Report - w88w981.com/

Report Overview

Submitted URL
w88w981.com/
IP
172.66.43.127
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-18 20:35:19
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
144

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
w88w981.com	unknown	2016-11-01T14:37:10Z	2023-03-05T19:33:20Z	343 B	638 B	172.66.43.127
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
static.pupbg-static.com	unknown	2022-07-25T09:04:06Z	2022-12-11T23:41:35Z	2.0 kB	8.3 kB	104.26.3.60
dc.services.visualstudio.com	894	2014-02-04T17:25:27Z	2023-03-10T05:44:33Z	500 B	327 B	13.69.106.208
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	3.8 kB	6.8 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	782 B	2.4 kB	34.102.187.140
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	686 B	1.4 kB	142.250.74.35
www.w88w981.com	unknown	2019-04-16T21:58:10Z	2022-11-18T21:35:06Z	73 kB	1.5 MB	172.66.40.129
accdn.lpsnmedia.net	3410	2014-02-08T00:25:14Z	2023-03-10T13:07:56Z	891 B	4.5 kB	178.249.101.99
ip2loc.w2script.com	unknown	2015-01-20T05:37:14Z	2023-02-18T23:04:44Z	428 B	527 B	103.89.20.98
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-10T13:35:34Z	1.3 kB	21 kB	216.239.38.178
lptag.liveperson.net	3393	2012-08-02T18:15:51Z	2023-03-10T12:55:53Z	833 B	9.9 kB	178.249.101.23
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.4 kB	6.2 kB	23.36.76.226
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-10T13:03:15Z	385 B	44 kB	142.250.74.168
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	34.215.91.121
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.3 kB	56 kB	34.120.237.76
ocsp.godaddy.com	698	2012-05-20T21:28:57Z	2023-03-10T05:13:22Z	340 B	2.3 kB	192.124.249.36
skynet.whiteproj.com	unknown	2022-07-02T04:53:49Z	2023-02-28T08:05:04Z	543 B	941 B	104.26.1.184
cdn.w88ux.net	unknown	2020-09-01T09:36:50Z	2023-02-22T09:02:48Z	42 kB	1.7 MB	172.66.40.161
static-global.static-bifrost.com	unknown	2022-07-02T04:53:48Z	2023-02-28T08:05:04Z	418 B	1.5 kB	172.66.40.164
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-10T14:35:32Z	1.4 kB	3.9 kB	172.64.155.188
lpcdn.lpsnmedia.net	3501	2014-04-27T12:17:58Z	2023-03-10T13:07:56Z	3.3 kB	345 kB	178.249.97.98

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-18	medium	w88w981.com/	Phishing
2022-11-18	medium	www.w88w981.com/_static/_css/img/caret.gif?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_static/sports/img/popup/eSports-European-V1.png?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_static/casino/img/android_w.png?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_static/sports/img/popup/eSports-Asian-V1.png?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_static/games/popup/img/Popup-BigSlot-CN.jpg?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_static/footer/img/backtotop.png?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_static/mobile/img/v2/W88Lite-Android-EN.png?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_static/games/bravado/thumbnail/w88-slots-Senorita-Bingo.jpg?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_static/img/blank.png?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_static/home/popup/img/w88lite-pop-up-banner-en.jpg?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_static/fishing/img/W88-Web-Popup-Ocean-Explorer-202208-EN.png?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_static/sports/fantasy/img/side-banner-EN.png?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_static/sports/fantasy/img/Popup-EURO2020-EN.png?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_static/game/crazy_fishing/W88-Web-Popup-Crazyfish-EN.jpg?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_static/js/ko.footer.contacts.js?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_static/_css/din-regular/din-regular-webfont.ttf	Phishing
2022-11-18	medium	www.w88w981.com/_static/menu/img/ClubMassimo-MG-CN.png?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_secure/ajax/api/handler/timer	Phishing
2022-11-18	medium	www.w88w981.com/_static/svg/grey/announcement-left.svg	Phishing
2022-11-18	medium	www.w88w981.com/_secure/ajax/api/qrcode/desktop/download/w88w981.com/true/en-us/USD	Phishing
2022-11-18	medium	www.w88w981.com/_static/menu/img/MG-popup-img.png?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_secure/ajax/api/qrcode/mobile/download/group/w88w981.com/true/en-us/USD	Phishing
2022-11-18	medium	www.w88w981.com/_static/menu/img/MG-popup-img.png?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_static/menu/img/ClubMassimo-MG-CN.png?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_secure/ajax/api/menu/lottery/en-us/	Phishing
2022-11-18	medium	www.w88w981.com/_secure/ajax/api/menu/p2p/en-us/	Phishing
2022-11-18	medium	www.w88w981.com/_secure/ajax/api/qrcode/mobile/download/w88w981.com/true/en-us/USD	Phishing
2022-11-18	medium	www.w88w981.com/_static/mobile/img/v2/MP-QRbox-iOS.png?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_secure/ajax/api/menu/games/en-us/	Phishing
2022-11-18	medium	www.w88w981.com/_secure/ajax/api/member/hotmatches/get/featured/0/en-us	Phishing
2022-11-18	medium	www.w88w981.com/	Phishing
2022-11-18	medium	www.w88w981.com/_secure/ajax/api/menu/casino/en-us/	Phishing
2022-11-18	medium	www.w88w981.com/_static/js/client.pushy.v2.js?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_secure/ajax/api/qrcode/floating/download/w88w981.com/true/en-us	Phishing
2022-11-18	medium	www.w88w981.com/_static/js/daily.attendance.js?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_static/plugins/jquery/knockout.mapping.min.js	Phishing
2022-11-18	medium	www.w88w981.com/_static/svg/grey/announcement-right.svg	Phishing
2022-11-18	medium	www.w88w981.com/_static/js/mobile.download.js?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_static/_script/jquery.linkselect.min.js	Phishing
2022-11-18	medium	www.w88w981.com/_static/js/common.helper.js?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_static/_script/gt4.js	Phishing
2022-11-18	medium	www.w88w981.com/_static/_script/fingerprint2.min.js	Phishing
2022-11-18	medium	www.w88w981.com/_secure/ajax/api/sftp/home/btm/grey/en-us/N	Phishing
2022-11-18	medium	www.w88w981.com/_static/svg/grey/announcement-notif-right.svg	Phishing
2022-11-18	medium	www.w88w981.com/_static/js/two-fa.js?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_static/_css/main.login.css?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_static/_css/Main.css?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_static/_script/jquery.idle.js	Phishing
2022-11-18	medium	www.w88w981.com/_static/plugins/jquery/knockout-3.5.0.js	Phishing
2022-11-18	medium	www.w88w981.com/_static/svg/grey/phone.svg	Phishing
2022-11-18	medium	www.w88w981.com/_static/_css/menu.css?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_static/_script/jquery.carouFredSel.js	Phishing
2022-11-18	medium	www.w88w981.com/_static/js/crm.popup.js?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_static/_css/mobile.download.css?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_static/svg/grey/skype.svg	Phishing
2022-11-18	medium	www.w88w981.com/_static/_css/sprite.css?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_static/_css/main.modal.css?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_static/js/custom.selectbox.js	Phishing
2022-11-18	medium	www.w88w981.com/_secure/ajax/api/menu/header/en-us/	Phishing
2022-11-18	medium	www.w88w981.com/_static/_script/main.js?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_static/_script/combined.js	Phishing
2022-11-18	medium	www.w88w981.com/_static/_script/jquery.countdown.min.js?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_static/js/login-validator.js?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_static/_css/font.en-us.css?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_static/js/menu.js?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_static/svg/grey/cellphone.svg	Phishing
2022-11-18	medium	www.w88w981.com/_static/_css/din-regular/stylesheet.css?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/cdn-cgi/apps/head/oHcadEuRzlBiLb4PI3HaIbQXY2w.js	Phishing
2022-11-18	medium	www.w88w981.com/_static/js/sftp.js?0.0.911	Phishing
2022-11-18	medium	www.w88w981.com/_static/message/404.html	Phishing
2022-11-18	medium	www.w88w981.com/_secure/ajax/api/menu/fishing/en-us/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (75)

	URL	Size	First Seen	Last Seen
	www.w88w981.com/	6.2 kB	2023-03-08	2023-07-17
Pretty URL www.w88w981.com/ IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:48:37 Last Seen2023-07-17 20:15:07 Times Seen7 Hash d749b114670312968a5a9e5d6bf769fe 9c2acbb1c34a80415937581151919085cd302933 dda8fc96a965bff0499cba2ee311ba686820426d859aa675fcb1fc6e47ae732d Loading...

	www.w88w981.com/	859 B	2023-03-11	2023-03-11
Pretty URL www.w88w981.com/ IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:12:05 Last Seen2023-03-11 14:12:05 Times Seen1 Hash 1f0433451ca2448f5407cb356be4ee1b a59f251aa07d06817ba188af5743962611cf2198 eb00d00794ac6eb73641f8f39e4d7fc212bc18fce3ced9eb3ca6eed1ab6add6d Loading...

	www.w88w981.com/	552 B	2023-03-08	2023-05-10
Pretty URL www.w88w981.com/ IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:48:37 Last Seen2023-05-10 18:40:42 Times Seen5 Hash 1fa89382d6a1ab924275a851d3a49eed 8c0431ad68fd7c92d7b132a76e83ae2f1f223e49 1cd624ed9ab9908714128586ccfd1403733a2f9bcd02ae1a697df4ea39b6a404 Loading...

	www.w88w981.com/	7.4 kB	2023-03-08	2023-03-17
Pretty URL www.w88w981.com/ IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:48:37 Last Seen2023-03-17 12:47:48 Times Seen1 Hash b0f1c15e38175dbf2b664c77c9a864c6 c4c8770c6ae6699eeb1d26394c119ed3e9d35156 1a1a8f077eba4e05bd8a096ccbc118cc8e5388b3c1522048963cccbce96d8ae4 Loading...

	www.w88w981.com/_static/_script/jquery.carouFredSel.js	36 kB	2023-03-08	2023-07-17
Pretty URL www.w88w981.com/_static/_script/jquery.carouFredSel.js IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:48:37 Last Seen2023-07-17 20:15:09 Times Seen9 Hash e1ecfffee66ea7b957e4b107fb9e20c5 94e131e94a2ef3f97cc4ee7ff59c2a4b5fe2bca3 4e4375de58b8d2c99c975e491f7d01040d1092947305f0bf1c01790bf8ca1e27 Loading...

	www.googletagmanager.com/gtag/js?id=UA-160363484-1	112 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=UA-160363484-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:12:05 Last Seen2023-03-11 14:12:05 Times Seen1 Hash 58527e5e3621200aa63639092e2342e1 9075a8741bee3f333c880005e80e1e6e796d4c28 fea82f182e94155fb421407a75040a0d966530bbd7c7c6794e98b3877a09b6d8 Loading...

	www.w88w981.com/_static/js/ko.footer.contacts.js?0.0.911	13 kB	2023-03-08	2023-03-11
Pretty URL www.w88w981.com/_static/js/ko.footer.contacts.js?0.0.911 IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:09:21 Last Seen2023-03-11 21:41:18 Times Seen1 Hash 58abb35c59da7d3f6ad677051bc1bc5d 29aa408c829ddfe6c71efde63997edcf6bb29caf d015da4a8c5ab8b38817838b4f2a5853e97a2edbfe97409b446612b85032e95d Loading...

	www.w88w981.com/	1.6 kB	2023-03-08	2023-07-17
Pretty URL www.w88w981.com/ IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:48:37 Last Seen2023-07-17 20:15:07 Times Seen7 Hash 1921c146ad91ac0c2b1e24cf147dc7e8 6159ca8ce5c01f587bd80c10f6ffe885cc9eef76 661d0764446802d82b715aed3afb8ab2badd6f30fae50b83caf1500622cffa79 Loading...

	lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fwww.w88w981.com&site=60004665&env=prod	39 kB	2023-03-07	2024-03-12
Pretty URL lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fwww.w88w981.com&site=60004665&env=prod IP 178.249.97.98 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-03-12 06:48:19 Times Seen234 Hash a3a38a5d6888ddc1831a811e9d428c77 2ca5b076aea8b4c6ff7ad1873de4ade91d66511f d4676cbbadec76c9f89f5b771a7f4927d544b4d76801e40e9957493e038e0db4 Loading...

	www.w88w981.com/_static/_script/jquery.linkselect.min.js	13 kB	2023-03-08	2023-07-17
Pretty URL www.w88w981.com/_static/_script/jquery.linkselect.min.js IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:48:37 Last Seen2023-07-17 20:15:09 Times Seen10 Hash 04de50b7d12c36096a163eb4be90e6f0 d2d06010b321f015b46106d24422054d31d4d78c a44752f01393d78aee5fe92f500951216df5a8b5135cafab65194c280cfa02f0 Loading...

	www.w88w981.com/_static/_script/jquery.countdown.min.js?0.0.911	5.4 kB	2023-03-07	2024-04-20
Pretty URL www.w88w981.com/_static/_script/jquery.countdown.min.js?0.0.911 IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:01 Last Seen2024-04-20 18:50:54 Times Seen959 Hash 76a923d3d69255c45cd24bf9b100244f eb3c96f9901692f1a03500ea632963a16afdb985 8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5 Loading...

	www.w88w981.com/_static/js/hotmatch.js?0.0.911	21 kB	2023-03-08	2023-03-26
Pretty URL www.w88w981.com/_static/js/hotmatch.js?0.0.911 IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:09:21 Last Seen2023-03-26 04:15:05 Times Seen2 Hash 07e398776720665fb147ed0c211452a7 cfc222ee9c0a3322bd8910c60e7d8e5be52bcea0 1aa51cc15572eb50a643e7818a0c214abce3462d3fe30052a44a88e764c4296a Loading...

	www.w88w981.com/	99 B	2023-03-08	2023-07-17
Pretty URL www.w88w981.com/ IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:48:37 Last Seen2023-07-17 20:15:07 Times Seen7 Hash 2ef42782d23269fc3f52446dbb6e38db 26eadccad37c95c64f65ee64124eec87f4ef74c0 62fc6b27d1da028c37de8e5a1bc1c34991dc45f3215b5b2a50b53b9a14e1c0da Loading...

	accdn.lpsnmedia.net/api/account/60004665/configuration/setting/accountproperties/?cb=accountSettingsCB	6.9 kB	2023-03-11	2023-03-13
Pretty URL accdn.lpsnmedia.net/api/account/60004665/configuration/setting/accountproperties/?cb=accountSettingsCB IP 178.249.101.99 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:12:05 Last Seen2023-03-13 01:38:34 Times Seen1 Hash 9292d1c5667da84141d9c037bdbb683e 40b0375229de3cd729721afbd7518da67763c3d5 1c4298bff77a1f7e496ba67a192cf5e8e3097fabaf05e5b25c35e94da9f517ed Loading...

	www.w88w981.com/_static/js/menu.js?0.0.911	16 kB	2023-03-08	2023-03-11
Pretty URL www.w88w981.com/_static/js/menu.js?0.0.911 IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:09:21 Last Seen2023-03-11 21:41:17 Times Seen1 Hash f424e5a67b19a433eac8afa5e5c0cda8 e4b43feefab29f3d6b4ea570ca1f1d53c20442ea 6cb6dffd968b6508173b4a25e938bc3f8c594c52432606266e06a566f3998cdc Loading...

	www.w88w981.com/_static/js/line.messenger.js?0.0.911	735 B	2023-03-08	2023-07-17
Pretty URL www.w88w981.com/_static/js/line.messenger.js?0.0.911 IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:48:37 Last Seen2023-07-17 20:15:07 Times Seen6 Hash ca57fa8d491601ab569030f84a896233 63ca48073576d4d2da5de34079ebacc9002a872e 1ce52def5a65c3d071c2610d96842bfeda692f73477fc83ea8a4440bdf1f66f1 Loading...

	www.w88w981.com/	22 kB	2023-03-11	2023-03-11
Pretty URL www.w88w981.com/ IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:12:05 Last Seen2023-03-11 14:12:05 Times Seen1 Hash f9d3292f4ec165cfc41c254dfe6b1f6b 1812691fe52677a5e8f2eba12d3c671f00d40da5 75bb4c7440f4a15adf0f69d51890cd5e736521c104eaa65ee7a50ca493228d6b Loading...

	ip2loc.w2script.com/ip2loc?callback=jQuery183031137484604514654_1668803706426&_=1668803706638	176 B	2023-03-11	2023-03-11
Pretty URL ip2loc.w2script.com/ip2loc?callback=jQuery183031137484604514654_1668803706426&_=1668803706638 IP 103.89.20.98 ASN #136462 Mootech Asia Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:12:05 Last Seen2023-03-11 14:12:05 Times Seen1 Hash 73f2cf8cfd31292e32f49bbb59e3d64e 08660ec39b8e35197a2779f073ad67a5930ecfdb a8537c77625edcbfb51e5dd78dfbc24ab439cf4b7793120e952b17f3596cfb13 Loading...

	www.w88w981.com/_static/js/livechat.js?0.0.911	5.7 kB	2023-03-08	2023-03-17
Pretty URL www.w88w981.com/_static/js/livechat.js?0.0.911 IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:48:37 Last Seen2023-03-17 12:47:48 Times Seen1 Hash b04c6b2992555896609fcf0f34b4f090 20950628981fa7555010964efbba9c970aab91c5 dacd8aa4ff66abe31bfbd39d880254331a2adf3f9a18205c5d48a7adc45a8df4 Loading...

	www.w88w981.com/_static/js/common.helper.js?0.0.911	3.7 kB	2023-03-08	2023-03-26
Pretty URL www.w88w981.com/_static/js/common.helper.js?0.0.911 IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:09:21 Last Seen2023-03-26 04:15:05 Times Seen2 Hash a855f2f0082ec53b109c4ece29aa6749 1741157d8ba9e341503b1577edf22a357485f698 be48065ef4c90fd5ff86ce32db5592d916d0ec9d0372bd4e5640ab424875fdd0 Loading...

	lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.js?loc=https%3A%2F%2Fwww.w88w981.com&site=60004665&force=1&env=prod	38 kB	2023-03-08	2023-05-14
Pretty URL lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.js?loc=https%3A%2F%2Fwww.w88w981.com&site=60004665&force=1&env=prod IP 178.249.97.98 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:07 Last Seen2023-05-14 04:54:44 Times Seen42 Hash b56f93ab24c5150fa2ac4d7bf2ba02a7 0f896104da3f556119616da6ad0484c28f4f9395 a2721298ae526f997c556afcd0a7f768abfd6ad9b0ce4ec449d5b27b86929f04 Loading...

	accdn.lpsnmedia.net/api/account/60004665/configuration/engagement-window/window-confs/1215505070?cb=lpCb31140x31913	5.1 kB	2023-03-11	2023-03-11
Pretty URL accdn.lpsnmedia.net/api/account/60004665/configuration/engagement-window/window-confs/1215505070?cb=lpCb31140x31913 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:12:05 Last Seen2023-03-11 14:12:05 Times Seen1 Hash b8a3567a6a2be93e6d4547fa4a07ab4c 807a3ae59c8b0753343ca686148036f50b99df92 d0d6a6a98b66849a08c3ceab6c70d3aa141dc20662b2decd9ef505323a544f82 Loading...

	accdn.lpsnmedia.net/api/account/60004665/configuration/le-campaigns/campaigns/1209652570/engagements/1209652670/revision/614?v=3.0&cb=lp1209652670&flavor=dependency	3.1 kB	2023-03-11	2023-03-17
Pretty URL accdn.lpsnmedia.net/api/account/60004665/configuration/le-campaigns/campaigns/1209652570/engagements/1209652670/revision/614?v=3.0&cb=lp1209652670&flavor=dependency IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:12:05 Last Seen2023-03-17 12:47:48 Times Seen1 Hash 298ce73f8d22a3cfadcafaf5b7eacafe b8586601193a3b8d5a2646d05f1b4587354a2b83 6c1eaf1236275fad271cebe174fbd6b7fe9a4c4c92ae4351be95c333d7c5cb43 Loading...

	www.w88w981.com/	2.1 kB	2023-03-08	2023-07-17
Pretty URL www.w88w981.com/ IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:48:37 Last Seen2023-07-17 20:15:07 Times Seen7 Hash f8942bbd57adc410df393d9c2af3a5c8 81354ce74238d2bc43a1c8020753caaf093325d6 6ff32ad2ea66528bc84f0121b0d8bf2ef9305512c6101210a387541a00339923 Loading...

	www.w88w981.com/	8.3 kB	2023-03-11	2023-03-11
Pretty URL www.w88w981.com/ IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:12:05 Last Seen2023-03-11 14:12:05 Times Seen1 Hash 641fdbd9add8db43837193824fc9d93e 3a568b386153bff91f47839169b11d33fd820140 24ee38c2ca2ca32bdad202d677708c8cfdfd673dfc4f5c1b89c4f15dd53e634a Loading...

	www.w88w981.com/	1.8 kB	2023-03-08	2023-03-17
Pretty URL www.w88w981.com/ IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:48:37 Last Seen2023-03-17 12:47:48 Times Seen1 Hash f55ca6f46ed8a289568361f2126e78bf 259450f70d9008ba99fc55516b29452b598f75b1 08365f125badd59c011887ffb2722531f9c00f8fe0e3a9c9db4226b70aaab67e Loading...

	lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/lpChatV3.min.js?version=10.23.0.0-release_5549	94 kB	2023-03-07	2024-04-24
Pretty URL lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/lpChatV3.min.js?version=10.23.0.0-release_5549 IP 178.249.97.98 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-24 07:45:12 Times Seen448 Hash d32e789b3183ed4536dc36e4cabf74ec 6b90b3e6dc44c30dcfa273e7c48d31ec00aac82b 5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02 Loading...

	www.w88w981.com/_static/js/login-validator.js?0.0.911	15 kB	2023-03-08	2023-03-26
Pretty URL www.w88w981.com/_static/js/login-validator.js?0.0.911 IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:48:37 Last Seen2023-03-26 04:15:05 Times Seen2 Hash 530011837b89f3dffb1bc838566f0a43 b9d601276d0d385bdd5d68b571a8953b60ccf304 c45e47ed1390590395ac7c6243b4001a636be982759cced77296f46a6d3a9a66 Loading...

	www.w88w981.com/_static/js/qr.download.js?0.0.911	31 kB	2023-03-08	2023-03-11
Pretty URL www.w88w981.com/_static/js/qr.download.js?0.0.911 IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:09:21 Last Seen2023-03-11 21:41:18 Times Seen1 Hash 2b02858622b1cbcd0391c4dd5773816d 5042406fbc0fd482ddd33a9422220f6efcbea35d 80ff043db5154dd371d78872fb5e94c7698aaa93dfb954142524b7153b5bc327 Loading...

	js.monitor.azure.com/scripts/b/ai.2.min.js	121 kB	2023-03-08	2023-03-13
Pretty URL js.monitor.azure.com/scripts/b/ai.2.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:40:07 Last Seen2023-03-13 21:47:43 Times Seen1 Hash f63d62b7f7a371f237e1c4d5d55b82cc fe5bde41271fa0c3b63c13c6ce823333500e91ac ac4f3a99557d9c17b6ded0c6d4f0b267f4879cde9baec07a83910ab8c7059f77 Loading...

	www.w88w981.com/	978 B	2023-03-08	2023-05-10
Pretty URL www.w88w981.com/ IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:48:37 Last Seen2023-05-10 18:40:42 Times Seen5 Hash 505656c8a06bfb9dd1597c103184d04b c9b702e2ff61c0d546dd0875492438c10af4e445 8491f9906e6b8513fdba39f7ac8072b2a6e3fcd64038f42bf38d2da6d7296726 Loading...

	lptag.liveperson.net/tag/tag.js?site=60004665	22 kB	2023-03-07	2024-04-12
Pretty URL lptag.liveperson.net/tag/tag.js?site=60004665 IP 178.249.101.23 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-12 19:27:20 Times Seen539 Hash e2ee8a9cd68c3d310a4c62fdb4b5c93a 67eb5f9547f1d9de0a8b143c3b50511c26281399 145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7 Loading...

	lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ui-framework.js?version=10.23.0.0-release_5549	40 kB	2023-03-08	2024-04-24
Pretty URL lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ui-framework.js?version=10.23.0.0-release_5549 IP 178.249.97.98 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:32:35 Last Seen2024-04-24 07:45:12 Times Seen485 Hash 0dfc7fa7d2051d776d5937b7a3a7c4dd e0548931c28581b7f1975bf8c2d8b03b94591b87 3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983 Loading...

	lpcdn.lpsnmedia.net/le_re/3.53.1.0-release_5134/jsv2/UISuite.js?_v=3.53.1.0-release_5134	31 kB	2023-03-07	2024-01-21
Pretty URL lpcdn.lpsnmedia.net/le_re/3.53.1.0-release_5134/jsv2/UISuite.js?_v=3.53.1.0-release_5134 IP 178.249.97.98 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:16:04 Last Seen2024-01-21 17:37:30 Times Seen99 Hash 5029176fb80c9ff59fe934390c879671 ab16a82e9ec1563fb05f69e363bbea4d1a1364a0 9bebc276e1808d8b0b29ad4ab94d77652bf14f69839f540b8a874f82d73d5a51 Loading...

	www.w88w981.com/_static/js/two-fa.js?0.0.911	23 kB	2023-03-08	2023-03-11
Pretty URL www.w88w981.com/_static/js/two-fa.js?0.0.911 IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:09:21 Last Seen2023-03-11 21:41:18 Times Seen1 Hash 20a7adf47cae819b8e6c3a4fb8e28c02 d5b8a06bda90e20724816891a4b88d6ca9bed829 43487aceed064de280fa840507adc9fea6fe53c73a411ececcdef2efc307c446 Loading...

	www.w88w981.com/_static/js/captcha-vendor.js?0.0.911	30 kB	2023-03-08	2023-03-17
Pretty URL www.w88w981.com/_static/js/captcha-vendor.js?0.0.911 IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:48:37 Last Seen2023-03-17 12:47:48 Times Seen1 Hash 3ec933be1fa54037ef7fb9ca703b8273 e9c4a1710b70b1773593aa3dfb72d23f7bc5b00a 73bbc032a1c5ed3fbc48878dc69ca71bc4ac92774da6ebaa4701308dfee039e3 Loading...

