat/link/en-us?referrerUrl=https%253A%252F%252Fwww.w88w981.com%252F HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer OElWYW1NVTJsMU02UG5NdWFCc2RkNlVjcDhSTHpaazhxbW1CUVpvYlJxTUFkSitPM1Avc2t4NW0zR3Q3MlhPRkpCMy9WZm82ZlB4dElrWlQ3SXZaSG0yMHAzWTlwVE9BYlFkaHp0TFlTcTBSRUp0UmRsNGxVSDNoN1RUUit4a2w=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: application/json; charset=utf-8
content-length: 37
cf-ray: 76c37daa3f7fb511-OSL
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
cache-src: red
request-context: appId=cid-v1:befc641a-1b45-4261-8b4f-ca637b9caad0
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5LaxXkOcSfFkFd8HypKte5QDveELRHtPujmtCR29kavgywrEBlih2f4BxY4XSVrBSQXWTe2SubsfizdYzvZ%2FXk65l2yuIJJZsD6kukqocAOQimVVq2F8LXboUAuk6ASiw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/svg/grey/announcement-left.svg
172.66.40.129200 OK 1.1 kB URL HTTP/2 www.w88w981.com/_static/svg/grey/announcement-left.svg
IP 172.66.40.129:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash cfe531e01d75fd31bdd6328fb16119b7
0f946594cdfd274cb82734886faee1da2ba51342
d9923421adc363bf063b6b79bc2f535b4cca33e9790bbe1c54054f06f1affa1c
Analyzer Verdict Alert fortinet Phishing
GET /_static/svg/grey/announcement-left.svg HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/_static/_css/icons.css?0.0.911
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: image/svg+xml
cf-ray: 76c37da9ae97b511-OSL
cache-control: max-age=14400
etag: W/"0dabeddfd47d81:0"
last-modified: Mon, 04 Apr 2022 08:27:48 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BiMLTt3gm6O0V8Ntp4xUbpa0XVFxmCjJp75s%2B7dYfjWzSEIx244aEwprDQkk3BfgcKUwwl322z8RdO%2F1uDcukgFl4CFupYMhfRQGO6rtTuJ2Icb9N3P4R%2B%2FP41Oot515cg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 050d780dd4bcf4fcf7e0c898331a306e
2e3767859e3f53b3f1001b872b7018a7f27e963a
c27062b5270e399ba488a06ea9d2bfba64803fe7319fb4121a282efd3ccf32a7
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 18 Nov 2022 20:35:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 18 Nov 2022 19:43:24 GMT
Expires: Sat, 19 Nov 2022 19:43:24 GMT
ETag: "2e3767859e3f53b3f1001b872b7018a7f27e963a"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.w88w981.com/_static/img/home.gif
172.66.40.129200 OK 1.2 kB URL HTTP/2 www.w88w981.com/_static/img/home.gif
IP 172.66.40.129:0
File type GIF image data, version 89a, 30 x 28\012- data
Hash 34ce14de058256be050a2f21ff8c1407
a52d572213ed82aa6101f042fa0504688d65083d
f108e916b4ffc8bcff082cc4106c48a5298e35b8ba6d816961c9a0717a3d01a9
GET /_static/img/home.gif HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/gif
content-length: 1155
cf-ray: 76c37dac5a88b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0b1227043fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:54 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QYs45GA7A8EgyKiy6rwM25HphGtGScpMdDlrEGsHoYxu6FRmGz9JErolZYa7kI1xYFTTfA3PK0uo6i69%2BhBpEHpXPR35cp8CWCAJplr1dXdJ9w4VC0ucOoDpCx8xUdeBXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/img/mobile.gif
172.66.40.129200 OK 1.2 kB URL HTTP/2 www.w88w981.com/_static/img/mobile.gif
IP 172.66.40.129:0
File type GIF image data, version 89a, 30 x 28\012- data
Hash 8491126b435ebf01cef5f154ae5f6d0d
c5e6db69a9d3ed7aa2fc80822d05e45be51dfca5
f68d06eb1176fd96aaac4da591ebd29b7489e802e464046680216012ab7a49d5
GET /_static/img/mobile.gif HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/gif
content-length: 1225
cf-ray: 76c37dac6a8bb511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0b1227043fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:54 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VjPGejz5OQ4GGupN6%2B14bvwcyQ7JMu1gFN8Lw4m2gfdMGdbo7HfbVB2%2FCKKwZrRufdHeWujRiGnp9d8M4Lx7A%2BGxhqbyl6sYtuIRmcCulzjFpkmVduQdlYY42k7fSO8YlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_secure/ajax/api/qrcode/desktop/download/w88w981.com/true/en-us/USD
172.66.40.129200 OK 9.1 kB URL HTTP/2 www.w88w981.com/_secure/ajax/api/qrcode/desktop/download/w88w981.com/true/en-us/USD
IP 172.66.40.129:0
File type JSON data\012- , ASCII text, with very long lines (13127), with no line terminators
Hash 1cd35524ccf621a41c57db5cdf2466ad
9f7bbeb10b8181bcd620e39a85869dd312ffad35
8d5e97d51b1acca11c1651cbeb021a449214b60723c5e37bc36285dc609e26b3
Analyzer Verdict Alert fortinet Phishing
GET /_secure/ajax/api/qrcode/desktop/download/w88w981.com/true/en-us/USD HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer OElWYW1NVTJsMU02UG5NdWFCc2RkNlVjcDhSTHpaazhxbW1CUVpvYlJxTUFkSitPM1Avc2t4NW0zR3Q3MlhPRkpCMy9WZm82ZlB4dElrWlQ3SXZaSG0yMHAzWTlwVE9BYlFkaHp0TFlTcTBSRUp0UmRsNGxVSDNoN1RUUit4a2w=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: application/json; charset=utf-8
cf-ray: 76c37daa6fc2b511-OSL
cache-control: private
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
request-context: appId=cid-v1:befc641a-1b45-4261-8b4f-ca637b9caad0
svr: 07
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMXcspiPeuWn3AG7lsktSyXzR%2FRMcm9k%2FMCdSj4%2FYvTWS3ykjAYawvOggPwOHSghZwg5F4RuOjlXVSC8kIh8yh8d276vKnNK%2FbzU3MZZ9djW9Q6XcBLpDARZohCZiPsAlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/footer/downloadbar/img/v2/floating-App-empty.png
172.66.40.129200 OK 1.7 kB URL HTTP/2 www.w88w981.com/_static/footer/downloadbar/img/v2/floating-App-empty.png
IP 172.66.40.129:0
File type PNG image data, 168 x 138, 8-bit/color RGBA, non-interlaced\012- data
Hash 1a3f5725da30bb3f1db46d66e8e1422e
990e49bb3b99f8db6f3ec305567d8b907fc6c99b
ebbc2805079d8b59608e69f652f23e1abdd08472dd6dca4f65858652599c2819
GET /_static/footer/downloadbar/img/v2/floating-App-empty.png HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/png
content-length: 1734
cf-ray: 76c37dad8c87b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0c256343fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:32 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yyUabLxj%2FZt1kydBkrAkVATkr9hvvkmw9Pzm7FOWPxPAMgDPCnwsYo5yetye7hgJ%2Bhk4s3GOLOD6vtjaOHKo%2BM%2F57%2BPNlhJtQEK%2FzyI67ZRt9ttKGpMi5dT%2BeM1KV39s1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/footer/downloadbar/img/v2/close.png
172.66.40.129200 OK 645 B URL HTTP/2 www.w88w981.com/_static/footer/downloadbar/img/v2/close.png
IP 172.66.40.129:0
File type PNG image data, 25 x 25, 8-bit colormap, non-interlaced\012- data
Hash d73dd3ff8ef50e35817c776e8f41a104
ede6bd2757a5afbe46cfc7c659c580629c8f2f72
c6e7b180843805053ef8ea779392301f4b1247aa0d1c0be0e21e55969fa801f6
GET /_static/footer/downloadbar/img/v2/close.png HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/png
content-length: 645
cf-ray: 76c37dad8c85b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0c256343fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:32 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2FB2zS1dT81ozJLFa7wAag5quk0K6VOp7QTZcIaURrWf7g2kmX%2FsK4xXXITZ%2F5bRGROuQrGq%2FKT3Kq76kpHCDQ1ICL6WysJOwQf4RPba7XJlGYfzq9HyuqiRh2oA1dpn1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/footer/downloadbar/img/v2/dc-android.png
172.66.40.129200 OK 2.8 kB URL HTTP/2 www.w88w981.com/_static/footer/downloadbar/img/v2/dc-android.png
IP 172.66.40.129:0
File type PNG image data, 36 x 41, 8-bit/color RGBA, non-interlaced\012- data
Hash 8937ea2253bd413e3e78a17956390cb2
86163d59716e13d227cdf9e830d00c5ac4add145
52b3501e5b4aacd16eb93c499b6582f559ee6c0ff9cfbc44f7eeb5a9a628561f
GET /_static/footer/downloadbar/img/v2/dc-android.png HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/png
content-length: 2787
cf-ray: 76c37dad9c8ab511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0c256343fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:32 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d19p9i9rhyh3SPMRNE44qO%2FiqkquueyXLU2CWAv04WKszZL3V4hUAdTzlJVNiNSbxFnCZQ5CWmyjy0noUwMNXHDC2drFC1vWvFibgebL5oANHV2P47LtPuvpr4VPsgI8kA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/img/new/new-en-us.png
172.66.40.129200 OK 3.8 kB URL HTTP/2 www.w88w981.com/_static/img/new/new-en-us.png
IP 172.66.40.129:0
File type PNG image data, 94 x 78, 8-bit/color RGBA, non-interlaced\012- data
Hash d2b85a212847ca7422fe5308beca951c
6023a0f8af42bd0bbe4834ace503f8dd8ed56f32
a4ca87a6a2a4a485e3bacc2fd1457783f9c21d4af58eeee938f62a70840b7d55
GET /_static/img/new/new-en-us.png HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/png
content-length: 3800
cf-ray: 76c37dad8c82b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0b1227043fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:54 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0E4g%2FB2hX7Y%2FkdJuWZTrk4auPZeumn2TJLZEUygu7qP7S%2BpQAeTditylrhly43dmW%2BMNda9vUt%2Bo4PfX5qm%2FngMP7Lhc0wKq6iNGcSIy2ooTK2Qvkv08tB1N1mEIkj2vVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/footer/downloadbar/img/v2/desktop-poker-windows-en.png
172.66.40.129200 OK 3.2 kB URL HTTP/2 www.w88w981.com/_static/footer/downloadbar/img/v2/desktop-poker-windows-en.png
IP 172.66.40.129:0
File type PNG image data, 182 x 152, 8-bit colormap, non-interlaced\012- data
Hash 4360d5b40881eccd901cf3a8f9e550bb
d23ba1790df02eb8817d7a52a1134bef5c9ad378
a7201280a2234c0b5324d3f65e09665e677f1ef3fbe23247b1b80ca1293f7ffc
GET /_static/footer/downloadbar/img/v2/desktop-poker-windows-en.png HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/png
content-length: 3181
cf-ray: 76c37daddcf3b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0c256343fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:32 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V3TZW2m6RSdm3gShHY1j4QFZB1EdJ7Y%2BjflldaiHmFPu1A4tXaU2lSsX%2FduBc%2FZVgz8%2FVeq5sjIPeOZjB6iXWvLRClDvOydPaqlUTGJQndiXoiExuJ7Q7C%2F7HLSL6WkVsg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 616234e812d0fe1b582a6e82479706be
837e990c8bc894af98a94e9314420f513272c17d
1fe5ed317cd396938dc7eb49b4424b75d1d8bc2855e582503cf05e7541b70170
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=135856
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 20:35:09 GMT
Etag: "63775c2d-117"
Expires: Sun, 20 Nov 2022 10:19:25 GMT
Last-Modified: Fri, 18 Nov 2022 10:19:25 GMT
Server: nginx
Content-Length: 279
cdn.w88ux.net/_static/home/img/bannerV3/Countdown-World-Cup-2022-Qatar.png
172.66.40.161200 OK 34 kB URL HTTP/2 cdn.w88ux.net/_static/home/img/bannerV3/Countdown-World-Cup-2022-Qatar.png
IP 172.66.40.161:0
File type PNG image data, 383 x 68, 8-bit/color RGBA, non-interlaced\012- data
Hash d9ee169c48692de471a66d199cf75c19
622e8e7e91f3be2fcfd25ca909e8a34bfe092e46
38fb2d44cf7ada6be7ccec95cfaf043a84c4d8a4231cda8dec6bc55e39579f83
GET /_static/home/img/bannerV3/Countdown-World-Cup-2022-Qatar.png HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/png
content-length: 34235
cf-ray: 76c37dad8cb5b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "4a4d3d3aff43d81:0"
last-modified: Wed, 30 Mar 2022 06:27:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tNOvRGN9bqSPyCDthOWC%2FR0I60c3nny0Cg8Eqdab5G%2FTVXOMrwozyAPDrKHqu0ysjfSQe6pnJK0vx8V1KD0GiSoycRvKEzO7CajSWoLuvvb94mNaXbJzy2fgutmF1eg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
ip2loc.w2script.com/ip2loc?callback=jQuery183031137484604514654_1668803706426&_=1668803706638
103.89.20.98200 OK 176 B URL HTTP/1.1 ip2loc.w2script.com/ip2loc?callback=jQuery183031137484604514654_1668803706426&_=1668803706638
IP 103.89.20.98:0
File type ASCII text, with no line terminators
Hash 73f2cf8cfd31292e32f49bbb59e3d64e
08660ec39b8e35197a2779f073ad67a5930ecfdb
a8537c77625edcbfb51e5dd78dfbc24ab439cf4b7793120e952b17f3596cfb13
GET /ip2loc?callback=jQuery183031137484604514654_1668803706426&_=1668803706638 HTTP/1.1
Host: ip2loc.w2script.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: application/json; charset=utf-8
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
svr: 06
Date: Fri, 18 Nov 2022 20:35:09 GMT
Content-Length: 176
Set-Cookie: ASP.NET_SessionId=hjl0xmzcg1laflz5rivjgg1k; path=/; HttpOnly; SameSite=Lax
SERVERID=twmsweb106; path=/
www.w88w981.com/_static/footer/downloadbar/img/v2/desktop-clubw-clubbravado-windows-en.png
172.66.40.129200 OK 3.9 kB URL HTTP/2 www.w88w981.com/_static/footer/downloadbar/img/v2/desktop-clubw-clubbravado-windows-en.png
IP 172.66.40.129:0
File type PNG image data, 182 x 152, 8-bit colormap, non-interlaced\012- data
Hash b2dfcf1bb0bc200cdbd7a977431c6e25
17764a16459eb0665d8718c560d14880b34bb830
cf2b069f2a250a934686709671846ec82f3557c8bf7e858606287f8f9f6642d8
GET /_static/footer/downloadbar/img/v2/desktop-clubw-clubbravado-windows-en.png HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/png
content-length: 3865
cf-ray: 76c37daddcebb511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0c256343fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:32 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ESb7QWEbFDYd9d8QwO2bVi2%2BGoyUEGHOEAxJJVJ4FiaPnV8WB4FsUioKIKbdEF3htsc0jVMtCMz5iGLJNKhIZZ2N3ZpYJ%2B60lgqcAsjyDENO0zdjGlWrHeA2cviwk3PLcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/menu/img/MG-popup-img.png?0.0.911
172.66.40.129302 Found 48 kB URL HTTP/2 www.w88w981.com/_static/menu/img/MG-popup-img.png?0.0.911
IP 172.66.40.129:0
Hash e53719b74775699ac666d3ddfd3a243d
be107a5400d4b2dff5e14a0326b1613c4137965c
bca78235d5effd254597a8572eab8a5bf98c29e4b9ec24ff6bfd2070d95fdc2f
Analyzer Verdict Alert fortinet Phishing
GET /_static/menu/img/MG-popup-img.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: text/html; charset=UTF-8
location: http://www.w88w981.com/_static/message/404.html
cf-ray: 76c37da96e1eb511-OSL
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: BYPASS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=knTXxiMG0gIb4jTgp9u%2F5wfypO2jXwYDuT%2ByVe6RjvMdflFq8oJXKHBAxg4GBSCceGuGuuoGwDKYnVfGql4mKweqn56eIwAuISNVQ8Ab1lhNMfbj8BV4ygFZpAaFQbiP0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/footer/downloadbar/img/v2/desktop-clubpalazzo-windows-en.png
172.66.40.129200 OK 3.4 kB URL HTTP/2 www.w88w981.com/_static/footer/downloadbar/img/v2/desktop-clubpalazzo-windows-en.png
IP 172.66.40.129:0
File type PNG image data, 182 x 152, 8-bit colormap, non-interlaced\012- data
Hash a5ba753f8faf7e8ad644290be1419e63
94bb3bcefbff8675c8de2cf07600772548a1d236
bad398f746219955cc55d5aa09c8b874b792375224b8a16bdfcdbf04341dbba9
GET /_static/footer/downloadbar/img/v2/desktop-clubpalazzo-windows-en.png HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/png
content-length: 3427
cf-ray: 76c37daddcefb511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0c256343fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:32 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5iwt%2BSzW440KmrszSefRpDGc5NF%2F9PdT1qoTNPFr6KmT34ITvp3MWgGsj6tilIpeR5sviylXfje5zFfo91W%2FWAuGJg1%2BnIIPu1rCEpql1xcnKPFJ1olMd1p5rYKtG0qeOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/_css/img/time.png
172.66.40.129200 OK 1.8 kB URL HTTP/2 www.w88w981.com/_static/_css/img/time.png
IP 172.66.40.129:0
File type PNG image data, 160 x 112, 8-bit colormap, non-interlaced\012- data
Hash 71bdc0cbc613da9e7969e8dfa1a5c8ce
1ceaa826bfbee6105cec412ce3efa37327973f08
dcda6dd3a0de450aa2cd8720c067fefa20a904f99feba273ab6d1bd5b6f3ab34
GET /_static/_css/img/time.png HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/_static/_css/sprite.css?0.0.911
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/png
content-length: 1769
cf-ray: 76c37dae8dd9b511-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=14400
etag: "087ad5a43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
svr: 04
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPaiWP5BB8jIkgOfRwxGWs8XYHxr0SEtnrouYuabz3%2FR5mncplBgDQ12AmehmIA%2BZr0coTKWOX45x%2F35luAcr8XUtb5YSgV1sWkT0Siix1fHHrHiu9npHOyBRfDE1j4rDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/home/img/bannerV3/W88-Home-WC2250B-20221118-EN.jpg
172.66.40.161200 OK 140 kB URL HTTP/2 cdn.w88ux.net/_static/home/img/bannerV3/W88-Home-WC2250B-20221118-EN.jpg
IP 172.66.40.161:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x500, components 3\012- data
Size 140 kB (139915 bytes)
Hash cfef22e269d7f45575d8be0198dcd56d
735d73ccd80f83fc87d49891331405930f6ddc75
1247195b1a6ed514b320e27070472c9080e135de1fce7fa276bfe5e7c48e138b
GET /_static/home/img/bannerV3/W88-Home-WC2250B-20221118-EN.jpg HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/jpeg
content-length: 139915
cf-ray: 76c37dad9ccab4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "24571dc21fbd81:0"
last-modified: Fri, 18 Nov 2022 07:46:25 GMT
vary: Accept-Encoding
cf-cache-status: HIT
cf-bgj: h2pri
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jkDFOVDDG2bAVtyHbjMbzhPovTquGz%2BO1tl%2F6DH1uQNKTJ%2F%2Fp39HMLMC2X2TS1jvtOr4cMYxNGec8Af6XC%2FJFV1Ep0zzJCmhRPuCbVpSWs8S%2FyiA1RfZ4UTNuSJWjm8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/js/member-web.worker.js?v=0.0.911
172.66.40.129200 OK 420 kB URL HTTP/2 www.w88w981.com/_static/js/member-web.worker.js?v=0.0.911
IP 172.66.40.129:0
File type Unicode text, UTF-8 (with BOM) text
Size 420 kB (420090 bytes)
Hash 3cf0da9792caa165a8113d8976be48c8
e90bf8a923a3b17b0d845db592ec7823f7b48144
213621fdc0cae56639cf3836d53f3220f05af3e2ccf5cd65ffcb31d9f0ceb27c
GET /_static/js/member-web.worker.js?v=0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: application/javascript
cf-ray: 76c37daaa809b511-OSL
cache-control: max-age=14400
etag: W/"0e7198c99ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:46 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6nsDeERXHuc90zX8NgvEfBVPFNqOdCjcYdnitOZWj2%2BG2tepT9xoutREcezuBXqQ%2F96CkutC2Ol2fPJAXELwc8VQHVvUfsQgryC2lcEIMryRy1ZtiIxJZLKvtT4vPBXB3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/footer/downloadbar/img/v2/dc-icon-Android.png
172.66.40.129200 OK 2.2 kB URL HTTP/2 www.w88w981.com/_static/footer/downloadbar/img/v2/dc-icon-Android.png
IP 172.66.40.129:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 026b6a1f8e2f8bfb26a6fac46e4d7805
207848453a5e6c1b86892727682b1bef3389e7c4
89f2123ec48b8a851a4a55e7b310807170975983a227162200b6d00e28f0c956
GET /_static/footer/downloadbar/img/v2/dc-icon-Android.png HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z; clientIp=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/png
content-length: 2177
cf-ray: 76c37db00fd5b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "038a530a352d71:0"
last-modified: Thu, 27 May 2021 02:51:28 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M1lSD5wEEh2i1l1cvhjzO9%2B0WHdVN5zR6ni4Kbd1lK7byN%2Fh4r3rbV56Geadpj8shQRrRgXE3BawDq7sNL7wfdffWsf3qVl0qIp0kfldu7RjMmpzn%2Bqef91a3SVh0kM3hw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/footer/downloadbar/img/v2/dc-icon-iOS.png
172.66.40.129200 OK 2.1 kB URL HTTP/2 www.w88w981.com/_static/footer/downloadbar/img/v2/dc-icon-iOS.png
IP 172.66.40.129:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 08109401a1b9941537e6e1776ba990c9
02c0db54d518ab5a250c3c2825912aa446e44c70
6828222567b2f9c39a77966542819570280b51d13355a7ca0e08f37c219b44e7
GET /_static/footer/downloadbar/img/v2/dc-icon-iOS.png HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z; clientIp=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/png
content-length: 2108
cf-ray: 76c37db00fddb511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "038a530a352d71:0"
last-modified: Thu, 27 May 2021 02:51:28 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AU90uQ4wlEQw%2FnC3lRWfiXadgMlk5NFHwRgSxcfDv3wFfz%2Bma2BdP9rLLlu09LlTs7kt67cEWAqUDHROyLERPPIv2ZV6peBSm6q2IXRnq3vHvZ5ybjBB22mpZME5aNCTrw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/home/btm/img/24-hours-icon.png
172.66.40.161200 OK 636 B URL HTTP/2 cdn.w88ux.net/_static/home/btm/img/24-hours-icon.png
IP 172.66.40.161:0
File type PNG image data, 36 x 38, 8-bit colormap, non-interlaced\012- data
Hash b185cae2695f5629899bd0be80f03fac
c9e461b5e87f0c703d9277b3aa18f174e4fd5c12
ab4d90752ef275e80a8c0caeebbd48e30d6a0a2d2d4936b0463c4d8081c28987
GET /_static/home/btm/img/24-hours-icon.png HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/png
content-length: 636
cf-ray: 76c37db17b5cb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "171e62928e54d81:0"
last-modified: Wed, 20 Apr 2022 08:13:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TH6nvx3qiZGFzkJ1a1wcaKMRrIebc5l3fyET4%2F4JDnT9WYCnesXtk2WHIsZMI67D0bJYSdTpRmw6E70jQ%2B0h9Gn6ULjLCm5bK7%2FaYHEJbBX8Zyn1jtO7uezj5vF39no%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/home/btm/img/promo/W88-Home-e-Sports-EN-grey.jpg
172.66.40.161200 OK 6.8 kB URL HTTP/2 cdn.w88ux.net/_static/home/btm/img/promo/W88-Home-e-Sports-EN-grey.jpg
IP 172.66.40.161:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 319x233, components 3\012- data
Hash d2add7d05707ab889665c063caf4fd6c
0b1ba0d5a807b91ec6e977d1b63071caa1d71dcd
31925f8020117d2206cdef6939a33c0b70af5272ffa47b5239f36924a077df03
GET /_static/home/btm/img/promo/W88-Home-e-Sports-EN-grey.jpg HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/jpeg
content-length: 6848
cf-ray: 76c37db16b50b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "8d479b9a8e54d81:0"
last-modified: Wed, 20 Apr 2022 08:14:06 GMT
vary: Accept-Encoding
cf-cache-status: HIT
cf-bgj: h2pri
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06hACaQtRgZpdwi2FZhyCuMpP1ZhQ6lyoXtvcipzB5WR8SEKKj1a7EoO7ym5wWuxekhpJDvPnze4m663Zf44FS%2Fojq1lddZfJyUPNl6iWPTgYP%2B%2F2z%2FYVDAUaoa37p4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/home/btm/img/phone-icon.png