	www.w88w981.com/_static/_script/gt4.js	16 kB	2023-03-08	2023-03-17
Pretty URL www.w88w981.com/_static/_script/gt4.js IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:48:37 Last Seen2023-03-17 12:47:48 Times Seen1 Hash 8c831e6634b4f5747822dcb1d4ecaf71 3833b6cbd53b34ef2a8fefaef09b6a09708f9403 450e7b72775d459fa51b57eddf07a76487561bb79e34914f62248bb8c8ecf28c Loading...

	www.w88w981.com/_static/plugins/jquery/knockout.mapping.min.js	10 kB	2023-03-08	2023-07-17
Pretty URL www.w88w981.com/_static/plugins/jquery/knockout.mapping.min.js IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:48:37 Last Seen2023-07-17 20:15:09 Times Seen11 Hash f22f3ec6969d92e36f4d052d6ccc64c9 972f9f88e0a4b00ad4c011164115708b30dfdc31 81a1a86cd93570f6a3d1a6dc566c99c5462008fb2e7822703798b80e30b8052d Loading...

	www.w88w981.com/	1.9 kB	2023-03-08	2023-05-20
Pretty URL www.w88w981.com/ IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:48:37 Last Seen2023-05-20 23:59:04 Times Seen6 Hash 3322d0030dcc04d7294590458360d4e2 0c0e8a4c1ce51e28cfc10554ad2b2fc0084fd13e 40c46a2c2764e06b6ea3ba6fdb1d96e52858c7dffe387d8fdb4067b155950179 Loading...

	www.w88w981.com/	42 B	2023-03-08	2023-07-17
Pretty URL www.w88w981.com/ IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:48:37 Last Seen2023-07-17 20:15:07 Times Seen7 Hash 8264efb9b17cb2dc3d4ecd34c047a9cc 776fc7ab19dda80873bdc11a968e5351ed953152 aabb6c3f93b16ad6124609f2807a4d988904bb1104ca13b01fbea9721141c93d Loading...

	www.w88w981.com/	764 B	2023-03-11	2023-03-11
Pretty URL www.w88w981.com/ IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:12:05 Last Seen2023-03-11 14:12:05 Times Seen1 Hash 7364c2e9465e223e0bc62b07bb9b3493 2d2be218c8c3b0721a9dcd046b5bb96e2b37db17 7167a65c89156e10288487dcad2a09a236e24a476eed20f5a4468cdbd5fd0453 Loading...

	www.w88w981.com/_static/js/mobile.download.js?0.0.911	15 kB	2023-03-08	2023-03-11
Pretty URL www.w88w981.com/_static/js/mobile.download.js?0.0.911 IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:09:21 Last Seen2023-03-11 21:41:17 Times Seen1 Hash 720d04e6aaac5eb302e9adc53ed3eec2 678b05c09a854a597b556e7b54fcd448baff051d 35eecbcff9c3643bcb9e09f5613c6f561afd42f9423910a8364ad799b98b218a Loading...

	www.w88w981.com/_static/_script/combined.js	439 kB	2023-03-08	2023-07-17
Pretty URL www.w88w981.com/_static/_script/combined.js IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:48:37 Last Seen2023-07-17 20:15:07 Times Seen6 Hash 31e7f9c060953fc92e299547811619f7 26acc7489c17798c26b1f203422a2b06e69ccf50 dfec9ca4f7d967374964f3d695a418b79b966a46ef47275146eb8b82d2cdbc6f Loading...

	accdn.lpsnmedia.net/api/account/60004665/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB	2.8 kB	2023-03-11	2023-03-11
Pretty URL accdn.lpsnmedia.net/api/account/60004665/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB IP 178.249.101.99 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:12:05 Last Seen2023-03-11 14:12:05 Times Seen1 Hash 72ddacadbf53c3e4e70f8b30bada2744 041b2d32e7d6cbc9cb2ffc88de97120565fe3aae f7e51dc389b500e4b53ffd4b76acd17463e7948ecae0c27e8e21da5cf07316bc Loading...

	lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/UMSClientAPI.min.js?version=10.23.0.0-release_5549	90 kB	2023-03-08	2024-04-24
Pretty URL lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/UMSClientAPI.min.js?version=10.23.0.0-release_5549 IP 178.249.97.98 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:07 Last Seen2024-04-24 07:45:12 Times Seen437 Hash 8f52a626981f930e71e87f22a5f0080d 4c1cdf091636a6d733fd9c7141d52fc07ecb9e1c 57554877947a356911e17034359412ea444c15f58884c0100062788dd3660bb8 Loading...

	www.w88w981.com/_static/_script/pushy-sdk.js?0.0.911	135 kB	2023-03-08	2023-07-17
Pretty URL www.w88w981.com/_static/_script/pushy-sdk.js?0.0.911 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:48:37 Last Seen2023-07-17 20:15:07 Times Seen6 Hash 18baa28ac19138c2fd97bca92408d39f 6d842e4babeb78d6c7e7d49c68a733782d51d3f8 bd77120b76fbe5b341a8359c8ee8a40a96247cd37ffcd5bf75c33e6430beded9 Loading...

	www.w88w981.com/	223 B	2023-03-08	2023-07-17
Pretty URL www.w88w981.com/ IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:48:37 Last Seen2023-07-17 20:15:07 Times Seen7 Hash 4a2917f6d07e2025e3ccaa622f42ed35 45eeef0624149f4c5dcd318b4045c7d3ffd664c6 a43b3f34e6f03cf2df985394b5ea3bcb6036794a07324c6e9982915d31a9988a Loading...

	www.w88w981.com/	16 kB	2023-03-11	2023-03-11
Pretty URL www.w88w981.com/ IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:12:05 Last Seen2023-03-11 14:12:05 Times Seen1 Hash 7282f874d037ebff416e34622ecaf971 9d6efc1a98ebaded1222473aa21802d57f4c2325 54e54f84e1bce3aa3e42fe1511194dba2ee2c6083e79e1cacbedb013ffcd3137 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-24
Pretty URL www.google-analytics.com/analytics.js IP 216.239.38.178 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-24 18:41:20 Times Seen1526 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	www.w88w981.com/_static/js/daily.attendance.js?0.0.911	16 kB	2023-03-11	2023-03-11
Pretty URL www.w88w981.com/_static/js/daily.attendance.js?0.0.911 IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:12:05 Last Seen2023-03-11 14:12:05 Times Seen1 Hash f935bf9a6b1daabc3831074cca0b4fac fde9c8f5142300b7dbd632b05627809b27215d04 17ff215fc88affe451bfaef24a44605827c1d64bb14f86850d93f2bb2017c06b Loading...

	www.w88w981.com/_static/_script/jquery.idle.js	1.3 kB	2023-03-08	2023-07-17
Pretty URL www.w88w981.com/_static/_script/jquery.idle.js IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:48:37 Last Seen2023-07-17 20:15:07 Times Seen6 Hash 1d1533a166bc55f5b9316d8386ade4cb 050b5511a3e08cc49286598730685b6c1ba620bc b835d6b0a8a1331245756346b1cf15b4bdee2a6a87fd5b546b9c97bb30c8122e Loading...

	www.w88w981.com/_static/js/modal.js?0.0.911	4.1 kB	2023-03-08	2023-03-26
Pretty URL www.w88w981.com/_static/js/modal.js?0.0.911 IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:48:37 Last Seen2023-03-26 04:15:05 Times Seen2 Hash d86398eaa31d9a54e81d3b0bd8da066e 5b6cd61943132ad291eeae3fdbca9a283dcc1129 f9d148306faf4e1a7042ce39eae62a60c490850e9e3a53903a6a7c5aaa39280c Loading...

	www.w88w981.com/_static/js/sftp.js?0.0.911	3.5 kB	2023-03-08	2023-03-26
Pretty URL www.w88w981.com/_static/js/sftp.js?0.0.911 IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:48:37 Last Seen2023-03-26 04:15:05 Times Seen2 Hash 1f4cba2167e2a0e83386ea52703d4e10 a0c9f97bab58cb41bbaaee77fab1b27f264dd594 6b5a0e31622da395ad7056e5cb8adb9de84da7518ca7aba7232cb26c1f76f8cd Loading...

	www.w88w981.com/_static/js/livechat.liveperson.js	2.6 kB	2023-03-08	2023-03-17
Pretty URL www.w88w981.com/_static/js/livechat.liveperson.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:48:37 Last Seen2023-03-17 12:47:48 Times Seen1 Hash f12dd3919e87e5514ff99162e7c0efa4 b6e98c5d94da274b7bb5af66b3e1a0f07277f8dc 69a6eae6a7fd373d06977c0cc55d68ffcc7aa9c1bc30db2857bfe964dd6948a0 Loading...

	www.w88w981.com/_static/js/custom.selectbox.js	8.4 kB	2023-03-08	2023-07-17
Pretty URL www.w88w981.com/_static/js/custom.selectbox.js IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:48:37 Last Seen2023-07-17 20:15:07 Times Seen6 Hash e62b915c58723ed4846cc78547230ca4 e45fa9c84b4d9a4696a989f0c73156ba8c6093f5 adaa5ec863d04fe99dcd2d28e0c1d443b262a94757cbabcdd2216093d4052f5e Loading...

	www.w88w981.com/_static/js/register.modal.js?0.0.911	5.7 kB	2023-03-08	2023-03-26
Pretty URL www.w88w981.com/_static/js/register.modal.js?0.0.911 IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:09:21 Last Seen2023-03-26 04:15:05 Times Seen2 Hash ec57abf1d0315c61efd4147bbb7a182f cc738f29d9770314efb52eaa24a38a7086666305 9d48fb70eaba9e85b03e0fe3f6a1397f6e74c7b3ae0509eee41308e08b994d79 Loading...

	www.w88w981.com/	850 B	2023-03-11	2023-03-11
Pretty URL www.w88w981.com/ IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:12:05 Last Seen2023-03-11 14:12:05 Times Seen1 Hash ba103e8e620a8db215c8eabd51149b76 d05ff6aee7f590933280c4cd7419818ac8f13296 eba315099ce55d572950c485d4740dd5b6629604e00bd007d12c34739741d979 Loading...

	www.w88w981.com/	209 B	2023-03-08	2023-07-17
Pretty URL www.w88w981.com/ IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:48:37 Last Seen2023-07-17 20:15:07 Times Seen7 Hash 6214551053b26bb96f3f647d5d2c2c49 3afa8141ab7c624e9e38ea21b597cc4e66df3c53 90074e730745b184990d91c40722f9a5410f1c86a76d02f448d3a10d6a0fba89 Loading...

	sy.v.liveperson.net/api/js/60004665?&cb=lpCb56713x51389&t=sp&ts=1668803710502&pid=1706976759&tid=1352407523&pt=W88.com%20Online%20Sportsbook%2C%20Live%20Casino%2C%20Slots%2C%20Keno%2C%20Lottery%2C%20%E4%BC%98%E5%BE%B7W88&u=https%3A%2F%2Fwww.w88w981.com%2F&sec=%5B%22WEB%22%2C%22en-us%22%2C%22N%22%5D&df=0&os=0&sdes=%5B%7B%22type%22%3A%22ctmrinfo%22%2C%22info%22%3A%7B%22ctype%22%3A%22N%22%2C%22currency%22%3A%22%22%2C%22userName%22%3A%22%22%7D%2C%22language%22%3A%22en-us%22%7D%5D&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D	648 B	2023-03-11	2023-03-11
Pretty URL sy.v.liveperson.net/api/js/60004665?&cb=lpCb56713x51389&t=sp&ts=1668803710502&pid=1706976759&tid=1352407523&pt=W88.com%20Online%20Sportsbook%2C%20Live%20Casino%2C%20Slots%2C%20Keno%2C%20Lottery%2C%20%E4%BC%98%E5%BE%B7W88&u=https%3A%2F%2Fwww.w88w981.com%2F&sec=%5B%22WEB%22%2C%22en-us%22%2C%22N%22%5D&df=0&os=0&sdes=%5B%7B%22type%22%3A%22ctmrinfo%22%2C%22info%22%3A%7B%22ctype%22%3A%22N%22%2C%22currency%22%3A%22%22%2C%22userName%22%3A%22%22%7D%2C%22language%22%3A%22en-us%22%7D%5D&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:12:05 Last Seen2023-03-11 14:12:05 Times Seen1 Hash 1246533392e3f8f15f369f3ed2c32634 28979c03d89ee14c3870c82e2dda94a28cd49678 186626f6d254dfa3c381d9aacb4d095f1e0addc28135797e0c41685d6385be4a Loading...

	www.w88w981.com/cdn-cgi/apps/head/oHcadEuRzlBiLb4PI3HaIbQXY2w.js	4.2 kB	2023-03-11	2023-03-11
Pretty URL www.w88w981.com/cdn-cgi/apps/head/oHcadEuRzlBiLb4PI3HaIbQXY2w.js IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:12:05 Last Seen2023-03-11 14:12:05 Times Seen1 Hash eb1a3374f83295dc720acc88ebdd1ff8 8e90f60f0f1dd8e63380d5ce52000c5feb510158 c3b1dcb57b87ef1dceb76802932f5aadcc7403cc8d5a0c5c97a536b5f0f92f34 Loading...

	www.w88w981.com/	760 B	2023-03-08	2023-07-17
Pretty URL www.w88w981.com/ IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:48:37 Last Seen2023-07-17 20:15:07 Times Seen7 Hash 824a658e787974c76d9f9dd48b7eeee0 26ac173dee3c37d65149ae29621392eaa9722068 25cc1d2089f46fe43bf54248efcb0f3ffeec3e7008d9d9479325e0cf8809858f Loading...

	www.w88w981.com/	219 B	2023-03-08	2023-03-26
Pretty URL www.w88w981.com/ IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:48:37 Last Seen2023-03-26 04:15:05 Times Seen2 Hash 7617894d47ccd00eb290e4839efbac80 ae521cf699350a0ae3698ff2d63f996d675c6cf4 9e3e21cdd12e598c67b589670c932e35138751e1259f35da3a262af078609482 Loading...

	www.w88w981.com/	369 B	2023-03-08	2023-07-17
Pretty URL www.w88w981.com/ IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:48:37 Last Seen2023-07-17 20:15:07 Times Seen7 Hash 32830bd47455477a52ccd91aff42e5b3 bc756afa9b7d32aab96375e270a2a6f784f3e209 2fb0f3fe686924cd1cc68806f1722f03241272aca87e4b68f7f1e6ae1ffab9dc Loading...

	unknown	0 B	2023-03-07	2024-04-24
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 19:39:35 Times Seen37045382 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	lptag.liveperson.net/lptag/api/account/60004665/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3	267 kB	2023-03-11	2023-03-11
Pretty URL lptag.liveperson.net/lptag/api/account/60004665/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3 IP 178.249.101.23 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:12:05 Last Seen2023-03-11 14:12:05 Times Seen1 Hash e057d0f9657534770c38a33cb53b75aa bf36ee46bd965525291b26c99105111af978ffbe 7188a826e2fc175d2cfb6016df5e4897aa36537e30ecca15a313e42e95648465 Loading...

	lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/surveylogicinstance.min.js?version=10.23.0.0-release_5549	7.9 kB	2023-03-07	2024-04-24
Pretty URL lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/surveylogicinstance.min.js?version=10.23.0.0-release_5549 IP 178.249.97.98 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-24 07:45:12 Times Seen365 Hash d53092c1d6e0a7a3d1bb802c67a6e1e9 2556ea4f15518fa36d0b92666e22ce28edec6745 0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438 Loading...

	www.w88w981.com/_static/js/crm.popup.js?0.0.911	19 kB	2023-03-08	2023-03-11
Pretty URL www.w88w981.com/_static/js/crm.popup.js?0.0.911 IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:09:21 Last Seen2023-03-11 21:41:18 Times Seen1 Hash bbe5bcc58b5ff1177e4290e5abffde17 9d0f76f8c7a50f8448406b88a337ef7475f71d01 b89d0594b721fbeb4e6de06224eb660bbc3efbdbd8858e24092e9e42daef61bb Loading...

	www.w88w981.com/	695 B	2023-03-08	2023-07-17
Pretty URL www.w88w981.com/ IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:48:37 Last Seen2023-07-17 20:15:07 Times Seen7 Hash 19737512230e3b82061baa15d67dbba8 a142a746bd63be6e4b5771b096098626980eab9d d9f9bf803e79563059c594ce80bce5eaeeda152c4e8b2f7f63db2ea1d7ae8e91 Loading...

	lpcdn.lpsnmedia.net/le_re/3.53.1.0-release_5134/jsv2/overlay.js?_v=3.53.1.0-release_5134	9.2 kB	2023-03-09	2023-05-14
Pretty URL lpcdn.lpsnmedia.net/le_re/3.53.1.0-release_5134/jsv2/overlay.js?_v=3.53.1.0-release_5134 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 07:27:34 Last Seen2023-05-14 04:54:44 Times Seen16 Hash 2b72178af2ae8dd892b0185a11dea409 d17de4199fddcd332800ad57f7001953a6c79427 511fd135d8dac6077445b530b40efb112265926caf33f2a60aa92f7bbd2aee54 Loading...

	www.w88w981.com/_static/js/client.pushy.v2.js?0.0.911	13 kB	2023-03-08	2023-07-17
Pretty URL www.w88w981.com/_static/js/client.pushy.v2.js?0.0.911 IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:48:37 Last Seen2023-07-17 20:15:09 Times Seen9 Hash a9b3080c5c053103b57107306eb3cd57 dbd679f1863560b02ac6e8278a9e3ab2ba675ec8 9b4b3c82a688367bc3c0336ef5b41906f3c15149b1fe082d9d2749235dae1bca Loading...

	www.w88w981.com/	2.6 kB	2023-03-11	2023-03-11
Pretty URL www.w88w981.com/ IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:12:05 Last Seen2023-03-11 14:12:05 Times Seen1 Hash c1e694f5915c1fbd864aadcaf972127a e528c13651361e622ff992a4b5d0ec39df5fb71f 502e6d6366ec5efeccf3b9e66e9987bb6ad491f2018209f387ad8e2ec532b4df Loading...

	www.w88w981.com/	5.0 kB	2023-03-08	2023-05-20
Pretty URL www.w88w981.com/ IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:48:37 Last Seen2023-05-20 23:59:04 Times Seen6 Hash 8ca66c58e70d815140aa792dd8e67b32 482341179193d598609af444f52501cea33cf841 0125468fbe5e7d6fc65256f709ee65be8359035154813741ce9b0989d668bf4f Loading...

	www.w88w981.com/	10 kB	2023-03-11	2023-03-11
Pretty URL www.w88w981.com/ IP 172.66.40.129 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:12:05 Last Seen2023-03-11 14:12:05 Times Seen1 Hash 1ea8aba9f4ecf59b5f67ccc83189649e 9b871e0f02bcc2f0b9ac0f2bc306d313b2d434ba 11fbeb20f12920a183e691fc065e8b5b28779bf7ad3ba381aed8c0157605d10e Loading...

		Size	First Seen	Last Seen
	#1 Eval - 50906878b5d279932d815ab7080b8368	59 kB	2023-03-07	2024-03-05
Pretty Observations First Seen2023-03-07 12:08:50 Last Seen2024-03-05 17:18:56 Times Seen93 Hash 50906878b5d279932d815ab7080b8368 a19476dc4b7379eb16d8ab60303cf2f06811e697 08112a26c14bf20e12ac6d8768f1bfd074d3c39e706a5e64dc980a95ef2acbc8 Loading...

	#2 Eval - 9292f0f2a6c71e1295cd63a8cd4149b9	663 B	2023-03-08	2023-07-17
Pretty Observations First Seen2023-03-08 00:48:37 Last Seen2023-07-17 20:15:07 Times Seen7 Hash 9292f0f2a6c71e1295cd63a8cd4149b9 047c547da024fcfb305fa3897c45e7ebb5df2295 0c5f52ccdfb691e06e01ca224f55caccc46bff12be33a235ace5b097e3f3c40c Loading...

HTTP Transactions (274)

URL IP Response Size

w88w981.com/

172.66.43.127

301 Moved Permanently

0 B

URL HTTP/1.1
w88w981.com/
IP
172.66.43.127:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Fri, 18 Nov 2022 20:35:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.w88w981.com
CF-Ray: 76c37d9b2b06b521-OSL
Cache-Control: max-age=3600
Expires: Fri, 18 Nov 2022 21:35:06 GMT
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82X3Htry0jPXJBZZhj0nAiNWcxDr43p0vE%2BsBWI2pTADVQXpzMJUrGdUx1FYQWCiC8sstJcJkuJrKreSXRl5jEoKZ4kNkddCPDzsZzWll4TCBsTgAVa3pivZ%2FfW7"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d27590a1d3cbe1e9632b8ae92aaae3f4
202b34e8a0c3b88c8826fd56c6227b34f2cd6f46
6bcfa518476658128c1fb4ea2435c4e58531454cf97138dce7ece9def589aead

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BCFA518476658128C1FB4EA2435C4E58531454CF97138DCE7ECE9DEF589AEAD"
Last-Modified: Wed, 16 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17107
Expires: Sat, 19 Nov 2022 01:20:13 GMT
Date: Fri, 18 Nov 2022 20:35:06 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
67f53a639d57dd6237b5be86fe4f6c1b
287f09532dc331228d09c20b75f4160e91e9800a
41913a8af366685c42af59e9d8e02fccedbe68a3313d2d9fe353deb0c1019075

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2069
Cache-Control: max-age=138630
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 20:35:06 GMT
Etag: "63775eeb-1d7"
Expires: Sun, 20 Nov 2022 11:05:36 GMT
Last-Modified: Fri, 18 Nov 2022 10:31:07 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3a38b6dd8a4cc335c026aebf2ed348b6
8a386e0ccb0ca4dc502746c45b2ebc3aa3f83cf8
8b4040a645cec1841a00a22765eb3a74978559daf15c54bd4b41b6b48aab7f95

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B4040A645CEC1841A00A22765EB3A74978559DAF15C54BD4B41B6B48AAB7F95"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4876
Expires: Fri, 18 Nov 2022 21:56:22 GMT
Date: Fri, 18 Nov 2022 20:35:06 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 18 Nov 2022 19:45:03 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3003
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: BUjpILpYJFJ8DKJrfZ6zvjGUyWbg/9J0QSayd+e9aC91D/rsVAu/dsqvuT9sYTi32Ek+l9u0NX6jT2DfllrzBg==
x-amz-request-id: VAMV759X08N5A5QM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 18 Nov 2022 20:15:44 GMT
age: 1162
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 18 Nov 2022 20:35:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
9046fa206d029520fdc43133e9e03ea3
adb1a7ae961ef2096cc05ec1b7720acbb23bbca1
81ece25f04df22f2c417a5dae3e0766a713fa66631e2064bc2f96515abc3cf76

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=170003
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 20:35:06 GMT
Etag: "6377e18d-116"
Expires: Sun, 20 Nov 2022 19:48:29 GMT
Last-Modified: Fri, 18 Nov 2022 19:48:29 GMT
Server: nginx
Content-Length: 278

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 18 Nov 2022 19:44:49 GMT
cache-control: public,max-age=3600
age: 3017
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fe40cc6ea871d80382b6082111393fbe
281f75d0a35dc8ef908bb0500e57abd86bd5388e
6d15422cdf7a6d72d06497188f27af893682314e82ac8a189a0ee2d798cb62d7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1260
Cache-Control: max-age=132769
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 20:35:07 GMT
Etag: "63774b30-1d7"
Expires: Sun, 20 Nov 2022 09:27:56 GMT
Last-Modified: Fri, 18 Nov 2022 09:06:56 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
16bbadb18616687351d4047aedc2ab45
979123c7ad6726befbbab2c07b50ecca31aa2d18
de8231c6ee426b7a76ebf574998dec11ce908efc0a745c2182fb7b61c5915e9a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 20:35:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-160363484-1

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-160363484-1
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (43679 bytes)
Hash
b779f5fdba01796a54c897e7131666b5
67ca32baf2e6c966083ac16762bef1005724c0ed
c19033d02beeee340ff1d5ce29bd8fc0ca04f94de1c34eb9ac5ec70480629099

HTTP Headers

GET /gtag/js?id=UA-160363484-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 18 Nov 2022 20:35:07 GMT
expires: Fri, 18 Nov 2022 20:35:07 GMT
cache-control: private, max-age=900
last-modified: Fri, 18 Nov 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43679
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
16bbadb18616687351d4047aedc2ab45
979123c7ad6726befbbab2c07b50ecca31aa2d18
de8231c6ee426b7a76ebf574998dec11ce908efc0a745c2182fb7b61c5915e9a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 20:35:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

34.215.91.121

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.215.91.121:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IUfrOp/jIH/kTSvxiy8F+Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8oLMcoxyDWhj685QQ5ZuekK8gmU=

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
f4ece9c980cc4dcf815567bba6893305
2882e6b51c30b7a71a689df9e62d54d69e449a7d
01e5e5b015cea11f44a3bc218a697296df98f35a9dfd53d3bac1cdfe9c38a1a3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=163528
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 20:35:07 GMT
Etag: "6377c843-116"
Expires: Sun, 20 Nov 2022 18:00:35 GMT
Last-Modified: Fri, 18 Nov 2022 18:00:35 GMT
Server: nginx
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
f4ece9c980cc4dcf815567bba6893305
2882e6b51c30b7a71a689df9e62d54d69e449a7d
01e5e5b015cea11f44a3bc218a697296df98f35a9dfd53d3bac1cdfe9c38a1a3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=163528
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 20:35:07 GMT
Etag: "6377c843-116"
Expires: Sun, 20 Nov 2022 18:00:35 GMT
Last-Modified: Fri, 18 Nov 2022 18:00:35 GMT
Server: nginx
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
f4ece9c980cc4dcf815567bba6893305
2882e6b51c30b7a71a689df9e62d54d69e449a7d
01e5e5b015cea11f44a3bc218a697296df98f35a9dfd53d3bac1cdfe9c38a1a3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=163528
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 20:35:07 GMT
Etag: "6377c843-116"
Expires: Sun, 20 Nov 2022 18:00:35 GMT
Last-Modified: Fri, 18 Nov 2022 18:00:35 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
f4ece9c980cc4dcf815567bba6893305
2882e6b51c30b7a71a689df9e62d54d69e449a7d
01e5e5b015cea11f44a3bc218a697296df98f35a9dfd53d3bac1cdfe9c38a1a3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=163528
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 20:35:07 GMT
Etag: "6377c843-116"
Expires: Sun, 20 Nov 2022 18:00:35 GMT
Last-Modified: Fri, 18 Nov 2022 18:00:35 GMT
Server: nginx
Content-Length: 278

www.w88w981.com/_static/_css/img/caret.gif?0.0.911

172.66.40.129

200 OK

1.1 kB

URL HTTP/2
www.w88w981.com/_static/_css/img/caret.gif?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 7 x 4\012- data
Size
1.1 kB (1101 bytes)
Hash
b1742752b8a8e54f58b368c17afc91b8
ebca9da3f04541af7b12187237d42105e317140c
1162678ada94d3cabdda96ef7640df3ac6d77609a751dcceb2fcca0174691cef