172.66.40.161200 OK 265 B URL HTTP/2 cdn.w88ux.net/_static/home/btm/img/phone-icon.png
IP 172.66.40.161:0
File type PNG image data, 30 x 37, 2-bit colormap, non-interlaced\012- data
Hash da993759bfd8c1adaac3487dce006923
6919413762a894f11540a7530377b356470e3424
ce0bab7c643b66e33eaad57c2a0a642be5e2ea4a90780722e948b45e40c7f781
GET /_static/home/btm/img/phone-icon.png HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/png
content-length: 265
cf-ray: 76c37db17b69b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "a7f4e1938e54d81:0"
last-modified: Wed, 20 Apr 2022 08:13:55 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gGQp2YB70UxGZlm%2BiaOxZ2qMZqTv3F6wK7nh%2F7%2BgiI8HvpJu1sP20aCNa6%2BFMtt0t6Mg1aGfox6QTpOZUjiTtbKthbqvdm3s5jFGC0UM5I0YsB49jvjvdGi6AxKh8MY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/home/btm/img/Skype-icon.png
172.66.40.161200 OK 268 B URL HTTP/2 cdn.w88ux.net/_static/home/btm/img/Skype-icon.png
IP 172.66.40.161:0
File type PNG image data, 32 x 32, 2-bit colormap, non-interlaced\012- data
Hash 8348db3bfbee590c64b61ef0d279ec20
dc70f419dd570604ea8a09b9c77482e156a2b963
4155cb3ad2ab7356fe82c59be1f52bf1b67b23089000651ab18fc50f60cf4f0a
GET /_static/home/btm/img/Skype-icon.png HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/png
content-length: 268
cf-ray: 76c37db17b67b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "6bb6a96f8f54d81:0"
last-modified: Wed, 20 Apr 2022 08:20:03 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nrS1NIHmVxwW3xIUW807rQeZjvXyVZ9xOLol%2Bzlw5HMCPFYI%2BwExBt8NRBAtUFT01K0NEgygpxM541n5stiweb2OE5ur%2Fvae4wbHgf4iAl4Ii0UwnU1R2IPSbG6Wk8M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/home/btm/img/promo/W88-Promo-B-100welcome-EN-grey.jpg
172.66.40.161200 OK 12 kB URL HTTP/2 cdn.w88ux.net/_static/home/btm/img/promo/W88-Promo-B-100welcome-EN-grey.jpg
IP 172.66.40.161:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 319x233, components 3\012- data
Hash b410f3ec8758aee06b6b103b652f444f
dbb358fa7fff5ee2d8acdc72e567f202e0beaba0
0d85d89a976c074a671b5c92f57d869f59bbceec5437e8ee23c508b850dc78fc
GET /_static/home/btm/img/promo/W88-Promo-B-100welcome-EN-grey.jpg HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/jpeg
content-length: 11666
cf-ray: 76c37db17b5ab4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "289427aaa70d81:0"
last-modified: Thu, 26 May 2022 02:44:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
cf-bgj: h2pri
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=phgXasOmwdZYi4vQ6%2BTau4h%2BKqpBZ3Nru126uvWaJ2MzW04M5Gz4md2Gu9pJkoqU4XzFt5SozlauzLSurN8lR9zLKVXPN%2F86lqWnE2ItKXvI4ngRFZs2tseeaGpr2GY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_secure/ajax/api/qrcode/mobile/download/group/w88w981.com/true/en-us/USD
172.66.40.129200 OK 37 kB URL HTTP/2 www.w88w981.com/_secure/ajax/api/qrcode/mobile/download/group/w88w981.com/true/en-us/USD
IP 172.66.40.129:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash d14cb1b571ae3fa0ac1608d7fcbcd4c1
6403426cc33e78d869632b9917911bc46db985cf
8e8c9fb7ef9d503d83bacdf05363ed72dda38f7a082ba8ff1eb04db2902c7e45
Analyzer Verdict Alert fortinet Phishing
GET /_secure/ajax/api/qrcode/mobile/download/group/w88w981.com/true/en-us/USD HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer OElWYW1NVTJsMU02UG5NdWFCc2RkNlVjcDhSTHpaazhxbW1CUVpvYlJxTUFkSitPM1Avc2t4NW0zR3Q3MlhPRkpCMy9WZm82ZlB4dElrWlQ3SXZaSG0yMHAzWTlwVE9BYlFkaHp0TFlTcTBSRUp0UmRsNGxVSDNoN1RUUit4a2w=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: application/json; charset=utf-8
cf-ray: 76c37daa6fb9b511-OSL
cache-control: private
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
request-context: appId=cid-v1:befc641a-1b45-4261-8b4f-ca637b9caad0
svr: 07
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RolAoIzOymDgflRuVzXl7lcm%2BTYyDihUOT650zQB5bYIeG9dIG8s85V%2BQbzSWwuka3%2BaGbsTX6nWSXoVi9BJsX1MDgBpw5VbGpNxB4B5FF5UZJJ3Qedtl1iEuRmR5hxAJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/menu/img/MG-popup-img.png?0.0.911
172.66.40.129302 Found 1.9 kB URL HTTP/2 www.w88w981.com/_static/menu/img/MG-popup-img.png?0.0.911
IP 172.66.40.129:0
Hash f8993df6b16af94de9833aebd86039c9
2bbfe8d28e20b4caabc399708b5a8e0da024a183
ec91416bed283ecab082f72798b70418a5047d906c2dc091d3a3ddcf3d2c6e47
Analyzer Verdict Alert fortinet Phishing
GET /_static/menu/img/MG-popup-img.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: text/html; charset=UTF-8
location: http://www.w88w981.com/_static/message/404.html
cf-ray: 76c37da2ec14b511-OSL
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: BYPASS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QhURB6FwEC7Y%2FyhBOQ6L8rMD9Iy6nXC1YqmZOtm9dz%2FBKpBp8FaaryAmZmNKwPYyvrTc9LFalJyDRNakp5aFfKgMU2MTKKYrWH8gTVUpPO7TuywhQmjnvYYF5Ckxt9qsog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/menu/img/ClubMassimo-MG-CN.png?0.0.911
172.66.40.129302 Found 4.2 kB URL HTTP/2 www.w88w981.com/_static/menu/img/ClubMassimo-MG-CN.png?0.0.911
IP 172.66.40.129:0
Hash b083b54edf69aa5a73bdd9cb0fe64b11
f5eb268e2360d41cc09693be6d4452d319b0a5dc
3879a52fae16e813bfc8d329b3d3370c7abda52561e22b59458de2925f70f7c9
Analyzer Verdict Alert fortinet Phishing
GET /_static/menu/img/ClubMassimo-MG-CN.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: text/html; charset=UTF-8
location: http://www.w88w981.com/_static/message/404.html
cf-ray: 76c37da96e1db511-OSL
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: BYPASS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ImRFhN%2Bdl6dfAJ%2F5QRQTw%2Fc1nP9rNAMkzcMiKbJFgqeMEVUQdeolQLp%2B5DZz36HlE%2B7XgmuUTHJ7P4%2BtffRwNYzcqmwlYnnmn5SCEPUhTzAdbsuFqLM9XPK4hHxqfl63Ig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_secure/ajax/api/handler/contactus/side/en-us/USD?riskID=N
172.66.40.129200 OK 5.4 kB URL HTTP/2 www.w88w981.com/_secure/ajax/api/handler/contactus/side/en-us/USD?riskID=N
IP 172.66.40.129:0
File type JSON data\012- , ASCII text, with very long lines (1455), with no line terminators
Hash 56124d8d3c0fdba75e37f3667d474623
c429e9aee970fb6215d440154f574f9f895c784f
49e674535708811ac9e8b0b97f4daae364370ad922ec306181d8d0c54586b94b
GET /_secure/ajax/api/handler/contactus/side/en-us/USD?riskID=N HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer OElWYW1NVTJsMU02UG5NdWFCc2RkNlVjcDhSTHpaazhxbW1CUVpvYlJxTUFkSitPM1Avc2t4NW0zR3Q3MlhPRkpCMy9WZm82ZlB4dElrWlQ3SXZaSG0yMHAzWTlwVE9BYlFkaHp0TFlTcTBSRUp0UmRsNGxVSDNoN1RUUit4a2w=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: application/json; charset=utf-8
cf-ray: 76c37daa5fa1b511-OSL
cache-control: private
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
request-context: appId=cid-v1:befc641a-1b45-4261-8b4f-ca637b9caad0
svr: 07
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o8oiJLm4NVzvuXMwo1YzmCjc68aNBwklDFDE%2BQvzGSf%2BskYPJGWmZxDITRBZRvnatTqe8jSgWqcwvS2pAJxLNFteVP%2Fx%2BBLpWq7HwuFYFBnoInU7Ez%2B6jkqYRUeXncRLPg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/home/en-us/images/8/Sub-BankingOption.png?0.0.1864
172.66.40.161200 OK 6.3 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/home/en-us/images/8/Sub-BankingOption.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 160 x 164, 8-bit/color RGBA, non-interlaced\012- data
Hash 51d9fca452c3836ebd030750402d3241
68889a9f4bf14854d70f2a3fc4887d640bbf2758
2701cb0c532757f5817671a15a375edd19e3dc058b351c6e8d9b0bf7a2a335d3
GET /_static/menuApi/prod/menu/home/en-us/images/8/Sub-BankingOption.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/png
content-length: 6346
cf-ray: 76c37db1cbddb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "196a5acd258d81:0"
last-modified: Thu, 13 Jan 2022 02:32:25 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZE3Nyubzf7pwXIxQr6ouMT%2FgwEur8oSGzq%2FGy6XamcUTM6LXo67pYHGef%2FvhJ9dG53iRfFlBOpAKXtnjWwz1E7ATKcYGgfxl21waU6HbyiovWWc6Z%2BfJV5%2Ft6alk9rs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/home/en-us/images/8/Sub-ContactUs.png?0.0.1864
172.66.40.161200 OK 4.6 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/home/en-us/images/8/Sub-ContactUs.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 160 x 164, 8-bit/color RGBA, non-interlaced\012- data
Hash f9572f0701001ece624ce1fbe2fd25e2
ffe2e9b8e0daccaaa51640e0cbd14cae8d49478a
88bb4824fd7df6631de744020a8b63ef58746059829d3dae07ae14034770f94f
GET /_static/menuApi/prod/menu/home/en-us/images/8/Sub-ContactUs.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/png
content-length: 4555
cf-ray: 76c37db1cbe9b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "9bcb5ccd258d81:0"
last-modified: Thu, 13 Jan 2022 02:32:25 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EH5wosSivrgJdSDRvGGv5yDMghv2%2Fg0RdXH7V0jyW2LMKmQ9t6Md8njWW6w2%2Fr%2BgLYL%2F2G40K2%2FDHoVH03Q6zkynKZGBzl8UDWtW7%2FycpN2%2B8DnErzGTDZV2wnfuZ1A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/home/btm/img/Service-Advantages-bar-grey.png?0.0.911
172.66.40.129200 OK 168 B URL HTTP/2 www.w88w981.com/_static/home/btm/img/Service-Advantages-bar-grey.png?0.0.911
IP 172.66.40.129:0
File type PNG image data, 250 x 26, 2-bit colormap, non-interlaced\012- data
Hash 619685318504a2132e278b48c76f9073
b441871fe0b03579341a3f9345a5cb8a06a80b46
0b5d5c12e8c30bcb0c4b39532165b3fac153978502c1879dcba6165b0ab6610d
GET /_static/home/btm/img/Service-Advantages-bar-grey.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z; clientIp=91.90.42.154; ai_session=YvtLmJSUPX+wIkHQCMK4tc|1668803707751|1668803707751; popup=6478
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/png
content-length: 168
cf-ray: 76c37db18a7fb511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "084f16e43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:52 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iim%2B7CYpznk5HcviGeBBDNI0gZoLPre4FwuULENO0gBQ96Il%2BMR0r6PwGM%2BBeKfpaIRopAitl2PZBhquqK4aGy8X4jnBcGwCCPN4TGVqZFQABsPM8LtOnX5SdgGcba%2F1eA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/home/en-us/images/8/sub-jackpots.png?0.0.1864
172.66.40.161200 OK 6.5 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/home/en-us/images/8/sub-jackpots.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 160 x 164, 8-bit/color RGBA, non-interlaced\012- data
Hash a0e5ae4d0bfd8a903e78a312efc0abb5
086bf2e5916827234ad45f0aa398c2320d2cf3ee
74c08930e729c4ddca4289c52a76a437545bd1bbf5005f252039a58d38a54171
GET /_static/menuApi/prod/menu/home/en-us/images/8/sub-jackpots.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 6467
cf-ray: 76c37db1dc0ab4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "9bcb5ccd258d81:0"
last-modified: Thu, 13 Jan 2022 02:32:25 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dUORtBFtL94eqGgm0gRHMojspg2dbuOU1V9eQF4Ziy6Po9QQcwbl57TGrojtWEyvDvPQ2laao9Ii5VnKJkvP4yBgoeNaNYeiL2ak%2Fel1dwq4bjK4pxmaxBdsSVpfXyo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/home/en-us/images/8/sub-milestone.png?0.0.1864
172.66.40.161200 OK 5.1 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/home/en-us/images/8/sub-milestone.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 160 x 164, 8-bit/color RGBA, non-interlaced\012- data
Hash de201a5b55016bebb9f4e00e7675bc78
3c602d227cb4c446baba14484be8fa630323ece4
f84b6ac919bf9f28ed00ff9e1f1c3a3495011569ce3697e03f1ba399173d8f08
GET /_static/menuApi/prod/menu/home/en-us/images/8/sub-milestone.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 5095
cf-ray: 76c37db1cbf8b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "182d5fcd258d81:0"
last-modified: Thu, 13 Jan 2022 02:32:25 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cSJHXA28rKu%2B0t4oidHrKxVQ2b8%2FtOGit4%2BRhOT%2FHwoSF%2FaSh5veH8%2FX7lMhAM5tAm%2FqqZ5yOvz5GuirJL1uYGeNyUt9tSl5Vstc9lu4PZ3N%2Fg0rZmFVSAl65e8sbEE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/sports/en-us/images/7/eSports2.png?0.0.1864
172.66.40.161200 OK 5.8 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/sports/en-us/images/7/eSports2.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 183 x 164, 8-bit colormap, non-interlaced\012- data
Hash 25bbe037544079a2bf5fab10f73f035f
0d618e5c010a7b33955b0744cb80ae8a9c7aebcc
240ce4898de20ba7a7ef6c58b7f84b6fe74371db21826255e712a4a390234f10
GET /_static/menuApi/prod/menu/sports/en-us/images/7/eSports2.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 5799
cf-ray: 76c37db1ec37b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "c210112d278d81:0"
last-modified: Thu, 13 Jan 2022 02:42:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q5CMn69cGH%2FazlNoqPc7c%2FOGIVdg1ddM39orST%2BBqJRviya%2F%2B8%2Bvbr2cOczhjm%2B%2FS1dl2nGhiMl7K4ax4iCd%2FVTNyeLa0o8huAN6tTAuhH5M2R3LYatCD%2Fq8%2Fwm1gls%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_secure/ajax/api/menu/lottery/en-us/
172.66.40.129200 OK 6.4 kB URL HTTP/2 www.w88w981.com/_secure/ajax/api/menu/lottery/en-us/
IP 172.66.40.129:0
File type JSON data\012- , ASCII text, with very long lines (3556), with no line terminators
Hash b12f8d0588d8245a0b979f5f86b1020e
882f7b9d48194b56ca698394bcc9fed9151f662a
2b4db3a932cb7fcbd641f63d0ef9a8ff6ac4f8f5dae720fd99d17479f4b56104
Analyzer Verdict Alert fortinet Phishing
GET /_secure/ajax/api/menu/lottery/en-us/ HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer OElWYW1NVTJsMU02UG5NdWFCc2RkNlVjcDhSTHpaazhxbW1CUVpvYlJxTUFkSitPM1Avc2t4NW0zR3Q3MlhPRkpCMy9WZm82ZlB4dElrWlQ3SXZaSG0yMHAzWTlwVE9BYlFkaHp0TFlTcTBSRUp0UmRsNGxVSDNoN1RUUit4a2w=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: application/json; charset=utf-8
cf-ray: 76c37dac7aa4b511-OSL
cache-control: private
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
request-context: appId=cid-v1:befc641a-1b45-4261-8b4f-ca637b9caad0
svr: 07
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJ1%2Fs97Ydz2wP5%2BFspn5Wra4E8EI4Mk8YiCUqonVFtuLaF2x1X272ykvS7OyXdV6%2BmYUoMYcbf8uphmQ5j2C99Axhjqfn0FZe%2B3qPD9tICCQcHsmU1UyirAhD%2F3oqHWv%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/sports/en-us/images/7/vsports2.png?0.0.1864
172.66.40.161200 OK 4.9 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/sports/en-us/images/7/vsports2.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 183 x 164, 8-bit colormap, non-interlaced\012- data
Hash ab362cdd7db0732f756fda6aefb09240
ddee4c7170a8c56ac5006c22e1ce5c93ee43a46b
04891c7014b234c7ff43075050a6f56433964c138d0cc802eafa6cc58f4f5b37
GET /_static/menuApi/prod/menu/sports/en-us/images/7/vsports2.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 4861
cf-ray: 76c37db1fc4cb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "2a9a1a2d278d81:0"
last-modified: Thu, 13 Jan 2022 02:42:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SQOprKGx7%2BR2CsDrbbwhzPUNiW9KkMKJ2hvGaKgiJ6lqpk7Ommns7oGDfvhPUou7LS64OK%2F7b0MKRnXe79y%2BnSesEuRCTI0Yj%2FBAzJ%2F4bV%2FsCHmK3q7jwy1zvqhWufE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_secure/ajax/api/menu/p2p/en-us/
172.66.40.129200 OK 5.6 kB URL HTTP/2 www.w88w981.com/_secure/ajax/api/menu/p2p/en-us/
IP 172.66.40.129:0
File type JSON data\012- , ASCII text, with very long lines (2544), with no line terminators
Hash d1f592c80069eee42ecc0921c54911b3
69a9b54fe8039cb457d723f341821f43dc518bc0
31b1b871b0e5b52e4ea380c586cbff0c8e3fdb74ac1df0e49323e478fab175bd
Analyzer Verdict Alert fortinet Phishing
GET /_secure/ajax/api/menu/p2p/en-us/ HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer OElWYW1NVTJsMU02UG5NdWFCc2RkNlVjcDhSTHpaazhxbW1CUVpvYlJxTUFkSitPM1Avc2t4NW0zR3Q3MlhPRkpCMy9WZm82ZlB4dElrWlQ3SXZaSG0yMHAzWTlwVE9BYlFkaHp0TFlTcTBSRUp0UmRsNGxVSDNoN1RUUit4a2w=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: application/json; charset=utf-8
cf-ray: 76c37dac7aa5b511-OSL
cache-control: private
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
request-context: appId=cid-v1:befc641a-1b45-4261-8b4f-ca637b9caad0
svr: 07
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ceG2H0ovCVkqhybuqYpCaRAw26R3j0UpH4XQIWOX7P2YyEj57IZVGN17Vv36PkGY%2BQm48Imbb5ndJsKHX1qKzjDU%2F%2Bkdqp1G0rjQMoq2J5YWfH5w6xgsCbZgN2XzJzAXZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/sports/en-us/images/7/Fantasy.png?0.0.1864
172.66.40.161200 OK 5.5 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/sports/en-us/images/7/Fantasy.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 182 x 164, 8-bit colormap, non-interlaced\012- data
Hash a77b2248ff1fd7ccd18bf8451765f488
bedda4e4474351e32e2a58c349a3616cf04e5175
0d8c401c0d4e782c4736032856eb4fb9c4407603c5029f027a54f4ec32f0da4c
GET /_static/menuApi/prod/menu/sports/en-us/images/7/Fantasy.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 5497
cf-ray: 76c37db1fc51b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "e446ada559cdd81:0"
last-modified: Wed, 21 Sep 2022 01:29:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zPtdFgJNeht3PLZTVy2ZnLnr8GMzMJzi66eW8%2FiBElz1vDApp3NOw%2BO72CnOOXm3SsoVkUMIYBtloYeaXYheGeTKd9%2FBxsoYysSjGZABZIaHthx%2B5YScuj4vLJB5%2FPk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/Playn-GO.png?0.0.1864
172.66.40.161200 OK 17 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/Playn-GO.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 256 x 164, 8-bit colormap, non-interlaced\012- data
Hash 764623ab89d08957cc0199401ece2fbb
6e2b641a18944366086a571b6cf2bc59385bd139
58f827117d6f3788403fdc1f8bd2369ef1c146ceb38742e4a6383adce5e47776
GET /_static/menuApi/prod/menu/slots/en-us/images/5/Playn-GO.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 17053
cf-ray: 76c37db21c83b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "bdf2a9d92f8cd81:0"
last-modified: Thu, 30 Jun 2022 03:16:55 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BMw0JNWYAMvj6xcIviP%2F2Mye0xfpxcHwulPnCs0yEVGYjfpB3R8phRDTsmS4YO2xJpw4Sj%2FlHqguPrDV43UH7aYTvUoYqzAa85Sd3phvoDQR3rbRUKp6KyoYPsLHIys%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/booongo.png?0.0.1864
172.66.40.161200 OK 6.7 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/booongo.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 256 x 164, 8-bit colormap, non-interlaced\012- data
Hash ac782b0f1e70a2d4930923dc458fda61
1b31e4618e25c2b84b60e3aca65e1510c68c5def
075579a659867379437694e43d304dcd2475b0e3a817afac282a04a7ec0e33aa
GET /_static/menuApi/prod/menu/slots/en-us/images/5/booongo.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 6651
cf-ray: 76c37db23cb5b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "a97d268284f9d81:0"
last-modified: Wed, 16 Nov 2022 06:27:32 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rmUm1fcvjkJTMneKuAuCZr7b7ZXM%2FtVu%2F0eNyDXcGNPmngW%2FMJb%2B4vNtTu9Qi73y2OzdCOFecUeqT0ax0tHKMZOREy3N7spDUHWbpezafVNPLjHpB742p0xbSgjXp6w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/Evolution.png?0.0.1864
172.66.40.161200 OK 7.9 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/Evolution.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 256 x 164, 8-bit colormap, non-interlaced\012- data
Hash ef3b3d0dd4b533212a45b608998de710
95ba788a0b309ba8a1127c467fdd16730c5d1311
2d6dbd37c810789714957f43ab6021a6d65f313c940da6478acc23a058be5de6
GET /_static/menuApi/prod/menu/slots/en-us/images/5/Evolution.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 7875
cf-ray: 76c37db23cb9b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "bd36346099abd81:0"
last-modified: Tue, 09 Aug 2022 02:40:23 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1jn6vzr9tDWlxbj8CrgUjAtcDHLw%2F3%2BtRledjBF%2FaKs4iGnGIbtNBXhyLi2e6A%2Ff%2Bq68baqgyjj2nN%2Fm4Z8Rne1%2BgV5hnJ9Wshiv%2BCbAkqoH0GRRrwk6UU4%2FLUarr1A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/4/skywind.png?0.0.1864
172.66.40.161200 OK 8.4 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/4/skywind.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 320 x 164, 8-bit colormap, non-interlaced\012- data
Hash 7cda91fa9a2b2b6b178eeb1e7dd1fdbc
7c2194869c82f9570ce467abf69f1f9d391364ed
265f6eb7a1b98cff67b86446ebfec0eddf84104899c7a844351f1ae5bd5a7f3a
GET /_static/menuApi/prod/menu/slots/en-us/images/4/skywind.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 8401
cf-ray: 76c37db22ca2b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "cf48ad92f8cd81:0"
last-modified: Thu, 30 Jun 2022 03:16:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1aKAMDcNLpKm2SVXqpI%2FjQL3nd37u0ckWfB5uNL8kkyYhBDSqtXZ%2BwX7kP3eFI%2Bw8xC0idezaEW9zTyb8Df6dTFtN5kRe27SL8bHMfqQk0S8r43oOEn%2BoxY3MB7QCZw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/Genesis.png?0.0.1864
172.66.40.161200 OK 8.8 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/Genesis.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 256 x 164, 8-bit colormap, non-interlaced\012- data
Hash 247a96a9a9bd9df58ed6f2560d270bb2
93a8fbaab6f151d3c867edbfb7e060e54450282a
f6a013a09dc72302ead4e219dcd4216e6162d2d67367035e4159b57c19369c13
GET /_static/menuApi/prod/menu/slots/en-us/images/5/Genesis.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 8796
cf-ray: 76c37db23cbdb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "d99366099abd81:0"
last-modified: Tue, 09 Aug 2022 02:40:23 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dzbfJWuszl8sxdDUW7MoWu5CDDfzt%2B6bFkko6UzCRheoNL4GgVc65HvjOIC1I8DrQOhzG%2FbHM71tFOO2ymVdcsyZXWJtb%2FCgUnYY1oQFMA97qR1EXF4PdG4qB%2F7RLDQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/casino/en-us/images/5/Sub-Club-Massimo.png?0.0.1864
172.66.40.161200 OK 46 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/casino/en-us/images/5/Sub-Club-Massimo.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 256 x 164, 8-bit/color RGBA, non-interlaced\012- data
Hash cb3bc05d0b73ec9cff23bc37d1f716af
b8bc136769e8ae792aa5365ecfb649f6b75a8c8b
be4b2d29cbf19f9b3d56bf794eb5b9e605dc45b8177d11a920e2a5cd59dab204
GET /_static/menuApi/prod/menu/casino/en-us/images/5/Sub-Club-Massimo.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 46191
cf-ray: 76c37db21c6fb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "ffc5b33da2f4d81:0"
last-modified: Thu, 10 Nov 2022 01:17:46 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GpArXLEPtZGYRYoWB%2FbWI3oV0WiGj%2F7Flp2ShJRrI06giPvtkuPxgn2F42bQPDvQhK7%2BizD1V1lgyvphCcUK6s7B0UiP%2FCuPenYzjTcLzvb3dkThMCeu4UXVYxCtivg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/gameplay-interactive.png?0.0.1864
172.66.40.161200 OK 16 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/gameplay-interactive.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 256 x 164, 8-bit colormap, non-interlaced\012- data
Hash 6b67be68ab362aa8cf4b2047e947a36d
25929cba23bff8a734488f407213d1505abb0378
31ebf28128a8727c2b0a1e3359b96f8cb38351991a5d4777960afc9f5de3711e
GET /_static/menuApi/prod/menu/slots/en-us/images/5/gameplay-interactive.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 16207
cf-ray: 76c37db21c86b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "effd2d71ce8d81:0"
last-modified: Tue, 25 Oct 2022 02:52:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2FB5uwTefkrvmMIbwUqEhOjJWubjpW0vz%2FPtBwNcyZfdLT%2BeAMdNayigIBaoHoQ4fgDbrsB9%2FM2rWFBd5y%2F%2BmV9ihJDokuyG5i9zArklTGAITErHx1siL9MFhNvtMxI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/QTech.png?0.0.1864
172.66.40.161200 OK 17 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/QTech.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 256 x 164, 8-bit colormap, non-interlaced\012- data
Hash 861fd12b26e72eb976093c8c802aba2b
36a822c3f65bfbeda313253169f739b470f49d02
89ca2b74c7171994613f105f2e2f477df130fa309af7a6b8e5402fb6f7ce0897
GET /_static/menuApi/prod/menu/slots/en-us/images/5/QTech.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 16693
cf-ray: 76c37db22c8eb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "56b7aed92f8cd81:0"
last-modified: Thu, 30 Jun 2022 03:16:55 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQ0zGLq8CX2wk6%2Bxx4PrYlgqGWk4pKnPnHDMzCEOuPhTmzBfHE520RgmC418GDxX8%2FABdSW1N2I0K4puMqhN5A5u77RY%2F%2FP05MkFnDJ%2FWfwKYL2EA%2FITB6XjXa9%2FHyM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/toptrend-gaming.png?0.0.1864
172.66.40.161200 OK 7.4 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/toptrend-gaming.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 256 x 164, 8-bit colormap, non-interlaced\012- data
Hash c9e03369df1da67fe4e104ecfc05e59b
762169d45bf9291cdba84ba3f973fb0299a71a49
fa497231d46e464b0bcb47294b4ce6d50249e3a165e8ddcbd6aca2d747fbf1e0
GET /_static/menuApi/prod/menu/slots/en-us/images/5/toptrend-gaming.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 7436
cf-ray: 76c37db24cc0b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "dfab496099abd81:0"
last-modified: Tue, 09 Aug 2022 02:40:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dWAEcjCSg%2Bn5i12LCRB3GJpcmdvi7NfF4pc6yCCBySsNtHhnS9wrN8GtZxc9LuaXoJadX23cMiUeJiX6c70EJyF7YBmfEJl0DvXesafcLxIKddnK25sLZauT%2BUtt%2FT4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/Spadegaming.png?0.0.1864
172.66.40.161200 OK 9.2 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/Spadegaming.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 256 x 164, 8-bit colormap, non-interlaced\012- data
Hash db7cc65ac3d028e6840353a693f3033b
5960d84a22a234394af9051c4f4835ebb280e5e2
6b5854c932d6c2d81a40413c6f954c4afa6ac24edfaf2ae1b6b2f8866e9a7911
GET /_static/menuApi/prod/menu/slots/en-us/images/5/Spadegaming.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 9177
cf-ray: 76c37db23cbfb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "5849476099abd81:0"
last-modified: Tue, 09 Aug 2022 02:40:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJv3a7CjGvz3ybexYh22fYA9LhHoynFEFxUs%2Bbg7uDsfEjmxAmwmh8UmpjB0qFZbiz09Y7PYoqqNHY%2B835UerhKZUEu7pZgigx2OAgcu0dYDecV3mtfFpmi7szN3lbI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/fishing/en-us/images/4/Crazy-Fishing.png?0.0.1864
172.66.40.161200 OK 8.5 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/fishing/en-us/images/4/Crazy-Fishing.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 320 x 164, 8-bit colormap, non-interlaced\012- data
Hash a34fab9d7d5a9a3bc66f0030355c578e
4e9eebd3d0dbd163a4da967aff5fcde4d70ea876
43ee1052bc344422480f87185b9a264e52658c92c2f692f50e20d86776da5a05
GET /_static/menuApi/prod/menu/fishing/en-us/images/4/Crazy-Fishing.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 8460
cf-ray: 76c37db24cceb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "48fb20bc3e9d81:0"
last-modified: Thu, 27 Oct 2022 05:14:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jNnstWEV4TSE5qwex4KOTDh4kg5e6FnOoHfieoD6Zp5j8aAfgNNVsilSW%2BdRK3WgOzJBql4dw%2FiZO8BWTXwWBuBAGUWC6D3Z24jN9UNU1%2FZqHbRJnO766kqjita%2FjXc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/FPC.png?0.0.1864
172.66.40.161200 OK 6.6 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/FPC.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 213 x 164, 8-bit colormap, non-interlaced\012- data
Hash 564141efb8f653627b81685c06f033a5
25ae5faf1b0db97fc9b3f545e5974d1ef5f81f51
c3a02ba89d235e2ea9d536d13f57d363c60b824849922c18ba7b6629a6d2158a
GET /_static/menuApi/prod/menu/games/en-au/images/6/FPC.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 6613
cf-ray: 76c37db26cfeb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "ad12cfbf3ac7d81:0"
last-modified: Tue, 13 Sep 2022 06:33:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Owgd8F%2BTfcKweUQ3taSWRCugjlhbl%2F0VU9o%2Fxs8fmz0xwtwvURYJhGnSR5lq5Ou8MbkzXt8ttKDVvaMSjygqUcf6ur6J9iQvXQlsm6H9vGsz3Gvgp9Rplt%2FSQthbPYE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Bai3CayMienBac.png?0.0.1864
172.66.40.161200 OK 5.4 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Bai3CayMienBac.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 213 x 164, 8-bit colormap, non-interlaced\012- data
Hash 87d279d261e94abd4da6e27f2f24b8a7
9551b05f304c88f27bdc10a9b50fc29bfca99033
201c2872f84db58587122261d3a21328a0591f4da351e192bf9546dd0ae122e3
GET /_static/menuApi/prod/menu/games/en-au/images/6/Bai3CayMienBac.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 5377
cf-ray: 76c37db27d21b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "7eebc7bf3ac7d81:0"
last-modified: Tue, 13 Sep 2022 06:33:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2BCGeantqT52S3EEu22SMt7%2Fyk%2FFFOK%2FP8cBxbtZ9Sm%2F5xEk%2BuKIXhqzmhv%2FX3ai6drx08DWSCYOno4DNtW65KEv6Kben2CDHxxrXGBgnP2LRuR%2BQNt%2BHC58ZycXQHY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/fishing/en-us/images/4/Dragon-Ball-Fishing.png?0.0.1864
172.66.40.161200 OK 12 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/fishing/en-us/images/4/Dragon-Ball-Fishing.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 320 x 164, 8-bit colormap, non-interlaced\012- data
Hash 7b46eaecc8d59ff1ee28f993ea5803f9
1d46f14f9bc5c0a25004c2780e8f4fa7641b40aa
56e81cb6feb2a444b47b53cc6e89312747bb454292d90e9051244a3a8104ca1a
GET /_static/menuApi/prod/menu/fishing/en-us/images/4/Dragon-Ball-Fishing.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 11474
cf-ray: 76c37db25cebb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "e9bf25bc3e9d81:0"
last-modified: Thu, 27 Oct 2022 05:14:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xia47z2gk%2BLCx0NYPE5P9HHAuZxoRCiHrjc9yA4%2FNxqyujF%2Bzy25NSR%2BbfLvRg27W8NgM%2Bz80M6ky8cAb7VahIVq7oViAZ98ohet9aJtee1ahxRaYARMpE0N%2BL5dNE8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 17230579cb9b96d1fcd4397fd0405f7d
88f24d9647a325ebf4c4c1a5016fdcd48e5ec1f1
bab13c984cbb09cab0706757c0b924cadc167da8ff3ee8c4f05591dddcc72939
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 20:35:10 GMT
Last-Modified: Fri, 18 Nov 2022 20:35:08 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 280
cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Casino-War.png?0.0.1864
172.66.40.161200 OK 6.2 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Casino-War.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 213 x 164, 8-bit colormap, non-interlaced\012- data
Hash bad456220a14437e8f23257ed478f6ea
29aed74f0b99bf2f4e1100ddc80cb7fadcc05a7e
edd2a8928dc4e0b535cfdcecf24ad3ae35f18abf5da721025309f74ce5d5a95e
GET /_static/menuApi/prod/menu/games/en-au/images/6/Casino-War.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 6170
cf-ray: 76c37db27d12b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "53b0ccbf3ac7d81:0"
last-modified: Tue, 13 Sep 2022 06:33:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ogCEtWV6nn2LVmlIaMejpg48pW0bTZUUtiRFvNUaOfKUYCdvPsvBr2pg2YYe8PdG5WAsiLTRvN5tf6%2FqbeWihy2Vmb67sHtRSvmTqWyXyNt0NJe2WRZyZ1X8IVFgdHo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Football-lucky-penalty-kick.png?0.0.1864
172.66.40.161200 OK 6.1 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Football-lucky-penalty-kick.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 213 x 164, 8-bit colormap, non-interlaced\012- data
Hash 0de1661aaf33bee84ac12b1eb1abb6aa
6c0491e98476632375ac16bac013b5260be9117f
cd0c0a76640d162e566a71437f7a044f5506b91219fa0fbbfd1d932c36b06697
GET /_static/menuApi/prod/menu/games/en-au/images/6/Football-lucky-penalty-kick.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 6069
cf-ray: 76c37db26d09b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "ad12cfbf3ac7d81:0"
last-modified: Tue, 13 Sep 2022 06:33:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=srWAikFzALka%2FMSAvjSBpey5guClpJ0z%2B6zzv8iE0TyKtipgFayFJ%2B5y%2BDs3afBBeLDiZO52GNksrvx26DcoqvO1ZAqQT0GZsSe2QtvbmjzLpaRMUOBzDaDo2Co6t6Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Bullfight-Ultimate-Poker.png?0.0.1864
172.66.40.161200 OK 6.1 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Bullfight-Ultimate-Poker.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 213 x 164, 8-bit colormap, non-interlaced\012- data
Hash 4f98395a317b41467c6e9987c864059f
091f1163a8c94c2ac954b6fa8f41adaf78b6b221
fcf91661f2a34264c3c235bf2f1a10cc97331eac3d35204d4e3ab237da7786a8
GET /_static/menuApi/prod/menu/games/en-au/images/6/Bullfight-Ultimate-Poker.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 6055
cf-ray: 76c37db27d1ab4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "fb4dcabf3ac7d81:0"
last-modified: Tue, 13 Sep 2022 06:33:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yaaqp1WGHoXiKjfT%2FU3u8jLefG2FrmCDTRRIQjYaKPYvEyUOAKKFoFHsyScE4TW6zqzLjxQOPnuh0zW6JCUQ9x7l7KpJ7cdQti9iJxJO2eHtCuH3TZ2RZb6wmVI8zZk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Xoc-Dia.png?0.0.1864
172.66.40.161200 OK 5.8 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Xoc-Dia.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 213 x 164, 8-bit colormap, non-interlaced\012- data
Hash 4a02d391ce0280a6052d331f8aa96d59
26de3de66bd7fae23c38ae30972eddb9ab7565a1
673d0d9d11a03b44a4d9ced840de27288e61d086c9a6f5bf505f52bf4a7bace4
GET /_static/menuApi/prod/menu/games/en-au/images/6/Xoc-Dia.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 5768
cf-ray: 76c37db26d0db4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "34c3dfbf3ac7d81:0"
last-modified: Tue, 13 Sep 2022 06:33:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ghnj4chi92GDeUJicEZX%2FZR2iSDrFbO%2Fu%2FYSPxE08INuIQyz5Mn%2FSm38EovqQs28uFUmMhcpaKR%2BgQhWqQESDVoDCCv3qpET%2FT2rz5u5OP5iJe3XztM7bNVWQ4PnuCc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/4/Pragmatic-Play.png?0.0.1864
172.66.40.161200 OK 30 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/4/Pragmatic-Play.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 320 x 164, 8-bit/color RGBA, non-interlaced\012- data
Hash 4aeded8d36de7c57f22e2573b398332e
657bc74927d2f3e651d494dfcaa1034abc880c08
086d1e7521efe6fcd1c9380187b3c6758f8e439d2dc177e77da38301df4eb634
GET /_static/menuApi/prod/menu/slots/en-us/images/4/Pragmatic-Play.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 30088
cf-ray: 76c37db22c9db4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "b89c78ff96d7d81:0"
last-modified: Tue, 04 Oct 2022 02:14:13 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M8sRgL5JjQYJ7yFL%2B8MLHUh3IH7o9eflRqgjn5Mdb%2FEGPjGiNyvdlGCfV7mNQMj9HLlGMpd83Fk4SPnY7sihYbej6ofkFFEgb0SZaAUYqmqaBFiw8tlxb2wzWwTs8L8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/casino/en-us/images/5/Sub-Club-Ezugi.png?0.0.1864
172.66.40.161200 OK 38 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/casino/en-us/images/5/Sub-Club-Ezugi.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 256 x 164, 8-bit/color RGBA, non-interlaced\012- data
Hash 50329473c2dcb2f429e37a3978f7d222
e405a16d555dd4f152c4b9592fbe2687ab2c78a2
0bfb8185b25e973887bd447b0f8ade2825cb289e3a3c9117e04a6a72c32864cc
GET /_static/menuApi/prod/menu/casino/en-us/images/5/Sub-Club-Ezugi.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 37709
cf-ray: 76c37db20c59b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "ffc5b33da2f4d81:0"
last-modified: Thu, 10 Nov 2022 01:17:46 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x4kE6iDFaptxhh2SLYCjJEMYfgz3JtJM%2FK4d84eEOc8GVFX6lMEu7T5PqMIKTCqy2%2FtAaE0joM4hv1114t0pEnhBuPo%2B2nmcK7soy7%2BYC4GVU%2FpwKjd4ztRtnk7aiNo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/fishing/en-us/images/3/Insect-Master.png?0.0.1864
172.66.40.161200 OK 13 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/fishing/en-us/images/3/Insect-Master.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 426 x 164, 8-bit colormap, non-interlaced\012- data
Hash 02dc82dcbf8b313523c1fb6d82a96aab
f1cce87cfceeb81a5b0ab82d216e308c95a0a0a8
78a3e955ec83ae70666f29a945aa1a1a62f1dd6f31f126e4a8cddcb217808d7e
GET /_static/menuApi/prod/menu/fishing/en-us/images/3/Insect-Master.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 13347
cf-ray: 76c37db25cf0b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "54fc1bc3e9d81:0"
last-modified: Thu, 27 Oct 2022 05:14:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X0c%2BC%2FYvzTE%2B3jzckoqcKYH%2Bz8vz%2Bvbp43FC2XRO0UuUF642K2UlEmwr89c8tKf0M%2Bx5BHfhTO5dmL%2FrY6DO%2BZAXWvqXu8v1%2FZzF5OO%2Bv1vzujrqtTVDjyLHpIbIrGY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Rooster-Fight.png?0.0.1864
172.66.40.161200 OK 6.4 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Rooster-Fight.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 213 x 164, 8-bit colormap, non-interlaced\012- data
Hash 6f2f565eed5b9ebe5700a2899de69b46
2a627b2657e9444c377f09cd125cccde32148357
c614363be458041883f2a9a7d39ca355f09f144aff24382ce2b997ba10edc695
GET /_static/menuApi/prod/menu/games/en-au/images/6/Rooster-Fight.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 6441
cf-ray: 76c37db29d40b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "f39bd8bf3ac7d81:0"
last-modified: Tue, 13 Sep 2022 06:33:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QD%2Bz1w5Lx441%2F%2FRzClhAe1yQ%2FbdtiPenbmLYXxEJaTb5eKjIBH%2Bc5SfDRKR8E8rY%2F1UDqNpl9nDbGs%2BAJT7b0o2XR1cp4uCYmXsqgy5sGI%2BtALV%2FkFFo7o5H7DCb%2FoY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/casino/en-us/images/5/Sub-Club-Palazzo.png?0.0.1864
172.66.40.161200 OK 45 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/casino/en-us/images/5/Sub-Club-Palazzo.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 256 x 164, 8-bit/color RGBA, non-interlaced\012- data
Hash b6b4628e3428c1ab2461388db52b2375
edf275affee6bdb84b8143050c32d03caa5fe7d7
7bfb7056496d567aa13987f596977f1a93568f0bb841804ccdb50b73b6fca58b
GET /_static/menuApi/prod/menu/casino/en-us/images/5/Sub-Club-Palazzo.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 44831
cf-ray: 76c37db20c6bb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "9addffc23ac7d81:0"
last-modified: Tue, 13 Sep 2022 06:33:40 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDbEDc%2Fe4NroACuDTGErTngFH743v92pi7FfR01mycF3bkPmY8FTuJ6DQBvySY%2BQ6mMUuA5PoVMQSxQEQIaTZ6B8TT1OIJ6b9BlhWWq27V4Y2pQr5QILl2tmXkxYykQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Octopus-Game.png?0.0.1864
172.66.40.161200 OK 7.3 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Octopus-Game.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 213 x 164, 8-bit colormap, non-interlaced\012- data
Hash aad3a7095aaff94f7a3bb33df5291256
637dfc86504c50488e212d45f31577e79f9c707f
26ccb0d49aac074d6ad862c4623681fdad13c1bce5bc1a973b5bb50ee2f03ff2
GET /_static/menuApi/prod/menu/games/en-au/images/6/Octopus-Game.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 7292
cf-ray: 76c37db28d32b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "46d7d3bf3ac7d81:0"
last-modified: Tue, 13 Sep 2022 06:33:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a9FlxAF2%2FaGFgQHzPf6Qjj%2BbvQBP4rKUQD7lNj9anhMPthS70bagyUjKxE1pHDWkke%2Fgn6Zn0N31xeyy8h6vbhn2QxmXyUA4HG0CSYwexIaaZCYvPx673SzLK0GOzZI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Dragon-Tiger.png?0.0.1864
172.66.40.161200 OK 7.6 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Dragon-Tiger.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 213 x 164, 8-bit colormap, non-interlaced\012- data
Hash 424a3dfd22de3d83c0279c50edb51da2
068ec17d71445658ecf04039bea1f4551effe120
3a6b3d79298c7ef1ae238d1495d13b75f61ad3502d82a733111541d1e3db409c
GET /_static/menuApi/prod/menu/games/en-au/images/6/Dragon-Tiger.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 7607
cf-ray: 76c37db27d22b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "53b0ccbf3ac7d81:0"
last-modified: Tue, 13 Sep 2022 06:33:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1vNAZDjsO1FQsgi7oDCrQCSeiaIVQRBKtfglVch25kTlCweFIanC4x4IniOF3X59ClI6kbEI9bqxeoJj6n5qlKxNeWMmRQX6hnC7m0XHJBSoJ%2Ft7He6ajloInqhxygg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Three-Card-Poker.png?0.0.1864
172.66.40.161200 OK 5.4 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Three-Card-Poker.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 213 x 164, 8-bit colormap, non-interlaced\012- data
Hash d32624d1a6008f886266a89432cf1f42
ab1291b37bd6729f04f8c768b47ca80d9676ba6a
db50f7eb1fec27f50074ee72aae9066a770d0f32607f3a53e1cc8fc25f623499
GET /_static/menuApi/prod/menu/games/en-au/images/6/Three-Card-Poker.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 5391
cf-ray: 76c37db29d44b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "a960ddbf3ac7d81:0"
last-modified: Tue, 13 Sep 2022 06:33:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=23zx3SFWMjp7E%2F7MmoEYi9r32L0EPd0Mt%2FOR3aFgnu%2B2kzJcpVPqAIh1cRNPl2sc34DWIJHP2DBvnWusjs9OkB1ZTHndK5WoxbZGBeLxBkg5b7nxf2o%2FScFwEVLi%2F9M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/4/Yggdrasil.png?0.0.1864
172.66.40.161200 OK 34 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/4/Yggdrasil.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 320 x 164, 8-bit/color RGBA, non-interlaced\012- data
Hash c8c9255a64ffbef8df513256613b1384
630de79cd8135d6e53bc5795ed991e3fccf6fd8e
fbb3b1022c078f45211af3829b4d151e20d2afb4e9bd86df5f516578cd19b566
GET /_static/menuApi/prod/menu/slots/en-us/images/4/Yggdrasil.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 33694
cf-ray: 76c37db22caab4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "a78884ff96d7d81:0"
last-modified: Tue, 04 Oct 2022 02:14:13 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NVf%2FU9F2tnig%2BFgMkYVHYe3i0oRoORCST76KwYq%2Fq69nBbrPJtMKBv1NP23y7ntjmnlS7slbT6wSOV6kbL9KpHGoDTZQ8z6l2mqMijjGq93sbjsaIVJbVsFnfuhmkKE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Three-Faces-Baccarat.png?0.0.1864
172.66.40.161200 OK 7.1 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Three-Faces-Baccarat.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 213 x 164, 8-bit colormap, non-interlaced\012- data
Hash 92232fe2228d238c0e6e8ccf07de89c0
3eb90e31422a4cb18558513aa1c4e23b0bcfb1ff
4dfc289b451f6611461d65a32a01e30bc61afb6b098bc77394920315b6cb469b
GET /_static/menuApi/prod/menu/games/en-au/images/6/Three-Faces-Baccarat.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 7073
cf-ray: 76c37db29d49b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "34c3dfbf3ac7d81:0"
last-modified: Tue, 13 Sep 2022 06:33:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kg9G3nQ45f6raS1a6UXYOWYK2X7Rtov2NrtpEO2MEKa9TyOFymWR8bpcXaShHyaqIMeB803myKXt1pu2iCpffyXwQZTuWLc%2FpazY3iK12%2Bt3uJkWNCW7%2Fklq8JP3clQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/js/hotmatch.js?0.0.911
172.66.40.129200 OK 7.5 kB URL HTTP/2 www.w88w981.com/_static/js/hotmatch.js?0.0.911
IP 172.66.40.129:0
File type Unicode text, UTF-8 (with BOM) text
Hash a3328c7a001e6e4dae4929f8eba464e1
55e19380549954e82fe5f467447fea3cab96d461
812238727affc6e3a84fdf8a40bffb0dc27f92322b7ef72d6d47484f44a6f6b4