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/_css/img/caret.gif?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/gif
content-length: 1101
cf-ray: 76c37da25b6eb511-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=14400
etag: "087ad5a43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:18 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
svr: 04
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xAIOGBOJNcAPt%2FC4DdlzApnq1DVZKojI2BH1yKcj%2FC8ecV8z7QXW%2Bte3biyyrMJVpn29GZjS2YPXxKzjnaY2pBxjhpmtFzwAPsVHOxlhQcArKyQX3u00RNY0QvJ%2FMYg0VA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
f4ece9c980cc4dcf815567bba6893305
2882e6b51c30b7a71a689df9e62d54d69e449a7d
01e5e5b015cea11f44a3bc218a697296df98f35a9dfd53d3bac1cdfe9c38a1a3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=163528
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 20:35:07 GMT
Etag: "6377c843-116"
Expires: Sun, 20 Nov 2022 18:00:35 GMT
Last-Modified: Fri, 18 Nov 2022 18:00:35 GMT
Server: nginx
Content-Length: 278

www.w88w981.com/_static/sports/img/popup/eSports-European-V1.png?0.0.911

172.66.40.129

200 OK

24 kB

URL HTTP/2
www.w88w981.com/_static/sports/img/popup/eSports-European-V1.png?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 345 x 218, 8-bit colormap, non-interlaced\012- data
Size
24 kB (24007 bytes)
Hash
b65d3d95cc08ae55f3c1601201611309
bf727d5c17c052358a67bdee2b75a25316e9bd9c
63468cbe5c39e4e13e83d046ef61d4953ce902794ca080bc5768ab7bc6e943eb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/sports/img/popup/eSports-European-V1.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/png
content-length: 24007
cf-ray: 76c37da30c74b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "092187643fbd51:0"
last-modified: Mon, 16 Mar 2020 03:32:04 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FnkefZt4HCUEBgImGj0WbnHT9379od2YqtQy3W6uSZmBNo%2FfeU4D%2BYLPGNdtb%2BVXA3uj%2F23n7aSo2aHX4duV%2BZO0OOB3RGg%2B7Qb6SHfQXda3mh3fRxQA5K09GQIVGccMsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/casino/img/android_w.png?0.0.911

172.66.40.129

200 OK

1.2 kB

URL HTTP/2
www.w88w981.com/_static/casino/img/android_w.png?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 16 x 34, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1221 bytes)
Hash
93181cb5c1a379e22c08fb154a4bf1d4
e5341639821359fd6b5c52c2e6740aff50954c74
fd6ecd89a6e6c09ff9b88c2f4f0f75bc88c7efdc5bf9a0b98595bd187d758991

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/casino/img/android_w.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/png
content-length: 1221
cf-ray: 76c37da2fc4eb511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "052ae238a7ad51:0"
last-modified: Fri, 04 Oct 2019 08:03:00 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z4EB4xmDZwWFWfC65HBb2p7xrz18UfBo8Cpl2RaswkUK1TXBrK8cuTXw50%2B8FbhLjlEWKzWQFRRCYVcS9jKyqNZn2hVmQqwkXkS10Rt9PINIuMLS3M0IjTn83J0PJMRwFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/_css/img/loading.gif?0.0.911

172.66.40.129

200 OK

664 B

URL HTTP/2
www.w88w981.com/_static/_css/img/loading.gif?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 16 x 16\012- data
Size
664 B (664 bytes)
Hash
688252da9aaef89006e069aedfb7a441
34104d97e153d958e2f557c66cf6ca5f08126fef
a79735e265e912ce6393d569f8f91e8f17c236b35ce82430ce7eb1b4ba9a8ded

HTTP Headers

GET /_static/_css/img/loading.gif?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/gif
content-length: 664
cf-ray: 76c37da31c8db511-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=14400
etag: "087ad5a43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
svr: 04
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7rbBmd9gg7QEbM2lzaZIDoYS%2B1MXdC%2FXum4%2BWp4qBBvhHvL23CWt3LMJSvxx%2FkBzmcVkD8qVD%2BXxRugcVjTF7m%2Bbuz818QBFQ4ls2uQ7PuQ1HgRo7CJEtl2HcmqiJvyoTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/sports/img/popup/eSports-Asian-V1.png?0.0.911

172.66.40.129

200 OK

18 kB

URL HTTP/2
www.w88w981.com/_static/sports/img/popup/eSports-Asian-V1.png?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 345 x 218, 8-bit colormap, non-interlaced\012- data
Size
18 kB (18134 bytes)
Hash
8ebd1df16bd1afba7d6c2de1ab6dd4c0
7c2032b9951826a7deb93bbbccb27d1622e551ce
3515539e43a5995ba04206419ee2e3b9cd98ff1bf0816d7b5f325b866ff10272

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/sports/img/popup/eSports-Asian-V1.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/png
content-length: 18134
cf-ray: 76c37da30c66b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "065e77443fbd51:0"
last-modified: Mon, 16 Mar 2020 03:32:02 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WzhWMKb5tekUkEu5v5hHa6j1HYBOyvoEhCP0c7%2FzqSG16quYLea%2FjCihKCBsE%2BNSFOpqFWbGSIQ56RPYRs15vkE6rifJffXQoC7gV%2Bt1p5DnotQi3tWRsJyJ3kLau2aHlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/games/popup/img/Popup-BigSlot-CN.jpg?0.0.911

172.66.40.129

200 OK

69 kB

URL HTTP/2
www.w88w981.com/_static/games/popup/img/Popup-BigSlot-CN.jpg?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x353, components 3\012- data
Size
69 kB (68922 bytes)
Hash
6e0065df276abc188b72d75009a42cc7
15d12ebaed586e2a46ea0b2c2ed59840e57f584c
d4bbfc020fea1317222f1f0941ab1184ce319874429d42e630feca2b64bb819f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/games/popup/img/Popup-BigSlot-CN.jpg?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/jpeg
content-length: 68922
cf-ray: 76c37da30c79b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "02a8f6c43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:48 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
cf-bgj: h2pri
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=npgBadaluB3vnDD4VOr0oFxbzZxXnNKfaLprnPz0kKTfb0DM3pV3NBd5%2Bv3S7zKJufoV%2BLrR5IaH%2FH41s%2FqbNRSg8KuuuMYEV6cKo0Zb6hrKSOkxNIGwjDl%2Fk99UdSv5eg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/sports/img/popup/eSports-European-V2-New-EN.png?0.0.911

172.66.40.129

200 OK

12 kB

URL HTTP/2
www.w88w981.com/_static/sports/img/popup/eSports-European-V2-New-EN.png?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 345 x 218, 8-bit colormap, non-interlaced\012- data
Size
12 kB (11531 bytes)
Hash
5f9937fe713a8faa52bebfd7fed1c0c5
8b1fa68322fcbc5b7795a3086fa1506673bcc625
cc797be6804b336dba867d2bff3aa7bb4ce97350bae786917413a1269d1071e0

HTTP Headers

GET /_static/sports/img/popup/eSports-European-V2-New-EN.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/png
content-length: 11531
cf-ray: 76c37da30c71b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "092187643fbd51:0"
last-modified: Mon, 16 Mar 2020 03:32:04 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rBdmTzERu6H65c0VAiydvZcBlnplPycOBD8RblJVi%2BgCWrMAISCOqBUsud0xO6rD7h9og4iKwEw3Zf8jNFs0CUDVUxm4Cr6Aj9zEDK2%2BSozibcQbSXBH8Ye7WZYJ3CXmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/footer/downloadbar/img/v2/close.png?0.0.911

172.66.40.129

200 OK

645 B

URL HTTP/2
www.w88w981.com/_static/footer/downloadbar/img/v2/close.png?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 25 x 25, 8-bit colormap, non-interlaced\012- data
Size
645 B (645 bytes)
Hash
d73dd3ff8ef50e35817c776e8f41a104
ede6bd2757a5afbe46cfc7c659c580629c8f2f72
c6e7b180843805053ef8ea779392301f4b1247aa0d1c0be0e21e55969fa801f6

HTTP Headers

GET /_static/footer/downloadbar/img/v2/close.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/png
content-length: 645
cf-ray: 76c37da36cf3b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0c256343fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:32 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 04
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=baPseOzcA12nKMobd%2FoV%2BGqnUcf3%2Bd77X4nnvTv5NsgnwyfJLvA2dhbWd0zaRiGG%2FQNoCZOFzzFLO2AKyE1JG%2ByIx6KhP5pxzCJU%2B9Rt6okVtOxZ1n87l6peIHPdHSWZkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/footer/img/backtotop.png?0.0.911

172.66.40.129

200 OK

674 B

URL HTTP/2
www.w88w981.com/_static/footer/img/backtotop.png?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Size
674 B (674 bytes)
Hash
27fa0fb316755fd9f17895fbba2275fd
138e13e21a41d70a0b265b1b587bd8f6a1351177
8d7f9d1223ccd2afda1fcdef71ccbff9d84ed91f9588bd50405d2cae1b20bcc1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/footer/img/backtotop.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/png
content-length: 674
cf-ray: 76c37da36d01b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0c256343fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:32 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 04
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w6y%2F%2FZ5Cg%2BkPB3TVNqEzDSRycK3K1SrM%2F6nOMUbYq70oOVTdAaLUXZREzlx8Ng2I0fiXDy4AdUK172iioLtLVL4N4uaG3e%2BTuy%2F%2F9pEgvPu%2FJQaoBeeInsFVCNGAmy6TLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/mobile/img/v2/W88Lite-Android-EN.png?0.0.911

172.66.40.129

200 OK

4.7 kB

URL HTTP/2
www.w88w981.com/_static/mobile/img/v2/W88Lite-Android-EN.png?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 200 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
4.7 kB (4691 bytes)
Hash
c517d63acea5a5e052520e911c5fe002
bd27eab59b0ee262aa55eb74f506a7545a59bf37
a542508bf961754d665552c69a9e5d75defbc477e25561ca6fcd55efaf95b9be

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/mobile/img/v2/W88Lite-Android-EN.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/png
content-length: 4691
cf-ray: 76c37da2fc48b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "038b67343fbd51:0"
last-modified: Mon, 16 Mar 2020 03:32:00 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 01
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=liBmv8X83QXaKsM%2BrS1Qn%2FWSNohRrnRlPEkyijEmMLYUKraXVSOzQyFr4IA2SuAHfZNrubU2FuWvy2ivG25MyPPR5wZPZnZkEUR83OAvW9hJj7gu69OONPAGvJI%2BWeLlwA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/footer/livechat/img/contact/floating-App-empty-right.png?0.0.911

172.66.40.129

200 OK

547 B

URL HTTP/2
www.w88w981.com/_static/footer/livechat/img/contact/floating-App-empty-right.png?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 168 x 138, 8-bit colormap, non-interlaced\012- data
Size
547 B (547 bytes)
Hash
b7871d377421ab2b06c73aa716ecbf00
ffd743753bbdfea6177963a7d5a6475346f4bcdc
d6fa74a4323d8e1c20c4e21bca961c2ae299780248f9d60cd36bd93c883bb3d2

HTTP Headers

GET /_static/footer/livechat/img/contact/floating-App-empty-right.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/png
content-length: 547
cf-ray: 76c37da36cfdb511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "07e49329cc3d61:0"
last-modified: Thu, 26 Nov 2020 02:31:08 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 04
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2F4qgn42CtzMQrp%2FXi6R6ywfiW3iIejIIkoRMV%2FDzipxewW2dGddXXcwS4rd1yPpHowfowOb5itUtUnvQUzf6lZi3nL4nSUimPHRGNtTR80XcmZTZM39kxtrcrt1zQ71lQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/games/bravado/thumbnail/w88-slots-Senorita-Bingo.jpg?0.0.911

172.66.40.129

200 OK

11 kB

URL HTTP/2
www.w88w981.com/_static/games/bravado/thumbnail/w88-slots-Senorita-Bingo.jpg?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 146x189, components 3\012- data
Size
11 kB (11164 bytes)
Hash
e1a03991b69de74f01dbe94f8edf1bbe
ffb699f35f6b6792edf1f2c1ba9a9ec26d521110
5b824eb73333d1ba9a2f4a81b3c6fc295e739209e8d588ef59655436a00a7ebf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/games/bravado/thumbnail/w88-slots-Senorita-Bingo.jpg?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/jpeg
content-length: 11164
cf-ray: 76c37da36d00b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0115fbf17e8d81:0"
last-modified: Tue, 25 Oct 2022 02:16:10 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 09
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MILdZSBTRwGTJUhpIimrJPemhVO71wssagfO52aEvscWHnzBaswcEqGCcZf08EQNhuGPw4q5PBo5dHvZ6ioda11jpf9CKscwm7chOEJ4f3GUh71srIFVKVTm5quIlrgM1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/img/blank.png?0.0.911

172.66.40.129

200 OK

95 B

URL HTTP/2
www.w88w981.com/_static/img/blank.png?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Size
95 B (95 bytes)
Hash
71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/img/blank.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/png
content-length: 95
cf-ray: 76c37da37d14b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0b1227043fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:54 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 04
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BA7Ic2qnVayrV%2B9Ik0NSNKw9O6MJC8wDpjXPFY5FEEh6WUZKGEUOlPbfW6gYLfWABNU5PZJ73rPPoCWmPtDq87pD23465G5%2Fj%2Fi%2FpPmcOCmMrk3DwVOouwXJg99Fxl00zA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/sports/img/popup/eSports-Asian-V2-New-EN.png?0.0.911

172.66.40.129

200 OK

20 kB

URL HTTP/2
www.w88w981.com/_static/sports/img/popup/eSports-Asian-V2-New-EN.png?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 345 x 218, 8-bit colormap, non-interlaced\012- data
Size
20 kB (19500 bytes)
Hash
b3808c16301217883141a45947820e69
6412796091faad03edde1b96f951945fe05a18fa
d2449c45e41fe62a40ca451c6272d6ac8089673026593e7f8fdd19d06de3aaea

HTTP Headers

GET /_static/sports/img/popup/eSports-Asian-V2-New-EN.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/png
content-length: 19500
cf-ray: 76c37da2fc54b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "065e77443fbd51:0"
last-modified: Mon, 16 Mar 2020 03:32:02 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ydz9LdJnRe56rp8mL3EU34f8fEtKkIlxoqLuImic80p9swgZja0gEwbkNm%2FNZGMJW0qKWKKLH0yP8iW6qkHDu2bvl7%2BQBfzt%2FCBWE7v0dAZ5Vqtvrnu7w79y3%2BF4tv%2FYVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/home/popup/img/w88lite-pop-up-banner-en.jpg?0.0.911

172.66.40.129

200 OK

53 kB

URL HTTP/2
www.w88w981.com/_static/home/popup/img/w88lite-pop-up-banner-en.jpg?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 512x288, components 3\012- data
Size
53 kB (52553 bytes)
Hash
ff7cf366502fc2aa5850be72d782ab36
38f4437a05e4af0bd23c2c12c360a72c4444fdd1
22d026dd777436e1ff6dd8b0a331feafb9f602f9c4833e4628668499dd9cc7f9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/home/popup/img/w88lite-pop-up-banner-en.jpg?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/jpeg
content-length: 52553
cf-ray: 76c37da2fc42b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0b1227043fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:54 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: h2pri
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 01
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6pfcV7CRbGl4MFh3pSiO2QXYCfhJuLmZYSwdUCyW71sfb80SdGtWFEl95EJjXR1QXGxsXZg5zK5zftlhIsY7DOooYWDtXTz5l%2Bd4%2F7pS2THveRYFYEI5r8ZjfoMd8zqOaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/fishing/img/W88-Web-Popup-Ocean-Explorer-202208-EN.png?0.0.911

172.66.40.129

200 OK

73 kB

URL HTTP/2
www.w88w981.com/_static/fishing/img/W88-Web-Popup-Ocean-Explorer-202208-EN.png?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 600 x 353, 8-bit colormap, non-interlaced\012- data
Size
73 kB (73309 bytes)
Hash
a2e568d463839059ddc1ccdd044e528b
103a329a75a5edf1c23804d86f9329dc96565a07
d5c2b20604ac0e8eda658da93b268674404d5c94d33b8c13387acb04a6d4f2a5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/fishing/img/W88-Web-Popup-Ocean-Explorer-202208-EN.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/png
content-length: 73309
cf-ray: 76c37da31c85b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "02635d61eb2d81:0"
last-modified: Wed, 17 Aug 2022 09:50:52 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SVx3nCO7CD4VZfOe%2Bb1IEO%2FTRxqF5vqcA8OmpPmYHLcZCi5oUMBmPErUay0Qi0pwQbJSpVblX9hvZ6%2BcX1vTgBe7laVOAQg0%2FqA6v%2Bmt7p9wW6O0TayxTFsBn8pFav3XEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/sports/fantasy/img/side-banner-EN.png?0.0.911

172.66.40.129

200 OK

25 kB

URL HTTP/2
www.w88w981.com/_static/sports/fantasy/img/side-banner-EN.png?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 321 x 255, 8-bit colormap, non-interlaced\012- data
Size
25 kB (24994 bytes)
Hash
25ab19848bf37c261f7a33406fa79229
1097b416458264a38ada8452256302d9acd437ee
77df654570ad63357ca22aea17d51ce967c93ac151364ebc87324c093a2290fb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/sports/fantasy/img/side-banner-EN.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/png
content-length: 24994
cf-ray: 76c37da37d16b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0d155cf5a21d71:0"
last-modified: Thu, 25 Mar 2021 09:39:54 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eSbrta47cjoBc4BjeGzpM%2FeyV9k%2BXI3tNqDkFAuFUTSXs5i0ERWNffYFc587W0z0hqwQJczJ60zq9FYqFizj%2BihvuWb3IH05Bpzgikr4LL4aaXKlwHgl5beYSR36u8h49Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/sports/fantasy/img/Popup-EURO2020-EN.png?0.0.911

172.66.40.129

200 OK

112 kB

URL HTTP/2
www.w88w981.com/_static/sports/fantasy/img/Popup-EURO2020-EN.png?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 794 x 630, 8-bit colormap, non-interlaced\012- data
Size
112 kB (111903 bytes)
Hash
2fae1455e75832b4eae8269684940b0c
6afebb9a7caa050a2d2c62e284c8a390e4531a62
648cc5a61ac6b7a9c528c5e39d29fb50ae20866c40fdcd07b7eeeb4ca3604c2a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/sports/fantasy/img/Popup-EURO2020-EN.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/png
content-length: 111903
cf-ray: 76c37da31c7fb511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0d155cf5a21d71:0"
last-modified: Thu, 25 Mar 2021 09:39:54 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TnjaPiDfW9ZotYn9W%2FsY1mggRjAoAk%2FYbHn%2B2QCMTh3Ks8OkgihmCpX6T9wpmXbrLg%2BUN1s5SMXV52WL2SmcdGgzGcEtgo7WZNrimdTzN4e7NgfPb%2BP4uV81GGwbaST90Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/footer/logo/grey/right/GoDadd_SSL_off.gif?0.0.911

172.66.40.161

200 OK

3.6 kB

URL HTTP/2
cdn.w88ux.net/_static/footer/logo/grey/right/GoDadd_SSL_off.gif?0.0.911
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 132 x 24\012- data
Size
3.6 kB (3645 bytes)
Hash
5045eabf16540556435967bff1add2c0
4bb89bf78a7c4d829d25b62da2e7db97c511e052
19eb58d4c794b39fac99e5ccd38d5c9d4bceca3ade0986defdb0b6a659156a25

HTTP Headers

GET /_static/footer/logo/grey/right/GoDadd_SSL_off.gif?0.0.911 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/gif
content-length: 3645
cf-ray: 76c37da3cffdb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "1a33e345b69d71:0"
last-modified: Tue, 23 Feb 2021 07:34:09 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fBFJOpvrV%2BEcd01ppqCB%2Fj38c2lSNJEBbHNc%2BzBfaiiPx9PveLiAGNMJNmABRTm%2BzSPBaZPwU%2BCKy0Mi8xDASl2UAnmbZFVHxQdVZH25cbqyFQ4MC7TtjsbPxjbRJhY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/footer/logo/grey/left/wordpress_off.gif?0.0.911

172.66.40.161

200 OK

2.7 kB

URL HTTP/2
cdn.w88ux.net/_static/footer/logo/grey/left/wordpress_off.gif?0.0.911
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 34 x 34\012- data
Size
2.7 kB (2693 bytes)
Hash
51ae524d8110f01491893b6a2fde95ec
e186ad8bfa4a38670bb076a9521ca14fc7b8a13f
87aaad7ade48234c8695f9d970087302faa600bca9e706bf6d32acc5e9a14be8

HTTP Headers

GET /_static/footer/logo/grey/left/wordpress_off.gif?0.0.911 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/gif
content-length: 2693
cf-ray: 76c37da3cfedb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "829bc5b1b99d71:0"
last-modified: Tue, 23 Feb 2021 07:58:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y4qaJLODo2kKEwHxSkXA1oZR3yh3QEv6MWukrTQNRjc%2BHJCMZY011v%2BoY%2BwaJxbiA5IlDLKyK98HTsmgOStvL3hda4Kjua6A65LvNzVR0RhN2UDL8GezAn6Dgw30xls%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/footer/logo/grey/right/iTech_labs_off.gif?0.0.911

172.66.40.161

200 OK

2.5 kB

URL HTTP/2
cdn.w88ux.net/_static/footer/logo/grey/right/iTech_labs_off.gif?0.0.911
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 25 x 23\012- data
Size
2.5 kB (2494 bytes)
Hash
1f9e7ee959a31b1316e8759008664686
e403a0da8316ca4e7cc906a6633741b075f59b65
6b98579e274f7f7d8137574d58c2013a98976dfc3298af9117d3e31e3a845504

HTTP Headers

GET /_static/footer/logo/grey/right/iTech_labs_off.gif?0.0.911 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/gif
content-length: 2494
cf-ray: 76c37da3cffab4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "a237746b69d71:0"
last-modified: Tue, 23 Feb 2021 07:34:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OrlW99m5rY%2BStfc2NQLMBEVZXDla4qSo1aRvfTscFGPQVKbHkwPhtk53mqchIul%2Frxj8OuLp%2F1Cr53Y54tJfb%2BSSav6RYVnvKq6%2FQ6sZoCWe%2BYRqT6TdmpH5dhC8ELE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/promotions/img/close.png?0.0.911

172.66.40.161

200 OK

334 B

URL HTTP/2
cdn.w88ux.net/_static/promotions/img/close.png?0.0.911
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Size
334 B (334 bytes)
Hash
cf9a587c079584073aa29c67656db53b
b934af48c2b5fc47ab9bd69a7885bbec55af1880
cd2f4da1e2a2352b1f61dd4766e71f06ccedc684eec7497f6ef6157a3df9e431

HTTP Headers

GET /_static/promotions/img/close.png?0.0.911 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/png
content-length: 334
cf-ray: 76c37da3cfe6b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "8d4883a14b3ad61:0"
last-modified: Thu, 04 Jun 2020 08:39:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ay8KFgsrEetuCW%2FSWjNKUjTICXBxBlOX3yPo2kcj2s5VNPexypFu09mnMWEAGio8ULnGzjKL5Cd0M%2B2v6GI91mrdH%2BakgHI7aqRPNXRJef3OUGmk1S0Mg6Y7bD0qsH8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/footer/logo/grey/middle/neteller_off.gif?0.0.911

172.66.40.161

200 OK

2.1 kB

URL HTTP/2
cdn.w88ux.net/_static/footer/logo/grey/middle/neteller_off.gif?0.0.911
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 82 x 34\012- data
Size
2.1 kB (2099 bytes)
Hash
436be4b145fe272b9d36f9c3c9a48d80
e8c7b42498f8bf71bb883bc41344e0dbd8f80a37
7d45f0c02bb96839b4d8250686c320ef50865515d968df10c48ea72a770b158c

HTTP Headers

GET /_static/footer/logo/grey/middle/neteller_off.gif?0.0.911 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/gif
content-length: 2099
cf-ray: 76c37da3c801b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "2ec84342b69d71:0"
last-modified: Tue, 23 Feb 2021 07:34:03 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B6MQnH18j2V6HGbf07HFmxKdd8yIJ6MDsMMGdwOY6nDaE8aP%2BOZjrnhVNizUKiV8zSpdNcqhCUcQqxwjALkL6CbZHSf4lboaV%2FPTjtSrzwtKKMuYI8wBxMYPtQNF1Mc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/footer/logo/grey/left/Facebook_off.gif?0.0.911

172.66.40.161

200 OK

1.8 kB

URL HTTP/2
cdn.w88ux.net/_static/footer/logo/grey/left/Facebook_off.gif?0.0.911
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 17 x 34\012- data
Size
1.8 kB (1841 bytes)
Hash
1c7cd6006161ccbaeff85bef04dceafd
187e460103946d8aaa862d95d0595ad36f9d2940
9e06cd28b9220315fa45ef8a1762f2f2ad0f9ceda6c337bbaeae3a7692143880