GET /_static/js/hotmatch.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da38d28b511-OSL
cache-control: max-age=14400
etag: W/"0e4f38d84f9d81:0"
last-modified: Wed, 16 Nov 2022 06:27:52 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 04
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TTFsg1xvn176Vb9EvHNDWEXFBAVn3pPXidUX%2BzYW8oRfHjGVB0i8M7rFz01x3b0CXmZdR4ZTVlRGNR5CvajmeijX1MDy2fFrgein9Eqfg%2F2iQkkeNI%2FUdEAVFmu8f%2F84KA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_secure/ajax/api/qrcode/mobile/download/w88w981.com/true/en-us/USD
172.66.40.129200 OK 33 kB URL HTTP/2 www.w88w981.com/_secure/ajax/api/qrcode/mobile/download/w88w981.com/true/en-us/USD
IP 172.66.40.129:0
File type JSON data\012- , ASCII text, with very long lines (55732), with no line terminators
Hash 5133c5f604d899a209bbceba7ba17821
c6bf3f3d4c20ec263d932d01b91afa5d8390d7df
56ff402154f30147267879d78ef2a6e066708fb26938158e8e06c35a4f8c128a
Analyzer Verdict Alert fortinet Phishing
GET /_secure/ajax/api/qrcode/mobile/download/w88w981.com/true/en-us/USD HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer OElWYW1NVTJsMU02UG5NdWFCc2RkNlVjcDhSTHpaazhxbW1CUVpvYlJxTUFkSitPM1Avc2t4NW0zR3Q3MlhPRkpCMy9WZm82ZlB4dElrWlQ3SXZaSG0yMHAzWTlwVE9BYlFkaHp0TFlTcTBSRUp0UmRsNGxVSDNoN1RUUit4a2w=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: application/json; charset=utf-8
cf-ray: 76c37daa6fbfb511-OSL
cache-control: private
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
request-context: appId=cid-v1:befc641a-1b45-4261-8b4f-ca637b9caad0
svr: 07
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46McXHftSy0SlGvfU2Lz%2Bnwz6fG56XNGggXPF7FlhP%2FFlE2bNXQZgzrEF9jn%2B6P34clH5pxcVdp3T1aSDFbX%2BULsTDHuTY1vJtri59qIEsj6GlPPMucoWI3DNVX4t%2FYTRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/lottery/en-us/images/7/fast3.png?0.0.1864
172.66.40.161200 OK 8.6 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/lottery/en-us/images/7/fast3.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 160 x 164, 8-bit/color RGBA, non-interlaced\012- data
Hash 001674eaa094131e150cbf1b3b44ffbd
3852c0f4e7a85f4f78c468ff4e3cfeefe7ecf329
c4e44205ae9c32ea797eba9f6a03cb183484f1ab4d99c8251b366f0eb423d425
GET /_static/menuApi/prod/menu/lottery/en-us/images/7/fast3.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 8573
cf-ray: 76c37db2bd63b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "387dbc90164bd81:0"
last-modified: Fri, 08 Apr 2022 07:02:09 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ZD%2FVpDz6xvI1JZutjEsqwe1dWh0ni3bWYlRuOEAp%2FQMbYGJvt5VcisdoKvPD8ypshCtXbqJSIno6Q13yKV7Q7xN1buGHTf3cHkgCCRdR5r9VBN2kXonQ0T9SNuOAzs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/lottery/en-us/images/7/sabaideelottery.png?0.0.1864
172.66.40.161200 OK 13 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/lottery/en-us/images/7/sabaideelottery.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 160 x 164, 8-bit/color RGBA, non-interlaced\012- data
Hash be1f42d1e8f62a9182c8f8ba50777721
85ed3f37279956af9093baf8abcb9d5de47f23a0
18135f8bfa86f362dbd590b7da49ccc25b3a35327ce5553e9d63887c627c88d2
GET /_static/menuApi/prod/menu/lottery/en-us/images/7/sabaideelottery.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 12564
cf-ray: 76c37db2ad5db4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "a36c690164bd81:0"
last-modified: Fri, 08 Apr 2022 07:02:09 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EiCk0CvufQm%2FpcKpNr76JDHiAGF40B45B2myGVAbF9ZRT6YZiYhHDROUb%2FNuK0Toqp7LhTg9dEZ%2FktpBLll1F7rMZoWnpa0UsM3%2BFLs2kdZ8pzMM1eSnXhMNYeUsSI8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/lottery/en-us/images/7/lotto.png?0.0.1864
172.66.40.161200 OK 14 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/lottery/en-us/images/7/lotto.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 160 x 164, 8-bit/color RGBA, non-interlaced\012- data
Hash 66b0bf81e088ba4bec8c4046bfd4ab2d
ec7dee42fbe03138d6bd591cf7f04cbb876556c2
16c53df8cd0d9cf2a83f3588b7904f2a302c41ec83a1704e5f0cd1169bff4ca1
GET /_static/menuApi/prod/menu/lottery/en-us/images/7/lotto.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 14528
cf-ray: 76c37db2ad62b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "46a4c390164bd81:0"
last-modified: Fri, 08 Apr 2022 07:02:09 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8iwZ90FKn9jh1RE%2FUc3SOHdTf5DKVAaRqwHTVZV%2Fwko7PbShbunLMbpfZ%2BpLCoOMcf%2FwObiIhdfQKtj4HSl5aJwtTrxTDOmD7kElSvyRXhu0obheSaRFwdL1zwCcy6g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/lottery/en-us/images/7/sode.png?0.0.1864
172.66.40.161200 OK 16 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/lottery/en-us/images/7/sode.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 160 x 164, 8-bit/color RGBA, non-interlaced\012- data
Hash bd8b6eda7725f29997b5fb5bf30012d4
b6b4fb0caaf4bdcbf98f8f8b6467f65a1096eac7
f42b1da8171610e4cb0fd996bb465d2ba8d2b93ae521415464a97cb6d8a5fad2
GET /_static/menuApi/prod/menu/lottery/en-us/images/7/sode.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 16470
cf-ray: 76c37db2ad5cb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "896ac890164bd81:0"
last-modified: Fri, 08 Apr 2022 07:02:09 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HD8LCO2cpMkldPom6ejcWcj6e5L%2Fy3Qb94bwaW7oaelxKDLGm4rbRVqpEcQewy%2BcJqeGcngCk3zXvCuU3Zh%2BM2BQOZljdENJwZDOp%2BPBMbfutXQXPVX8pnB8q0KoLbA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/lottery/en-us/images/7/gpi-lottery.png?0.0.1864
172.66.40.161200 OK 14 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/lottery/en-us/images/7/gpi-lottery.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 160 x 164, 8-bit/color RGBA, non-interlaced\012- data
Hash 2020b56afb97b9eacd96a56c6d8433f2
78c515d591733b95d1e55e749c73050a388e1e33
8cb21bf711fe80c0c9e3b837088a86c91cfb8fb39ac6c148ba65cb982037c179
GET /_static/menuApi/prod/menu/lottery/en-us/images/7/gpi-lottery.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 14476
cf-ray: 76c37db2ad60b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "95dfbe90164bd81:0"
last-modified: Fri, 08 Apr 2022 07:02:09 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OCv020LDxvKacetAR05Go6aRp%2BUq1m34Lpz1TQEIMJMMC1rA03AwvAqx1XF2zxidbsDqdhxhGkpeSmeSjFj6Uq7gQqNoLmZDC4EgMIAIugmIVcOY9235yVUILtgf494%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/p2p/en-us/images/4/Poker.png?0.0.1864
172.66.40.161200 OK 31 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/p2p/en-us/images/4/Poker.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 320 x 164, 8-bit/color RGBA, non-interlaced\012- data
Hash 6c5f17eaf5f52a2e22cbb1ea441e7878
3eb7fe891e722e5f1e681063d71e543304d769f2
28e5478e10ae1f28966288b900cb4df4a5676d48bc585c288a03ad7107ca146e
GET /_static/menuApi/prod/menu/p2p/en-us/images/4/Poker.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 30765
cf-ray: 76c37db2cd89b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "728696cb293fd81:0"
last-modified: Thu, 24 Mar 2022 02:49:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tixwBJeB4WeZVJMmAvpfcX1kcgogIAwmEzA6PH783l4Zy2OYR1WwzClsOejt7HQvkOKBLoXzIgpzatyVQ0qNUi8OzU%2F6wPXJxrosWQjzf8IGRHCa5H%2FXM5KT1n7VHZY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/lottery/en-us/images/7/wKeno.png?0.0.1864
172.66.40.161200 OK 22 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/lottery/en-us/images/7/wKeno.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 160 x 164, 8-bit/color RGBA, non-interlaced\012- data
Hash d92731381e42962336be54c832c0271e
ac90cd6e1d2b35d47afee33173eefa4ed0aafb3b
6760b0d85b7e1e34eab8c388a5d2f0663b6dda072256c6aab905a0b0d88392c8
GET /_static/menuApi/prod/menu/lottery/en-us/images/7/wKeno.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 21678
cf-ray: 76c37db2ad59b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "896ac890164bd81:0"
last-modified: Fri, 08 Apr 2022 07:02:09 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Act8KTgrS1s4fFmRMeDScM3jDb60B4JgoXX6RRh9soQrUJp%2BP5cFd8KV8ll9gAgdivYY%2BtqjIDw8iHZ5csFHLFGV1JF%2BpFY3hf5WLbvJLl0FbDEPbegLDzO7gxLRbU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/lottery/en-us/images/7/keno.png?0.0.1864
172.66.40.161200 OK 24 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/lottery/en-us/images/7/keno.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 160 x 164, 8-bit/color RGBA, non-interlaced\012- data
Hash 8a01484de2b75dbf7badef719ee46451
f5de9153eafa69bd8f794dd36ac8ea4bdf51aa5b
9c9998e5b3a953e2f20346db734a4847e2954ebde81d0ee4a39bdf13aa632146
GET /_static/menuApi/prod/menu/lottery/en-us/images/7/keno.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 24422
cf-ray: 76c37db2ad53b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "f241c190164bd81:0"
last-modified: Fri, 08 Apr 2022 07:02:09 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F6Fy7gwoD47bjkJ00mqKpuDFAbSAxNGj73Y8tcEINQTV88jaMzbKbqSdZn0CtIgRnKUCdzU9XjIqZlxUroYashI8nlLaLRuv8dO9fUdre2%2BZJv75pvDdKYok8HvmwqU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/p2p/en-us/images/4/pokDeng.png?0.0.1864
172.66.40.161200 OK 27 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/p2p/en-us/images/4/pokDeng.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 320 x 164, 8-bit/color RGBA, non-interlaced\012- data
Hash 27ebf0d0ab6bd341c4b71abcf33fccc6
0bb639ff702c8dc1126a5ee46c2cbc63def956bb
5cabfcd1a078f421a0021281af0b909fd15cfe0fe539ac667c3dc7c95a206c69
GET /_static/menuApi/prod/menu/p2p/en-us/images/4/pokDeng.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 26648
cf-ray: 76c37db2bd6cb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "731fce3293fd81:0"
last-modified: Thu, 24 Mar 2022 02:50:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EErfrPAMm4%2FMw8Z1Bc7qYummujh936AJwhLMK%2FAXFEkm8hEZXGSkkFcx2UEiBG%2BkwTEoGRDomSbF9pEyDGt5IyZfUvo9Q4GVGdB1Om22puohMsKVuie0BY2AgR2MED8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/p2p/en-us/images/4/tienlen.png?0.0.1864
172.66.40.161200 OK 35 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/p2p/en-us/images/4/tienlen.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 320 x 164, 8-bit/color RGBA, non-interlaced\012- data
Hash 53b44e5f6fe43e284510ca6843b45b53
46975848ad2821ec46d62cc0699ef03bbcbc883c
453a4589be1562f0f6ac9ae7b7370399727a9bea13bad92f06245861299ced84
GET /_static/menuApi/prod/menu/p2p/en-us/images/4/tienlen.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 34804
cf-ray: 76c37db2bd78b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "1c4b9bcb293fd81:0"
last-modified: Thu, 24 Mar 2022 02:49:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2dhBeEDVgqMirov8wtedaZcb26JhYwx4UHtHOWUzpdkLvC5waayU5F9y%2F7Pzyc3FdTqT3Ek6TfSVByI7FFNVxYzwL4JbOW%2Bp9Xh%2FwvbBOVlGYw3ARTJPOAXC6sHDOzM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/p2p/en-us/images/4/gaoGae.png?0.0.1864
172.66.40.161200 OK 34 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/p2p/en-us/images/4/gaoGae.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 320 x 164, 8-bit/color RGBA, non-interlaced\012- data
Hash abaae3f3eb33e9e7ecacb9634f62f04d
5fb5ae98b1b55b75a155f8e58b035ad2bfd44794
0428147f156bc25a0d582f2bd677aa72da82845a6d38d760f74a7ab0b9c6f82d
GET /_static/menuApi/prod/menu/p2p/en-us/images/4/gaoGae.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 33480
cf-ray: 76c37db2cd7fb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "cbcff9e3293fd81:0"
last-modified: Thu, 24 Mar 2022 02:50:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWcDdPNjvwEK780a3zFlPdDYdZLs9D5hW6Xc2R5jf2mpOgdOWAWxKucvQHCOMAn%2FNr6Gt6y28cOtEfFZdR6z8JmW2IzKwB1hhDVRGslaqAunaL%2Bs2YFEmTIBeMvNJ%2FA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/footer/downloadbar/img/v2/dc-iOS.png
172.66.40.129200 OK 2.5 kB URL HTTP/2 www.w88w981.com/_static/footer/downloadbar/img/v2/dc-iOS.png
IP 172.66.40.129:0
File type PNG image data, 36 x 41, 8-bit/color RGBA, non-interlaced\012- data
Hash 0f1628565c85d1d20bbb7a7c0c2e95bb
d16f452d1a849f08721792b901b5866b70fe07bd
c9ef0d75fcb4ec9e2ba6353bb36c70e2059575bb08ea22e1698a49ee59ee747f
GET /_static/footer/downloadbar/img/v2/dc-iOS.png HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z; clientIp=91.90.42.154; ai_session=YvtLmJSUPX+wIkHQCMK4tc|1668803707751|1668803707751; popup=6478
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 2533
cf-ray: 76c37db35da8b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0c256343fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:32 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XvUR1B4MCPA0PcnLD%2BTkJls574VJg8h8%2Buoy0ZtCyKyZF4hOlKwHnXEFMeZYfU38CHelB1w5LUqFvnV%2BmzcSV6C0AjAc7t9M4%2Fd8cgBUHR1p7n7T7t3gXrdWgIdfzDf7NA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/p2p/en-us/images/4/baiCao.png?0.0.1864
172.66.40.161200 OK 40 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/p2p/en-us/images/4/baiCao.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 320 x 164, 8-bit/color RGBA, non-interlaced\012- data
Hash b5be0fe82e5b5a7349f5bb6befca177c
c4ef84592bd51cc6d461ef01ae09e4e49b2d0488
53e083be76dbe3fcfc80dd2ee0dacf63d8be1895374a4447a5034f2a93526ed6
GET /_static/menuApi/prod/menu/p2p/en-us/images/4/baiCao.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 39757
cf-ray: 76c37db2bd75b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "525f8fcb293fd81:0"
last-modified: Thu, 24 Mar 2022 02:49:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QM6kUFbAbUytV1T9PmMvL%2BMhi2TFYLq9KKQwb%2BRABmxMUTu5xQ9JuVjinCVRAXsCu3RXtnWL1mRodB3YHLvHgI5OhUMlEsAL%2FOLSQrb%2BdG94g7rkAqvSBzMwFfiZSMM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/footer/downloadbar/img/v2/dc-empty.png
172.66.40.129200 OK 2.6 kB URL HTTP/2 www.w88w981.com/_static/footer/downloadbar/img/v2/dc-empty.png
IP 172.66.40.129:0
File type PNG image data, 182 x 152, 8-bit/color RGBA, non-interlaced\012- data
Hash 2721206125b291cffbb37dc654e54c55
3e8f430e1af55fb4e975003b8f5bd07778e99d1c
f87fc8fe3f0342da252b050fba73bb4f8822b761772f0429c288dbb83b73792b
GET /_static/footer/downloadbar/img/v2/dc-empty.png HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z; clientIp=91.90.42.154; ai_session=YvtLmJSUPX+wIkHQCMK4tc|1668803707751|1668803707751; popup=6478
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 2587
cf-ray: 76c37db34da1b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0c256343fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:32 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2FR2fe%2BhTbbYj4L6KdWjVBogER76jmJOGVtbNK2K8VDToXx%2BaEhSoLbB18aHjBe11wqa2EtP3VFbUNV9pWHzdgKeoFykZCzH0G%2Fe9rSdoCl6wwW3xJjJyfWnKe0lTQpgVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/p2p/en-us/images/4/texas-holdem.png?0.0.1864
172.66.40.161200 OK 38 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/p2p/en-us/images/4/texas-holdem.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 320 x 164, 8-bit/color RGBA, non-interlaced\012- data
Hash 96c2a0dee0431e2a942af01d5e540834
34696abae0260b21e6cb84b122309821e59ce3c3
5d7b14d7c6487758a13dd7a2e68fc21b380d638c74c9d46c7e80700761ece0e7
GET /_static/menuApi/prod/menu/p2p/en-us/images/4/texas-holdem.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 38460
cf-ray: 76c37db2cd7cb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "5a92fee3293fd81:0"
last-modified: Thu, 24 Mar 2022 02:50:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZVJIZfGpBJ9tuaODdkoezeCd%2FBjqvA42YHs8%2F%2Bb1e1VDi4jig9w3R%2FZc73YmnhH%2Bg2QYBbn%2BGEoSJ%2FwwBESTk%2BsIYckbtBQZCVH27AiYJq6vSPtlezqu9QTi5ugq3w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/p2p/en-us/images/4/super-bull.png?0.0.1864
172.66.40.161200 OK 45 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/p2p/en-us/images/4/super-bull.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 320 x 164, 8-bit/color RGBA, non-interlaced\012- data
Hash d61086d0c638a6a0982a65a0f13700fb
e4fd04ef1621ddb9ff7971497129fdead1c2f78b
244b54881138ef85aad460c60ef0bd253c8b7f3bdbe394c908dfcc1726bc450e
GET /_static/menuApi/prod/menu/p2p/en-us/images/4/super-bull.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 45073
cf-ray: 76c37db2cd87b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "5a92fee3293fd81:0"
last-modified: Thu, 24 Mar 2022 02:50:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lnKm8GGZb8WNZlXdTInv0USW174UlK0EExR4lkBI0XMURJZns8msLqw0hNfoATGoosliOrHN7MltXdJdRPwxsUCVBwMa9bH0rhZPeT1UI8iRCEhUMIuIQw6FGxvkHRY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/mobile/img/v2/MP-QRbox-iOS.png?0.0.911
172.66.40.129200 OK 3.6 kB URL HTTP/2 www.w88w981.com/_static/mobile/img/v2/MP-QRbox-iOS.png?0.0.911
IP 172.66.40.129:0
File type PNG image data, 79 x 79, 8-bit/color RGBA, non-interlaced\012- data
Hash 7088c83fb0e08c3fb05584542524ad38
b97039d4e167531bd2fbee42616a14680bdddfd0
512ff058c07cb4424d635d30735fafeb680e84dd4d4b75d457c907dcd1893f37
Analyzer Verdict Alert fortinet Phishing
GET /_static/mobile/img/v2/MP-QRbox-iOS.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z; clientIp=91.90.42.154; ai_session=YvtLmJSUPX+wIkHQCMK4tc|1668803707751|1668803707751; popup=6478
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 3635
cf-ray: 76c37db37decb511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "038b67343fbd51:0"
last-modified: Mon, 16 Mar 2020 03:32:00 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 04
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5dj0k3hwpMkQghY5sPDWlejhvN07RaDsTsNA3hPzXyJHwtF4rmmgvLl2LrSKzq8pHiG6mWuWqZFUbXDxhQm9XrC2aQS9MyQ03QLDePRxc1vC1EzWBBTOrLkLGBn%2BxyC1vA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/home/btm/img/dot.png?0.0.911
172.66.40.129200 OK 163 B URL HTTP/2 www.w88w981.com/_static/home/btm/img/dot.png?0.0.911
IP 172.66.40.129:0
File type PNG image data, 21 x 10, 4-bit colormap, non-interlaced\012- data
Hash 489ff422326e210b423482d92aa95225
381f86c359773b5c7771db050ee2ed9d4be2e860
2cd4e9067ee53451e3118dcf50bae28c54ee6a1d6cc8344791d54356010a5b5e
GET /_static/home/btm/img/dot.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z; clientIp=91.90.42.154; ai_session=YvtLmJSUPX+wIkHQCMK4tc|1668803707751|1668803707751; popup=6478
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 163
cf-ray: 76c37db39e1db511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "084f16e43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:52 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 04
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lb2q1nCIZmLY27aVj37PE2LSU6AcOKUUhYLIIq40He8r4XQRZ4nFiPyjMVSK9p2sCT5ZVs%2FQDApN5KqmGgXJY8EODZ90uxi3ynnSdth5n3RjhBt%2B0vb3jyXQpduaqErTRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_secure/ajax/api/handler/announcements/en-us?paymentGp=&riskId=N
172.66.40.129200 OK 7.8 kB URL HTTP/2 www.w88w981.com/_secure/ajax/api/handler/announcements/en-us?paymentGp=&riskId=N
IP 172.66.40.129:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (19313), with no line terminators
Hash 04f2b24d4fcd169b0d4c1c868130789d
08e773074bd5f3c1c7d4be29faf7179f3c0b633d
5fb4c4b6a1e6013da5ae8a412acb1ba7d8279a098bbc4e248df1cd0d99d5c665
GET /_secure/ajax/api/handler/announcements/en-us?paymentGp=&riskId=N HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer OElWYW1NVTJsMU02UG5NdWFCc2RkNlVjcDhSTHpaazhxbW1CUVpvYlJxTUFkSitPM1Avc2t4NW0zR3Q3MlhPRkpCMy9WZm82ZlB4dElrWlQ3SXZaSG0yMHAzWTlwVE9BYlFkaHp0TFlTcTBSRUp0UmRsNGxVSDNoN1RUUit4a2w=
X-Requested-With: XMLHttpRequest
Request-Id: |49167c3dc3504342aabd28f49430feb0.288b03c935054f1f
traceparent: 00-49167c3dc3504342aabd28f49430feb0-288b03c935054f1f-01
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: application/json; charset=utf-8
cf-ray: 76c37dad8c7ab511-OSL
cache-control: private
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
request-context: appId=cid-v1:befc641a-1b45-4261-8b4f-ca637b9caad0
svr: 07
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X3BJCYrA3NQaTefi4dhzWKR3r6alYYdNbCSRwj3pef1GKbEwW8gWTZTKLcQTpgvl8KUuqxes5kDgVVkm3KPX%2FbtXb9%2FuyoTg%2FeBvsKc4Km5DOFm3Vz%2BxDYfGZfbQv8B67g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
static-global.static-bifrost.com/worldcup2022/Saudi-Arabia.png
172.66.40.164200 OK 712 B URL HTTP/2 static-global.static-bifrost.com/worldcup2022/Saudi-Arabia.png
IP 172.66.40.164:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 370adcd4287346c832e27ba4d4c7fc2b
ff5dee664e2534df11674b5772395b2e6fb63764
b48555d7cffdaffdbef75c4d122f190addd60577c84cbba8dbde751bb88671ae
GET /worldcup2022/Saudi-Arabia.png HTTP/1.1
Host: static-global.static-bifrost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/webp
content-length: 712
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1843
content-disposition: inline; filename="Saudi-Arabia.webp"
etag: "2d6904740323b7faad5d6e874b407dcc"
last-modified: Wed, 12 Oct 2022 12:01:02 GMT
vary: Accept
x-amz-id-2: o1BWGzF4VTdqYqxD7QRsZYfyQ04vxMp2rDMmgkQDTkUxaY1Ejw3ekYY9nfBNm04BC25zOHwjlDw=
x-amz-request-id: 91APWWVD4BK2T6HT
cache-control: max-age=3600
cf-cache-status: HIT
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76c37daf0a6f0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 616234e812d0fe1b582a6e82479706be
837e990c8bc894af98a94e9314420f513272c17d
1fe5ed317cd396938dc7eb49b4424b75d1d8bc2855e582503cf05e7541b70170
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=135856
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 20:35:10 GMT
Etag: "63775c2d-117"
Expires: Sun, 20 Nov 2022 10:19:26 GMT
Last-Modified: Fri, 18 Nov 2022 10:19:25 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279
www.w88w981.com/_secure/ajax/api/menu/games/en-us/
172.66.40.129200 OK 1.9 kB URL HTTP/2 www.w88w981.com/_secure/ajax/api/menu/games/en-us/
IP 172.66.40.129:0
File type JSON data\012- , ASCII text, with very long lines (9433), with no line terminators
Hash 358c7e890d8874d7fdd08e8c7af80aa9
a0ae78e254a6518db37678f965254fb1b3b6cb2e
6a8884ca4f7bc378e3599c6f4650b98ff1ad9405004cc68f73fe342249835228
Analyzer Verdict Alert fortinet Phishing
GET /_secure/ajax/api/menu/games/en-us/ HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer OElWYW1NVTJsMU02UG5NdWFCc2RkNlVjcDhSTHpaazhxbW1CUVpvYlJxTUFkSitPM1Avc2t4NW0zR3Q3MlhPRkpCMy9WZm82ZlB4dElrWlQ3SXZaSG0yMHAzWTlwVE9BYlFkaHp0TFlTcTBSRUp0UmRsNGxVSDNoN1RUUit4a2w=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: application/json; charset=utf-8
cf-ray: 76c37dac7aa0b511-OSL
cache-control: private
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
request-context: appId=cid-v1:befc641a-1b45-4261-8b4f-ca637b9caad0
svr: 07
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FehEKFXUhQXBKrn2rVo4PVOIWHH9FejLswVUGiven6BHc4SynOmndBFRHL6BoFr7qSSlai3Q%2FLhNA0aOPR2iCbhNNVVDJyScytMIcL0dG4OkDv09N1dbhp%2BPB21ngus80A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/hotmatch/img/Countdown-WorldCup-2022-Big.png
172.66.40.129200 OK 57 kB URL HTTP/2 www.w88w981.com/_static/hotmatch/img/Countdown-WorldCup-2022-Big.png
IP 172.66.40.129:0
File type PNG image data, 1280 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash eee21e7010d17d1cc8333659a67e422c
367e1fb9db453bd9f46d9796667b43fc1a3fb599
60c703e17af44794e69cb04e47440187b6c1a01e5b0d5289ec5601c85254c449
GET /_static/hotmatch/img/Countdown-WorldCup-2022-Big.png HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/_static/_css/hotmatch.css?0.0.911
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 56657
cf-ray: 76c37daebe05b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0da5daf2ffad81:0"
last-modified: Thu, 17 Nov 2022 02:52:52 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 05
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rdVCIqmJyrLDlA5760vXXl4o8urBt5Xeijg0d%2BnwlmZp406i6hl%2FSPy4I77iNnrFPSjHbbv5hyR0QWQIdglCNftpK00hvSuoEFWsSc37cQNLuQNVf%2FX0YPVuN5Pe8J1H3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/home/img/bannerV3/W88-Home-Live-Casino-Instant-Rebate08-202207-EN.jpg
172.66.40.161200 OK 92 kB URL HTTP/2 cdn.w88ux.net/_static/home/img/bannerV3/W88-Home-Live-Casino-Instant-Rebate08-202207-EN.jpg
IP 172.66.40.161:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x500, components 3\012- data
Hash 3df2d6c68ca4bab44d1c8e7395341108
beeb02ccb3b8ebbc38017644566e94827a46858d
dc7736c1c40818f39e3f568045a1bc8d8853165371664ae4d794cac4c4c145bd
GET /_static/home/img/bannerV3/W88-Home-Live-Casino-Instant-Rebate08-202207-EN.jpg HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/jpeg
content-length: 92023
cf-ray: 76c37dad9cd0b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "695ce2ee23a3d81:0"
last-modified: Fri, 29 Jul 2022 08:19:33 GMT
vary: Accept-Encoding
cf-cache-status: HIT
cf-bgj: h2pri
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gG5SLwNEwvKTxoVmIWnKZWwxPmWa2hN2P0HaIFr%2BBGPzDrre3YXtixXnqy0XEyfqXlgd5wk99phqugVFjh2Fv0b6KjzR14F6v5rqzq5svQVdCsmIzQgQ6lihvQILkXI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/home/img/bannerV3/W88-Home-Ocean-Explorer-Mission-202208-ALL.jpg
172.66.40.161200 OK 113 kB URL HTTP/2 cdn.w88ux.net/_static/home/img/bannerV3/W88-Home-Ocean-Explorer-Mission-202208-ALL.jpg
IP 172.66.40.161:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x500, components 3\012- data
Size 113 kB (113422 bytes)
Hash 51eb517bb52e6c377fc5098f7c8eeda3
f34879c16814d9daf9ed82da48e759652e81d82d
2615634e7c8e5dafe08c09d5f93073dd00b1a116808664063cc886a3adf7af8a
GET /_static/home/img/bannerV3/W88-Home-Ocean-Explorer-Mission-202208-ALL.jpg HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/jpeg
content-length: 113422
cf-ray: 76c37dad9cceb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "e73626cc1bb2d81:0"
last-modified: Wed, 17 Aug 2022 09:29:06 GMT
vary: Accept-Encoding
cf-cache-status: HIT
cf-bgj: h2pri
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w67wBJXA0gn8TYPloG3gyEtOGNLleybrLuOZM2s3AVBUmMRva981cN5COIOnQXQOYBR5RlBeMtCa0TyxFrN4BXP1UWZucI9G8A0bWyHirxeHJgl9rmfNrKh8XXPyVTo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/home/img/bannerV3/W88-Home-WC22WB150-20221116-EN2.jpg
172.66.40.161200 OK 126 kB URL HTTP/2 cdn.w88ux.net/_static/home/img/bannerV3/W88-Home-WC22WB150-20221116-EN2.jpg
IP 172.66.40.161:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x500, components 3\012- data
Size 126 kB (125558 bytes)
Hash c5a1d418d9a90d2b611766ee323ebd07
6175cd877f2cebcf567bcc3d111ec730d9baa80f
19233c37de49840dea505ee967e1723250bb4d62a69288806429cfdcb275b85d
GET /_static/home/img/bannerV3/W88-Home-WC22WB150-20221116-EN2.jpg HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/jpeg
content-length: 125558
cf-ray: 76c37dad9cc8b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "3fca4aeffefad81:0"
last-modified: Fri, 18 Nov 2022 03:36:25 GMT
vary: Accept-Encoding
cf-cache-status: HIT
cf-bgj: h2pri
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JrW3z6%2FdKhcxrOfIlFjly%2B5QEK%2FCWXRBQ2%2FfG0A0QHoEQzNtSsCJwVqG6LmUnJGMDtnrjFrkC8CEkgREwsWqBdAXsWMvt8v7VFmRwtkX%2FQQU3Ya17WGYMYxZvY7pIX8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/home/btm/img/Dividing-line-grey.png
172.66.40.161200 OK 2.7 kB URL HTTP/2 cdn.w88ux.net/_static/home/btm/img/Dividing-line-grey.png
IP 172.66.40.161:0
File type PNG image data, 1280 x 562, 8-bit colormap, non-interlaced\012- data
Hash 14250d20e980f74818375c282f8b0ee2
b40aece998ea2e2cd678c00e72ffcae5d4a31222
e591834490daedbcb1a3f3211c0a540d7f9dd739af8e84112b688696c0e96d9f
GET /_static/home/btm/img/Dividing-line-grey.png HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 2674
cf-ray: 76c37db18b74b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "c97ac1928e54d81:0"
last-modified: Wed, 20 Apr 2022 08:13:53 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x2bhvZVGT4jWs3FC%2BwyUUCf2EPBe0gGHWlfu5YQBnZfaB6NX%2FfcQQElDdOUshKq2nrv8DQN%2FnmJMS%2FcSKT7p3XSesCwfGLfcSfa7i654G6jG9PzlxWEeMxdjAzUxLKM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/home/btm/img/Live-Chat-icon.png
172.66.40.161200 OK 192 B URL HTTP/2 cdn.w88ux.net/_static/home/btm/img/Live-Chat-icon.png
IP 172.66.40.161:0
File type PNG image data, 30 x 26, 2-bit colormap, non-interlaced\012- data
Hash e63746e3f3ebe6a6cc52d21de236800f
77b0f7a9293bdbfccc8b101ea4798629c4f2cbcb
1b6882f367c328c67ac627216167a849375a98c41f488d1006a247e226ac365d
GET /_static/home/btm/img/Live-Chat-icon.png HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 192
cf-ray: 76c37db17b60b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "bdd19c938e54d81:0"
last-modified: Wed, 20 Apr 2022 08:13:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fzaJ29rs490GX0IkJu4%2FOQSvoyOwUBvvBPcy8bHGdXKLuw5bhy5SWw8X04hXxhO%2FGN8DkI%2BaUvUFqjom8WxKISD6vsPxpJ58cfAUTjm4VjqoIp%2Fh7Rwr4ADs3JSVm0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/home/en-us/images/8/Sub-Winner.png?0.0.1864
172.66.40.161200 OK 5.3 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/home/en-us/images/8/Sub-Winner.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 160 x 164, 8-bit/color RGBA, non-interlaced\012- data
Hash e55a10fde0f2a791b1b268f55f980c8d
4ddc2b952e03bb9eaa828e61bdc648f900041ac9
8e4bf37a801b826de1a08bf086413bb2ffd847b23a9fcc07ebaae07e0a12809e
GET /_static/menuApi/prod/menu/home/en-us/images/8/Sub-Winner.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 5251
cf-ray: 76c37db1dc08b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "3c8e61cd258d81:0"
last-modified: Thu, 13 Jan 2022 02:32:25 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MCXHANMEW8iUTziuDnx2eYzj7Jf8XKbR9%2BudP4ZSbpxurDWPRTSfXx1sLqnGjC3wydij6hQSZH%2F3PkkWaXt5bcNIPViz2Sw4ZgWhflZGK2CverciE9IVYNTmFD61lq8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_secure/ajax/api/member/hotmatches/get/featured/0/en-us
172.66.40.129200 OK 5.3 kB URL HTTP/2 www.w88w981.com/_secure/ajax/api/member/hotmatches/get/featured/0/en-us
IP 172.66.40.129:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 37c1a93d458cd9d8a14caee2921a4c9a
0ae7301af5702ae4690a8cd75f047a77ceb13295
4e007edb5d3d512ed68d664aa4fc8d367241f6f89b08d472e657576aed7f0976
Analyzer Verdict Alert fortinet Phishing
GET /_secure/ajax/api/member/hotmatches/get/featured/0/en-us HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer OElWYW1NVTJsMU02UG5NdWFCc2RkNlVjcDhSTHpaazhxbW1CUVpvYlJxTUFkSitPM1Avc2t4NW0zR3Q3MlhPRkpCMy9WZm82ZlB4dElrWlQ3SXZaSG0yMHAzWTlwVE9BYlFkaHp0TFlTcTBSRUp0UmRsNGxVSDNoN1RUUit4a2w=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: application/json; charset=utf-8
cf-ray: 76c37daa8fe3b511-OSL
cache-control: private
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
request-context: appId=cid-v1:befc641a-1b45-4261-8b4f-ca637b9caad0
svr: 07
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQZ6qx5%2Fr%2FWA7q%2BnP5gcdsl3DhWV8zOrpab1L3lMIg5Mrarv%2FjBAj%2FDi9%2BD1vhHrV9yv4aygWJTQRmljmFZaU5UWaYkIRrjbRfrJspxQHAHtXHo89K5NGV%2BHMPKaKKtjuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/
172.66.40.129200 OK 57 kB IP 172.66.40.129:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4510), with CRLF, LF line terminators
Hash 814d447b83b2d57c3bfeef089c43b986
0a71d7f5c0119a9254b21a76e127c8e86a832143
f750295c223ae47dab35389c32cffe4ce5e3674c67a57d0b97dd2c52e3362d81
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: text/html; charset=utf-8
cf-ray: 76c37d9e3c51b511-OSL
cache-control: private, no-store
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
request-context: appId=cid-v1:7a62fb4e-d728-4460-b21d-e45c61815c0c
set-cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; path=/; HttpOnly; SameSite=Lax
s=; domain=.w88w981.com; expires=Thu, 18-Nov-2021 20:35:06 GMT; path=/
g=; domain=.w88w981.com; expires=Thu, 18-Nov-2021 20:35:06 GMT; path=/
mi=; domain=.w88w981.com; expires=Thu, 18-Nov-2021 20:35:06 GMT; path=/
crt=; domain=.w88w981.com; expires=Thu, 18-Nov-2021 20:35:06 GMT; path=/
lnkMem=; domain=.w88w981.com; expires=Thu, 18-Nov-2021 20:35:06 GMT; path=/
two=; domain=.w88w981.com; expires=Thu, 18-Nov-2021 20:35:06 GMT; path=/
NR=; domain=.w88w981.com; expires=Thu, 18-Nov-2021 20:35:06 GMT; path=/
language=en-us; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
color=grey; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
language=en-us; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
color=grey; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
language=en-us; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
color=grey; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
language=en-us; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
color=grey; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
language=en-us; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
color=grey; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
language=en-us; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
color=grey; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
language=en-us; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
color=grey; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
language=en-us; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
color=grey; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
language=en-us; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
color=grey; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
SERVERID=twmsweb107; path=/
svr: 07
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ktju6qn5JmVVfObotH5GcVUmEls3gNIfAXr%2BM1wvUNcBkBqSrg26RzFffeuP3JcEgjJG4JlB9hiLK5AEauxgoWMDVhzdyfYwV34N3eUrui60ODa%2Bqc5ekFpFtwxtvXU06A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/fishing/en-us/images/4/Fishing-King-Sea-Beasts.png?0.0.1864
172.66.40.161200 OK 12 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/fishing/en-us/images/4/Fishing-King-Sea-Beasts.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 320 x 164, 8-bit colormap, non-interlaced\012- data
Hash 7cbe6b39790447d0dbb7ce9093f63597
a1866ebefbe82df4d8f4fe1b5547b58d030d446d
92cf593e6d8bc39100ed00012bd412dda96bafe289d5680c444f0311f65cdcfc
GET /_static/menuApi/prod/menu/fishing/en-us/images/4/Fishing-King-Sea-Beasts.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 11558
cf-ray: 76c37db24cd4b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "4a2228bc3e9d81:0"
last-modified: Thu, 27 Oct 2022 05:14:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LaWpY6umGaDTScqFL5O7NbgSyGbVukRz9ESWsll7%2FVVNdmOSUa4mBc5hoM5boh%2Fz2K%2BLD82xHf%2BdSIJ4eGjSajNz3uZEdowTLAH1RPRbgRLMiG%2FFQi9XrAA2vV3ZmMo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/Playtech.png?0.0.1864
172.66.40.161200 OK 20 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/Playtech.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 256 x 164, 8-bit colormap, non-interlaced\012- data
Hash 59d469ee15b93a32bd2bfb36b87a9a81
04bf36a91790737111b2fc5edcbae6b2e0e3e47f
2882954f5e24c4a5f3e47115e1cf17e3b71f8775d9e67abc6753fa15aa2aa516
GET /_static/menuApi/prod/menu/slots/en-us/images/5/Playtech.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 20462
cf-ray: 76c37db22c95b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "bdf2a9d92f8cd81:0"
last-modified: Thu, 30 Jun 2022 03:16:55 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0HnFr2f4TnTki5%2BV2nKYNueVgQEhcZio7T%2FCkJxSumqmedi9yb1rzTu9ZxsZIGAJT8B7BwyUaAr7ZRuFYJFEzxxuxynrLeYLUNm%2BZoTa3g2uNQmXJKz38ieiRxIfDY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/microgaming.png?0.0.1864
172.66.40.161200 OK 19 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/microgaming.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 256 x 164, 8-bit colormap, non-interlaced\012- data
Hash d8d5c7121e463c36b92e08954f415ee7
393ad813aad4974591356dda47594ef152c35bb9
a947227eda34e29450c1543347b29d4b63732838cff49fba957482e0ed89c96e
GET /_static/menuApi/prod/menu/slots/en-us/images/5/microgaming.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 19343
cf-ray: 76c37db21c77b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "4990a7d92f8cd81:0"
last-modified: Thu, 30 Jun 2022 03:16:55 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bWZPr%2FpeHOXKgEK3gqOKIL65sR%2FYNU8DQafIrtdFoplWfy6tG0aF8hpcseF1iRf2fh%2FHrmGAlPzp8aMIU67o8oQE74LeRTVWB5nLGN1z6jKZUjow7xN7wGmkcqTOMr4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/casino/en-us/images/5/Sub-Club-Evolution.png?0.0.1864
172.66.40.161200 OK 36 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/casino/en-us/images/5/Sub-Club-Evolution.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 256 x 164, 8-bit/color RGBA, non-interlaced\012- data
Hash 3880a4b00e0ee4a908cd26110744fa72
42e455cf9ed18850a8ba82e4d719fced77401717
2a4c718b4face6931235ab8a1088770b355106a27620b7ce5908d8e5d5c344ac
GET /_static/menuApi/prod/menu/casino/en-us/images/5/Sub-Club-Evolution.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 35837
cf-ray: 76c37db20c60b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "ffc5b33da2f4d81:0"
last-modified: Thu, 10 Nov 2022 01:17:46 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HSaZ9KqGM0H8IE4%2BG%2BFkCZr8JL9T11%2BHRjCInlBquBqGjkndcPFkRkOjhZXXhKarvTEezCiEIwEWS75mIRqKByY9yhfdT8%2Ft4NTa0HXOmfcYNlpQ%2FGxB0wwHx6pNmA4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/fishing/en-us/images/3/Chill-Fishing.png?0.0.1864
172.66.40.161200 OK 11 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/fishing/en-us/images/3/Chill-Fishing.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 426 x 164, 8-bit colormap, non-interlaced\012- data
Hash bd23530211f08aa1bc34446a25a67a16
1a2a1dacf0532cde200d8375c1cc1c2411814270
be3ea6875220ea7a5df34d7a7dace4bad45a03864b9adaa16c41ac7157d08446
GET /_static/menuApi/prod/menu/fishing/en-us/images/3/Chill-Fishing.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 10930
cf-ray: 76c37db25ceeb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "d872f8ac3e9d81:0"
last-modified: Thu, 27 Oct 2022 05:14:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JS3aG02JQ%2FO3atLN1J1qchFkojhr10CoLmc9A1VjnF2YRMEV32Tc%2Fmc6mPJq0vIIdM4S9TCSyR57j7E%2FTWgK6pcr8o1iedXtfaTaxFG4y96bHUzHfmDV%2FqM8z5ILGgw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/4/more-slot.png?0.0.1864
172.66.40.161200 OK 2.7 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/4/more-slot.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 320 x 164, 8-bit/color RGBA, non-interlaced\012- data
Hash 15dd7368a13e4b1da6d7bcd8cc067a0f
82ae4c1781dda216f187fa87a42689699f573871
cfa9d33dba2606952feb05f01f784fd8bcb546fdb20196b830c82ac1067a4cd8
GET /_static/menuApi/prod/menu/slots/en-us/images/4/more-slot.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 2694
cf-ray: 76c37db23cabb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "fbcc83d92f8cd81:0"
last-modified: Thu, 30 Jun 2022 03:16:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8C25rQRGKu71kAGOrJNLTHlW7BDH9l3TRomELcaigLxWUNxroSOLrwZkxkDZUADansp6n7Fe3rf%2B%2FeahM9BVY27ZEUzJ%2BnIaeUIJrKlck4ltbh%2FNjJ%2F3DHX1C%2FG4E4g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/fishing/en-us/images/4/Ocean-Explorer.png?0.0.1864
172.66.40.161200 OK 11 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/fishing/en-us/images/4/Ocean-Explorer.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 320 x 164, 8-bit colormap, non-interlaced\012- data
Hash afdaa8bf193d93b586cbc974e41a0f76
96632e33d033f0cf418ffc9253ddf75c3a19adf2
dfe1faa8e60093966ec99829da15f7824d91a01f9918c1bb2878974b8d299fab
GET /_static/menuApi/prod/menu/fishing/en-us/images/4/Ocean-Explorer.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 10751
cf-ray: 76c37db25ce8b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "8e72cbc3e9d81:0"
last-modified: Thu, 27 Oct 2022 05:14:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6t3xezTpqzy5wGjS4WoqvN4QzOysvBmGalz4O2UobNAtvb3QHYYc5Dd3HjUdoyyrhfzvGXse2CGaXKacC2xG%2F54PgktTLJ0GziKlpi7ik7uLPflCCx%2FwzWJfi%2B03tP0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Thai-Hi-Lo.png?0.0.1864
172.66.40.161200 OK 6.1 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Thai-Hi-Lo.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 213 x 164, 8-bit colormap, non-interlaced\012- data
Hash 54dfd30189bae2901f5b01853d95ca4e
09f3ff04eac55e96b25924cef842c79a30e1a898
3659fff3caa2f7c423c33afce8bbd9a8e2c0c89346e5cf632a305aaaeb72ffdb
GET /_static/menuApi/prod/menu/games/en-au/images/6/Thai-Hi-Lo.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 6108
cf-ray: 76c37db26d10b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "4ffedabf3ac7d81:0"
last-modified: Tue, 13 Sep 2022 06:33:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0SXGgOJY1lADrLAy8%2FDmiLs8DEhgV1hwHIoK5sy1ulUl8gH9fvzQ%2BFxv87r8QaSxGB%2B8h%2F68nFQZETmlNt84X6un7WbH%2ByowaWXR3WDElSY23Eq5dQPYy89vdUBxUpM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/FPC-Scratch-to-win.png?0.0.1864
172.66.40.161200 OK 6.5 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/FPC-Scratch-to-win.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 213 x 164, 8-bit colormap, non-interlaced\012- data
Hash 25fea218d4ccc8803a1806014e54df77
a1931bf89a761eb9c4a7b9761f6b8ee3ca54fc2b
27f6f67eab3e67eabc626aff186ea3959c7aa6b6302c123b944f085f59780420
GET /_static/menuApi/prod/menu/games/en-au/images/6/FPC-Scratch-to-win.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 6504
cf-ray: 76c37db27d1bb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "e774d1bf3ac7d81:0"
last-modified: Tue, 13 Sep 2022 06:33:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F0QWYNbOteZ942%2Fn2E5z8tbKOpEX%2FD55mudU43f26XBzghuubWarcNroQraRSpsYQBImhykj03%2FuQEU4AWXi9HGfuuSqs5dxshHxGwNgd93efifApI4rMStVUl%2F2jnY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Microgaming.png?0.0.1864
172.66.40.161200 OK 6.7 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Microgaming.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 213 x 164, 8-bit colormap, non-interlaced\012- data
Hash bda7590b86d237be2d071b644253d6b2
4cb15810b4f62553bce323d2e0fa1cdbd6d25ea9
7cb44ffa06f934952e29a51b7640cad46531e5bfe21cc409c49696bf15ec106e
GET /_static/menuApi/prod/menu/games/en-au/images/6/Microgaming.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 6735
cf-ray: 76c37db29d51b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "e774d1bf3ac7d81:0"
last-modified: Tue, 13 Sep 2022 06:33:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fel2LvpJXRdQkppxYy5hBZwGmFqCT6SlNqWYn%2BmbCpp%2FS14bG6Dgh58kJcdmm%2B%2FJx7mzpKukiM0KKJteN21VWCGZ7WP4fPA1q1JnQXQ1BoBEdckq1IlKDESPoSE2NCU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_static/_css/custom-theme/jquery-ui.min.css