HTTP Headers

GET /_static/footer/logo/grey/left/Facebook_off.gif?0.0.911 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/gif
content-length: 1841
cf-ray: 76c37da3d812b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "2e1a743cb69d71:0"
last-modified: Tue, 23 Feb 2021 07:33:53 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KUT3a9MEAPs2pUVsD2CcKpPNnivzi53mXgYOI1gjcqvRZE0513mAS2f8ciYH62oPx8ALtq%2BQDc6Sv4pgFG%2BR7OODietLRi5sA%2BbEirQyBwLZbCW%2B%2FKxzhvytfopPhcE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/footer/logo/grey/right/gli_off.gif?0.0.911

172.66.40.161

200 OK

2.9 kB

URL HTTP/2
cdn.w88ux.net/_static/footer/logo/grey/right/gli_off.gif?0.0.911
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 38 x 36\012- data
Size
2.9 kB (2866 bytes)
Hash
1eafa1a9b7f6835709f1a5570c50e86a
79debb272f7df152bf0f5d1e38ecdce0e472db49
2a45435616f406cc6ff83c9f2874974f49012a476291b2d32f1c4971bc173fbf

HTTP Headers

GET /_static/footer/logo/grey/right/gli_off.gif?0.0.911 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/gif
content-length: 2866
cf-ray: 76c37da3cff4b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "afbdc4b9b99d71:0"
last-modified: Tue, 23 Feb 2021 07:58:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=alBM7GXotMolNhWpET7uVM%2FE0Mc2f0ldtbbQBCxByO9FFGfkVEMNezzQC7cNM1CJ8KG%2BBnOWD%2FiJcrmUU%2F7xusbLcntcPz5s4OTvO%2Fzul0Jea8%2FjYAax8SHLrgHuVqA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/footer/logo/grey/left/twitter_off.gif?0.0.911

172.66.40.161

200 OK

2.3 kB

URL HTTP/2
cdn.w88ux.net/_static/footer/logo/grey/left/twitter_off.gif?0.0.911
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 43 x 34\012- data
Size
2.3 kB (2338 bytes)
Hash
c121efb505c6b7ecb44e07c98d431e9e
94a94ab4c5c17a89f855a5e2add58afe90bae86e
33fa4a58bdc4eaf5b872ad01300a7a74f3bc32ba546c879873d8dd22afc38c30

HTTP Headers

GET /_static/footer/logo/grey/left/twitter_off.gif?0.0.911 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/gif
content-length: 2338
cf-ray: 76c37da3c802b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "f099373db69d71:0"
last-modified: Tue, 23 Feb 2021 07:33:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5T6HLRg5RYGi9FBSbA422Ibxfzl7P7PgH8%2BgNy8iMSMQOdA%2FKP87v0sGUTLbjqEF0GoyisRHlY6sCmUSqOvf8RSnQVj7KB%2Fo3GFa7r4%2Brhq2h8V6iPP0A9%2BX6Ad3qxk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/footer/logo/grey/middle/AFA_off.png?0.0.911

172.66.40.161

200 OK

4.5 kB

URL HTTP/2
cdn.w88ux.net/_static/footer/logo/grey/middle/AFA_off.png?0.0.911
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 126 x 126, 8-bit/color RGBA, non-interlaced\012- data
Size
4.5 kB (4511 bytes)
Hash
23e7037916e7d7ed6273ca9d10c31fcb
895ec83a6ef6fcec57aa69b424ac416a598a2bf6
29b27feeff7bb9af251ca18bfb6997d07711c408101ddb580a296c1716002a9b

HTTP Headers

GET /_static/footer/logo/grey/middle/AFA_off.png?0.0.911 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/png
content-length: 4511
cf-ray: 76c37da3d80ab4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "43ec2ea2db11d81:0"
last-modified: Tue, 25 Jan 2022 11:06:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCmheCHqCgYwf9rBy3HsOhQ6n6PizGJ2D9%2BQUQ5ftyAmhK2D6q%2FD1eZ4Cl%2Bwa8ugxnR2YqX9KIWegGNpaFe1iIHGJFMbOCYdUkL9VwCsHHQ3owdQo1jAl3kI6UzkGeY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/footer/logo/grey/middle/Fulham_off.png?0.0.911

172.66.40.161

200 OK

4.2 kB

URL HTTP/2
cdn.w88ux.net/_static/footer/logo/grey/middle/Fulham_off.png?0.0.911
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 96 x 127, 8-bit/color RGBA, non-interlaced\012- data
Size
4.2 kB (4215 bytes)
Hash
8bb2988e379421f3543944985a65c86c
14a2a09d1286a32618ba4901fbf501bdac2bffb7
5a08a248b8a87dc3561cdd52e278e00321129f6ce78ba58737648e5c2f207f06

HTTP Headers

GET /_static/footer/logo/grey/middle/Fulham_off.png?0.0.911 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/png
content-length: 4215
cf-ray: 76c37da478d8b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "4d742393a1a0d81:0"
last-modified: Tue, 26 Jul 2022 03:41:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t88RBCnfgwKEdc9TzcweLHn5e4bOH4MmTtVUeL6XtpNwNRFu1wWn6oCYx9Kkx9YFyawvZcu2QgdzQgdeHWQGIt0vc3Z2MRVx0ltaNuj1BNG5CbAcdfunVZMmp%2BxbD3w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/game/crazy_fishing/W88-Web-Popup-Crazyfish-EN.jpg?0.0.911

172.66.40.129

200 OK

82 kB

URL HTTP/2
www.w88w981.com/_static/game/crazy_fishing/W88-Web-Popup-Crazyfish-EN.jpg?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 600x353, components 3\012- data
Size
82 kB (81922 bytes)
Hash
f1c7175c57727bc1e731aa9cf4249a50
4e6e1fb184d0c860fc0000c4bcaa1b65d28673ec
f47d7e9d7f91de2ea0992a2da68569cbd45c2840fe1f778f42974f1c01d688f1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/game/crazy_fishing/W88-Web-Popup-Crazyfish-EN.jpg?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: image/jpeg
content-length: 81922
cf-ray: 76c37da31c84b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0446aa7c24d71:0"
last-modified: Mon, 29 Mar 2021 09:15:20 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lwm%2F5G%2FIHGPjRmS%2BoqgLn4%2BeWdCzv2az4d3%2FnEuOl7KoNRwLiZU7%2FWVjYYcVw0JlzSUuGy7DI0Ues8osakt4OGyH1B%2Fbl8RNGwI8XEnRIg9VCRtdQQqx3PrhUhEDaw8KWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/footer/logo/grey/right/HLEvolution_off.gif?0.0.911

172.66.40.161

200 OK

1.7 kB

URL HTTP/2
cdn.w88ux.net/_static/footer/logo/grey/right/HLEvolution_off.gif?0.0.911
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 29 x 25\012- data
Size
1.7 kB (1734 bytes)
Hash
7d986f24fe0b72489e69a9a4eb3415f4
e54cfb3718f72fd1d5697e27830c84313d806bc3
5958081330b5e6f9c30622f931f915c0e0a2c4fdea21e6cc3f4cdd3cd7c6dd68

HTTP Headers

GET /_static/footer/logo/grey/right/HLEvolution_off.gif?0.0.911 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: image/gif
content-length: 1734
cf-ray: 76c37da3cff1b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "96f34446b69d71:0"
last-modified: Tue, 23 Feb 2021 07:34:09 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sa5O2al6MwCOC99IsqnkAqTfaJDgut8foRDxIcbN9ZSJEQjk1mME3CkRSfpsHCIFOLuOoK%2BD1ptd%2B%2F5mQi2BZO8mZZXuGNPSteGQONam7kHvVa0RUV3SOr3Heyw7O58%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17140
Expires: Sat, 19 Nov 2022 01:20:48 GMT
Date: Fri, 18 Nov 2022 20:35:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17140
Expires: Sat, 19 Nov 2022 01:20:48 GMT
Date: Fri, 18 Nov 2022 20:35:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17140
Expires: Sat, 19 Nov 2022 01:20:48 GMT
Date: Fri, 18 Nov 2022 20:35:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17140
Expires: Sat, 19 Nov 2022 01:20:48 GMT
Date: Fri, 18 Nov 2022 20:35:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17140
Expires: Sat, 19 Nov 2022 01:20:48 GMT
Date: Fri, 18 Nov 2022 20:35:08 GMT
Connection: keep-alive

cdn.w88ux.net/_static/footer/logo/grey/right/GAME_PLAY_off.gif?0.0.911

172.66.40.161

200 OK

2.9 kB

URL HTTP/2
cdn.w88ux.net/_static/footer/logo/grey/right/GAME_PLAY_off.gif?0.0.911
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 112 x 27\012- data
Size
2.9 kB (2902 bytes)
Hash
4b531a5dfc99e8349f61d08ef4ad789f
b7b0aa932f548b56eaeebeda53bbc49f688f5a7f
e1bcc747336fa0a86c5a9297a6838ce0ab8fb0af0dad9e8838e959048dff7885

HTTP Headers

GET /_static/footer/logo/grey/right/GAME_PLAY_off.gif?0.0.911 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: image/gif
content-length: 2902
cf-ray: 76c37da3cfefb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "a1624f45b69d71:0"
last-modified: Tue, 23 Feb 2021 07:34:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ARP0V74SteQ1YBC7x11r6T2qvLuTdoqDDLhFL7z8XNMzsFWtEcidwZ2O7dYMC47reD699t49ZlX1%2BrLIK3kX37B0vRJRMSL6W%2Bu9bi%2FwyAtgE10KDVqJG%2FJvnmVwyJE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/footer/logo/grey/right/Payouts_reviewed_off.gif?0.0.911

172.66.40.161

200 OK

3.1 kB

URL HTTP/2
cdn.w88ux.net/_static/footer/logo/grey/right/Payouts_reviewed_off.gif?0.0.911
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 70 x 23\012- data
Size
3.1 kB (3083 bytes)
Hash
33ace231c9e5681784c58c5f0e123ebd
a2d733ffaf697c2e9a42d592cb599de3702aec95
d436ebf9f75e4efd7eb1c0f535a192a89d3b37d5354a54dceadafbb279e1358a

HTTP Headers

GET /_static/footer/logo/grey/right/Payouts_reviewed_off.gif?0.0.911 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: image/gif
content-length: 3083
cf-ray: 76c37da3cff9b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "21833a47b69d71:0"
last-modified: Tue, 23 Feb 2021 07:34:11 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UcoXj7GOALygwX2DQ1BnzDeJs0rgUaw8s7o27XIG0e%2FEGAJxa6ZXH3oURQKAHsK%2F%2F%2F7BQIp2PD37hoV7gfeqCpcWCFWVLQm74PUvq47sxNcigxyJslaXTbtG7x4u73o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/footer/logo/grey/right/bmm_compliance_off.gif?0.0.911

172.66.40.161

200 OK

2.4 kB

URL HTTP/2
cdn.w88ux.net/_static/footer/logo/grey/right/bmm_compliance_off.gif?0.0.911
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 73 x 23\012- data
Size
2.4 kB (2392 bytes)
Hash
9b05fa38dbedccd7a2514f591ede41e4
4d63f36effcf8c87270fe6ac9e6ebc2eaba5c0ba
71e90a52c6f0066e5a552976a0e3e5be71fd7decc66aa0da6904625a5462ad83

HTTP Headers

GET /_static/footer/logo/grey/right/bmm_compliance_off.gif?0.0.911 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: image/gif
content-length: 2392
cf-ray: 76c37da3cff6b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "1c6bb444b69d71:0"
last-modified: Tue, 23 Feb 2021 07:34:07 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZ2i8fTbNj2kEnWvKT57oGXZsPVDmCR%2BEBHPKsEtcP%2FWtq%2BnJdp1%2FkPD%2BjvmVYEONJyNW53jhTSDhPno4M7eeb8RSkk1r0O1yU%2BGRrfPrlcAR%2FV%2B5QhRO3FXjJZK%2F%2Fg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f1b43b0-5ba1-4c6c-9a53-bfae9befdd7d.jpeg

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f1b43b0-5ba1-4c6c-9a53-bfae9befdd7d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6344 bytes)
Hash
a9d32fa3866dd741de610a61a93ad893
4cb2141b1ef1e5bf19a3b355995dcd8fa36f695e
4492338de536cfae6fb42fd37170c60f4fbc281a2a924efe6d2b5af352cd102c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f1b43b0-5ba1-4c6c-9a53-bfae9befdd7d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6344
x-amzn-requestid: cac35b04-be3b-4ae1-bb5e-8cedcd7a7db4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: btqOVFCXIAMFcOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63755728-45c28fa333b748520be29b57;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 21:33:28 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: mhgNSp1_LsVmn00ULm116flMHpnfE6G6JABrJwXH5i4q-isv_W1-Ig==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:34:18 GMT
age: 82850
etag: "4cb2141b1ef1e5bf19a3b355995dcd8fa36f695e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd26f9e-1666-47e7-91b0-4b371ede5e61.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5955 bytes)
Hash
30ad43f65949e7e22e73292e3d684f3d
9404b0071027ac7ec0055a9edfbd607e3a8ae501
b97961cbd2245f9927c1c0406451449d28cca24c98c534cace78321ac62eeeb2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd26f9e-1666-47e7-91b0-4b371ede5e61.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5955
x-amzn-requestid: fe915fbe-b1dc-4fbd-8a10-1cb46e08f56c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: btqPjHloIAMFidw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63755730-16deb73f48305b0139b1d9bd;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 21:33:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qtpQ9y_8ohoqKpvTx-mWM439VyjZnpmTKKCEAEnknL3CVN8ZkiJaYQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:39:46 GMT
age: 82522
etag: "9404b0071027ac7ec0055a9edfbd607e3a8ae501"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.w88w981.com/_static/js/qr.download.js?0.0.911

172.66.40.129

200 OK

14 kB

URL HTTP/2
www.w88w981.com/_static/js/qr.download.js?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (369)
Size
14 kB (14294 bytes)
Hash
88bc83a2a6383436aab9d70e3a1f3949
6b2d0792548e4afd22509ae279dd415272f0693c
0ad70959a22675e309c7a0afc8c55d11fcc8e4294d3140e68c146757706af17d

HTTP Headers

GET /_static/js/qr.download.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da36d07b511-OSL
cache-control: max-age=14400
etag: W/"0af356fa5f4d81:0"
last-modified: Thu, 10 Nov 2022 01:40:38 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 04
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2t7HTF%2BMo1Fyz9I26iWHzXPLw9b4zIx8o2btDwouJASCWu946eOo1W53TvkvZptjwp%2BCVQBgfgZ8O%2BR8DEvto%2BKkdTuuQL5rR0EQMEMr026ByN0JpzBfV3qTC3UJn%2Fs%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20ddb38f-d459-45e6-9351-068a5306b3a1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10349 bytes)
Hash
7d16e5ff718353c095d266b080fe547f
fa7c5c9a1d16355859196271f3d13f3850931888
9a94d8eb20cc56d0898b1e2b80c0006ebbef75c15ad94e907050c5be4e19a960

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20ddb38f-d459-45e6-9351-068a5306b3a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10349
x-amzn-requestid: fc85e078-a81a-4fed-899e-15249961f59c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-7tHGLIAMF00Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7d-4224d193517794684fcdc0ad;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UK-XD_8EcfPwfLb-QVwfLr8aG-sqVBoUJcbPb5hKAlQS68eOxdgM5g==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:03:27 GMT
age: 81101
etag: "fa7c5c9a1d16355859196271f3d13f3850931888"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e93b023-2729-4761-a4ea-05612c0917fb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.8 kB (3759 bytes)
Hash
5d0b6106f00f9fd8b89c2d484a559a1a
399ac393209dcdac7d2188d7aa8d95f04570ef7c
5d8151c9eb558f4a2b8bd2952c6845606ddb0c27e36f6e49aca7e60908cd9fe4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e93b023-2729-4761-a4ea-05612c0917fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3759
x-amzn-requestid: 8c91ac59-89dc-4218-b69f-0cebb29f301b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-wJHgxoAMF-hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab33-4dac305614a92bc52c038222;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:44:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mb2-PTjNmt06Wd5jOjQ5WoLY-0NgI80CKPXtwgzBt4n5km8Pu_WN0Q==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:50:49 GMT
age: 81859
etag: "399ac393209dcdac7d2188d7aa8d95f04570ef7c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11667 bytes)
Hash
032386e5c9dffff1ba1ee5e8a322d438
dd4fd6c803a9b333bace9a541c6bd183d0c56bb9
0e9f559a0aa7e114c5810a27ba243c0da7b44dc0bf7aec2b7ab32b8f0e2b536c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11667
x-amzn-requestid: 4778d1bd-28c3-4665-89da-046e356087f0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyD1HE-oAMF0QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-53c7330c5fd36d3c4d9e6aed;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CHi9V7-WaWmG6Y0249CZJnhe_RjvleaGFVXoOnJ62cjrcXoLLKwzgw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 18:45:50 GMT
age: 6558
etag: "dd4fd6c803a9b333bace9a541c6bd183d0c56bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/footer/logo/grey/middle/Milestone_off.png?0.0.911

172.66.40.161

200 OK

3.8 kB

URL HTTP/2
cdn.w88ux.net/_static/footer/logo/grey/middle/Milestone_off.png?0.0.911
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 96 x 126, 8-bit/color RGBA, non-interlaced\012- data
Size
3.8 kB (3781 bytes)
Hash
c4c9c08aaa474d5f56fd2488153465b7
422514c8115a75eb632cb9de2467ed0942914056
f1082b351cf23eb4edd964ec834a35beaefad277dcbad69dbd288b1b013f3d0a

HTTP Headers

GET /_static/footer/logo/grey/middle/Milestone_off.png?0.0.911 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: image/png
content-length: 3781
cf-ray: 76c37da458b7b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "6844dd41b69d71:0"
last-modified: Tue, 23 Feb 2021 07:34:02 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2FElxT4LSQgxFvqIhDWc6NtJXLOsUV2xVYMm%2FoilpPBWg7P88UyI4mOg%2F9T12%2B3BUw1fDjIW6HxKbuaflmDCP%2BvXIG2jMEw%2FhZWn9ITdzOz6LjB%2B7Wr4c3etuBgCf1w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/js/ko.footer.contacts.js?0.0.911

172.66.40.129

200 OK

12 kB

URL HTTP/2
www.w88w981.com/_static/js/ko.footer.contacts.js?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text
Size
12 kB (12128 bytes)
Hash
d13060dab95b59b709a83996ca200bb5
424dc65d0f737def8bd2a9edcf1888b0b0763634
07c15a0d014433249d21478175bdea969c831e6d47d1ceb04f78c3f770e57754

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/js/ko.footer.contacts.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da35ce5b511-OSL
cache-control: max-age=14400
etag: W/"0af356fa5f4d81:0"
last-modified: Thu, 10 Nov 2022 01:40:38 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 04
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9pq0i5LrF6ToTlXZIEAYt6E%2Fs94wVYuaQkSl2A1OoD2FcLrmThxmv3%2BTHEXSzWVN%2BFHeK6SK%2BzfbBaGD1G%2FPENQqkov4VcCD7hgnZY1aeF326s9Oa2VFtldQiLb5EgpRHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

cdn.w88ux.net/logo/W88-Logo-black-EN.png?0.0.911

172.66.40.161

200 OK

13 kB

URL HTTP/2
cdn.w88ux.net/logo/W88-Logo-black-EN.png?0.0.911
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 442 x 80, 8-bit colormap, non-interlaced\012- data
Size
13 kB (13088 bytes)
Hash
b69a8dfca077612aaf805fa573df1aaf
89624f1fe741b5a0cdf77b3a737f23a8216f417d
a07baf5bbb302668883c94e51f662332c7cf9ed1f3f1c43c7629babc89f58c61

HTTP Headers

GET /logo/W88-Logo-black-EN.png?0.0.911 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: image/png
content-length: 13088
cf-ray: 76c37da9a838b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "e5c14eb90f2d81:0"
last-modified: Mon, 07 Nov 2022 10:08:43 GMT
vary: Accept-Encoding
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0q1lPOh0ryxBvwDCNbwMrkFIHDEOhRqadU%2BmSHrRqEmHSIVp6vXRLLVLSyjlJ8RoKkOBOj%2FkQ936WIdj1SLDuonEB8ZeoQn%2BUMoL0gMLDlWiKweSm6%2BqQmroNJT48bo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/_css/img/sprite.png

172.66.40.129

200 OK

8.3 kB

URL HTTP/2
www.w88w981.com/_static/_css/img/sprite.png
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1444 x 104, 8-bit colormap, non-interlaced\012- data
Size
8.3 kB (8270 bytes)
Hash
47285c087a948f6025c46f3fa49901e6
93e6793dd184bba06b8d21ea27e31798059f1709
174d0d2943db8cf951cfe3cbbb1ee1fd60a8a35912a79a1e7957fb2995bfe466

HTTP Headers

GET /_static/_css/img/sprite.png HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/_static/_css/sprite.css?0.0.911
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: image/png
content-length: 8270
cf-ray: 76c37da9ae93b511-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=14400
etag: "087ad5a43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:18 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofet2fouNUQguz0bjXB8jMWHIE1rfS1vf2LVVqxsd9ehnmf4w2fyH%2FVUkCON2oalC23oJpkGzRLqX6I0fq30ZEBfkhzmImdiDX96BY9FWt1AfKpYkGkQ1fKU6OLdxE20jA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/footer/logo/webbrower.png?0.0.911

172.66.40.161

200 OK

12 kB

URL HTTP/2
cdn.w88ux.net/_static/footer/logo/webbrower.png?0.0.911
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 209 x 260, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (11725 bytes)
Hash
ea3bbc246ca64ea8f3a024884dc93628
9735f213247ff60d5863d79a0bdd5480c5cb4cf2
e933a3ec106cdbbe528ae990e2f1a1dc6b806db1b8ca80af137e4c8ef45c6e35

HTTP Headers

GET /_static/footer/logo/webbrower.png?0.0.911 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: image/png
content-length: 11725
cf-ray: 76c37da9c877b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "5820433bc99d71:0"
last-modified: Tue, 23 Feb 2021 09:49:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYklFTffmqHDPoSk2betMqFtEQBCih2Bh5w2BYbGbsg1gvmJeIG0cIyK%2BUr%2FErv07PY5hEBQp%2FhDt7866SB4jC0UtVVthLQFPASkVen8ggxwON2lT4KphXMgD%2B2Zr30%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/_css/img/footer_line.gif

172.66.40.129

200 OK

43 B

URL HTTP/2
www.w88w981.com/_static/_css/img/footer_line.gif
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 3 x 1\012- data
Size
43 B (43 bytes)
Hash
58e100f572ebffde6b3a9fc4990ed0b3
0006b1d912843ed3f405a3eab7ee6319601bcfea
bb5877cb22e83eb48f4fa4beadf06cf86011658ff7abc9b75d6867f793e33985

HTTP Headers

GET /_static/_css/img/footer_line.gif HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/_static/_css/Main.css?0.0.911
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: image/gif
content-length: 43
cf-ray: 76c37da9be9eb511-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=14400
etag: "087ad5a43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:18 GMT
vary: Accept-Encoding
cf-cache-status: MISS
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=daGEZQSGwovh6w87zektqPrgX%2Brb%2F7XOSMEvqkUAt9rQAV4NQlZY65ix5lLTyoIW5SNqNe1kz988u961ksARVwt42vlkMCfNzpxgN1osCwhEAVx14DxBUb7mvtJxD6aelA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/promotions/img/close.png

172.66.40.129

200 OK

1.5 kB

URL HTTP/2
www.w88w981.com/_static/promotions/img/close.png
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
1.5 kB (1475 bytes)
Hash
61678c6462dfa8e9d545dab9fa698666
b3bce07181ef50e1d7c78b7374677aa09b647efe
9ff729ccc3e0a1b61114df0d875fc9210f01bbf87e6268598a28dec3a33e8de3

HTTP Headers

GET /_static/promotions/img/close.png HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: image/png
content-length: 1475
cf-ray: 76c37daa3f72b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0db6c3a8bc6cf1:0"
last-modified: Tue, 02 Sep 2014 08:52:30 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GxaXvDlVx%2BzH1V6KzyfyZ0G6imFRcGYBI0MhqZ3hTtWDt3GTkuKJTgx84d9zVAtoD%2FcJpvA6xmbF7Vxk1QZ89ycojRumf%2Bwb87teMeEPmgtJhYgYMJqRS7GtzG2XFcnFhg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/img/2fa/Enter-Code-Icon.png

172.66.40.129

200 OK

2.7 kB

URL HTTP/2
www.w88w981.com/_static/img/2fa/Enter-Code-Icon.png
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 183 x 116, 8-bit/color RGBA, non-interlaced\012- data
Size
2.7 kB (2722 bytes)
Hash
dce0d0eb5176a3af28371028f17eb7c2
adc7d5bbc77b4ad9cefdff49e2684a5d12b2fb3b
b856c0c4930b2e26d4d5bd158b35d6a52c1b74a53079d564c5cb14c208a0fa2b

HTTP Headers

GET /_static/img/2fa/Enter-Code-Icon.png HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: image/png
content-length: 2722
cf-ray: 76c37daa3f7ab511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "03ea145d4d71:0"
last-modified: Tue, 16 Feb 2021 02:41:48 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=szQImP2hiQCaZ3huu1RP8hSEH5eIwrW0beWhxIxH6ZI0vF364HpbS8vdZRtXMrMHjk0zXOfpMC1YupwabpR6fwIOcftmcs0VvokzDA1ubpJr0OfKB1HZHGLhF5drxxue1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/footer/downloadbar/img/Download-Centre-Floating-Box-before-EN.png?0.0.911

172.66.40.129

200 OK

5.6 kB

URL HTTP/2
www.w88w981.com/_static/footer/downloadbar/img/Download-Centre-Floating-Box-before-EN.png?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 307 x 236, 8-bit colormap, non-interlaced\012- data
Size
5.6 kB (5555 bytes)
Hash
8fb27c6adbc04ce78205230c8efd46ad
bd43a7639020c5313086009a7c18adab9b16ac97
f31f38a93482f15ed355846a7a4e3103d3dbe5ea3ae45b19fe58a3c55fc9651f

HTTP Headers

GET /_static/footer/downloadbar/img/Download-Centre-Floating-Box-before-EN.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: image/png
content-length: 5555
cf-ray: 76c37daa3f6cb511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0c256343fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:32 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2BitPk067LXu%2Fzai5wVR4VJ5xSurAt5RTZ%2Fng%2Bvc3gQWzLoCXKC0ofSPkvvkScdwq1rJFfTuHicydQ4vEdSFWFSZ%2FC9mKwGnTwj9guE%2F9TDXphcEQeTnlNheDLWndY5OzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/_css/din-regular/din-regular-webfont.ttf

172.66.40.129

200 OK

40 kB

URL HTTP/2
www.w88w981.com/_static/_css/din-regular/din-regular-webfont.ttf
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
TrueType Font data, 17 tables, 1st "FFTM", 9 names, Microsoft, language 0x409, \251 Dutch Design: Albert-Jan Pool, 1995. Published by FontShop International FontFont release 1\012- data
Size
40 kB (39480 bytes)
Hash
9e5eb61423331dc4fe8c9c9c8a0302b7
989a67f1ad1cf221658dcea469e56f9bec820c57
09a0193e234571c340eb1de4462635db96155a949c07203f0a604e0a31bd28df

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/_css/din-regular/din-regular-webfont.ttf HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/_static/_css/din-regular/stylesheet.css?0.0.911
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: application/octet-stream
content-length: 39480
cf-ray: 76c37da9ceb4b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "087ad5a43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:18 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofrwkOh5KotT3lTzxFJ61BAu8%2BMyH2RIIR0qNsGLz3DcUlmel%2B8scCJ20lbfqhjKjDEClOzTQctMLVIs9Jnl%2FHSNOcs5lR41h%2F47t6iwkS286cpgWGp9OB6O5Z4rLD8G7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/_css/hotmatch.css?0.0.911

172.66.40.129

200 OK

4.4 kB

URL HTTP/2
www.w88w981.com/_static/_css/hotmatch.css?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
4.4 kB (4439 bytes)
Hash
7f036fc93087884a22cd660d06da1edd
bb82c30b0e8dfdec832d092b3672845e9743ef3a
884807fccd896b36cf5f684ccdc45c641d5b368bb8ffcbb0fa139356b31dfd13

HTTP Headers

GET /_static/_css/hotmatch.css?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: image/png
content-length: 3250
cf-ray: 76c37daa5fa3b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0a61eac1e93d61:0"
last-modified: Fri, 25 Sep 2020 09:31:40 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X0wJ3CakxxfpRSvbT1%2BFICIF%2Bwm97LhrVSG1IqEemVLPQkacgswnBaWU5jxUmmTEh5lH1cXjxDGezKBGfyg43DzdTzz%2B6aUeJ5GpgwPJkPPJqwr5ntTMG3MMv6SrtUXyMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/menu/img/ClubMassimo-MG-CN.png?0.0.911

172.66.40.129

302 Found

6.2 kB

URL HTTP/2
www.w88w981.com/_static/menu/img/ClubMassimo-MG-CN.png?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
6.2 kB (6174 bytes)
Hash
23a59bbbf9f198c9a30ffa9d36edf391
b033ee307e0ed4a6d6b57cd24396dc59d0a08c65
069fa3eafbcd5dfdfc309c65f8ecf56543b9504b5189105ae9a7a9e990bd573f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/menu/img/ClubMassimo-MG-CN.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 302 Found
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: text/html; charset=UTF-8
location: http://www.w88w981.com/_static/message/404.html
cf-ray: 76c37da2ec12b511-OSL
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: BYPASS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oHJIHZW0FYYbWFEzcl9YdKyRtBJlVC6vYFBTOYdqHq7a8ygw2xOHrPamOsffL7rZustFECx1uOjTAc3pfXoRL58P5y1mNp1tXDxgBTCoOjv74W1CPJRHI7qz9ax89nRGUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_secure/ajax/api/handler/timer

172.66.40.129

200 OK

35 B

URL HTTP/2
www.w88w981.com/_secure/ajax/api/handler/timer
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
35 B (35 bytes)
Hash
8c97139d2108c9e0da41ec54e94ba803
00e2a709ee96007c6f9d428fdc5d7cf017698f0d
46aabacac367ed403dd2c09fcab78f85d0653dc11300f8c711e15569f8705880

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_secure/ajax/api/handler/timer HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: application/json; charset=utf-8
content-length: 35
cf-ray: 76c37daa2f6ab511-OSL
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
request-context: appId=cid-v1:befc641a-1b45-4261-8b4f-ca637b9caad0
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JdIBE8yV8vWQRE4K0tl0bIRm5Lk%2F1pftAhNeHnzSLySNrrBzJ081AounCKZRrW19JgcxLY1M%2FYgx7XjByEtg0dqYUzP1ZfByvzMu3L%2FhdSp5Gjvp0C1fsahXOzdh8m1b%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/home/btm/img/Dividing-line-grey.png?0.0.911

172.66.40.129

200 OK

2.7 kB

URL HTTP/2
www.w88w981.com/_static/home/btm/img/Dividing-line-grey.png?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1280 x 562, 8-bit colormap, non-interlaced\012- data
Size
2.7 kB (2674 bytes)
Hash
14250d20e980f74818375c282f8b0ee2
b40aece998ea2e2cd678c00e72ffcae5d4a31222
e591834490daedbcb1a3f3211c0a540d7f9dd739af8e84112b688696c0e96d9f

HTTP Headers

GET /_static/home/btm/img/Dividing-line-grey.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: image/png
content-length: 2674
cf-ray: 76c37daa8fe7b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "05139a0d189d71:0"
last-modified: Thu, 05 Aug 2021 08:12:26 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0lZpYFMUhfL1OuZCDug3THE%2FBX6u1qJf0Knfpj00t3%2FhdslLBhcjkyX7c64Hn6J8y5EqbNUopuXDN9cPie8liBj35KT%2FgTh5lEMyp1SmBqX1K2BJ6HewJIAcInWZ8pvd5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_secure/ajax/api/member/livechat/link/en-us?referrerUrl=https%253A%252F%252Fwww.w88w981.com%252F

172.66.40.129

200 OK

37 B

URL HTTP/2
www.w88w981.com/_secure/ajax/api/member/livechat/link/en-us?referrerUrl=https%253A%252F%252Fwww.w88w981.com%252F
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
37 B (37 bytes)
Hash
2cc7a383ae26e697193bc1ec8b32c05f
fc490a03874be0621ea07a1d5b0be573799f50e2
0f7177bc00d2a0b1e08c9ebc64abf487e427cd6b4a603100ca3a621cb5f7367f

HTTP Headers

GET /_secure/ajax/api/member/livechat/link/en-us?referrerUrl=https%253A%252F%252Fwww.w88w981.com%252F HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer OElWYW1NVTJsMU02UG5NdWFCc2RkNlVjcDhSTHpaazhxbW1CUVpvYlJxTUFkSitPM1Avc2t4NW0zR3Q3MlhPRkpCMy9WZm82ZlB4dElrWlQ3SXZaSG0yMHAzWTlwVE9BYlFkaHp0TFlTcTBSRUp0UmRsNGxVSDNoN1RUUit4a2w=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: application/json; charset=utf-8
content-length: 37
cf-ray: 76c37daa3f7fb511-OSL
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
cache-src: red
request-context: appId=cid-v1:befc641a-1b45-4261-8b4f-ca637b9caad0
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5LaxXkOcSfFkFd8HypKte5QDveELRHtPujmtCR29kavgywrEBlih2f4BxY4XSVrBSQXWTe2SubsfizdYzvZ%2FXk65l2yuIJJZsD6kukqocAOQimVVq2F8LXboUAuk6ASiw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/svg/grey/announcement-left.svg

172.66.40.129

200 OK

1.1 kB

URL HTTP/2
www.w88w981.com/_static/svg/grey/announcement-left.svg
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.1 kB (1087 bytes)
Hash
cfe531e01d75fd31bdd6328fb16119b7
0f946594cdfd274cb82734886faee1da2ba51342
d9923421adc363bf063b6b79bc2f535b4cca33e9790bbe1c54054f06f1affa1c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/svg/grey/announcement-left.svg HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/_static/_css/icons.css?0.0.911
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: image/svg+xml
cf-ray: 76c37da9ae97b511-OSL
cache-control: max-age=14400
etag: W/"0dabeddfd47d81:0"
last-modified: Mon, 04 Apr 2022 08:27:48 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BiMLTt3gm6O0V8Ntp4xUbpa0XVFxmCjJp75s%2B7dYfjWzSEIx244aEwprDQkk3BfgcKUwwl322z8RdO%2F1uDcukgFl4CFupYMhfRQGO6rtTuJ2Icb9N3P4R%2B%2FP41Oot515cg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

ocsp.godaddy.com/

192.124.249.36

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.36:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1777 bytes)
Hash
050d780dd4bcf4fcf7e0c898331a306e
2e3767859e3f53b3f1001b872b7018a7f27e963a
c27062b5270e399ba488a06ea9d2bfba64803fe7319fb4121a282efd3ccf32a7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 18 Nov 2022 20:35:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 18 Nov 2022 19:43:24 GMT
Expires: Sat, 19 Nov 2022 19:43:24 GMT
ETag: "2e3767859e3f53b3f1001b872b7018a7f27e963a"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

www.w88w981.com/_static/img/home.gif

172.66.40.129

200 OK

1.2 kB

URL HTTP/2
www.w88w981.com/_static/img/home.gif
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 30 x 28\012- data
Size
1.2 kB (1155 bytes)
Hash
34ce14de058256be050a2f21ff8c1407
a52d572213ed82aa6101f042fa0504688d65083d
f108e916b4ffc8bcff082cc4106c48a5298e35b8ba6d816961c9a0717a3d01a9

HTTP Headers

GET /_static/img/home.gif HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/gif
content-length: 1155
cf-ray: 76c37dac5a88b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0b1227043fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:54 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QYs45GA7A8EgyKiy6rwM25HphGtGScpMdDlrEGsHoYxu6FRmGz9JErolZYa7kI1xYFTTfA3PK0uo6i69%2BhBpEHpXPR35cp8CWCAJplr1dXdJ9w4VC0ucOoDpCx8xUdeBXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/img/mobile.gif

172.66.40.129

200 OK

1.2 kB

URL HTTP/2
www.w88w981.com/_static/img/mobile.gif
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 30 x 28\012- data
Size
1.2 kB (1225 bytes)
Hash
8491126b435ebf01cef5f154ae5f6d0d
c5e6db69a9d3ed7aa2fc80822d05e45be51dfca5
f68d06eb1176fd96aaac4da591ebd29b7489e802e464046680216012ab7a49d5

HTTP Headers

GET /_static/img/mobile.gif HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/gif
content-length: 1225
cf-ray: 76c37dac6a8bb511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0b1227043fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:54 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VjPGejz5OQ4GGupN6%2B14bvwcyQ7JMu1gFN8Lw4m2gfdMGdbo7HfbVB2%2FCKKwZrRufdHeWujRiGnp9d8M4Lx7A%2BGxhqbyl6sYtuIRmcCulzjFpkmVduQdlYY42k7fSO8YlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_secure/ajax/api/qrcode/desktop/download/w88w981.com/true/en-us/USD

172.66.40.129

200 OK

9.1 kB

URL HTTP/2
www.w88w981.com/_secure/ajax/api/qrcode/desktop/download/w88w981.com/true/en-us/USD
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (13127), with no line terminators
Size
9.1 kB (9111 bytes)
Hash
1cd35524ccf621a41c57db5cdf2466ad
9f7bbeb10b8181bcd620e39a85869dd312ffad35
8d5e97d51b1acca11c1651cbeb021a449214b60723c5e37bc36285dc609e26b3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_secure/ajax/api/qrcode/desktop/download/w88w981.com/true/en-us/USD HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer OElWYW1NVTJsMU02UG5NdWFCc2RkNlVjcDhSTHpaazhxbW1CUVpvYlJxTUFkSitPM1Avc2t4NW0zR3Q3MlhPRkpCMy9WZm82ZlB4dElrWlQ3SXZaSG0yMHAzWTlwVE9BYlFkaHp0TFlTcTBSRUp0UmRsNGxVSDNoN1RUUit4a2w=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: application/json; charset=utf-8
cf-ray: 76c37daa6fc2b511-OSL
cache-control: private
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
request-context: appId=cid-v1:befc641a-1b45-4261-8b4f-ca637b9caad0
svr: 07
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMXcspiPeuWn3AG7lsktSyXzR%2FRMcm9k%2FMCdSj4%2FYvTWS3ykjAYawvOggPwOHSghZwg5F4RuOjlXVSC8kIh8yh8d276vKnNK%2FbzU3MZZ9djW9Q6XcBLpDARZohCZiPsAlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/footer/downloadbar/img/v2/floating-App-empty.png

172.66.40.129

200 OK

1.7 kB

URL HTTP/2
www.w88w981.com/_static/footer/downloadbar/img/v2/floating-App-empty.png
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 168 x 138, 8-bit/color RGBA, non-interlaced\012- data
Size
1.7 kB (1734 bytes)
Hash
1a3f5725da30bb3f1db46d66e8e1422e
990e49bb3b99f8db6f3ec305567d8b907fc6c99b
ebbc2805079d8b59608e69f652f23e1abdd08472dd6dca4f65858652599c2819

HTTP Headers

GET /_static/footer/downloadbar/img/v2/floating-App-empty.png HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/png
content-length: 1734
cf-ray: 76c37dad8c87b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0c256343fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:32 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yyUabLxj%2FZt1kydBkrAkVATkr9hvvkmw9Pzm7FOWPxPAMgDPCnwsYo5yetye7hgJ%2Bhk4s3GOLOD6vtjaOHKo%2BM%2F57%2BPNlhJtQEK%2FzyI67ZRt9ttKGpMi5dT%2BeM1KV39s1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/footer/downloadbar/img/v2/close.png

172.66.40.129

200 OK

645 B

URL HTTP/2
www.w88w981.com/_static/footer/downloadbar/img/v2/close.png
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 25 x 25, 8-bit colormap, non-interlaced\012- data
Size
645 B (645 bytes)
Hash
d73dd3ff8ef50e35817c776e8f41a104
ede6bd2757a5afbe46cfc7c659c580629c8f2f72
c6e7b180843805053ef8ea779392301f4b1247aa0d1c0be0e21e55969fa801f6

HTTP Headers

GET /_static/footer/downloadbar/img/v2/close.png HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/png
content-length: 645
cf-ray: 76c37dad8c85b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0c256343fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:32 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2FB2zS1dT81ozJLFa7wAag5quk0K6VOp7QTZcIaURrWf7g2kmX%2FsK4xXXITZ%2F5bRGROuQrGq%2FKT3Kq76kpHCDQ1ICL6WysJOwQf4RPba7XJlGYfzq9HyuqiRh2oA1dpn1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/footer/downloadbar/img/v2/dc-android.png

172.66.40.129

200 OK

2.8 kB

URL HTTP/2
www.w88w981.com/_static/footer/downloadbar/img/v2/dc-android.png
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 36 x 41, 8-bit/color RGBA, non-interlaced\012- data
Size
2.8 kB (2787 bytes)
Hash
8937ea2253bd413e3e78a17956390cb2
86163d59716e13d227cdf9e830d00c5ac4add145
52b3501e5b4aacd16eb93c499b6582f559ee6c0ff9cfbc44f7eeb5a9a628561f

HTTP Headers

GET /_static/footer/downloadbar/img/v2/dc-android.png HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/png
content-length: 2787
cf-ray: 76c37dad9c8ab511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0c256343fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:32 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d19p9i9rhyh3SPMRNE44qO%2FiqkquueyXLU2CWAv04WKszZL3V4hUAdTzlJVNiNSbxFnCZQ5CWmyjy0noUwMNXHDC2drFC1vWvFibgebL5oANHV2P47LtPuvpr4VPsgI8kA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/img/new/new-en-us.png

172.66.40.129

200 OK

3.8 kB

URL HTTP/2
www.w88w981.com/_static/img/new/new-en-us.png
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 94 x 78, 8-bit/color RGBA, non-interlaced\012- data
Size
3.8 kB (3800 bytes)
Hash
d2b85a212847ca7422fe5308beca951c
6023a0f8af42bd0bbe4834ace503f8dd8ed56f32
a4ca87a6a2a4a485e3bacc2fd1457783f9c21d4af58eeee938f62a70840b7d55

HTTP Headers

GET /_static/img/new/new-en-us.png HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/png
content-length: 3800
cf-ray: 76c37dad8c82b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0b1227043fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:54 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0E4g%2FB2hX7Y%2FkdJuWZTrk4auPZeumn2TJLZEUygu7qP7S%2BpQAeTditylrhly43dmW%2BMNda9vUt%2Bo4PfX5qm%2FngMP7Lhc0wKq6iNGcSIy2ooTK2Qvkv08tB1N1mEIkj2vVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/footer/downloadbar/img/v2/desktop-poker-windows-en.png

172.66.40.129

200 OK

3.2 kB

URL HTTP/2
www.w88w981.com/_static/footer/downloadbar/img/v2/desktop-poker-windows-en.png
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 182 x 152, 8-bit colormap, non-interlaced\012- data
Size
3.2 kB (3181 bytes)
Hash
4360d5b40881eccd901cf3a8f9e550bb
d23ba1790df02eb8817d7a52a1134bef5c9ad378
a7201280a2234c0b5324d3f65e09665e677f1ef3fbe23247b1b80ca1293f7ffc

HTTP Headers

GET /_static/footer/downloadbar/img/v2/desktop-poker-windows-en.png HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/png
content-length: 3181
cf-ray: 76c37daddcf3b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0c256343fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:32 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V3TZW2m6RSdm3gShHY1j4QFZB1EdJ7Y%2BjflldaiHmFPu1A4tXaU2lSsX%2FduBc%2FZVgz8%2FVeq5sjIPeOZjB6iXWvLRClDvOydPaqlUTGJQndiXoiExuJ7Q7C%2F7HLSL6WkVsg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
616234e812d0fe1b582a6e82479706be
837e990c8bc894af98a94e9314420f513272c17d
1fe5ed317cd396938dc7eb49b4424b75d1d8bc2855e582503cf05e7541b70170

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=135856
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 20:35:09 GMT
Etag: "63775c2d-117"
Expires: Sun, 20 Nov 2022 10:19:25 GMT
Last-Modified: Fri, 18 Nov 2022 10:19:25 GMT
Server: nginx
Content-Length: 279

cdn.w88ux.net/_static/home/img/bannerV3/Countdown-World-Cup-2022-Qatar.png

172.66.40.161

200 OK

34 kB

URL HTTP/2
cdn.w88ux.net/_static/home/img/bannerV3/Countdown-World-Cup-2022-Qatar.png
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 383 x 68, 8-bit/color RGBA, non-interlaced\012- data
Size
34 kB (34235 bytes)
Hash
d9ee169c48692de471a66d199cf75c19
622e8e7e91f3be2fcfd25ca909e8a34bfe092e46
38fb2d44cf7ada6be7ccec95cfaf043a84c4d8a4231cda8dec6bc55e39579f83

HTTP Headers

GET /_static/home/img/bannerV3/Countdown-World-Cup-2022-Qatar.png HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/png
content-length: 34235
cf-ray: 76c37dad8cb5b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "4a4d3d3aff43d81:0"
last-modified: Wed, 30 Mar 2022 06:27:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tNOvRGN9bqSPyCDthOWC%2FR0I60c3nny0Cg8Eqdab5G%2FTVXOMrwozyAPDrKHqu0ysjfSQe6pnJK0vx8V1KD0GiSoycRvKEzO7CajSWoLuvvb94mNaXbJzy2fgutmF1eg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

ip2loc.w2script.com/ip2loc?callback=jQuery183031137484604514654_1668803706426&_=1668803706638

103.89.20.98

200 OK

176 B

URL HTTP/1.1
ip2loc.w2script.com/ip2loc?callback=jQuery183031137484604514654_1668803706426&_=1668803706638
IP
103.89.20.98:0
ASN
#136462 Mootech Asia

File type
ASCII text, with no line terminators
Size
176 B (176 bytes)
Hash
73f2cf8cfd31292e32f49bbb59e3d64e
08660ec39b8e35197a2779f073ad67a5930ecfdb
a8537c77625edcbfb51e5dd78dfbc24ab439cf4b7793120e952b17f3596cfb13

HTTP Headers

GET /ip2loc?callback=jQuery183031137484604514654_1668803706426&_=1668803706638 HTTP/1.1
Host: ip2loc.w2script.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: application/json; charset=utf-8
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
svr: 06
Date: Fri, 18 Nov 2022 20:35:09 GMT
Content-Length: 176
Set-Cookie: ASP.NET_SessionId=hjl0xmzcg1laflz5rivjgg1k; path=/; HttpOnly; SameSite=Lax
SERVERID=twmsweb106; path=/

www.w88w981.com/_static/footer/downloadbar/img/v2/desktop-clubw-clubbravado-windows-en.png

172.66.40.129

200 OK

3.9 kB

URL HTTP/2
www.w88w981.com/_static/footer/downloadbar/img/v2/desktop-clubw-clubbravado-windows-en.png
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 182 x 152, 8-bit colormap, non-interlaced\012- data
Size
3.9 kB (3865 bytes)
Hash
b2dfcf1bb0bc200cdbd7a977431c6e25
17764a16459eb0665d8718c560d14880b34bb830
cf2b069f2a250a934686709671846ec82f3557c8bf7e858606287f8f9f6642d8

HTTP Headers

GET /_static/footer/downloadbar/img/v2/desktop-clubw-clubbravado-windows-en.png HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/png
content-length: 3865
cf-ray: 76c37daddcebb511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0c256343fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:32 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ESb7QWEbFDYd9d8QwO2bVi2%2BGoyUEGHOEAxJJVJ4FiaPnV8WB4FsUioKIKbdEF3htsc0jVMtCMz5iGLJNKhIZZ2N3ZpYJ%2B60lgqcAsjyDENO0zdjGlWrHeA2cviwk3PLcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/menu/img/MG-popup-img.png?0.0.911

172.66.40.129

302 Found

48 kB

URL HTTP/2
www.w88w981.com/_static/menu/img/MG-popup-img.png?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
48 kB (48489 bytes)
Hash
e53719b74775699ac666d3ddfd3a243d
be107a5400d4b2dff5e14a0326b1613c4137965c
bca78235d5effd254597a8572eab8a5bf98c29e4b9ec24ff6bfd2070d95fdc2f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/menu/img/MG-popup-img.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 302 Found
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: text/html; charset=UTF-8
location: http://www.w88w981.com/_static/message/404.html
cf-ray: 76c37da96e1eb511-OSL
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: BYPASS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=knTXxiMG0gIb4jTgp9u%2F5wfypO2jXwYDuT%2ByVe6RjvMdflFq8oJXKHBAxg4GBSCceGuGuuoGwDKYnVfGql4mKweqn56eIwAuISNVQ8Ab1lhNMfbj8BV4ygFZpAaFQbiP0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/footer/downloadbar/img/v2/desktop-clubpalazzo-windows-en.png

172.66.40.129

200 OK

3.4 kB

URL HTTP/2
www.w88w981.com/_static/footer/downloadbar/img/v2/desktop-clubpalazzo-windows-en.png
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 182 x 152, 8-bit colormap, non-interlaced\012- data
Size
3.4 kB (3427 bytes)
Hash
a5ba753f8faf7e8ad644290be1419e63
94bb3bcefbff8675c8de2cf07600772548a1d236
bad398f746219955cc55d5aa09c8b874b792375224b8a16bdfcdbf04341dbba9

HTTP Headers

GET /_static/footer/downloadbar/img/v2/desktop-clubpalazzo-windows-en.png HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/png
content-length: 3427
cf-ray: 76c37daddcefb511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0c256343fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:32 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5iwt%2BSzW440KmrszSefRpDGc5NF%2F9PdT1qoTNPFr6KmT34ITvp3MWgGsj6tilIpeR5sviylXfje5zFfo91W%2FWAuGJg1%2BnIIPu1rCEpql1xcnKPFJ1olMd1p5rYKtG0qeOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/_css/img/time.png

172.66.40.129

200 OK

1.8 kB

URL HTTP/2
www.w88w981.com/_static/_css/img/time.png
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 160 x 112, 8-bit colormap, non-interlaced\012- data
Size
1.8 kB (1769 bytes)
Hash
71bdc0cbc613da9e7969e8dfa1a5c8ce
1ceaa826bfbee6105cec412ce3efa37327973f08
dcda6dd3a0de450aa2cd8720c067fefa20a904f99feba273ab6d1bd5b6f3ab34

HTTP Headers

GET /_static/_css/img/time.png HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/_static/_css/sprite.css?0.0.911
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/png
content-length: 1769
cf-ray: 76c37dae8dd9b511-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=14400
etag: "087ad5a43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
svr: 04
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPaiWP5BB8jIkgOfRwxGWs8XYHxr0SEtnrouYuabz3%2FR5mncplBgDQ12AmehmIA%2BZr0coTKWOX45x%2F35luAcr8XUtb5YSgV1sWkT0Siix1fHHrHiu9npHOyBRfDE1j4rDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/home/img/bannerV3/W88-Home-WC2250B-20221118-EN.jpg

172.66.40.161

200 OK

140 kB

URL HTTP/2
cdn.w88ux.net/_static/home/img/bannerV3/W88-Home-WC2250B-20221118-EN.jpg
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x500, components 3\012- data
Size
140 kB (139915 bytes)
Hash
cfef22e269d7f45575d8be0198dcd56d
735d73ccd80f83fc87d49891331405930f6ddc75
1247195b1a6ed514b320e27070472c9080e135de1fce7fa276bfe5e7c48e138b

HTTP Headers

GET /_static/home/img/bannerV3/W88-Home-WC2250B-20221118-EN.jpg HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/jpeg
content-length: 139915
cf-ray: 76c37dad9ccab4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "24571dc21fbd81:0"
last-modified: Fri, 18 Nov 2022 07:46:25 GMT
vary: Accept-Encoding
cf-cache-status: HIT
cf-bgj: h2pri
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jkDFOVDDG2bAVtyHbjMbzhPovTquGz%2BO1tl%2F6DH1uQNKTJ%2F%2Fp39HMLMC2X2TS1jvtOr4cMYxNGec8Af6XC%2FJFV1Ep0zzJCmhRPuCbVpSWs8S%2FyiA1RfZ4UTNuSJWjm8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/js/member-web.worker.js?v=0.0.911