172.66.40.129200 OK 11 kB URL HTTP/2 www.w88w981.com/_static/_css/custom-theme/jquery-ui.min.css
IP 172.66.40.129:0
File type ASCII text, with very long lines (25659), with CRLF line terminators
Hash 26bc23d1083fd28878dabe7ef4ecd9e8
e9adcd69bb973a1eaf0a4030efa783a7959dba88
965bab7ab3420f7125af9e7973d2d2b18e19e48f6ffa072dbdbbce3c871ecb60
GET /_static/_css/custom-theme/jquery-ui.min.css HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: text/css
cf-ray: 76c37da22b05b511-OSL
cache-control: max-age=14400
etag: W/"087ad5a43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:18 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OyRWTQ6%2Fjg4pqK6P0kJpXhNbZMXJSIoHTwAxTf%2BcN5Jv4ju5aw78C7m1H3lR%2FWiyRDnyXq3eGJM2ekL77GF8eaZ%2BKBbQg%2FI7JbYOIexzDQPt0QZUgtgaRFZyyg0C6ZzsKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/fishing/en-us/images/3/Pirates-Fishing.png?0.0.1864
172.66.40.161200 OK 13 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/fishing/en-us/images/3/Pirates-Fishing.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 426 x 164, 8-bit colormap, non-interlaced\012- data
Hash 01b04aa7c47b5f62adc196b3390d17bc
41de288b8400488392b4cfafac1fd1e880406c29
0abaf7aa7a2eea2392ec91c07db6b4568e476bf94e10e46e0224532dc7fd80b5
GET /_static/menuApi/prod/menu/fishing/en-us/images/3/Pirates-Fishing.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 13429
cf-ray: 76c37db26cf9b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "13c16bc3e9d81:0"
last-modified: Thu, 27 Oct 2022 05:14:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FVMDYP%2BtQ8tzxE2DkAlUCE1ORofWXuADsm0MYOmmJy2j4W3ss18aOxWA3MSfCaNB3hzxqWEGkIs8B%2B54hg%2FcDdVmZtXBkdPHK7vlixUvGq4VhTz2wIFbeR3cyk1fBH4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.w88w981.com/_secure/ajax/api/menu/casino/en-us/
172.66.40.129200 OK 8.6 kB URL HTTP/2 www.w88w981.com/_secure/ajax/api/menu/casino/en-us/
IP 172.66.40.129:0
File type JSON data\012- , ASCII text, with very long lines (2278), with no line terminators
Hash 91310abe1837cfee8bbc204c51748e3f
e396dd45bab887a5b41d515f036acb97060857fa
1ca29d70399c70cdc74fd2cf1cb2cf2671b01eaf57ce0c92281b775cd6944d49
Analyzer Verdict Alert fortinet Phishing
GET /_secure/ajax/api/menu/casino/en-us/ HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer OElWYW1NVTJsMU02UG5NdWFCc2RkNlVjcDhSTHpaazhxbW1CUVpvYlJxTUFkSitPM1Avc2t4NW0zR3Q3MlhPRkpCMy9WZm82ZlB4dElrWlQ3SXZaSG0yMHAzWTlwVE9BYlFkaHp0TFlTcTBSRUp0UmRsNGxVSDNoN1RUUit4a2w=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: application/json; charset=utf-8
cf-ray: 76c37dac6a93b511-OSL
cache-control: private
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
request-context: appId=cid-v1:befc641a-1b45-4261-8b4f-ca637b9caad0
svr: 07
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7Zii7IFyA%2BNRn2R%2BsQbxqlECrP7Ie9PqpqyASuXQelwZOAdLASch7y1LVrYFs6EA80xfN2Yd%2B0FCfCgwsfSv6A%2F8Lvo3%2F94gr24f7AtItY8U8Mh9zAn7BtpNR7vRImmTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Thai-Hi-Lo-Deluxe.png?0.0.1864
172.66.40.161200 OK 6.7 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Thai-Hi-Lo-Deluxe.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 213 x 164, 8-bit colormap, non-interlaced\012- data
Hash 8e400de0fd92c16f4a0bc39d827e44ee
2e7bfd0d5cee33d7d3db2858fc717b09f60fe9d3
bb3b5aa0a592e24974f4e909de03db309e5d34bc8ac6f7acae4e43e658cb9cd5
GET /_static/menuApi/prod/menu/games/en-au/images/6/Thai-Hi-Lo-Deluxe.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 6697
cf-ray: 76c37db26d11b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "4ffedabf3ac7d81:0"
last-modified: Tue, 13 Sep 2022 06:33:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYPayEMGeUBuMjOV78ILKk3UR7uJYjbM8jlVEXIRTTSuB1ws9czLjmdkKmSZXaMjDKiEFsgIVFP8oKf7C4ot%2FGHfOUaJwoZX3HtCqK6ydbZLvFw9hqR1X4D4JZES2LY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Tai-Xiu.png?0.0.1864
172.66.40.161200 OK 6.2 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Tai-Xiu.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 213 x 164, 8-bit colormap, non-interlaced\012- data
Hash 594b59729d6ebfbcd7bb262e7fc82b9d
b59748c643bb49bc2f0c0c819f07f581db8bb8da
57b1d287366867f14018a76c9eec99efc0ebe0217ade85c67ce7d659c1a13d62
GET /_static/menuApi/prod/menu/games/en-au/images/6/Tai-Xiu.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 6166
cf-ray: 76c37db26d04b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "f39bd8bf3ac7d81:0"
last-modified: Tue, 13 Sep 2022 06:33:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EOhvppJVNeEA6DYy%2FQN0X1%2FRQFGUaOjOeAuB%2BTLrTniUiGOCejIBRTWAHHzB3zIC%2FWJ6%2Fj85bcBXTXb%2FNGPDL%2FsTqbAG343ERQzRKazhcBVisLsfveBkgo7e%2Fj%2FbBbA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/p2p/en-us/images/4/domino-qq.png?0.0.1864
172.66.40.161200 OK 23 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/p2p/en-us/images/4/domino-qq.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 320 x 164, 8-bit/color RGBA, non-interlaced\012- data
Hash 6c5d5a4b65714735cd065858ff5d3c40
c6a1af9a5770591ff17e3e3afe0f869939f0eb27
4d85dfc474b052a3496541d4b5a171930c7dca9f9d1e35272f44427234abb0fa
GET /_static/menuApi/prod/menu/p2p/en-us/images/4/domino-qq.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 23069
cf-ray: 76c37db2bd72b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "cbcff9e3293fd81:0"
last-modified: Thu, 24 Mar 2022 02:50:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8O4YjjXUo3ldonDgHm9Zn1J4mB9tYfCU4vSEjVrr1P61Wj6opV6zPGkuSlkyN0BeW6wIlu1ljknpW8MBhaYPNC4BZkn9cmEzyjJ%2F50AIzFUg0jspShqi%2BQWqd6v1P8g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
216.239.38.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.38.178:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 18 Nov 2022 18:41:09 GMT
expires: Fri, 18 Nov 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 6842
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.w88ux.net/_static/menuApi/prod/menu/casino/en-us/images/5/Sub-Club-W-Casino.png?0.0.1864
172.66.40.161200 OK 69 kB URL HTTP/2 cdn.w88ux.net/_static/menuApi/prod/menu/casino/en-us/images/5/Sub-Club-W-Casino.png?0.0.1864
IP 172.66.40.161:0
File type PNG image data, 256 x 164, 8-bit/color RGBA, non-interlaced\012- data
Hash aad591f9b9da734b1cd4d4e160595581
72aba075540111e216d36da15339872d0e2e50a2
3c24f0a9f039ea17bf515ae0880ade441e915c56dd2b7d8eab76a40c7b8fcd3d
GET /_static/menuApi/prod/menu/casino/en-us/images/5/Sub-Club-W-Casino.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:11 GMT
content-type: image/png
content-length: 69273
cf-ray: 76c37db20c67b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "b888b83da2f4d81:0"
last-modified: Thu, 10 Nov 2022 01:17:46 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RrCYGjCTp0jbZtHaaGMsvs6PYoyNPswkybruyrq%2B4ThGdXGC0crVt3Dfr1ZssMG%2BsAw%2BwZGoKpLHFSeM15Atnr6B6d7JPvPq6NMLkUi5OjKBQAg%2Bm0DgvgdNjL5wE%2Fc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=1658773833&t=pageview&_s=1&dl=https%3A%2F%2Fwww.w88w981.com%2F&ul=en-us&de=UTF-8&dt=W88.com%20Online%20Sportsbook%2C%20Live%20Casino%2C%20Slots%2C%20Keno%2C%20Lottery%2C%20%E4%BC%98%E5%BE%B7W88&sd=24-bit&sr=1280x1024&vp=1268x927&je=0&_u=YEBAAUABAAAAACAAI~&jid=922871372&gjid=1852863034&cid=571471605.1668803709&tid=UA-160363484-1&_gid=1502655946.1668803709&_r=1>m=2oub90&z=992227444
216.239.38.178200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=1658773833&t=pageview&_s=1&dl=https%3A%2F%2Fwww.w88w981.com%2F&ul=en-us&de=UTF-8&dt=W88.com%20Online%20Sportsbook%2C%20Live%20Casino%2C%20Slots%2C%20Keno%2C%20Lottery%2C%20%E4%BC%98%E5%BE%B7W88&sd=24-bit&sr=1280x1024&vp=1268x927&je=0&_u=YEBAAUABAAAAACAAI~&jid=922871372&gjid=1852863034&cid=571471605.1668803709&tid=UA-160363484-1&_gid=1502655946.1668803709&_r=1>m=2oub90&z=992227444
IP 216.239.38.178:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
OPTIONS /j/collect?v=1&_v=j98&a=1658773833&t=pageview&_s=1&dl=https%3A%2F%2Fwww.w88w981.com%2F&ul=en-us&de=UTF-8&dt=W88.com%20Online%20Sportsbook%2C%20Live%20Casino%2C%20Slots%2C%20Keno%2C%20Lottery%2C%20%E4%BC%98%E5%BE%B7W88&sd=24-bit&sr=1280x1024&vp=1268x927&je=0&_u=YEBAAUABAAAAACAAI~&jid=922871372&gjid=1852863034&cid=571471605.1668803709&tid=UA-160363484-1&_gid=1502655946.1668803709&_r=1>m=2oub90&z=992227444 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: request-id,traceparent
Referer: https://www.w88w981.com/
Origin: https://www.w88w981.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
date: Fri, 18 Nov 2022 20:35:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 57e245b8193ae7901b332a125f1c7e75
bf2ae9af39c6e940bd116565af3b8df13e7244fa
80ff1ce0f537364d0b8820f5fb659556f2f3c7ba6b6702c3cc068bb30a446cea
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 20:35:11 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 03:43:27 GMT
Expires: Wed, 23 Nov 2022 03:43:26 GMT
Etag: "bf2ae9af39c6e940bd116565af3b8df13e7244fa"
Cache-Control: max-age=370694,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76c37dba58fdb518-OSL
lptag.liveperson.net/tag/tag.js?site=60004665
178.249.101.23200 OK 7.6 kB URL HTTP/2 lptag.liveperson.net/tag/tag.js?site=60004665
IP 178.249.101.23:0
File type ASCII text, with very long lines (21652), with no line terminators
Hash 6b675640425ec8551a433e26a377d954
7234f02cce1ccb2a4facf2b34b9185cfcf27299d
8c9716f14d2e964be7c93d3d8c28819cb35c529fce6206a79061cda509e05bfd
GET /tag/tag.js?site=60004665 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:11 GMT
content-type: application/javascript
content-length: 7567
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
etag: "5f50a905-1d8f"
content-encoding: gzip
server: ws
strict-transport-security: max-age=300; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
cache-control: public, max-age=630
x-content-type-options: nosniff
X-Firefox-Spdy: h2
static.pupbg-static.com/flgs/Germany.png
104.26.3.60200 OK 452 B URL HTTP/2 static.pupbg-static.com/flgs/Germany.png
IP 104.26.3.60:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ae19f901c9b0cb2d0ab291ec9a61bf60
b5c2997f6be9eb9cbba73c9a20ad9a71b24f1f4f
0c3172017569c11416a46a1e27dbed43350345e34bbf9524d73700dd3de9a44c
GET /flgs/Germany.png HTTP/1.1
Host: static.pupbg-static.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:11 GMT
content-type: image/webp
content-length: 452
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1056
content-disposition: inline; filename="Germany.webp"
etag: "06700748022249e1922263892aaa7aa0"
last-modified: Wed, 26 May 2021 08:34:17 GMT
vary: Accept
x-amz-id-2: 3n76k/8xhZdIYGWNsBmxI6SthXJucgb8rE1EjiKxuAP9NhpPzQdd75jCLY1bYUPcHZqF2PSdOf4=
x-amz-request-id: 5SNF48BTQHVFHBQ6
cache-control: max-age=1800
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZdnt%2BIteRfNk5IPv9T%2FsNgHuxfqSN9usTXF7MxeMCQ54035YuG%2FxrXfjrRTUT%2F48z8QlzbGv31smjkhdlJCR%2Bspf4JDGNQNq64%2FWNoO0ctAbft7GcNodVqAfwv5XJ0kzD%2FRRJfi1Ao2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76c37dbaba29fab4-OSL
X-Firefox-Spdy: h2
static.pupbg-static.com/flgs/Poland.png
104.26.3.60200 OK 462 B URL HTTP/2 static.pupbg-static.com/flgs/Poland.png
IP 104.26.3.60:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2c57d6b5a2775a965d22bf4b2191b170
28cbc46d8c644e3946c5568a18473b78c600c419
e2b1fccb1c52045b59458b3462ef726160877ad9899ab564c5a9e3d91d91ed3b
GET /flgs/Poland.png HTTP/1.1
Host: static.pupbg-static.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:11 GMT
content-type: image/webp
content-length: 462
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1184
content-disposition: inline; filename="Poland.webp"
etag: "718c2fc2a97bc4c195dd2de59e70d94a"
last-modified: Wed, 26 May 2021 08:34:16 GMT
vary: Accept
x-amz-id-2: o3gkCUr0rLluDj6dKBdE+zb2z01Z56y8ZL7MfjFtgwaqCoTNUMzSFcDM2BvlAbjER1coMFbxk5A=
x-amz-request-id: 5AAEK6TGSTRWMYQZ
cache-control: max-age=1800
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Tiok8jZzDKj1lbQKauV9F89UMmh%2Fczv99tcA0Po8VZykd0JTu2coqxSRXk29Wzf98exJm5GOF41QCxEcz6SXREhKwHNxjAKgfz65bzkQ0MnAJsMls8clInj3X511E%2BAZfKC3uptpBFn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76c37dbaaa21fab4-OSL
X-Firefox-Spdy: h2
static.pupbg-static.com/flgs/Denmark.png
104.26.3.60200 OK 488 B URL HTTP/2 static.pupbg-static.com/flgs/Denmark.png
IP 104.26.3.60:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 85d4ca794b82da4eb2a95056fdb098f8
382ae0cd05fd38a957b9ec70743cbb60a0e33a35
0c7cea3083bc07f4d00713335789b6f83ce808c00845a162dd6748cf31b408a6
GET /flgs/Denmark.png HTTP/1.1
Host: static.pupbg-static.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:12 GMT
content-type: image/webp
content-length: 488
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1293
content-disposition: inline; filename="Denmark.webp"
etag: "e94f3595b081e6d4cf797e8bf50234fa"
last-modified: Wed, 26 May 2021 08:34:16 GMT
vary: Accept
x-amz-id-2: qINk+01og5pVKFkDGIdP/rpyAo/wsQHVZuKIka9V4OB+fk5sIriXH5dXjAtDaNZ01p3v6+gBW9vcOoFgqDq86A==
x-amz-request-id: TKVG4CXWYW6AJ096
cache-control: max-age=1800
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rm%2BZiqw80brU9n%2B4i%2FFY0h8dzJ0tgTK%2FS3xE45zLW2HkwEGfT7pWcgZ2cR7Fq%2BVRVK%2BjngAqH%2FcQcZwbkmcoHV%2Fi8EIrUVwMTxhOAf7Lp9NS5TMcF5FOvL4GjNP6DRQ0pOON9g%2BIBDkL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76c37dbaaa23fab4-OSL
X-Firefox-Spdy: h2
static.pupbg-static.com/flgs/France.png
104.26.3.60200 OK 508 B URL HTTP/2 static.pupbg-static.com/flgs/France.png
IP 104.26.3.60:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ed481ceb1f31afd09aa9917cfddcfdee
82d4edcd8989fa340243150c4eaa72dda416cdff
8f894bbaa66e44a4089af1c0142e74f5c91974d0e8df9f3091b82bdf17bb1d2d
GET /flgs/France.png HTTP/1.1
Host: static.pupbg-static.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:12 GMT
content-type: image/webp
content-length: 508
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1273
content-disposition: inline; filename="France.webp"
etag: "88998292fa121d91a835229651f66bd5"
last-modified: Wed, 26 May 2021 08:34:16 GMT
vary: Accept
x-amz-id-2: /tE8pDoeqgP2Vub/iib1r3QDtNrjN/IjifTm6sDnRDO3F7xqgl8MelLjdMqzvHadfiPhOUelsuQ=
x-amz-request-id: H4Z6VS6CPG2S84PV
cache-control: max-age=1800
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MGz327sy%2FzEg%2F%2BAfXgXZhjEGGU3bu8qGond6JrcMf2vPyJWfMUApSYABaH49JcWjBqyPXsVojcbXOoIaggaDyeykueRHwr%2FyqBJzFrsLidcsFepM0fpVqvIPulUWmTNVAlRD57nrgCo0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76c37dbaaa24fab4-OSL
X-Firefox-Spdy: h2
static.pupbg-static.com/flgs/Croatia.png
104.26.3.60200 OK 1.3 kB URL HTTP/2 static.pupbg-static.com/flgs/Croatia.png
IP 104.26.3.60:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 4a07d33b2ffd3c080fde0487c538307a
7eb5c31ce5607db1249297258397acf66327d8dd
4c12ea7f471aee2589337e90fc7879f58465fe513b40a7adb7d18b6665792201
GET /flgs/Croatia.png HTTP/1.1
Host: static.pupbg-static.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:12 GMT
content-type: image/webp
content-length: 1266
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=2141
content-disposition: inline; filename="Croatia.webp"
etag: "a40ff80bd57ac7ec9b5e3a4a1770c44b"
last-modified: Wed, 26 May 2021 08:34:16 GMT
vary: Accept
x-amz-id-2: NI1NDJz6lXk4DzK6FtKc17RuPeJ6xpcE74EXNAP8QNr8BqjHoRTQjsApmzp3wOrDi6ak8puet+0=
x-amz-request-id: H4ZA2M5SR4MQFV6H
cache-control: max-age=1800
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TXimiQGHx%2FE5%2FQlIzuQ61Ud%2BjOschArxDbI%2F6T782CAhkNAAompIFJHalgU6iwZK6chrx%2FlfxlqTkpQEk3Upy8oL1yRvWrv%2Fd8CUXQmKm066%2BzbW2seOx5FneEE4VwWiFNnimJodJMR9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76c37dbaba26fab4-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 401b16112e86bc48e9a6a71ef8703a8f
1040628849c2689ef425fb3b7afa7fc444b48cfd
c5569578db11133f26a4be79b0b969cf340755ba5e26c865ec81ecb6c5beb51d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 20:35:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 18 Nov 2022 16:31:55 GMT
Expires: Fri, 25 Nov 2022 16:31:54 GMT
Etag: "1040628849c2689ef425fb3b7afa7fc444b48cfd"
Cache-Control: max-age=589601,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76c37dc30964b4ee-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 401b16112e86bc48e9a6a71ef8703a8f
1040628849c2689ef425fb3b7afa7fc444b48cfd
c5569578db11133f26a4be79b0b969cf340755ba5e26c865ec81ecb6c5beb51d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 20:35:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 18 Nov 2022 16:31:55 GMT
Expires: Fri, 25 Nov 2022 16:31:54 GMT
Etag: "1040628849c2689ef425fb3b7afa7fc444b48cfd"
Cache-Control: max-age=589601,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76c37dc35dd1b4ed-OSL
www.w88w981.com/_secure/ajax/api/handler/contactus/home/en-us/USD?riskId=N
172.66.40.129200 OK 757 B URL HTTP/2 www.w88w981.com/_secure/ajax/api/handler/contactus/home/en-us/USD?riskId=N
IP 172.66.40.129:0
File type JSON data\012- , ASCII text, with very long lines (838), with no line terminators
Hash 3749e7b5281a43c7e70632e653a7703c
12dc08f3f622eeb85f0dd20d1fa05cc85a62e9b0
25b38a01a114699df4f2a70fa7e019602d433651a7c9f526ed27cf53dbd9f1a5
GET /_secure/ajax/api/handler/contactus/home/en-us/USD?riskId=N HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer OElWYW1NVTJsMU02UG5NdWFCc2RkNlVjcDhSTHpaazhxbW1CUVpvYlJxTUFkSitPM1Avc2t4NW0zR3Q3MlhPRkpCMy9WZm82ZlB4dElrWlQ3SXZaSG0yMHAzWTlwVE9BYlFkaHp0TFlTcTBSRUp0UmRsNGxVSDNoN1RUUit4a2w=
X-Requested-With: XMLHttpRequest
Request-Id: |49167c3dc3504342aabd28f49430feb0.9dc56c0c930d4d10
traceparent: 00-49167c3dc3504342aabd28f49430feb0-9dc56c0c930d4d10-01
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z; clientIp=91.90.42.154; ai_session=YvtLmJSUPX+wIkHQCMK4tc|1668803707751|1668803707751; popup=6478
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: application/json; charset=utf-8; =utf-8
cf-ray: 76c37db32d4bb511-OSL
cache-control: must-revalidate, max-age=1800
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
cache-src: red
request-context: appId=cid-v1:befc641a-1b45-4261-8b4f-ca637b9caad0
svr: 07
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t994y%2F%2FRBghmzLQefH0d%2BguWzwXwB77H9GADCQTI3%2FGojpeiB%2BaJtiugEg%2FsateN4u7Oe48hgUkkR6ZM6yF8l4oZGjiUBiGhpFPej5z5j6mU7qN7MWa0IsS1wNZGZOMVAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
dc.services.visualstudio.com/v2/track
13.69.106.208200 OK 0 B URL HTTP/2 dc.services.visualstudio.com/v2/track
IP 13.69.106.208:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v2/track HTTP/1.1
Host: dc.services.visualstudio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Referer: https://www.w88w981.com/
Origin: https://www.w88w981.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Fri, 18 Nov 2022 20:35:11 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 401b16112e86bc48e9a6a71ef8703a8f
1040628849c2689ef425fb3b7afa7fc444b48cfd
c5569578db11133f26a4be79b0b969cf340755ba5e26c865ec81ecb6c5beb51d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 20:35:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 18 Nov 2022 16:31:55 GMT
Expires: Fri, 25 Nov 2022 16:31:54 GMT
Etag: "1040628849c2689ef425fb3b7afa7fc444b48cfd"
Cache-Control: max-age=589601,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76c37dc30d3fb518-OSL
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/surveylogicinstance.min.js?version=10.23.0.0-release_5549
178.249.97.98200 OK 3.3 kB URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/surveylogicinstance.min.js?version=10.23.0.0-release_5549
IP 178.249.97.98:0
Hash 3d9265e32f8d3d365e895e2e5ac6a2f0
12f05815a3cc2e95ae79e5ee85c5238c3804b275
c37ca2e1cc7a81ac375d0ac638ca16189948a8e35bde0aa3a810aae356b06a62
GET /le_unified_window/10.23.0.0-release_5549/surveylogicinstance.min.js?version=10.23.0.0-release_5549 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:12 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 22:03:25 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sat, 18 Nov 2023 20:35:12 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
accdn.lpsnmedia.net/api/account/60004665/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
178.249.101.99200 OK 1.0 kB URL HTTP/2 accdn.lpsnmedia.net/api/account/60004665/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
IP 178.249.101.99:0
Hash 379a977ff6e0380f4139506c67133381
7993e538bdd19ed84fab3c690c6b9552e066b226
a46daa06d9865793e066e8463b100d49d6cbf6d01f4547135f3e2e33f8142a2b
GET /api/account/60004665/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:12 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:24|g:5fa6ec9d-736e-43c5-9a6a-3280f39f831d; Max-Age=30; Expires=Fri, 18-Nov-2022 20:35:42 GMT; Path=/
ADRUM_BTa=R:24|g:5fa6ec9d-736e-43c5-9a6a-3280f39f831d|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Fri, 18-Nov-2022 20:35:42 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Fri, 18-Nov-2022 20:35:42 GMT; Path=/; Secure
ADRUM_BT1=R:24|i:2241585; Max-Age=30; Expires=Fri, 18-Nov-2022 20:35:42 GMT; Path=/
ADRUM_BT1=R:24|i:2241585|e:5; Max-Age=30; Expires=Fri, 18-Nov-2022 20:35:42 GMT; Path=/
vary: Accept
expires: Fri, 18 Nov 2022 20:36:12 GMT
x-envoy-upstream-service-time: 0
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: MISS
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ui-framework.js?version=10.23.0.0-release_5549