172.66.40.129

200 OK

420 kB

URL HTTP/2
www.w88w981.com/_static/js/member-web.worker.js?v=0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 (with BOM) text
Size
420 kB (420090 bytes)
Hash
3cf0da9792caa165a8113d8976be48c8
e90bf8a923a3b17b0d845db592ec7823f7b48144
213621fdc0cae56639cf3836d53f3220f05af3e2ccf5cd65ffcb31d9f0ceb27c

HTTP Headers

GET /_static/js/member-web.worker.js?v=0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: application/javascript
cf-ray: 76c37daaa809b511-OSL
cache-control: max-age=14400
etag: W/"0e7198c99ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:46 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6nsDeERXHuc90zX8NgvEfBVPFNqOdCjcYdnitOZWj2%2BG2tepT9xoutREcezuBXqQ%2F96CkutC2Ol2fPJAXELwc8VQHVvUfsQgryC2lcEIMryRy1ZtiIxJZLKvtT4vPBXB3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/footer/downloadbar/img/v2/dc-icon-Android.png

172.66.40.129

200 OK

2.2 kB

URL HTTP/2
www.w88w981.com/_static/footer/downloadbar/img/v2/dc-icon-Android.png
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2177 bytes)
Hash
026b6a1f8e2f8bfb26a6fac46e4d7805
207848453a5e6c1b86892727682b1bef3389e7c4
89f2123ec48b8a851a4a55e7b310807170975983a227162200b6d00e28f0c956

HTTP Headers

GET /_static/footer/downloadbar/img/v2/dc-icon-Android.png HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z; clientIp=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/png
content-length: 2177
cf-ray: 76c37db00fd5b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "038a530a352d71:0"
last-modified: Thu, 27 May 2021 02:51:28 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M1lSD5wEEh2i1l1cvhjzO9%2B0WHdVN5zR6ni4Kbd1lK7byN%2Fh4r3rbV56Geadpj8shQRrRgXE3BawDq7sNL7wfdffWsf3qVl0qIp0kfldu7RjMmpzn%2Bqef91a3SVh0kM3hw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/footer/downloadbar/img/v2/dc-icon-iOS.png

172.66.40.129

200 OK

2.1 kB

URL HTTP/2
www.w88w981.com/_static/footer/downloadbar/img/v2/dc-icon-iOS.png
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
2.1 kB (2108 bytes)
Hash
08109401a1b9941537e6e1776ba990c9
02c0db54d518ab5a250c3c2825912aa446e44c70
6828222567b2f9c39a77966542819570280b51d13355a7ca0e08f37c219b44e7

HTTP Headers

GET /_static/footer/downloadbar/img/v2/dc-icon-iOS.png HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z; clientIp=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/png
content-length: 2108
cf-ray: 76c37db00fddb511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "038a530a352d71:0"
last-modified: Thu, 27 May 2021 02:51:28 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AU90uQ4wlEQw%2FnC3lRWfiXadgMlk5NFHwRgSxcfDv3wFfz%2Bma2BdP9rLLlu09LlTs7kt67cEWAqUDHROyLERPPIv2ZV6peBSm6q2IXRnq3vHvZ5ybjBB22mpZME5aNCTrw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/home/btm/img/24-hours-icon.png

172.66.40.161

200 OK

636 B

URL HTTP/2
cdn.w88ux.net/_static/home/btm/img/24-hours-icon.png
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 36 x 38, 8-bit colormap, non-interlaced\012- data
Size
636 B (636 bytes)
Hash
b185cae2695f5629899bd0be80f03fac
c9e461b5e87f0c703d9277b3aa18f174e4fd5c12
ab4d90752ef275e80a8c0caeebbd48e30d6a0a2d2d4936b0463c4d8081c28987

HTTP Headers

GET /_static/home/btm/img/24-hours-icon.png HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/png
content-length: 636
cf-ray: 76c37db17b5cb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "171e62928e54d81:0"
last-modified: Wed, 20 Apr 2022 08:13:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TH6nvx3qiZGFzkJ1a1wcaKMRrIebc5l3fyET4%2F4JDnT9WYCnesXtk2WHIsZMI67D0bJYSdTpRmw6E70jQ%2B0h9Gn6ULjLCm5bK7%2FaYHEJbBX8Zyn1jtO7uezj5vF39no%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/home/btm/img/promo/W88-Home-e-Sports-EN-grey.jpg

172.66.40.161

200 OK

6.8 kB

URL HTTP/2
cdn.w88ux.net/_static/home/btm/img/promo/W88-Home-e-Sports-EN-grey.jpg
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 319x233, components 3\012- data
Size
6.8 kB (6848 bytes)
Hash
d2add7d05707ab889665c063caf4fd6c
0b1ba0d5a807b91ec6e977d1b63071caa1d71dcd
31925f8020117d2206cdef6939a33c0b70af5272ffa47b5239f36924a077df03

HTTP Headers

GET /_static/home/btm/img/promo/W88-Home-e-Sports-EN-grey.jpg HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/jpeg
content-length: 6848
cf-ray: 76c37db16b50b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "8d479b9a8e54d81:0"
last-modified: Wed, 20 Apr 2022 08:14:06 GMT
vary: Accept-Encoding
cf-cache-status: HIT
cf-bgj: h2pri
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06hACaQtRgZpdwi2FZhyCuMpP1ZhQ6lyoXtvcipzB5WR8SEKKj1a7EoO7ym5wWuxekhpJDvPnze4m663Zf44FS%2Fojq1lddZfJyUPNl6iWPTgYP%2B%2F2z%2FYVDAUaoa37p4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/home/btm/img/phone-icon.png

172.66.40.161

200 OK

265 B

URL HTTP/2
cdn.w88ux.net/_static/home/btm/img/phone-icon.png
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 30 x 37, 2-bit colormap, non-interlaced\012- data
Size
265 B (265 bytes)
Hash
da993759bfd8c1adaac3487dce006923
6919413762a894f11540a7530377b356470e3424
ce0bab7c643b66e33eaad57c2a0a642be5e2ea4a90780722e948b45e40c7f781

HTTP Headers

GET /_static/home/btm/img/phone-icon.png HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/png
content-length: 265
cf-ray: 76c37db17b69b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "a7f4e1938e54d81:0"
last-modified: Wed, 20 Apr 2022 08:13:55 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gGQp2YB70UxGZlm%2BiaOxZ2qMZqTv3F6wK7nh%2F7%2BgiI8HvpJu1sP20aCNa6%2BFMtt0t6Mg1aGfox6QTpOZUjiTtbKthbqvdm3s5jFGC0UM5I0YsB49jvjvdGi6AxKh8MY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/home/btm/img/Skype-icon.png

172.66.40.161

200 OK

268 B

URL HTTP/2
cdn.w88ux.net/_static/home/btm/img/Skype-icon.png
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 32 x 32, 2-bit colormap, non-interlaced\012- data
Size
268 B (268 bytes)
Hash
8348db3bfbee590c64b61ef0d279ec20
dc70f419dd570604ea8a09b9c77482e156a2b963
4155cb3ad2ab7356fe82c59be1f52bf1b67b23089000651ab18fc50f60cf4f0a

HTTP Headers

GET /_static/home/btm/img/Skype-icon.png HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/png
content-length: 268
cf-ray: 76c37db17b67b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "6bb6a96f8f54d81:0"
last-modified: Wed, 20 Apr 2022 08:20:03 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nrS1NIHmVxwW3xIUW807rQeZjvXyVZ9xOLol%2Bzlw5HMCPFYI%2BwExBt8NRBAtUFT01K0NEgygpxM541n5stiweb2OE5ur%2Fvae4wbHgf4iAl4Ii0UwnU1R2IPSbG6Wk8M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/home/btm/img/promo/W88-Promo-B-100welcome-EN-grey.jpg

172.66.40.161

200 OK

12 kB

URL HTTP/2
cdn.w88ux.net/_static/home/btm/img/promo/W88-Promo-B-100welcome-EN-grey.jpg
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 319x233, components 3\012- data
Size
12 kB (11666 bytes)
Hash
b410f3ec8758aee06b6b103b652f444f
dbb358fa7fff5ee2d8acdc72e567f202e0beaba0
0d85d89a976c074a671b5c92f57d869f59bbceec5437e8ee23c508b850dc78fc

HTTP Headers

GET /_static/home/btm/img/promo/W88-Promo-B-100welcome-EN-grey.jpg HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/jpeg
content-length: 11666
cf-ray: 76c37db17b5ab4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "289427aaa70d81:0"
last-modified: Thu, 26 May 2022 02:44:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
cf-bgj: h2pri
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=phgXasOmwdZYi4vQ6%2BTau4h%2BKqpBZ3Nru126uvWaJ2MzW04M5Gz4md2Gu9pJkoqU4XzFt5SozlauzLSurN8lR9zLKVXPN%2F86lqWnE2ItKXvI4ngRFZs2tseeaGpr2GY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_secure/ajax/api/qrcode/mobile/download/group/w88w981.com/true/en-us/USD

172.66.40.129

200 OK

37 kB

URL HTTP/2
www.w88w981.com/_secure/ajax/api/qrcode/mobile/download/group/w88w981.com/true/en-us/USD
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
37 kB (37098 bytes)
Hash
d14cb1b571ae3fa0ac1608d7fcbcd4c1
6403426cc33e78d869632b9917911bc46db985cf
8e8c9fb7ef9d503d83bacdf05363ed72dda38f7a082ba8ff1eb04db2902c7e45

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_secure/ajax/api/qrcode/mobile/download/group/w88w981.com/true/en-us/USD HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer OElWYW1NVTJsMU02UG5NdWFCc2RkNlVjcDhSTHpaazhxbW1CUVpvYlJxTUFkSitPM1Avc2t4NW0zR3Q3MlhPRkpCMy9WZm82ZlB4dElrWlQ3SXZaSG0yMHAzWTlwVE9BYlFkaHp0TFlTcTBSRUp0UmRsNGxVSDNoN1RUUit4a2w=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: application/json; charset=utf-8
cf-ray: 76c37daa6fb9b511-OSL
cache-control: private
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
request-context: appId=cid-v1:befc641a-1b45-4261-8b4f-ca637b9caad0
svr: 07
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RolAoIzOymDgflRuVzXl7lcm%2BTYyDihUOT650zQB5bYIeG9dIG8s85V%2BQbzSWwuka3%2BaGbsTX6nWSXoVi9BJsX1MDgBpw5VbGpNxB4B5FF5UZJJ3Qedtl1iEuRmR5hxAJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/menu/img/MG-popup-img.png?0.0.911

172.66.40.129

302 Found

1.9 kB

URL HTTP/2
www.w88w981.com/_static/menu/img/MG-popup-img.png?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.9 kB (1856 bytes)
Hash
f8993df6b16af94de9833aebd86039c9
2bbfe8d28e20b4caabc399708b5a8e0da024a183
ec91416bed283ecab082f72798b70418a5047d906c2dc091d3a3ddcf3d2c6e47

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/menu/img/MG-popup-img.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 302 Found
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: text/html; charset=UTF-8
location: http://www.w88w981.com/_static/message/404.html
cf-ray: 76c37da2ec14b511-OSL
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: BYPASS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QhURB6FwEC7Y%2FyhBOQ6L8rMD9Iy6nXC1YqmZOtm9dz%2FBKpBp8FaaryAmZmNKwPYyvrTc9LFalJyDRNakp5aFfKgMU2MTKKYrWH8gTVUpPO7TuywhQmjnvYYF5Ckxt9qsog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/menu/img/ClubMassimo-MG-CN.png?0.0.911

172.66.40.129

302 Found

4.2 kB

URL HTTP/2
www.w88w981.com/_static/menu/img/ClubMassimo-MG-CN.png?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
4.2 kB (4209 bytes)
Hash
b083b54edf69aa5a73bdd9cb0fe64b11
f5eb268e2360d41cc09693be6d4452d319b0a5dc
3879a52fae16e813bfc8d329b3d3370c7abda52561e22b59458de2925f70f7c9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/menu/img/ClubMassimo-MG-CN.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 302 Found
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: text/html; charset=UTF-8
location: http://www.w88w981.com/_static/message/404.html
cf-ray: 76c37da96e1db511-OSL
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: BYPASS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ImRFhN%2Bdl6dfAJ%2F5QRQTw%2Fc1nP9rNAMkzcMiKbJFgqeMEVUQdeolQLp%2B5DZz36HlE%2B7XgmuUTHJ7P4%2BtffRwNYzcqmwlYnnmn5SCEPUhTzAdbsuFqLM9XPK4hHxqfl63Ig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_secure/ajax/api/handler/contactus/side/en-us/USD?riskID=N

172.66.40.129

200 OK

5.4 kB

URL HTTP/2
www.w88w981.com/_secure/ajax/api/handler/contactus/side/en-us/USD?riskID=N
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (1455), with no line terminators
Size
5.4 kB (5444 bytes)
Hash
56124d8d3c0fdba75e37f3667d474623
c429e9aee970fb6215d440154f574f9f895c784f
49e674535708811ac9e8b0b97f4daae364370ad922ec306181d8d0c54586b94b

HTTP Headers

GET /_secure/ajax/api/handler/contactus/side/en-us/USD?riskID=N HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer OElWYW1NVTJsMU02UG5NdWFCc2RkNlVjcDhSTHpaazhxbW1CUVpvYlJxTUFkSitPM1Avc2t4NW0zR3Q3MlhPRkpCMy9WZm82ZlB4dElrWlQ3SXZaSG0yMHAzWTlwVE9BYlFkaHp0TFlTcTBSRUp0UmRsNGxVSDNoN1RUUit4a2w=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: application/json; charset=utf-8
cf-ray: 76c37daa5fa1b511-OSL
cache-control: private
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
request-context: appId=cid-v1:befc641a-1b45-4261-8b4f-ca637b9caad0
svr: 07
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o8oiJLm4NVzvuXMwo1YzmCjc68aNBwklDFDE%2BQvzGSf%2BskYPJGWmZxDITRBZRvnatTqe8jSgWqcwvS2pAJxLNFteVP%2Fx%2BBLpWq7HwuFYFBnoInU7Ez%2B6jkqYRUeXncRLPg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/home/en-us/images/8/Sub-BankingOption.png?0.0.1864

172.66.40.161

200 OK

6.3 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/home/en-us/images/8/Sub-BankingOption.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 160 x 164, 8-bit/color RGBA, non-interlaced\012- data
Size
6.3 kB (6346 bytes)
Hash
51d9fca452c3836ebd030750402d3241
68889a9f4bf14854d70f2a3fc4887d640bbf2758
2701cb0c532757f5817671a15a375edd19e3dc058b351c6e8d9b0bf7a2a335d3

HTTP Headers

GET /_static/menuApi/prod/menu/home/en-us/images/8/Sub-BankingOption.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/png
content-length: 6346
cf-ray: 76c37db1cbddb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "196a5acd258d81:0"
last-modified: Thu, 13 Jan 2022 02:32:25 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZE3Nyubzf7pwXIxQr6ouMT%2FgwEur8oSGzq%2FGy6XamcUTM6LXo67pYHGef%2FvhJ9dG53iRfFlBOpAKXtnjWwz1E7ATKcYGgfxl21waU6HbyiovWWc6Z%2BfJV5%2Ft6alk9rs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/home/en-us/images/8/Sub-ContactUs.png?0.0.1864

172.66.40.161

200 OK

4.6 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/home/en-us/images/8/Sub-ContactUs.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 160 x 164, 8-bit/color RGBA, non-interlaced\012- data
Size
4.6 kB (4555 bytes)
Hash
f9572f0701001ece624ce1fbe2fd25e2
ffe2e9b8e0daccaaa51640e0cbd14cae8d49478a
88bb4824fd7df6631de744020a8b63ef58746059829d3dae07ae14034770f94f

HTTP Headers

GET /_static/menuApi/prod/menu/home/en-us/images/8/Sub-ContactUs.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/png
content-length: 4555
cf-ray: 76c37db1cbe9b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "9bcb5ccd258d81:0"
last-modified: Thu, 13 Jan 2022 02:32:25 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EH5wosSivrgJdSDRvGGv5yDMghv2%2Fg0RdXH7V0jyW2LMKmQ9t6Md8njWW6w2%2Fr%2BgLYL%2F2G40K2%2FDHoVH03Q6zkynKZGBzl8UDWtW7%2FycpN2%2B8DnErzGTDZV2wnfuZ1A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/home/btm/img/Service-Advantages-bar-grey.png?0.0.911

172.66.40.129

200 OK

168 B

URL HTTP/2
www.w88w981.com/_static/home/btm/img/Service-Advantages-bar-grey.png?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 250 x 26, 2-bit colormap, non-interlaced\012- data
Size
168 B (168 bytes)
Hash
619685318504a2132e278b48c76f9073
b441871fe0b03579341a3f9345a5cb8a06a80b46
0b5d5c12e8c30bcb0c4b39532165b3fac153978502c1879dcba6165b0ab6610d

HTTP Headers

GET /_static/home/btm/img/Service-Advantages-bar-grey.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z; clientIp=91.90.42.154; ai_session=YvtLmJSUPX+wIkHQCMK4tc|1668803707751|1668803707751; popup=6478
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: image/png
content-length: 168
cf-ray: 76c37db18a7fb511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "084f16e43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:52 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iim%2B7CYpznk5HcviGeBBDNI0gZoLPre4FwuULENO0gBQ96Il%2BMR0r6PwGM%2BBeKfpaIRopAitl2PZBhquqK4aGy8X4jnBcGwCCPN4TGVqZFQABsPM8LtOnX5SdgGcba%2F1eA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/home/en-us/images/8/sub-jackpots.png?0.0.1864

172.66.40.161

200 OK

6.5 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/home/en-us/images/8/sub-jackpots.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 160 x 164, 8-bit/color RGBA, non-interlaced\012- data
Size
6.5 kB (6467 bytes)
Hash
a0e5ae4d0bfd8a903e78a312efc0abb5
086bf2e5916827234ad45f0aa398c2320d2cf3ee
74c08930e729c4ddca4289c52a76a437545bd1bbf5005f252039a58d38a54171

HTTP Headers

GET /_static/menuApi/prod/menu/home/en-us/images/8/sub-jackpots.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 6467
cf-ray: 76c37db1dc0ab4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "9bcb5ccd258d81:0"
last-modified: Thu, 13 Jan 2022 02:32:25 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dUORtBFtL94eqGgm0gRHMojspg2dbuOU1V9eQF4Ziy6Po9QQcwbl57TGrojtWEyvDvPQ2laao9Ii5VnKJkvP4yBgoeNaNYeiL2ak%2Fel1dwq4bjK4pxmaxBdsSVpfXyo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/home/en-us/images/8/sub-milestone.png?0.0.1864

172.66.40.161

200 OK

5.1 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/home/en-us/images/8/sub-milestone.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 160 x 164, 8-bit/color RGBA, non-interlaced\012- data
Size
5.1 kB (5095 bytes)
Hash
de201a5b55016bebb9f4e00e7675bc78
3c602d227cb4c446baba14484be8fa630323ece4
f84b6ac919bf9f28ed00ff9e1f1c3a3495011569ce3697e03f1ba399173d8f08

HTTP Headers

GET /_static/menuApi/prod/menu/home/en-us/images/8/sub-milestone.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 5095
cf-ray: 76c37db1cbf8b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "182d5fcd258d81:0"
last-modified: Thu, 13 Jan 2022 02:32:25 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cSJHXA28rKu%2B0t4oidHrKxVQ2b8%2FtOGit4%2BRhOT%2FHwoSF%2FaSh5veH8%2FX7lMhAM5tAm%2FqqZ5yOvz5GuirJL1uYGeNyUt9tSl5Vstc9lu4PZ3N%2Fg0rZmFVSAl65e8sbEE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/sports/en-us/images/7/eSports2.png?0.0.1864

172.66.40.161

200 OK

5.8 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/sports/en-us/images/7/eSports2.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 183 x 164, 8-bit colormap, non-interlaced\012- data
Size
5.8 kB (5799 bytes)
Hash
25bbe037544079a2bf5fab10f73f035f
0d618e5c010a7b33955b0744cb80ae8a9c7aebcc
240ce4898de20ba7a7ef6c58b7f84b6fe74371db21826255e712a4a390234f10

HTTP Headers

GET /_static/menuApi/prod/menu/sports/en-us/images/7/eSports2.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 5799
cf-ray: 76c37db1ec37b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "c210112d278d81:0"
last-modified: Thu, 13 Jan 2022 02:42:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q5CMn69cGH%2FazlNoqPc7c%2FOGIVdg1ddM39orST%2BBqJRviya%2F%2B8%2Bvbr2cOczhjm%2B%2FS1dl2nGhiMl7K4ax4iCd%2FVTNyeLa0o8huAN6tTAuhH5M2R3LYatCD%2Fq8%2Fwm1gls%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_secure/ajax/api/menu/lottery/en-us/

172.66.40.129

200 OK

6.4 kB

URL HTTP/2
www.w88w981.com/_secure/ajax/api/menu/lottery/en-us/
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (3556), with no line terminators
Size
6.4 kB (6354 bytes)
Hash
b12f8d0588d8245a0b979f5f86b1020e
882f7b9d48194b56ca698394bcc9fed9151f662a
2b4db3a932cb7fcbd641f63d0ef9a8ff6ac4f8f5dae720fd99d17479f4b56104

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_secure/ajax/api/menu/lottery/en-us/ HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer OElWYW1NVTJsMU02UG5NdWFCc2RkNlVjcDhSTHpaazhxbW1CUVpvYlJxTUFkSitPM1Avc2t4NW0zR3Q3MlhPRkpCMy9WZm82ZlB4dElrWlQ3SXZaSG0yMHAzWTlwVE9BYlFkaHp0TFlTcTBSRUp0UmRsNGxVSDNoN1RUUit4a2w=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: application/json; charset=utf-8
cf-ray: 76c37dac7aa4b511-OSL
cache-control: private
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
request-context: appId=cid-v1:befc641a-1b45-4261-8b4f-ca637b9caad0
svr: 07
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJ1%2Fs97Ydz2wP5%2BFspn5Wra4E8EI4Mk8YiCUqonVFtuLaF2x1X272ykvS7OyXdV6%2BmYUoMYcbf8uphmQ5j2C99Axhjqfn0FZe%2B3qPD9tICCQcHsmU1UyirAhD%2F3oqHWv%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/sports/en-us/images/7/vsports2.png?0.0.1864

172.66.40.161

200 OK

4.9 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/sports/en-us/images/7/vsports2.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 183 x 164, 8-bit colormap, non-interlaced\012- data
Size
4.9 kB (4861 bytes)
Hash
ab362cdd7db0732f756fda6aefb09240
ddee4c7170a8c56ac5006c22e1ce5c93ee43a46b
04891c7014b234c7ff43075050a6f56433964c138d0cc802eafa6cc58f4f5b37

HTTP Headers

GET /_static/menuApi/prod/menu/sports/en-us/images/7/vsports2.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 4861
cf-ray: 76c37db1fc4cb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "2a9a1a2d278d81:0"
last-modified: Thu, 13 Jan 2022 02:42:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SQOprKGx7%2BR2CsDrbbwhzPUNiW9KkMKJ2hvGaKgiJ6lqpk7Ommns7oGDfvhPUou7LS64OK%2F7b0MKRnXe79y%2BnSesEuRCTI0Yj%2FBAzJ%2F4bV%2FsCHmK3q7jwy1zvqhWufE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_secure/ajax/api/menu/p2p/en-us/

172.66.40.129

200 OK

5.6 kB

URL HTTP/2
www.w88w981.com/_secure/ajax/api/menu/p2p/en-us/
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (2544), with no line terminators
Size
5.6 kB (5564 bytes)
Hash
d1f592c80069eee42ecc0921c54911b3
69a9b54fe8039cb457d723f341821f43dc518bc0
31b1b871b0e5b52e4ea380c586cbff0c8e3fdb74ac1df0e49323e478fab175bd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_secure/ajax/api/menu/p2p/en-us/ HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer OElWYW1NVTJsMU02UG5NdWFCc2RkNlVjcDhSTHpaazhxbW1CUVpvYlJxTUFkSitPM1Avc2t4NW0zR3Q3MlhPRkpCMy9WZm82ZlB4dElrWlQ3SXZaSG0yMHAzWTlwVE9BYlFkaHp0TFlTcTBSRUp0UmRsNGxVSDNoN1RUUit4a2w=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: application/json; charset=utf-8
cf-ray: 76c37dac7aa5b511-OSL
cache-control: private
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
request-context: appId=cid-v1:befc641a-1b45-4261-8b4f-ca637b9caad0
svr: 07
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ceG2H0ovCVkqhybuqYpCaRAw26R3j0UpH4XQIWOX7P2YyEj57IZVGN17Vv36PkGY%2BQm48Imbb5ndJsKHX1qKzjDU%2F%2Bkdqp1G0rjQMoq2J5YWfH5w6xgsCbZgN2XzJzAXZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/sports/en-us/images/7/Fantasy.png?0.0.1864

172.66.40.161

200 OK

5.5 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/sports/en-us/images/7/Fantasy.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 182 x 164, 8-bit colormap, non-interlaced\012- data
Size
5.5 kB (5497 bytes)
Hash
a77b2248ff1fd7ccd18bf8451765f488
bedda4e4474351e32e2a58c349a3616cf04e5175
0d8c401c0d4e782c4736032856eb4fb9c4407603c5029f027a54f4ec32f0da4c

HTTP Headers

GET /_static/menuApi/prod/menu/sports/en-us/images/7/Fantasy.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 5497
cf-ray: 76c37db1fc51b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "e446ada559cdd81:0"
last-modified: Wed, 21 Sep 2022 01:29:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zPtdFgJNeht3PLZTVy2ZnLnr8GMzMJzi66eW8%2FiBElz1vDApp3NOw%2BO72CnOOXm3SsoVkUMIYBtloYeaXYheGeTKd9%2FBxsoYysSjGZABZIaHthx%2B5YScuj4vLJB5%2FPk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/Playn-GO.png?0.0.1864