178.249.97.98200 OK 321 kB URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ui-framework.js?version=10.23.0.0-release_5549
IP 178.249.97.98:0
Size 321 kB (320719 bytes)
Hash 952dced6f8bbc7b2f3ec66175b3fab0c
31701df14540c357e7d8a3e46113fd87344c111c
2fdb7e2060b69ebd81d063fba82bb37d0af9256114f5e847447671e24c2beb8e
GET /le_unified_window/10.23.0.0-release_5549/ui-framework.js?version=10.23.0.0-release_5549 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:12 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 22:03:25 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sat, 18 Nov 2023 20:35:12 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9672fb80-baaa-4ab8-b080-dc8c1ce94400.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9672fb80-baaa-4ab8-b080-dc8c1ce94400.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05289172c1455c4134e496c6f4606efd
ce1bb33256b0754f9acc01e7e9f3e5dc85f89244
a8b4411a0310cc376efe2aec7c0830b8d3b63b8827631b0ff43ec092f1f80f82
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9672fb80-baaa-4ab8-b080-dc8c1ce94400.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12065
x-amzn-requestid: 45c97153-71c7-4985-a1ad-fc21a509d153
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-K5FyVIAMFtDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376aa45-0f9d22dd544a4580570f3089;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dxT2WJB7m5tUhgBn2PwTIN4Zskzm3X7CW-29hl1nCyNPbKt5j6q5iA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:55:27 GMT
age: 81588
etag: "ce1bb33256b0754f9acc01e7e9f3e5dc85f89244"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_re/3.53.1.0-release_5134/jsv2/UISuite.js?_v=3.53.1.0-release_5134
178.249.97.98200 OK 12 kB URL HTTP/2 lpcdn.lpsnmedia.net/le_re/3.53.1.0-release_5134/jsv2/UISuite.js?_v=3.53.1.0-release_5134
IP 178.249.97.98:0
Hash b57c4770b357f4011c5530a6303c0a79
b2d3deb5a77d70dc0db1981a5dafcdc56b63b371
142b2bdff6f93e0367974c649f94005179da2508fccadcc6887869eefe4da097
GET /le_re/3.53.1.0-release_5134/jsv2/UISuite.js?_v=3.53.1.0-release_5134 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:15 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 21:59:46 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sat, 18 Nov 2023 20:35:15 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
www.w88w981.com/_static/js/client.pushy.v2.js?0.0.911
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/js/client.pushy.v2.js?0.0.911
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_static/js/client.pushy.v2.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da24b45b511-OSL
cache-control: max-age=14400
etag: W/"0e7198c99ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:46 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c6ixWV7WIrLlPCZcDQHe68raOQ4LkY1DLE9tp%2F92JOWqKPaNX7M7bbeZLzfcSbykYyAFEzdfQVMLN8O2XuBFeChtR2cCcblIwLBDPNsX2zy90M2F2dtJUyJxiB1a5g7vSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_secure/ajax/api/qrcode/floating/download/w88w981.com/true/en-us
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_secure/ajax/api/qrcode/floating/download/w88w981.com/true/en-us
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_secure/ajax/api/qrcode/floating/download/w88w981.com/true/en-us HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer OElWYW1NVTJsMU02UG5NdWFCc2RkNlVjcDhSTHpaazhxbW1CUVpvYlJxTUFkSitPM1Avc2t4NW0zR3Q3MlhPRkpCMy9WZm82ZlB4dElrWlQ3SXZaSG0yMHAzWTlwVE9BYlFkaHp0TFlTcTBSRUp0UmRsNGxVSDNoN1RUUit4a2w=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: application/json; charset=utf-8
cf-ray: 76c37daa6fbdb511-OSL
cache-control: private
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
request-context: appId=cid-v1:befc641a-1b45-4261-8b4f-ca637b9caad0
svr: 07
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8bH%2F6dqwWGPPVcuOcPJqNfqVWVlv7o7WtXFS5FC8lZKQeaZY1FMOfpGDvBgHB4mG2IHPdxUS3fPuTD6CFDfz2NTxyb3qjkclvHX0EuS3qcaGmSByx5HWEfH2tllJigNv9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.js?loc=https%3A%2F%2Fwww.w88w981.com&site=60004665&force=1&env=prod
178.249.97.98200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.js?loc=https%3A%2F%2Fwww.w88w981.com&site=60004665&force=1&env=prod
IP 178.249.97.98:0
GET /le_secure_storage/3.19.0.0-release_5079/storage.secure.min.js?loc=https%3A%2F%2Fwww.w88w981.com&site=60004665&force=1&env=prod HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:13 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 22:00:32 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sat, 18 Nov 2023 20:35:13 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
www.w88w981.com/_static/js/daily.attendance.js?0.0.911
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/js/daily.attendance.js?0.0.911
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_static/js/daily.attendance.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da24b51b511-OSL
cache-control: max-age=14400
etag: W/"0af356fa5f4d81:0"
last-modified: Thu, 10 Nov 2022 01:40:38 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fG%2F%2FIaaiTi8D88wTtDNTcV77Pa3m95btzvlQzpPB7Dfh879b%2Bg8suDTqPRyBQIRR3Zq6d4ugCTo0w73gydaQDB9DsUW%2F2XAUeCqQP0P2yLLB%2BIXIP6qRaH9XIE0jiHlfRg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/plugins/jquery/knockout.mapping.min.js
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/plugins/jquery/knockout.mapping.min.js
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_static/plugins/jquery/knockout.mapping.min.js HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da24b33b511-OSL
cache-control: max-age=14400
etag: W/"038b67343fbd51:0"
last-modified: Mon, 16 Mar 2020 03:32:00 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rdrjbZSgUwMyXaz3FuTke3ztKswmthQiJQ1IMZh9wRagITppI0JQaVkLEsUzycx75gXxza%2BAEVkhriR23giloXeOi9r0oMr4lDW6g8FBnu5YooN1J1nrP2wsTzVZrcH31g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/svg/grey/announcement-right.svg
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/svg/grey/announcement-right.svg
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_static/svg/grey/announcement-right.svg HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/_static/_css/icons.css?0.0.911
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: image/svg+xml
cf-ray: 76c37da9be9db511-OSL
cache-control: max-age=14400
etag: W/"0dabeddfd47d81:0"
last-modified: Mon, 04 Apr 2022 08:27:48 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BsfnTxzkmlwqQaCDIhj8%2Fyng7yzPHVZN4VnbBlc%2FmQrhjopb4ysSzLYZYyQGkgBP0WrZno7q9YFlbdxGqererUZUwaYMHMxJgwIajmHTiPv2FrfjhG8MBrFORbTlB3yDEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/js/mobile.download.js?0.0.911
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/js/mobile.download.js?0.0.911
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_static/js/mobile.download.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da37d0fb511-OSL
cache-control: max-age=14400
etag: W/"0af356fa5f4d81:0"
last-modified: Thu, 10 Nov 2022 01:40:38 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 04
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R4hVV6Db3TWkQn01yNWjGRu7I6DVEe2KS1%2FosWRlxgbRctyKufUm0l4Wxga5d9ZziE11bSbMXp08TDv1M2A5KiCo1Uo11ZJKH0vQ9MGliDJw1Yx2%2Fgv6SN1PywmU5kvErQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fwww.w88w981.com&site=60004665&env=prod
178.249.97.98200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fwww.w88w981.com&site=60004665&env=prod
IP 178.249.97.98:0
GET /le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fwww.w88w981.com&site=60004665&env=prod HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:13 GMT
content-type: text/html
last-modified: Thu, 03 Nov 2022 22:00:32 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sat, 18 Nov 2023 20:35:13 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
www.w88w981.com/_static/_script/jquery.linkselect.min.js
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/_script/jquery.linkselect.min.js
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_static/_script/jquery.linkselect.min.js HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da23b22b511-OSL
cache-control: max-age=14400
etag: W/"087ad5a43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:18 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HwgFz7d1NreAHNnevlbZPu54jK0ymthG8nI6BH5TRAmeKUgoxoWSLPm1cUMwZFeiKSi4W47228RY76GKtLZVv44cttkEkcSb0PdC4yz0CdUBYkn9xnNqfHd75VDU7yKJ%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/js/line.messenger.js?0.0.911
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/js/line.messenger.js?0.0.911
IP 172.66.40.129:0
GET /_static/js/line.messenger.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da25b54b511-OSL
cache-control: max-age=14400
etag: W/"0e7198c99ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:46 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmD7dMXoXhfXwrUp4sUlQUQ1wLXryqbM65XU1WasvrzrM3a4fRtZrfkczOLfmsQA%2B7RyrnKcxgkHmccNLNl4LgjQtOU%2FPEsqO5ft5O%2BxbrMOS1cjOrFnSroUkVnvbdtHpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/js/common.helper.js?0.0.911
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/js/common.helper.js?0.0.911
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_static/js/common.helper.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da24b27b511-OSL
cache-control: max-age=14400
etag: W/"0af356fa5f4d81:0"
last-modified: Thu, 10 Nov 2022 01:40:38 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8eQQHWQinxQsKPgKxrBhMFNbNhg4jnVgjrRWZMK9gApjxKaE9cYT0zqax9j1nLIyXOZ%2FcnH5IWocIHNhH2SFlTcZJFz3GECqcBs0qOUQ%2Fv8hnJe3TZ3uJXsA2b1B2AOVhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/js/register.modal.js?0.0.911
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/js/register.modal.js?0.0.911
IP 172.66.40.129:0
GET /_static/js/register.modal.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da25b56b511-OSL
cache-control: max-age=14400
etag: W/"0af356fa5f4d81:0"
last-modified: Thu, 10 Nov 2022 01:40:38 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pgwqhBLr5E53S%2BtYsVs4JMuBbxqEbnc6s9RIFm%2BXh%2BZGpwXqOB%2BRn3NLcr4eXcJ1jjjobxsX3yteJsI7vyXZtvHQhHpgfs2ehnSYnT17gPbi70B5q3jG7OAKL4%2FgcHABQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/_script/gt4.js
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/_script/gt4.js
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_static/_script/gt4.js HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da24b47b511-OSL
cache-control: max-age=14400
etag: W/"06248699ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:36 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6y6S%2Fqt%2B%2BHwiEhmxEo8sq1B7AMYz1DXU03K33lpTL0%2FDJAz2BWaDHgBDqlwGqetVfMNmMmEgTADUtSx8uEK50pk2tnHOgha4swJMH69MiHfqMQVaNqAwav9gfR0UJJmoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/_script/fingerprint2.min.js
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/_script/fingerprint2.min.js
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_static/_script/fingerprint2.min.js HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da35ce2b511-OSL
cache-control: max-age=14400
etag: W/"037d5d8e719d61:0"
last-modified: Fri, 24 Apr 2020 03:24:22 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cpCeyZGvHlKiOKeNGLCTQa0Rsqs%2Bdmva9ZGYiGAwbKyJEDhFACUetN8elZkffC9KqRe%2BXC5jUx93y9As2GNmhDGP8uWXk0t5O84inRq%2FaFp1vSePuD5NVLbVpLuB2MEjWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_secure/ajax/api/sftp/home/btm/grey/en-us/N
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_secure/ajax/api/sftp/home/btm/grey/en-us/N
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_secure/ajax/api/sftp/home/btm/grey/en-us/N HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer OElWYW1NVTJsMU02UG5NdWFCc2RkNlVjcDhSTHpaazhxbW1CUVpvYlJxTUFkSitPM1Avc2t4NW0zR3Q3MlhPRkpCMy9WZm82ZlB4dElrWlQ3SXZaSG0yMHAzWTlwVE9BYlFkaHp0TFlTcTBSRUp0UmRsNGxVSDNoN1RUUit4a2w=
X-Requested-With: XMLHttpRequest
Request-Id: |49167c3dc3504342aabd28f49430feb0.28ac91ecd3de4192
traceparent: 00-49167c3dc3504342aabd28f49430feb0-28ac91ecd3de4192-01
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: application/json; charset=utf-8
cf-ray: 76c37dae6daeb511-OSL
cache-control: private
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
request-context: appId=cid-v1:befc641a-1b45-4261-8b4f-ca637b9caad0
svr: 07
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7mFIYZqIu05Ex3yGdoJ12fvpeCKhP0Ur9ROw2PTce3v5pYPXrf1iLsDMMNBtxT67u1JNSb7Xa%2BKivO0vqlK6t1zcXA2ciCcNi3PvG0BfHBCrGLgaHhBwcYW6WIAxv4NHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
lptag.liveperson.net/lptag/api/account/60004665/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3
178.249.101.23200 OK 0 B URL HTTP/2 lptag.liveperson.net/lptag/api/account/60004665/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3
IP 178.249.101.23:0
GET /lptag/api/account/60004665/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:12 GMT
content-type: application/x-javascript
cache-control: public, max-age=630
server: ws
strict-transport-security: max-age=300; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: MISS
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
www.w88w981.com/_static/_css/icons.css?0.0.911
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/_css/icons.css?0.0.911
IP 172.66.40.129:0
GET /_static/_css/icons.css?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: text/css
cf-ray: 76c37da23b19b511-OSL
cache-control: max-age=14400
etag: W/"03299cb2dd9d81:0"
last-modified: Thu, 06 Oct 2022 02:46:12 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BT9CqMFDj6FZzfsTZSGvJMH%2BAw735TVdDtfyu1xqJAAgs00e2zg7ql%2B149yeBWZR2gT5ut%2FKC9KTcVl7dkm1s0qrmFpdVKRB60O8picFuK2R5dYiNv5FUejrXJLZmSVnAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/svg/grey/announcement-notif-right.svg
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/svg/grey/announcement-notif-right.svg
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_static/svg/grey/announcement-notif-right.svg HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/_static/_css/icons.css?0.0.911
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z; clientIp=91.90.42.154; ai_session=YvtLmJSUPX+wIkHQCMK4tc|1668803707751|1668803707751
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/svg+xml
cf-ray: 76c37db13a21b511-OSL
cache-control: max-age=14400
etag: W/"0dabeddfd47d81:0"
last-modified: Mon, 04 Apr 2022 08:27:48 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1pljjqyY7PHy0OMqanVVf9SEz29CsHwKcOdhyKDmKM2pX16ADJxx9WofFrfHIG%2BN3lwQic%2FhtxgqQU2y1aqKDKl3yOMAN81Y%2BUswPJSd4FllyFl4roYMpOVm9UqE259Tvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/_css/fonts.css?0.0.911
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/_css/fonts.css?0.0.911
IP 172.66.40.129:0
GET /_static/_css/fonts.css?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: text/css
cf-ray: 76c37da23b1eb511-OSL
cache-control: max-age=14400
etag: W/"0b377542efad81:0"
last-modified: Thu, 17 Nov 2022 02:43:10 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QjKQ9ta32F5QEkARXvB%2F9Eu2FBoLavWXoFaxqsEH5cm%2B%2BPwMn1dxMbqBTRY5P580XfnueFeDVTnx%2BtFaaox5CrMv4B13hdZchIrYd5PyiNX1AaMVxkZHGJ0gq4BqGl0QpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/js/two-fa.js?0.0.911
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/js/two-fa.js?0.0.911
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_static/js/two-fa.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da24b3cb511-OSL
cache-control: max-age=14400
etag: W/"0af356fa5f4d81:0"
last-modified: Thu, 10 Nov 2022 01:40:38 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bc%2B6z1qSWwg1iuD8Ca8EuDC8uMHFcgIG9%2FGBEw9def7t0m5nR8HceFyMF4qLzzSci6LxYUEtPt5jNJ4rDsR7taeI%2FWFhq6lhrn33Qn7kmYmPslNsIpoSiprDxaLalIY0MA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/_css/jquery.linkselect/jquery.linkselect.style.select.css
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/_css/jquery.linkselect/jquery.linkselect.style.select.css
IP 172.66.40.129:0
GET /_static/_css/jquery.linkselect/jquery.linkselect.style.select.css HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: text/css
cf-ray: 76c37da23b0eb511-OSL
cache-control: max-age=14400
etag: W/"087ad5a43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:18 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=neyg2epOJ00CErmRwRU8W4AUFSSKaP7ui5PjoRKF8LAujlgQboOzBOy3zFKFpXsi4haZAwD3ays3XFpESTBAKUpcmOFy8XUY%2FZQNAgJRZrDXFy2s3247VnALM3FAEXjDTA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/_css/main.login.css?0.0.911
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/_css/main.login.css?0.0.911
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_static/_css/main.login.css?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: text/css
cf-ray: 76c37da23b1bb511-OSL
cache-control: max-age=14400
etag: W/"06248699ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:36 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajuHK1nRFukRVlypvDoXnKsCfVaahNnFIwHOfrfcsPL%2BkIex4YVUgH2svn6n9nTgSYGffdEukfA%2BxCaESKFWfTcCQwQREMgK%2BN23wM%2BmVv05dSS%2FQAa4fQxKjDe8nNTHVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/_css/img/favicon.ico
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/_css/img/favicon.ico
IP 172.66.40.129:0
GET /_static/_css/img/favicon.ico HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z; clientIp=91.90.42.154; ai_session=YvtLmJSUPX+wIkHQCMK4tc|1668803707751|1668803707751; popup=6478
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:11 GMT
content-type: image/x-icon
cf-ray: 76c37db9bfdab511-OSL
access-control-allow-origin: *
cache-control: max-age=14400
etag: W/"087ad5a43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
svr: 01
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVeSqwJnsk2VsybQvJQgFcYbONDoL%2BHJ5EVn1a%2FEI0Ebga%2Fx6R%2FRWTH5n0cZUPbw%2BPzqiI8aCPh3fo9VAmC3GHHyG2oARMiA%2BF1lcMagaIUpTbYIyGNsyiDfRhz5SFd%2FzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/_css/input.css?0.0.911
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/_css/input.css?0.0.911
IP 172.66.40.129:0
GET /_static/_css/input.css?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: text/css
cf-ray: 76c37da23b18b511-OSL
cache-control: max-age=14400
etag: W/"0d9f28499ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:34 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VHPozoqG%2FElbvNI%2FuwhToO%2FAwxOw3qO%2B0MchcWU7asgRezt7TWm%2Bi0e6KPfObV86SleKSdZqZfxQTYvNdZJSy2L48jQ1hZRqiT8MALduq0%2FkyRAx07O%2FmNwbZNjhfhClkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/_css/Main.css?0.0.911
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/_css/Main.css?0.0.911
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_static/_css/Main.css?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: text/css
cf-ray: 76c37da23b07b511-OSL
cache-control: max-age=14400
etag: W/"0d9f28499ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:34 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IlsuuBOBz%2FR80CSiWQiJOYwyDVh6QS106zsK%2BkpKItIK0nRqVK9WdrFRRwcNbR4rExMvmi1%2BxFRAVHzKKiZanuC9dqq%2BrxeUdTsO9nTHjgv%2BX%2FmMf4fYTwB%2BTLNXNj8nyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/js/livechat.js?0.0.911
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/js/livechat.js?0.0.911
IP 172.66.40.129:0
GET /_static/js/livechat.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da24b3db511-OSL
cache-control: max-age=14400
etag: W/"0e7198c99ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:46 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eYEmV2j1EVYmoHWkNfrZ8IraTx3clBYMRVJvvuCTQUu0CwVbiE%2BMn115jstPS3aSwhtZlYZhSjMjHU7INyP%2BKbrcnQ2QHo71pIsJ0%2Bx0YRjxwacz5nrvBzJ7g%2FaVzCu69w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/js/modal.js?0.0.911
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/js/modal.js?0.0.911
IP 172.66.40.129:0
GET /_static/js/modal.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: application/javascript
cf-ray: 76c37da25b53b511-OSL
cache-control: max-age=14400
etag: W/"0e7198c99ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:46 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z2g3hbpkTKzMeYe2lhoEJ55NCmOT6eQcmC%2BUHN6QahNgd3W6PWma4nk%2F6oJOTM5UUvAsS8mRzfqjge3c3L6TTP9F0mCdtPUpb2heBk3xHxD1sUV%2FZvTt4wOTk0G%2BOiesQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/_script/jquery.idle.js
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/_script/jquery.idle.js
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_static/_script/jquery.idle.js HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da24b25b511-OSL
cache-control: max-age=14400
etag: W/"06248699ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:36 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QNgZ3hsBXKb0%2BSOa3NY1cyuTyf%2FVfq%2ByvCeJT%2F1v86rOL1bnlcPpRQIc0syGr%2FY1wKDzDozUyJOnWBmfwAyzg%2Fq6TN6cP0LsZf%2BuqpCJAo3JuRl%2BvlHVLx4qoqZ5YgafRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/plugins/jquery/knockout-3.5.0.js
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/plugins/jquery/knockout-3.5.0.js
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_static/plugins/jquery/knockout-3.5.0.js HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da24b2fb511-OSL