172.66.40.161

200 OK

17 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/Playn-GO.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 256 x 164, 8-bit colormap, non-interlaced\012- data
Size
17 kB (17053 bytes)
Hash
764623ab89d08957cc0199401ece2fbb
6e2b641a18944366086a571b6cf2bc59385bd139
58f827117d6f3788403fdc1f8bd2369ef1c146ceb38742e4a6383adce5e47776

HTTP Headers

GET /_static/menuApi/prod/menu/slots/en-us/images/5/Playn-GO.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 17053
cf-ray: 76c37db21c83b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "bdf2a9d92f8cd81:0"
last-modified: Thu, 30 Jun 2022 03:16:55 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BMw0JNWYAMvj6xcIviP%2F2Mye0xfpxcHwulPnCs0yEVGYjfpB3R8phRDTsmS4YO2xJpw4Sj%2FlHqguPrDV43UH7aYTvUoYqzAa85Sd3phvoDQR3rbRUKp6KyoYPsLHIys%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/booongo.png?0.0.1864

172.66.40.161

200 OK

6.7 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/booongo.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 256 x 164, 8-bit colormap, non-interlaced\012- data
Size
6.7 kB (6651 bytes)
Hash
ac782b0f1e70a2d4930923dc458fda61
1b31e4618e25c2b84b60e3aca65e1510c68c5def
075579a659867379437694e43d304dcd2475b0e3a817afac282a04a7ec0e33aa

HTTP Headers

GET /_static/menuApi/prod/menu/slots/en-us/images/5/booongo.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 6651
cf-ray: 76c37db23cb5b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "a97d268284f9d81:0"
last-modified: Wed, 16 Nov 2022 06:27:32 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rmUm1fcvjkJTMneKuAuCZr7b7ZXM%2FtVu%2F0eNyDXcGNPmngW%2FMJb%2B4vNtTu9Qi73y2OzdCOFecUeqT0ax0tHKMZOREy3N7spDUHWbpezafVNPLjHpB742p0xbSgjXp6w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/Evolution.png?0.0.1864

172.66.40.161

200 OK

7.9 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/Evolution.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 256 x 164, 8-bit colormap, non-interlaced\012- data
Size
7.9 kB (7875 bytes)
Hash
ef3b3d0dd4b533212a45b608998de710
95ba788a0b309ba8a1127c467fdd16730c5d1311
2d6dbd37c810789714957f43ab6021a6d65f313c940da6478acc23a058be5de6

HTTP Headers

GET /_static/menuApi/prod/menu/slots/en-us/images/5/Evolution.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 7875
cf-ray: 76c37db23cb9b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "bd36346099abd81:0"
last-modified: Tue, 09 Aug 2022 02:40:23 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1jn6vzr9tDWlxbj8CrgUjAtcDHLw%2F3%2BtRledjBF%2FaKs4iGnGIbtNBXhyLi2e6A%2Ff%2Bq68baqgyjj2nN%2Fm4Z8Rne1%2BgV5hnJ9Wshiv%2BCbAkqoH0GRRrwk6UU4%2FLUarr1A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/4/skywind.png?0.0.1864

172.66.40.161

200 OK

8.4 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/4/skywind.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 320 x 164, 8-bit colormap, non-interlaced\012- data
Size
8.4 kB (8401 bytes)
Hash
7cda91fa9a2b2b6b178eeb1e7dd1fdbc
7c2194869c82f9570ce467abf69f1f9d391364ed
265f6eb7a1b98cff67b86446ebfec0eddf84104899c7a844351f1ae5bd5a7f3a

HTTP Headers

GET /_static/menuApi/prod/menu/slots/en-us/images/4/skywind.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 8401
cf-ray: 76c37db22ca2b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "cf48ad92f8cd81:0"
last-modified: Thu, 30 Jun 2022 03:16:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1aKAMDcNLpKm2SVXqpI%2FjQL3nd37u0ckWfB5uNL8kkyYhBDSqtXZ%2BwX7kP3eFI%2Bw8xC0idezaEW9zTyb8Df6dTFtN5kRe27SL8bHMfqQk0S8r43oOEn%2BoxY3MB7QCZw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/Genesis.png?0.0.1864

172.66.40.161

200 OK

8.8 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/Genesis.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 256 x 164, 8-bit colormap, non-interlaced\012- data
Size
8.8 kB (8796 bytes)
Hash
247a96a9a9bd9df58ed6f2560d270bb2
93a8fbaab6f151d3c867edbfb7e060e54450282a
f6a013a09dc72302ead4e219dcd4216e6162d2d67367035e4159b57c19369c13

HTTP Headers

GET /_static/menuApi/prod/menu/slots/en-us/images/5/Genesis.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 8796
cf-ray: 76c37db23cbdb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "d99366099abd81:0"
last-modified: Tue, 09 Aug 2022 02:40:23 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dzbfJWuszl8sxdDUW7MoWu5CDDfzt%2B6bFkko6UzCRheoNL4GgVc65HvjOIC1I8DrQOhzG%2FbHM71tFOO2ymVdcsyZXWJtb%2FCgUnYY1oQFMA97qR1EXF4PdG4qB%2F7RLDQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/casino/en-us/images/5/Sub-Club-Massimo.png?0.0.1864

172.66.40.161

200 OK

46 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/casino/en-us/images/5/Sub-Club-Massimo.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 256 x 164, 8-bit/color RGBA, non-interlaced\012- data
Size
46 kB (46191 bytes)
Hash
cb3bc05d0b73ec9cff23bc37d1f716af
b8bc136769e8ae792aa5365ecfb649f6b75a8c8b
be4b2d29cbf19f9b3d56bf794eb5b9e605dc45b8177d11a920e2a5cd59dab204

HTTP Headers

GET /_static/menuApi/prod/menu/casino/en-us/images/5/Sub-Club-Massimo.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 46191
cf-ray: 76c37db21c6fb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "ffc5b33da2f4d81:0"
last-modified: Thu, 10 Nov 2022 01:17:46 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GpArXLEPtZGYRYoWB%2FbWI3oV0WiGj%2F7Flp2ShJRrI06giPvtkuPxgn2F42bQPDvQhK7%2BizD1V1lgyvphCcUK6s7B0UiP%2FCuPenYzjTcLzvb3dkThMCeu4UXVYxCtivg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/gameplay-interactive.png?0.0.1864

172.66.40.161

200 OK

16 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/gameplay-interactive.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 256 x 164, 8-bit colormap, non-interlaced\012- data
Size
16 kB (16207 bytes)
Hash
6b67be68ab362aa8cf4b2047e947a36d
25929cba23bff8a734488f407213d1505abb0378
31ebf28128a8727c2b0a1e3359b96f8cb38351991a5d4777960afc9f5de3711e

HTTP Headers

GET /_static/menuApi/prod/menu/slots/en-us/images/5/gameplay-interactive.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 16207
cf-ray: 76c37db21c86b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "effd2d71ce8d81:0"
last-modified: Tue, 25 Oct 2022 02:52:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2FB5uwTefkrvmMIbwUqEhOjJWubjpW0vz%2FPtBwNcyZfdLT%2BeAMdNayigIBaoHoQ4fgDbrsB9%2FM2rWFBd5y%2F%2BmV9ihJDokuyG5i9zArklTGAITErHx1siL9MFhNvtMxI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/QTech.png?0.0.1864

172.66.40.161

200 OK

17 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/QTech.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 256 x 164, 8-bit colormap, non-interlaced\012- data
Size
17 kB (16693 bytes)
Hash
861fd12b26e72eb976093c8c802aba2b
36a822c3f65bfbeda313253169f739b470f49d02
89ca2b74c7171994613f105f2e2f477df130fa309af7a6b8e5402fb6f7ce0897

HTTP Headers

GET /_static/menuApi/prod/menu/slots/en-us/images/5/QTech.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 16693
cf-ray: 76c37db22c8eb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "56b7aed92f8cd81:0"
last-modified: Thu, 30 Jun 2022 03:16:55 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQ0zGLq8CX2wk6%2Bxx4PrYlgqGWk4pKnPnHDMzCEOuPhTmzBfHE520RgmC418GDxX8%2FABdSW1N2I0K4puMqhN5A5u77RY%2F%2FP05MkFnDJ%2FWfwKYL2EA%2FITB6XjXa9%2FHyM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/toptrend-gaming.png?0.0.1864

172.66.40.161

200 OK

7.4 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/toptrend-gaming.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 256 x 164, 8-bit colormap, non-interlaced\012- data
Size
7.4 kB (7436 bytes)
Hash
c9e03369df1da67fe4e104ecfc05e59b
762169d45bf9291cdba84ba3f973fb0299a71a49
fa497231d46e464b0bcb47294b4ce6d50249e3a165e8ddcbd6aca2d747fbf1e0

HTTP Headers

GET /_static/menuApi/prod/menu/slots/en-us/images/5/toptrend-gaming.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 7436
cf-ray: 76c37db24cc0b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "dfab496099abd81:0"
last-modified: Tue, 09 Aug 2022 02:40:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dWAEcjCSg%2Bn5i12LCRB3GJpcmdvi7NfF4pc6yCCBySsNtHhnS9wrN8GtZxc9LuaXoJadX23cMiUeJiX6c70EJyF7YBmfEJl0DvXesafcLxIKddnK25sLZauT%2BUtt%2FT4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/Spadegaming.png?0.0.1864

172.66.40.161

200 OK

9.2 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/Spadegaming.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 256 x 164, 8-bit colormap, non-interlaced\012- data
Size
9.2 kB (9177 bytes)
Hash
db7cc65ac3d028e6840353a693f3033b
5960d84a22a234394af9051c4f4835ebb280e5e2
6b5854c932d6c2d81a40413c6f954c4afa6ac24edfaf2ae1b6b2f8866e9a7911

HTTP Headers

GET /_static/menuApi/prod/menu/slots/en-us/images/5/Spadegaming.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 9177
cf-ray: 76c37db23cbfb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "5849476099abd81:0"
last-modified: Tue, 09 Aug 2022 02:40:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJv3a7CjGvz3ybexYh22fYA9LhHoynFEFxUs%2Bbg7uDsfEjmxAmwmh8UmpjB0qFZbiz09Y7PYoqqNHY%2B835UerhKZUEu7pZgigx2OAgcu0dYDecV3mtfFpmi7szN3lbI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/fishing/en-us/images/4/Crazy-Fishing.png?0.0.1864

172.66.40.161

200 OK

8.5 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/fishing/en-us/images/4/Crazy-Fishing.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 320 x 164, 8-bit colormap, non-interlaced\012- data
Size
8.5 kB (8460 bytes)
Hash
a34fab9d7d5a9a3bc66f0030355c578e
4e9eebd3d0dbd163a4da967aff5fcde4d70ea876
43ee1052bc344422480f87185b9a264e52658c92c2f692f50e20d86776da5a05

HTTP Headers

GET /_static/menuApi/prod/menu/fishing/en-us/images/4/Crazy-Fishing.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 8460
cf-ray: 76c37db24cceb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "48fb20bc3e9d81:0"
last-modified: Thu, 27 Oct 2022 05:14:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jNnstWEV4TSE5qwex4KOTDh4kg5e6FnOoHfieoD6Zp5j8aAfgNNVsilSW%2BdRK3WgOzJBql4dw%2FiZO8BWTXwWBuBAGUWC6D3Z24jN9UNU1%2FZqHbRJnO766kqjita%2FjXc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/FPC.png?0.0.1864

172.66.40.161

200 OK

6.6 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/FPC.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 213 x 164, 8-bit colormap, non-interlaced\012- data
Size
6.6 kB (6613 bytes)
Hash
564141efb8f653627b81685c06f033a5
25ae5faf1b0db97fc9b3f545e5974d1ef5f81f51
c3a02ba89d235e2ea9d536d13f57d363c60b824849922c18ba7b6629a6d2158a

HTTP Headers

GET /_static/menuApi/prod/menu/games/en-au/images/6/FPC.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 6613
cf-ray: 76c37db26cfeb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "ad12cfbf3ac7d81:0"
last-modified: Tue, 13 Sep 2022 06:33:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Owgd8F%2BTfcKweUQ3taSWRCugjlhbl%2F0VU9o%2Fxs8fmz0xwtwvURYJhGnSR5lq5Ou8MbkzXt8ttKDVvaMSjygqUcf6ur6J9iQvXQlsm6H9vGsz3Gvgp9Rplt%2FSQthbPYE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Bai3CayMienBac.png?0.0.1864

172.66.40.161

200 OK

5.4 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Bai3CayMienBac.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 213 x 164, 8-bit colormap, non-interlaced\012- data
Size
5.4 kB (5377 bytes)
Hash
87d279d261e94abd4da6e27f2f24b8a7
9551b05f304c88f27bdc10a9b50fc29bfca99033
201c2872f84db58587122261d3a21328a0591f4da351e192bf9546dd0ae122e3

HTTP Headers

GET /_static/menuApi/prod/menu/games/en-au/images/6/Bai3CayMienBac.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 5377
cf-ray: 76c37db27d21b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "7eebc7bf3ac7d81:0"
last-modified: Tue, 13 Sep 2022 06:33:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2BCGeantqT52S3EEu22SMt7%2Fyk%2FFFOK%2FP8cBxbtZ9Sm%2F5xEk%2BuKIXhqzmhv%2FX3ai6drx08DWSCYOno4DNtW65KEv6Kben2CDHxxrXGBgnP2LRuR%2BQNt%2BHC58ZycXQHY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/fishing/en-us/images/4/Dragon-Ball-Fishing.png?0.0.1864

172.66.40.161

200 OK

12 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/fishing/en-us/images/4/Dragon-Ball-Fishing.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 320 x 164, 8-bit colormap, non-interlaced\012- data
Size
12 kB (11474 bytes)
Hash
7b46eaecc8d59ff1ee28f993ea5803f9
1d46f14f9bc5c0a25004c2780e8f4fa7641b40aa
56e81cb6feb2a444b47b53cc6e89312747bb454292d90e9051244a3a8104ca1a

HTTP Headers

GET /_static/menuApi/prod/menu/fishing/en-us/images/4/Dragon-Ball-Fishing.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 11474
cf-ray: 76c37db25cebb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "e9bf25bc3e9d81:0"
last-modified: Thu, 27 Oct 2022 05:14:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xia47z2gk%2BLCx0NYPE5P9HHAuZxoRCiHrjc9yA4%2FNxqyujF%2Bzy25NSR%2BbfLvRg27W8NgM%2Bz80M6ky8cAb7VahIVq7oViAZ98ohet9aJtee1ahxRaYARMpE0N%2BL5dNE8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
17230579cb9b96d1fcd4397fd0405f7d
88f24d9647a325ebf4c4c1a5016fdcd48e5ec1f1
bab13c984cbb09cab0706757c0b924cadc167da8ff3ee8c4f05591dddcc72939

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 20:35:10 GMT
Last-Modified: Fri, 18 Nov 2022 20:35:08 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 280

cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Casino-War.png?0.0.1864

172.66.40.161

200 OK

6.2 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Casino-War.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 213 x 164, 8-bit colormap, non-interlaced\012- data
Size
6.2 kB (6170 bytes)
Hash
bad456220a14437e8f23257ed478f6ea
29aed74f0b99bf2f4e1100ddc80cb7fadcc05a7e
edd2a8928dc4e0b535cfdcecf24ad3ae35f18abf5da721025309f74ce5d5a95e

HTTP Headers

GET /_static/menuApi/prod/menu/games/en-au/images/6/Casino-War.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 6170
cf-ray: 76c37db27d12b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "53b0ccbf3ac7d81:0"
last-modified: Tue, 13 Sep 2022 06:33:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ogCEtWV6nn2LVmlIaMejpg48pW0bTZUUtiRFvNUaOfKUYCdvPsvBr2pg2YYe8PdG5WAsiLTRvN5tf6%2FqbeWihy2Vmb67sHtRSvmTqWyXyNt0NJe2WRZyZ1X8IVFgdHo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Football-lucky-penalty-kick.png?0.0.1864

172.66.40.161

200 OK

6.1 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Football-lucky-penalty-kick.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 213 x 164, 8-bit colormap, non-interlaced\012- data
Size
6.1 kB (6069 bytes)
Hash
0de1661aaf33bee84ac12b1eb1abb6aa
6c0491e98476632375ac16bac013b5260be9117f
cd0c0a76640d162e566a71437f7a044f5506b91219fa0fbbfd1d932c36b06697

HTTP Headers

GET /_static/menuApi/prod/menu/games/en-au/images/6/Football-lucky-penalty-kick.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 6069
cf-ray: 76c37db26d09b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "ad12cfbf3ac7d81:0"
last-modified: Tue, 13 Sep 2022 06:33:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=srWAikFzALka%2FMSAvjSBpey5guClpJ0z%2B6zzv8iE0TyKtipgFayFJ%2B5y%2BDs3afBBeLDiZO52GNksrvx26DcoqvO1ZAqQT0GZsSe2QtvbmjzLpaRMUOBzDaDo2Co6t6Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Bullfight-Ultimate-Poker.png?0.0.1864

172.66.40.161

200 OK

6.1 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Bullfight-Ultimate-Poker.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 213 x 164, 8-bit colormap, non-interlaced\012- data
Size
6.1 kB (6055 bytes)
Hash
4f98395a317b41467c6e9987c864059f
091f1163a8c94c2ac954b6fa8f41adaf78b6b221
fcf91661f2a34264c3c235bf2f1a10cc97331eac3d35204d4e3ab237da7786a8

HTTP Headers

GET /_static/menuApi/prod/menu/games/en-au/images/6/Bullfight-Ultimate-Poker.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 6055
cf-ray: 76c37db27d1ab4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "fb4dcabf3ac7d81:0"
last-modified: Tue, 13 Sep 2022 06:33:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yaaqp1WGHoXiKjfT%2FU3u8jLefG2FrmCDTRRIQjYaKPYvEyUOAKKFoFHsyScE4TW6zqzLjxQOPnuh0zW6JCUQ9x7l7KpJ7cdQti9iJxJO2eHtCuH3TZ2RZb6wmVI8zZk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Xoc-Dia.png?0.0.1864

172.66.40.161

200 OK

5.8 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Xoc-Dia.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 213 x 164, 8-bit colormap, non-interlaced\012- data
Size
5.8 kB (5768 bytes)
Hash
4a02d391ce0280a6052d331f8aa96d59
26de3de66bd7fae23c38ae30972eddb9ab7565a1
673d0d9d11a03b44a4d9ced840de27288e61d086c9a6f5bf505f52bf4a7bace4

HTTP Headers

GET /_static/menuApi/prod/menu/games/en-au/images/6/Xoc-Dia.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 5768
cf-ray: 76c37db26d0db4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "34c3dfbf3ac7d81:0"
last-modified: Tue, 13 Sep 2022 06:33:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ghnj4chi92GDeUJicEZX%2FZR2iSDrFbO%2Fu%2FYSPxE08INuIQyz5Mn%2FSm38EovqQs28uFUmMhcpaKR%2BgQhWqQESDVoDCCv3qpET%2FT2rz5u5OP5iJe3XztM7bNVWQ4PnuCc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/4/Pragmatic-Play.png?0.0.1864

172.66.40.161

200 OK

30 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/4/Pragmatic-Play.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 320 x 164, 8-bit/color RGBA, non-interlaced\012- data
Size
30 kB (30088 bytes)
Hash
4aeded8d36de7c57f22e2573b398332e
657bc74927d2f3e651d494dfcaa1034abc880c08
086d1e7521efe6fcd1c9380187b3c6758f8e439d2dc177e77da38301df4eb634

HTTP Headers

GET /_static/menuApi/prod/menu/slots/en-us/images/4/Pragmatic-Play.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 30088
cf-ray: 76c37db22c9db4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "b89c78ff96d7d81:0"
last-modified: Tue, 04 Oct 2022 02:14:13 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M8sRgL5JjQYJ7yFL%2B8MLHUh3IH7o9eflRqgjn5Mdb%2FEGPjGiNyvdlGCfV7mNQMj9HLlGMpd83Fk4SPnY7sihYbej6ofkFFEgb0SZaAUYqmqaBFiw8tlxb2wzWwTs8L8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/casino/en-us/images/5/Sub-Club-Ezugi.png?0.0.1864

172.66.40.161

200 OK

38 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/casino/en-us/images/5/Sub-Club-Ezugi.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 256 x 164, 8-bit/color RGBA, non-interlaced\012- data
Size
38 kB (37709 bytes)
Hash
50329473c2dcb2f429e37a3978f7d222
e405a16d555dd4f152c4b9592fbe2687ab2c78a2
0bfb8185b25e973887bd447b0f8ade2825cb289e3a3c9117e04a6a72c32864cc

HTTP Headers

GET /_static/menuApi/prod/menu/casino/en-us/images/5/Sub-Club-Ezugi.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 37709
cf-ray: 76c37db20c59b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "ffc5b33da2f4d81:0"
last-modified: Thu, 10 Nov 2022 01:17:46 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x4kE6iDFaptxhh2SLYCjJEMYfgz3JtJM%2FK4d84eEOc8GVFX6lMEu7T5PqMIKTCqy2%2FtAaE0joM4hv1114t0pEnhBuPo%2B2nmcK7soy7%2BYC4GVU%2FpwKjd4ztRtnk7aiNo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/fishing/en-us/images/3/Insect-Master.png?0.0.1864

172.66.40.161

200 OK

13 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/fishing/en-us/images/3/Insect-Master.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 426 x 164, 8-bit colormap, non-interlaced\012- data
Size
13 kB (13347 bytes)
Hash
02dc82dcbf8b313523c1fb6d82a96aab
f1cce87cfceeb81a5b0ab82d216e308c95a0a0a8
78a3e955ec83ae70666f29a945aa1a1a62f1dd6f31f126e4a8cddcb217808d7e

HTTP Headers

GET /_static/menuApi/prod/menu/fishing/en-us/images/3/Insect-Master.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 13347
cf-ray: 76c37db25cf0b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "54fc1bc3e9d81:0"
last-modified: Thu, 27 Oct 2022 05:14:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X0c%2BC%2FYvzTE%2B3jzckoqcKYH%2Bz8vz%2Bvbp43FC2XRO0UuUF642K2UlEmwr89c8tKf0M%2Bx5BHfhTO5dmL%2FrY6DO%2BZAXWvqXu8v1%2FZzF5OO%2Bv1vzujrqtTVDjyLHpIbIrGY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Rooster-Fight.png?0.0.1864

172.66.40.161

200 OK

6.4 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Rooster-Fight.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 213 x 164, 8-bit colormap, non-interlaced\012- data
Size
6.4 kB (6441 bytes)
Hash
6f2f565eed5b9ebe5700a2899de69b46
2a627b2657e9444c377f09cd125cccde32148357
c614363be458041883f2a9a7d39ca355f09f144aff24382ce2b997ba10edc695

HTTP Headers

GET /_static/menuApi/prod/menu/games/en-au/images/6/Rooster-Fight.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 6441
cf-ray: 76c37db29d40b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "f39bd8bf3ac7d81:0"
last-modified: Tue, 13 Sep 2022 06:33:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QD%2Bz1w5Lx441%2F%2FRzClhAe1yQ%2FbdtiPenbmLYXxEJaTb5eKjIBH%2Bc5SfDRKR8E8rY%2F1UDqNpl9nDbGs%2BAJT7b0o2XR1cp4uCYmXsqgy5sGI%2BtALV%2FkFFo7o5H7DCb%2FoY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/casino/en-us/images/5/Sub-Club-Palazzo.png?0.0.1864

172.66.40.161

200 OK

45 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/casino/en-us/images/5/Sub-Club-Palazzo.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 256 x 164, 8-bit/color RGBA, non-interlaced\012- data
Size
45 kB (44831 bytes)
Hash
b6b4628e3428c1ab2461388db52b2375
edf275affee6bdb84b8143050c32d03caa5fe7d7
7bfb7056496d567aa13987f596977f1a93568f0bb841804ccdb50b73b6fca58b

HTTP Headers

GET /_static/menuApi/prod/menu/casino/en-us/images/5/Sub-Club-Palazzo.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 44831
cf-ray: 76c37db20c6bb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "9addffc23ac7d81:0"
last-modified: Tue, 13 Sep 2022 06:33:40 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDbEDc%2Fe4NroACuDTGErTngFH743v92pi7FfR01mycF3bkPmY8FTuJ6DQBvySY%2BQ6mMUuA5PoVMQSxQEQIaTZ6B8TT1OIJ6b9BlhWWq27V4Y2pQr5QILl2tmXkxYykQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Octopus-Game.png?0.0.1864

172.66.40.161

200 OK

7.3 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Octopus-Game.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 213 x 164, 8-bit colormap, non-interlaced\012- data
Size
7.3 kB (7292 bytes)
Hash
aad3a7095aaff94f7a3bb33df5291256
637dfc86504c50488e212d45f31577e79f9c707f
26ccb0d49aac074d6ad862c4623681fdad13c1bce5bc1a973b5bb50ee2f03ff2

HTTP Headers

GET /_static/menuApi/prod/menu/games/en-au/images/6/Octopus-Game.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 7292
cf-ray: 76c37db28d32b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "46d7d3bf3ac7d81:0"
last-modified: Tue, 13 Sep 2022 06:33:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a9FlxAF2%2FaGFgQHzPf6Qjj%2BbvQBP4rKUQD7lNj9anhMPthS70bagyUjKxE1pHDWkke%2Fgn6Zn0N31xeyy8h6vbhn2QxmXyUA4HG0CSYwexIaaZCYvPx673SzLK0GOzZI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Dragon-Tiger.png?0.0.1864

172.66.40.161

200 OK

7.6 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Dragon-Tiger.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 213 x 164, 8-bit colormap, non-interlaced\012- data
Size
7.6 kB (7607 bytes)
Hash
424a3dfd22de3d83c0279c50edb51da2
068ec17d71445658ecf04039bea1f4551effe120
3a6b3d79298c7ef1ae238d1495d13b75f61ad3502d82a733111541d1e3db409c