cache-control: max-age=14400
etag: W/"038b67343fbd51:0"
last-modified: Mon, 16 Mar 2020 03:32:00 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OrKhdc9QLvf%2F3zvHP6X%2FD3q43KfO%2FIZZNB1A%2BXsYbc%2F%2FZ%2F9BunAhnV%2BweCtJI1x%2FShhMYteDKy1YaNT00vUbmD9GduiC0NhhWIWCXcHWz3wlzkN8StgGFQzYtVs6g1SnKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/js/captcha-vendor.js?0.0.911
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/js/captcha-vendor.js?0.0.911
IP 172.66.40.129:0
GET /_static/js/captcha-vendor.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da24b4db511-OSL
cache-control: max-age=14400
etag: W/"0e7198c99ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:46 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WaYoDz22XZxKurn16baXyeNvzwyWy7ABswdSvNRezlhCPB9zQdX9TFr0%2Bccq3P8UvISambE5cusvtSsNWOkOssyChqwOvQLG7%2FxCPKgvgXZMe4MDdjZI9on2qKu6WcWT2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/svg/grey/phone.svg
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/svg/grey/phone.svg
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_static/svg/grey/phone.svg HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/_static/_css/icons.css?0.0.911
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z; clientIp=91.90.42.154; ai_session=YvtLmJSUPX+wIkHQCMK4tc|1668803707751|1668803707751; popup=6478
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:11 GMT
content-type: image/svg+xml
cf-ray: 76c37db9e810b511-OSL
cache-control: max-age=14400
etag: W/"0dabeddfd47d81:0"
last-modified: Mon, 04 Apr 2022 08:27:48 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuX%2B8VnTnE23drjhvhQDnCtTGK6bMgOv7wFnoJo%2F102Yje%2BbbgfDIkYFvw0JaBls7EjVcYXysmme8fUYfmQ1NiapdsgimMCzjYCmwR4glLlIMcBB7mIhB3trlmdVQZciGg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/_css/menu.css?0.0.911
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/_css/menu.css?0.0.911
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_static/_css/menu.css?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: text/css
cf-ray: 76c37da23b12b511-OSL
cache-control: max-age=14400
etag: W/"06248699ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:36 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e7Mjcr3SWQuZmQmbB%2F97BSCFc%2BD8aF%2B14tEVA7bZUAiQU1bgZDK5zyX8iN6%2FW1EVsg2vCkl1aIEERD0u8GOwzQk7MFXcH5okjq1sUFkeiJSBBIZpKwg3xzu%2FlznPLb9Otw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/_css/custom.selectbox.css
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/_css/custom.selectbox.css
IP 172.66.40.129:0
GET /_static/_css/custom.selectbox.css HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: text/css
cf-ray: 76c37da23b11b511-OSL
cache-control: max-age=14400
etag: W/"0d9f28499ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:34 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dSjlpPL8Kf9t1XYIEKMkmcfBEeUPXITzqW5DbDAVV7Fx1dFTHG%2B5I%2FEznF%2FB8lc3Mgj%2BLVCQk03sjFeC1BezHBMP7kr%2FnawUQLCchfNGt0LB2C1yflVyJqITJSq2oWnw1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/_script/jquery.carouFredSel.js
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/_script/jquery.carouFredSel.js
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_static/_script/jquery.carouFredSel.js HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da23b23b511-OSL
cache-control: max-age=14400
etag: W/"087ad5a43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:18 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=baNXY0SYe3pd58e6ejagz27UPMyapTDUiixyMI91yQjbKfl8rJ%2BQE%2FVO13maPVt1MvqAXWme1V5C2izrzlanTD56wzBVXVlsjR1rxw6o5JbthDnCCv9kcFJH4F50XvgSAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/js/crm.popup.js?0.0.911
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/js/crm.popup.js?0.0.911
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_static/js/crm.popup.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da24b37b511-OSL
cache-control: max-age=14400
etag: W/"0af356fa5f4d81:0"
last-modified: Thu, 10 Nov 2022 01:40:38 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8GbKlY%2BoIJL1%2FTzteyjgulfrUW%2FHtJ1WemVFo0Sq3dWhDn9i3T%2FVz%2BbFWCctEwmiMB1Qnlb4EQwC8WTLSCCIOcoGoZHMZB0uu55%2FDh7w31dLjcUarDxPD2seLbx0txkUZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/_css/mobile.download.css?0.0.911
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/_css/mobile.download.css?0.0.911
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_static/_css/mobile.download.css?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: text/css
cf-ray: 76c37da37d13b511-OSL
cache-control: max-age=14400
etag: W/"06248699ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:36 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 04
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sv%2Bb%2BUBtBq%2BJFXGbLSDGwWCADySE6aaC2eLV1pk05XM2f2zjOlG4JkpheUCpQaWkeX5NwbYNC6fYoUFCVtZ27pSePKUJN6Hm%2BHv4vMi6uTEe5loj529xG%2BKsWMTLBU5qZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
skynet.whiteproj.com/?timestamp=1668803706964&stage=PROD&eventName=pageTrack&language=en-us&page=www.w88w981.com&fingerprint=undefined&platform=WEB&spfid=23&p-av=0.0.911&from=home
104.26.1.184200 OK 0 B URL HTTP/2 skynet.whiteproj.com/?timestamp=1668803706964&stage=PROD&eventName=pageTrack&language=en-us&page=www.w88w981.com&fingerprint=undefined&platform=WEB&spfid=23&p-av=0.0.911&from=home
IP 104.26.1.184:0
GET /?timestamp=1668803706964&stage=PROD&eventName=pageTrack&language=en-us&page=www.w88w981.com&fingerprint=undefined&platform=WEB&spfid=23&p-av=0.0.911&from=home HTTP/1.1
Host: skynet.whiteproj.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.w88w981.com
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: text/html
last-modified: Wed, 18 Mar 2020 03:38:33 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS, PUT
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
app-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=smADBoQ3F0qSnHa2Niuolxeq8EAfnMlDPDoY3QoJhJ2AtUf6vZvOrOsnvb5dQEjlMSxgqk4j8BWVU6z77uy1rm7%2B4Y5weKs323WhWbU1tN9Fhpq9XGQWfB7hA8NbRMDFFtNdpJa7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76c37dad3ee1b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.w88w981.com/_static/svg/grey/skype.svg
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/svg/grey/skype.svg
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_static/svg/grey/skype.svg HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/_static/_css/icons.css?0.0.911
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z; clientIp=91.90.42.154; ai_session=YvtLmJSUPX+wIkHQCMK4tc|1668803707751|1668803707751; popup=6478
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:11 GMT
content-type: image/svg+xml
cf-ray: 76c37db9e80db511-OSL
cache-control: max-age=14400
etag: W/"0dabeddfd47d81:0"
last-modified: Mon, 04 Apr 2022 08:27:48 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fAFdIVmFpEGA3%2BY4esbb6z8JN47QO%2BVVZa3YEGUQ73uLDgvLgBJ%2F3MnDVd6D2RfxOX6tO4jon4JHEk8HYbdZrMBlPwxCouc%2FxXMMpHxec1bND9nT3j0HgUFbXqsqTquZbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/UMSClientAPI.min.js?version=10.23.0.0-release_5549
178.249.97.98200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/UMSClientAPI.min.js?version=10.23.0.0-release_5549
IP 178.249.97.98:0
GET /le_unified_window/10.23.0.0-release_5549/UMSClientAPI.min.js?version=10.23.0.0-release_5549 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:12 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 22:03:24 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sat, 18 Nov 2023 20:35:12 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
www.w88w981.com/_static/_css/sprite.css?0.0.911
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/_css/sprite.css?0.0.911
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_static/_css/sprite.css?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: text/css
cf-ray: 76c37da23b0ab511-OSL
cache-control: max-age=14400
etag: W/"0f93e5e9f4d81:0"
last-modified: Thu, 10 Nov 2022 09:44:26 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Z5NwLUqwAhBYQn%2BU0q1FSCWIJHdE9KtL9uRYyXvfCs6WLaTdiSD9C72Edw1PGun%2Bh3kI0TbPuF5SgQvmCjGTni4%2Bw1IA8eAR8z%2B3I7c8Aik87tyivCir7uIUATWekNcaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/_css/main.modal.css?0.0.911
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/_css/main.modal.css?0.0.911
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_static/_css/main.modal.css?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: text/css
cf-ray: 76c37da23b1db511-OSL
cache-control: max-age=14400
etag: W/"06248699ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:36 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wn2ETWUBgTGGunEikEi%2Bbclehg4PLHoUe6Kj1tkAl4oujJWsfIC3Va0wtkKyhTY43OdqU9wZL0QqN0FcehWc3aBPuCnABhZRQPgsWX97OZnxX3NncYVJ1lF9qStKvv%2F%2FTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/js/custom.selectbox.js
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/js/custom.selectbox.js
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_static/js/custom.selectbox.js HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da23b24b511-OSL
cache-control: max-age=14400
etag: W/"0e7198c99ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:46 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SR7cabYMwWHBWyjSjyhzldx03gO4rfu5jsOLNQBP25NLHVaynJK4eUBIsXtK6fRZ8Z52N4t%2B0Apex9RTiOJwZb0A2ebJn0VTLMoAM1PBYsS%2FAk4zAfUNZh16kxa4xvEk3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_secure/ajax/api/menu/header/en-us/
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_secure/ajax/api/menu/header/en-us/
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_secure/ajax/api/menu/header/en-us/ HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer OElWYW1NVTJsMU02UG5NdWFCc2RkNlVjcDhSTHpaazhxbW1CUVpvYlJxTUFkSitPM1Avc2t4NW0zR3Q3MlhPRkpCMy9WZm82ZlB4dElrWlQ3SXZaSG0yMHAzWTlwVE9BYlFkaHp0TFlTcTBSRUp0UmRsNGxVSDNoN1RUUit4a2w=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: application/json; charset=utf-8; =utf-8
cf-ray: 76c37daa4f99b511-OSL
cache-control: private
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
cache-src: red
request-context: appId=cid-v1:befc641a-1b45-4261-8b4f-ca637b9caad0
svr: 07
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uYjbXGFP8N%2FJt2tc3ghcf4d%2ByOZgSTEFzDdbEQrFU8hM2jP1KKtzPiTHZk%2BarH86MxusvNQROtkNi8A3Sq2gifUQsMlUca9mKdAWMxzEiiLHdBh2QCsablZNlexNP0Uy%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/_css/bootstrap/bootstrap.min.css
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/_css/bootstrap/bootstrap.min.css
IP 172.66.40.129:0
GET /_static/_css/bootstrap/bootstrap.min.css HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: text/css
cf-ray: 76c37da22b06b511-OSL
cache-control: max-age=14400
etag: W/"087ad5a43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:18 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZC68n9dcpuDndc7Ohmde73DJwxlsdikUr1HrVFnqDmi3NbHxMVE1Jko9HLep4JKq8vROKNj%2BVhbb7RWeQCIGX7Zncx%2BQnqLMwgcsQ8tMyq2ugLKh3M3GzPcIxEnltpD6fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/_script/main.js?0.0.911
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/_script/main.js?0.0.911
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_static/_script/main.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da24b2ab511-OSL
cache-control: max-age=14400
etag: W/"0e4f38d84f9d81:0"
last-modified: Wed, 16 Nov 2022 06:27:52 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dYsqLR12kJdGrpqpHVg9JTzrBJVA%2FlWuwEB5B5pi03oHLbn%2FTf5WnqtJ6WXYcvC8HJYmdjLj2qgHbE9ifMe081F9tm7pVTVQY%2BAtaF%2FmGUP21az2%2FYcqoZtU1RqsLgrrHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/_script/combined.js
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/_script/combined.js
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_static/_script/combined.js HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da23b21b511-OSL
cache-control: max-age=14400
etag: W/"087ad5a43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:18 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYrCBcOYm2KQyNzZ%2FX%2FPtjhBuvcn%2BohHoonaII6KxgGEOz1xI6DBQRq2saDsVuXrC8vKUjWVOMQT%2FoB%2FQQ3pY15NCF%2FnORt3Y2k3hDAOpmRqs0sLiDTkE0DOd9tftT74SA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
accdn.lpsnmedia.net/api/account/60004665/configuration/setting/accountproperties/?cb=accountSettingsCB
178.249.101.99200 OK 0 B URL HTTP/2 accdn.lpsnmedia.net/api/account/60004665/configuration/setting/accountproperties/?cb=accountSettingsCB
IP 178.249.101.99:0
GET /api/account/60004665/configuration/setting/accountproperties/?cb=accountSettingsCB HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:12 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:24|g:60095400-0453-4bdb-bbcb-569a519a08fd; Max-Age=30; Expires=Fri, 18-Nov-2022 20:35:42 GMT; Path=/
ADRUM_BTa=R:24|g:60095400-0453-4bdb-bbcb-569a519a08fd|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Fri, 18-Nov-2022 20:35:42 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Fri, 18-Nov-2022 20:35:42 GMT; Path=/; Secure
ADRUM_BT1=R:24|i:2241585; Max-Age=30; Expires=Fri, 18-Nov-2022 20:35:42 GMT; Path=/
ADRUM_BT1=R:24|i:2241585|e:5; Max-Age=30; Expires=Fri, 18-Nov-2022 20:35:42 GMT; Path=/
vary: Accept
expires: Fri, 18 Nov 2022 20:36:12 GMT
x-envoy-upstream-service-time: 0
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/lpChatV3.min.js?version=10.23.0.0-release_5549
178.249.97.98200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/lpChatV3.min.js?version=10.23.0.0-release_5549
IP 178.249.97.98:0
GET /le_unified_window/10.23.0.0-release_5549/lpChatV3.min.js?version=10.23.0.0-release_5549 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:12 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 22:03:25 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sat, 18 Nov 2023 20:35:12 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
www.w88w981.com/_static/_script/jquery.countdown.min.js?0.0.911
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/_script/jquery.countdown.min.js?0.0.911
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_static/_script/jquery.countdown.min.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da24b4eb511-OSL
cache-control: max-age=14400
etag: W/"087ad5a43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:18 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ZAjqccoZF3UkKppTVZTsF%2B0dFT7G7SfeIyPtx993igp0SFClkhBgr%2B7U%2F8TqOCj5oNyqIZJpdwDl0oWJySsj5fWC04o7oyoTEbbPz%2FV7DtJgcecQty705XkJgRmw%2BIYeA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/js/login-validator.js?0.0.911
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/js/login-validator.js?0.0.911
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_static/js/login-validator.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da24b49b511-OSL
cache-control: max-age=14400
etag: W/"0e7198c99ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:46 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hxg87olp20QOZ3p1Rtlu7Bf0vawmkG43mkoZcEM9Y%2BF3zINJ%2B2dYJACtXr2Z9Tyn127YpaV6OdIjpLnZ%2Fyov%2BegvjJZk%2Fc740L6%2BZ10cdRAKi7qQrfx3EdLFIfrTgzo%2B1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/_css/font.en-us.css?0.0.911
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/_css/font.en-us.css?0.0.911
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_static/_css/font.en-us.css?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: text/css
cf-ray: 76c37da23b20b511-OSL
cache-control: max-age=14400
etag: W/"0d9f28499ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:34 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 01
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmysgM3Ov4Ts%2BN1Fg%2BhWkhzUPENrwpfRu6xhtbpL2xoSfq%2BDkKy4kQL3xEX1iY%2BwpQaCm1kmg2Cmmze0g8pRSev8qlwHXdK8c8PxLO9XfV%2BL%2FAC03UhYtf2TXkKzAnf4FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/js/menu.js?0.0.911
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/js/menu.js?0.0.911
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_static/js/menu.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: application/javascript
cf-ray: 76c37da24b36b511-OSL
cache-control: max-age=14400
etag: W/"0e4f38d84f9d81:0"
last-modified: Wed, 16 Nov 2022 06:27:52 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kAK9c6tp2FRoSk4y0Br9CdC88bm1X0a4u%2ByWc4qJT414yo1NaQh4YaLTYNcvPFK%2B9V6tgdQHD4I4tQrIEydzmXlVc278YOIOhqLmEfPfHM7Xv3a0LvFsAzoAw8rmAMATTA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/svg/grey/cellphone.svg
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/svg/grey/cellphone.svg
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_static/svg/grey/cellphone.svg HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/_static/_css/icons.css?0.0.911
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: image/svg+xml
cf-ray: 76c37da9be9ab511-OSL
cache-control: max-age=14400
etag: W/"0dabeddfd47d81:0"
last-modified: Mon, 04 Apr 2022 08:27:48 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ECA7WHM3j%2FVkrM5OMd2GoW1ZlleHhc1AovngD4RtqbCRcKPTvQ9RWcA5R%2BRldyGKsMWosPdc7kliXTzlHq%2BwGfiWI4syq37hO7%2F2hyK%2FKmFy8r8lTCg7WiA%2BFinEIoqKcA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/_css/din-regular/stylesheet.css?0.0.911
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/_css/din-regular/stylesheet.css?0.0.911
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_static/_css/din-regular/stylesheet.css?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: text/css
cf-ray: 76c37da23b0bb511-OSL
cache-control: max-age=14400
etag: W/"087ad5a43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:18 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 01
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a0i1XX17Y7AmnBQKOmxQGx6uqzqnQkBoyC0kuB%2BGGEOpXFUfvQbVkqmzFriQGEVxBWOe%2BqoUdpzUXQj7q90lWkJXCxDBD1ypL6pc1%2FkG2bGxGKtUQShi%2Fc3tiO2YZ5PP4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/cdn-cgi/apps/head/oHcadEuRzlBiLb4PI3HaIbQXY2w.js
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/cdn-cgi/apps/head/oHcadEuRzlBiLb4PI3HaIbQXY2w.js
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/apps/head/oHcadEuRzlBiLb4PI3HaIbQXY2w.js HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: mwNyiXcQvcq1UkRjYudRXVR1ypMtrLwX9qU2vly1PfK/RHRoCMC7Lj61L6CFXiBfo7w90g94Ie8=
x-amz-request-id: F5RP7RE0NQCG5G8C
cache-control: public, max-age=31536000
last-modified: Fri, 25 Sep 2020 07:59:08 GMT
x-amz-version-id: tGe_AtM0toNKik8o7mlIIGmRNGH3QyKD
etag: W/"9dfca18425e6b0535d836b92479a76ab"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b34UKdFE6uKsz21mJm1xWvjDRUVzW7J%2BmITaHxBEoilsaaepEZR0z8K5UlDKLho1urmpm77i%2FfVO4%2Fie%2FMf5DLa%2B06XUz2ICYpZMzO7H1H2o8AVLhQgh7%2BHn1U%2BknbEpOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c37da22afab511-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/js/sftp.js?0.0.911
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/js/sftp.js?0.0.911
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_static/js/sftp.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da38d29b511-OSL
cache-control: max-age=14400
etag: W/"0e7198c99ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:46 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 04
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HMwIpyIAxedomwda%2BNLx%2BRnJFltCGJuPzZ8s53ynYW8075hvPinofjuqFAGmLS6dev6hsFuDBAzMS8aZPzmUJjc6mS14RWcwrv2qq6ApnnSFk1A8TblYrjbcp5XNI7O0jw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_static/message/404.html
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_static/message/404.html
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_static/message/404.html HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: text/html
cf-ray: 76c37da4ff40b511-OSL
last-modified: Tue, 06 Sep 2022 08:05:40 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: DYNAMIC
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUilbBF8CrKakEQhAPVyyRrXKdl%2B8ZbjIpW63FmdKsWYhHUojg%2BUw5JRPFrFeH%2FO5akhQ33H%2FDmlmMqwquIM8i%2BtSNByFJ1zJsFXFV%2FmfkP%2BOCdvum534y9GFNQ0sN4HRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.w88w981.com/_secure/ajax/api/menu/fishing/en-us/
172.66.40.129200 OK 0 B URL HTTP/2 www.w88w981.com/_secure/ajax/api/menu/fishing/en-us/
IP 172.66.40.129:0
Analyzer Verdict Alert fortinet Phishing
GET /_secure/ajax/api/menu/fishing/en-us/ HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer OElWYW1NVTJsMU02UG5NdWFCc2RkNlVjcDhSTHpaazhxbW1CUVpvYlJxTUFkSitPM1Avc2t4NW0zR3Q3MlhPRkpCMy9WZm82ZlB4dElrWlQ3SXZaSG0yMHAzWTlwVE9BYlFkaHp0TFlTcTBSRUp0UmRsNGxVSDNoN1RUUit4a2w=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: application/json; charset=utf-8
cf-ray: 76c37dac6a9db511-OSL
cache-control: private
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
request-context: appId=cid-v1:befc641a-1b45-4261-8b4f-ca637b9caad0
svr: 07
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iebb6uEFWcbfXDtnX3xP9NiAX8pG1p%2F0r31RHeserKH1m1l6kJwGXJ53oyCpboRCsA%2FC4EFGor3zayyJXJ4xBlLw3Z8T3%2Br4ta6YleY9RmtEQQf7hS%2BJFiGH6ORLOe5RIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2