HTTP Headers

GET /_static/menuApi/prod/menu/games/en-au/images/6/Dragon-Tiger.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 7607
cf-ray: 76c37db27d22b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "53b0ccbf3ac7d81:0"
last-modified: Tue, 13 Sep 2022 06:33:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1vNAZDjsO1FQsgi7oDCrQCSeiaIVQRBKtfglVch25kTlCweFIanC4x4IniOF3X59ClI6kbEI9bqxeoJj6n5qlKxNeWMmRQX6hnC7m0XHJBSoJ%2Ft7He6ajloInqhxygg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Three-Card-Poker.png?0.0.1864

172.66.40.161

200 OK

5.4 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Three-Card-Poker.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 213 x 164, 8-bit colormap, non-interlaced\012- data
Size
5.4 kB (5391 bytes)
Hash
d32624d1a6008f886266a89432cf1f42
ab1291b37bd6729f04f8c768b47ca80d9676ba6a
db50f7eb1fec27f50074ee72aae9066a770d0f32607f3a53e1cc8fc25f623499

HTTP Headers

GET /_static/menuApi/prod/menu/games/en-au/images/6/Three-Card-Poker.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 5391
cf-ray: 76c37db29d44b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "a960ddbf3ac7d81:0"
last-modified: Tue, 13 Sep 2022 06:33:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=23zx3SFWMjp7E%2F7MmoEYi9r32L0EPd0Mt%2FOR3aFgnu%2B2kzJcpVPqAIh1cRNPl2sc34DWIJHP2DBvnWusjs9OkB1ZTHndK5WoxbZGBeLxBkg5b7nxf2o%2FScFwEVLi%2F9M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/4/Yggdrasil.png?0.0.1864

172.66.40.161

200 OK

34 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/4/Yggdrasil.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 320 x 164, 8-bit/color RGBA, non-interlaced\012- data
Size
34 kB (33694 bytes)
Hash
c8c9255a64ffbef8df513256613b1384
630de79cd8135d6e53bc5795ed991e3fccf6fd8e
fbb3b1022c078f45211af3829b4d151e20d2afb4e9bd86df5f516578cd19b566

HTTP Headers

GET /_static/menuApi/prod/menu/slots/en-us/images/4/Yggdrasil.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 33694
cf-ray: 76c37db22caab4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "a78884ff96d7d81:0"
last-modified: Tue, 04 Oct 2022 02:14:13 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NVf%2FU9F2tnig%2BFgMkYVHYe3i0oRoORCST76KwYq%2Fq69nBbrPJtMKBv1NP23y7ntjmnlS7slbT6wSOV6kbL9KpHGoDTZQ8z6l2mqMijjGq93sbjsaIVJbVsFnfuhmkKE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Three-Faces-Baccarat.png?0.0.1864

172.66.40.161

200 OK

7.1 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Three-Faces-Baccarat.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 213 x 164, 8-bit colormap, non-interlaced\012- data
Size
7.1 kB (7073 bytes)
Hash
92232fe2228d238c0e6e8ccf07de89c0
3eb90e31422a4cb18558513aa1c4e23b0bcfb1ff
4dfc289b451f6611461d65a32a01e30bc61afb6b098bc77394920315b6cb469b

HTTP Headers

GET /_static/menuApi/prod/menu/games/en-au/images/6/Three-Faces-Baccarat.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 7073
cf-ray: 76c37db29d49b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "34c3dfbf3ac7d81:0"
last-modified: Tue, 13 Sep 2022 06:33:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kg9G3nQ45f6raS1a6UXYOWYK2X7Rtov2NrtpEO2MEKa9TyOFymWR8bpcXaShHyaqIMeB803myKXt1pu2iCpffyXwQZTuWLc%2FpazY3iK12%2Bt3uJkWNCW7%2Fklq8JP3clQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/js/hotmatch.js?0.0.911

172.66.40.129

200 OK

7.5 kB

URL HTTP/2
www.w88w981.com/_static/js/hotmatch.js?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 (with BOM) text
Size
7.5 kB (7453 bytes)
Hash
a3328c7a001e6e4dae4929f8eba464e1
55e19380549954e82fe5f467447fea3cab96d461
812238727affc6e3a84fdf8a40bffb0dc27f92322b7ef72d6d47484f44a6f6b4

HTTP Headers

GET /_static/js/hotmatch.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da38d28b511-OSL
cache-control: max-age=14400
etag: W/"0e4f38d84f9d81:0"
last-modified: Wed, 16 Nov 2022 06:27:52 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 04
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TTFsg1xvn176Vb9EvHNDWEXFBAVn3pPXidUX%2BzYW8oRfHjGVB0i8M7rFz01x3b0CXmZdR4ZTVlRGNR5CvajmeijX1MDy2fFrgein9Eqfg%2F2iQkkeNI%2FUdEAVFmu8f%2F84KA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_secure/ajax/api/qrcode/mobile/download/w88w981.com/true/en-us/USD

172.66.40.129

200 OK

33 kB

URL HTTP/2
www.w88w981.com/_secure/ajax/api/qrcode/mobile/download/w88w981.com/true/en-us/USD
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (55732), with no line terminators
Size
33 kB (32894 bytes)
Hash
5133c5f604d899a209bbceba7ba17821
c6bf3f3d4c20ec263d932d01b91afa5d8390d7df
56ff402154f30147267879d78ef2a6e066708fb26938158e8e06c35a4f8c128a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_secure/ajax/api/qrcode/mobile/download/w88w981.com/true/en-us/USD HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer OElWYW1NVTJsMU02UG5NdWFCc2RkNlVjcDhSTHpaazhxbW1CUVpvYlJxTUFkSitPM1Avc2t4NW0zR3Q3MlhPRkpCMy9WZm82ZlB4dElrWlQ3SXZaSG0yMHAzWTlwVE9BYlFkaHp0TFlTcTBSRUp0UmRsNGxVSDNoN1RUUit4a2w=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: application/json; charset=utf-8
cf-ray: 76c37daa6fbfb511-OSL
cache-control: private
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
request-context: appId=cid-v1:befc641a-1b45-4261-8b4f-ca637b9caad0
svr: 07
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46McXHftSy0SlGvfU2Lz%2Bnwz6fG56XNGggXPF7FlhP%2FFlE2bNXQZgzrEF9jn%2B6P34clH5pxcVdp3T1aSDFbX%2BULsTDHuTY1vJtri59qIEsj6GlPPMucoWI3DNVX4t%2FYTRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/lottery/en-us/images/7/fast3.png?0.0.1864

172.66.40.161

200 OK

8.6 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/lottery/en-us/images/7/fast3.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 160 x 164, 8-bit/color RGBA, non-interlaced\012- data
Size
8.6 kB (8573 bytes)
Hash
001674eaa094131e150cbf1b3b44ffbd
3852c0f4e7a85f4f78c468ff4e3cfeefe7ecf329
c4e44205ae9c32ea797eba9f6a03cb183484f1ab4d99c8251b366f0eb423d425

HTTP Headers

GET /_static/menuApi/prod/menu/lottery/en-us/images/7/fast3.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 8573
cf-ray: 76c37db2bd63b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "387dbc90164bd81:0"
last-modified: Fri, 08 Apr 2022 07:02:09 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ZD%2FVpDz6xvI1JZutjEsqwe1dWh0ni3bWYlRuOEAp%2FQMbYGJvt5VcisdoKvPD8ypshCtXbqJSIno6Q13yKV7Q7xN1buGHTf3cHkgCCRdR5r9VBN2kXonQ0T9SNuOAzs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/lottery/en-us/images/7/sabaideelottery.png?0.0.1864

172.66.40.161

200 OK

13 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/lottery/en-us/images/7/sabaideelottery.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 160 x 164, 8-bit/color RGBA, non-interlaced\012- data
Size
13 kB (12564 bytes)
Hash
be1f42d1e8f62a9182c8f8ba50777721
85ed3f37279956af9093baf8abcb9d5de47f23a0
18135f8bfa86f362dbd590b7da49ccc25b3a35327ce5553e9d63887c627c88d2

HTTP Headers

GET /_static/menuApi/prod/menu/lottery/en-us/images/7/sabaideelottery.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 12564
cf-ray: 76c37db2ad5db4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "a36c690164bd81:0"
last-modified: Fri, 08 Apr 2022 07:02:09 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EiCk0CvufQm%2FpcKpNr76JDHiAGF40B45B2myGVAbF9ZRT6YZiYhHDROUb%2FNuK0Toqp7LhTg9dEZ%2FktpBLll1F7rMZoWnpa0UsM3%2BFLs2kdZ8pzMM1eSnXhMNYeUsSI8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/lottery/en-us/images/7/lotto.png?0.0.1864

172.66.40.161

200 OK

14 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/lottery/en-us/images/7/lotto.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 160 x 164, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14528 bytes)
Hash
66b0bf81e088ba4bec8c4046bfd4ab2d
ec7dee42fbe03138d6bd591cf7f04cbb876556c2
16c53df8cd0d9cf2a83f3588b7904f2a302c41ec83a1704e5f0cd1169bff4ca1

HTTP Headers

GET /_static/menuApi/prod/menu/lottery/en-us/images/7/lotto.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 14528
cf-ray: 76c37db2ad62b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "46a4c390164bd81:0"
last-modified: Fri, 08 Apr 2022 07:02:09 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8iwZ90FKn9jh1RE%2FUc3SOHdTf5DKVAaRqwHTVZV%2Fwko7PbShbunLMbpfZ%2BpLCoOMcf%2FwObiIhdfQKtj4HSl5aJwtTrxTDOmD7kElSvyRXhu0obheSaRFwdL1zwCcy6g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/lottery/en-us/images/7/sode.png?0.0.1864

172.66.40.161

200 OK

16 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/lottery/en-us/images/7/sode.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 160 x 164, 8-bit/color RGBA, non-interlaced\012- data
Size
16 kB (16470 bytes)
Hash
bd8b6eda7725f29997b5fb5bf30012d4
b6b4fb0caaf4bdcbf98f8f8b6467f65a1096eac7
f42b1da8171610e4cb0fd996bb465d2ba8d2b93ae521415464a97cb6d8a5fad2

HTTP Headers

GET /_static/menuApi/prod/menu/lottery/en-us/images/7/sode.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 16470
cf-ray: 76c37db2ad5cb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "896ac890164bd81:0"
last-modified: Fri, 08 Apr 2022 07:02:09 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HD8LCO2cpMkldPom6ejcWcj6e5L%2Fy3Qb94bwaW7oaelxKDLGm4rbRVqpEcQewy%2BcJqeGcngCk3zXvCuU3Zh%2BM2BQOZljdENJwZDOp%2BPBMbfutXQXPVX8pnB8q0KoLbA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/lottery/en-us/images/7/gpi-lottery.png?0.0.1864

172.66.40.161

200 OK

14 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/lottery/en-us/images/7/gpi-lottery.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 160 x 164, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14476 bytes)
Hash
2020b56afb97b9eacd96a56c6d8433f2
78c515d591733b95d1e55e749c73050a388e1e33
8cb21bf711fe80c0c9e3b837088a86c91cfb8fb39ac6c148ba65cb982037c179

HTTP Headers

GET /_static/menuApi/prod/menu/lottery/en-us/images/7/gpi-lottery.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 14476
cf-ray: 76c37db2ad60b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "95dfbe90164bd81:0"
last-modified: Fri, 08 Apr 2022 07:02:09 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OCv020LDxvKacetAR05Go6aRp%2BUq1m34Lpz1TQEIMJMMC1rA03AwvAqx1XF2zxidbsDqdhxhGkpeSmeSjFj6Uq7gQqNoLmZDC4EgMIAIugmIVcOY9235yVUILtgf494%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/p2p/en-us/images/4/Poker.png?0.0.1864

172.66.40.161

200 OK

31 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/p2p/en-us/images/4/Poker.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 320 x 164, 8-bit/color RGBA, non-interlaced\012- data
Size
31 kB (30765 bytes)
Hash
6c5f17eaf5f52a2e22cbb1ea441e7878
3eb7fe891e722e5f1e681063d71e543304d769f2
28e5478e10ae1f28966288b900cb4df4a5676d48bc585c288a03ad7107ca146e

HTTP Headers

GET /_static/menuApi/prod/menu/p2p/en-us/images/4/Poker.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 30765
cf-ray: 76c37db2cd89b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "728696cb293fd81:0"
last-modified: Thu, 24 Mar 2022 02:49:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tixwBJeB4WeZVJMmAvpfcX1kcgogIAwmEzA6PH783l4Zy2OYR1WwzClsOejt7HQvkOKBLoXzIgpzatyVQ0qNUi8OzU%2F6wPXJxrosWQjzf8IGRHCa5H%2FXM5KT1n7VHZY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/lottery/en-us/images/7/wKeno.png?0.0.1864

172.66.40.161

200 OK

22 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/lottery/en-us/images/7/wKeno.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 160 x 164, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (21678 bytes)
Hash
d92731381e42962336be54c832c0271e
ac90cd6e1d2b35d47afee33173eefa4ed0aafb3b
6760b0d85b7e1e34eab8c388a5d2f0663b6dda072256c6aab905a0b0d88392c8

HTTP Headers

GET /_static/menuApi/prod/menu/lottery/en-us/images/7/wKeno.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 21678
cf-ray: 76c37db2ad59b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "896ac890164bd81:0"
last-modified: Fri, 08 Apr 2022 07:02:09 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Act8KTgrS1s4fFmRMeDScM3jDb60B4JgoXX6RRh9soQrUJp%2BP5cFd8KV8ll9gAgdivYY%2BtqjIDw8iHZ5csFHLFGV1JF%2BpFY3hf5WLbvJLl0FbDEPbegLDzO7gxLRbU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/lottery/en-us/images/7/keno.png?0.0.1864

172.66.40.161

200 OK

24 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/lottery/en-us/images/7/keno.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 160 x 164, 8-bit/color RGBA, non-interlaced\012- data
Size
24 kB (24422 bytes)
Hash
8a01484de2b75dbf7badef719ee46451
f5de9153eafa69bd8f794dd36ac8ea4bdf51aa5b
9c9998e5b3a953e2f20346db734a4847e2954ebde81d0ee4a39bdf13aa632146

HTTP Headers

GET /_static/menuApi/prod/menu/lottery/en-us/images/7/keno.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 24422
cf-ray: 76c37db2ad53b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "f241c190164bd81:0"
last-modified: Fri, 08 Apr 2022 07:02:09 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F6Fy7gwoD47bjkJ00mqKpuDFAbSAxNGj73Y8tcEINQTV88jaMzbKbqSdZn0CtIgRnKUCdzU9XjIqZlxUroYashI8nlLaLRuv8dO9fUdre2%2BZJv75pvDdKYok8HvmwqU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/p2p/en-us/images/4/pokDeng.png?0.0.1864

172.66.40.161

200 OK

27 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/p2p/en-us/images/4/pokDeng.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 320 x 164, 8-bit/color RGBA, non-interlaced\012- data
Size
27 kB (26648 bytes)
Hash
27ebf0d0ab6bd341c4b71abcf33fccc6
0bb639ff702c8dc1126a5ee46c2cbc63def956bb
5cabfcd1a078f421a0021281af0b909fd15cfe0fe539ac667c3dc7c95a206c69

HTTP Headers

GET /_static/menuApi/prod/menu/p2p/en-us/images/4/pokDeng.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 26648
cf-ray: 76c37db2bd6cb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "731fce3293fd81:0"
last-modified: Thu, 24 Mar 2022 02:50:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EErfrPAMm4%2FMw8Z1Bc7qYummujh936AJwhLMK%2FAXFEkm8hEZXGSkkFcx2UEiBG%2BkwTEoGRDomSbF9pEyDGt5IyZfUvo9Q4GVGdB1Om22puohMsKVuie0BY2AgR2MED8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/p2p/en-us/images/4/tienlen.png?0.0.1864

172.66.40.161

200 OK

35 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/p2p/en-us/images/4/tienlen.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 320 x 164, 8-bit/color RGBA, non-interlaced\012- data
Size
35 kB (34804 bytes)
Hash
53b44e5f6fe43e284510ca6843b45b53
46975848ad2821ec46d62cc0699ef03bbcbc883c
453a4589be1562f0f6ac9ae7b7370399727a9bea13bad92f06245861299ced84

HTTP Headers

GET /_static/menuApi/prod/menu/p2p/en-us/images/4/tienlen.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 34804
cf-ray: 76c37db2bd78b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "1c4b9bcb293fd81:0"
last-modified: Thu, 24 Mar 2022 02:49:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2dhBeEDVgqMirov8wtedaZcb26JhYwx4UHtHOWUzpdkLvC5waayU5F9y%2F7Pzyc3FdTqT3Ek6TfSVByI7FFNVxYzwL4JbOW%2Bp9Xh%2FwvbBOVlGYw3ARTJPOAXC6sHDOzM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/p2p/en-us/images/4/gaoGae.png?0.0.1864

172.66.40.161

200 OK

34 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/p2p/en-us/images/4/gaoGae.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 320 x 164, 8-bit/color RGBA, non-interlaced\012- data
Size
34 kB (33480 bytes)
Hash
abaae3f3eb33e9e7ecacb9634f62f04d
5fb5ae98b1b55b75a155f8e58b035ad2bfd44794
0428147f156bc25a0d582f2bd677aa72da82845a6d38d760f74a7ab0b9c6f82d

HTTP Headers

GET /_static/menuApi/prod/menu/p2p/en-us/images/4/gaoGae.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 33480
cf-ray: 76c37db2cd7fb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "cbcff9e3293fd81:0"
last-modified: Thu, 24 Mar 2022 02:50:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWcDdPNjvwEK780a3zFlPdDYdZLs9D5hW6Xc2R5jf2mpOgdOWAWxKucvQHCOMAn%2FNr6Gt6y28cOtEfFZdR6z8JmW2IzKwB1hhDVRGslaqAunaL%2Bs2YFEmTIBeMvNJ%2FA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/footer/downloadbar/img/v2/dc-iOS.png

172.66.40.129

200 OK

2.5 kB

URL HTTP/2
www.w88w981.com/_static/footer/downloadbar/img/v2/dc-iOS.png
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 36 x 41, 8-bit/color RGBA, non-interlaced\012- data
Size
2.5 kB (2533 bytes)
Hash
0f1628565c85d1d20bbb7a7c0c2e95bb
d16f452d1a849f08721792b901b5866b70fe07bd
c9ef0d75fcb4ec9e2ba6353bb36c70e2059575bb08ea22e1698a49ee59ee747f

HTTP Headers

GET /_static/footer/downloadbar/img/v2/dc-iOS.png HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z; clientIp=91.90.42.154; ai_session=YvtLmJSUPX+wIkHQCMK4tc|1668803707751|1668803707751; popup=6478
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 2533
cf-ray: 76c37db35da8b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0c256343fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:32 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XvUR1B4MCPA0PcnLD%2BTkJls574VJg8h8%2Buoy0ZtCyKyZF4hOlKwHnXEFMeZYfU38CHelB1w5LUqFvnV%2BmzcSV6C0AjAc7t9M4%2Fd8cgBUHR1p7n7T7t3gXrdWgIdfzDf7NA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/p2p/en-us/images/4/baiCao.png?0.0.1864

172.66.40.161

200 OK

40 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/p2p/en-us/images/4/baiCao.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 320 x 164, 8-bit/color RGBA, non-interlaced\012- data
Size
40 kB (39757 bytes)
Hash
b5be0fe82e5b5a7349f5bb6befca177c
c4ef84592bd51cc6d461ef01ae09e4e49b2d0488
53e083be76dbe3fcfc80dd2ee0dacf63d8be1895374a4447a5034f2a93526ed6

HTTP Headers

GET /_static/menuApi/prod/menu/p2p/en-us/images/4/baiCao.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 39757
cf-ray: 76c37db2bd75b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "525f8fcb293fd81:0"
last-modified: Thu, 24 Mar 2022 02:49:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QM6kUFbAbUytV1T9PmMvL%2BMhi2TFYLq9KKQwb%2BRABmxMUTu5xQ9JuVjinCVRAXsCu3RXtnWL1mRodB3YHLvHgI5OhUMlEsAL%2FOLSQrb%2BdG94g7rkAqvSBzMwFfiZSMM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/footer/downloadbar/img/v2/dc-empty.png

172.66.40.129

200 OK

2.6 kB

URL HTTP/2
www.w88w981.com/_static/footer/downloadbar/img/v2/dc-empty.png
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 182 x 152, 8-bit/color RGBA, non-interlaced\012- data
Size
2.6 kB (2587 bytes)
Hash
2721206125b291cffbb37dc654e54c55
3e8f430e1af55fb4e975003b8f5bd07778e99d1c
f87fc8fe3f0342da252b050fba73bb4f8822b761772f0429c288dbb83b73792b

HTTP Headers

GET /_static/footer/downloadbar/img/v2/dc-empty.png HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z; clientIp=91.90.42.154; ai_session=YvtLmJSUPX+wIkHQCMK4tc|1668803707751|1668803707751; popup=6478
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 2587
cf-ray: 76c37db34da1b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0c256343fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:32 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2FR2fe%2BhTbbYj4L6KdWjVBogER76jmJOGVtbNK2K8VDToXx%2BaEhSoLbB18aHjBe11wqa2EtP3VFbUNV9pWHzdgKeoFykZCzH0G%2Fe9rSdoCl6wwW3xJjJyfWnKe0lTQpgVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/p2p/en-us/images/4/texas-holdem.png?0.0.1864

172.66.40.161

200 OK

38 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/p2p/en-us/images/4/texas-holdem.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 320 x 164, 8-bit/color RGBA, non-interlaced\012- data
Size
38 kB (38460 bytes)
Hash
96c2a0dee0431e2a942af01d5e540834
34696abae0260b21e6cb84b122309821e59ce3c3
5d7b14d7c6487758a13dd7a2e68fc21b380d638c74c9d46c7e80700761ece0e7

HTTP Headers

GET /_static/menuApi/prod/menu/p2p/en-us/images/4/texas-holdem.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 38460
cf-ray: 76c37db2cd7cb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "5a92fee3293fd81:0"
last-modified: Thu, 24 Mar 2022 02:50:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZVJIZfGpBJ9tuaODdkoezeCd%2FBjqvA42YHs8%2F%2Bb1e1VDi4jig9w3R%2FZc73YmnhH%2Bg2QYBbn%2BGEoSJ%2FwwBESTk%2BsIYckbtBQZCVH27AiYJq6vSPtlezqu9QTi5ugq3w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/p2p/en-us/images/4/super-bull.png?0.0.1864

172.66.40.161

200 OK

45 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/p2p/en-us/images/4/super-bull.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 320 x 164, 8-bit/color RGBA, non-interlaced\012- data
Size
45 kB (45073 bytes)
Hash
d61086d0c638a6a0982a65a0f13700fb
e4fd04ef1621ddb9ff7971497129fdead1c2f78b
244b54881138ef85aad460c60ef0bd253c8b7f3bdbe394c908dfcc1726bc450e

HTTP Headers

GET /_static/menuApi/prod/menu/p2p/en-us/images/4/super-bull.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 45073
cf-ray: 76c37db2cd87b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "5a92fee3293fd81:0"
last-modified: Thu, 24 Mar 2022 02:50:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lnKm8GGZb8WNZlXdTInv0USW174UlK0EExR4lkBI0XMURJZns8msLqw0hNfoATGoosliOrHN7MltXdJdRPwxsUCVBwMa9bH0rhZPeT1UI8iRCEhUMIuIQw6FGxvkHRY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/mobile/img/v2/MP-QRbox-iOS.png?0.0.911

172.66.40.129

200 OK

3.6 kB

URL HTTP/2
www.w88w981.com/_static/mobile/img/v2/MP-QRbox-iOS.png?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 79 x 79, 8-bit/color RGBA, non-interlaced\012- data
Size
3.6 kB (3635 bytes)
Hash
7088c83fb0e08c3fb05584542524ad38
b97039d4e167531bd2fbee42616a14680bdddfd0
512ff058c07cb4424d635d30735fafeb680e84dd4d4b75d457c907dcd1893f37

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/mobile/img/v2/MP-QRbox-iOS.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z; clientIp=91.90.42.154; ai_session=YvtLmJSUPX+wIkHQCMK4tc|1668803707751|1668803707751; popup=6478
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 3635
cf-ray: 76c37db37decb511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "038b67343fbd51:0"
last-modified: Mon, 16 Mar 2020 03:32:00 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 04
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5dj0k3hwpMkQghY5sPDWlejhvN07RaDsTsNA3hPzXyJHwtF4rmmgvLl2LrSKzq8pHiG6mWuWqZFUbXDxhQm9XrC2aQS9MyQ03QLDePRxc1vC1EzWBBTOrLkLGBn%2BxyC1vA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/home/btm/img/dot.png?0.0.911

172.66.40.129

200 OK

163 B

URL HTTP/2
www.w88w981.com/_static/home/btm/img/dot.png?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 21 x 10, 4-bit colormap, non-interlaced\012- data
Size
163 B (163 bytes)
Hash
489ff422326e210b423482d92aa95225
381f86c359773b5c7771db050ee2ed9d4be2e860
2cd4e9067ee53451e3118dcf50bae28c54ee6a1d6cc8344791d54356010a5b5e

HTTP Headers

GET /_static/home/btm/img/dot.png?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z; clientIp=91.90.42.154; ai_session=YvtLmJSUPX+wIkHQCMK4tc|1668803707751|1668803707751; popup=6478
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 163
cf-ray: 76c37db39e1db511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "084f16e43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:52 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 04
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lb2q1nCIZmLY27aVj37PE2LSU6AcOKUUhYLIIq40He8r4XQRZ4nFiPyjMVSK9p2sCT5ZVs%2FQDApN5KqmGgXJY8EODZ90uxi3ynnSdth5n3RjhBt%2B0vb3jyXQpduaqErTRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_secure/ajax/api/handler/announcements/en-us?paymentGp=&riskId=N

172.66.40.129

200 OK

7.8 kB

URL HTTP/2
www.w88w981.com/_secure/ajax/api/handler/announcements/en-us?paymentGp=&riskId=N
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (19313), with no line terminators
Size
7.8 kB (7806 bytes)
Hash
04f2b24d4fcd169b0d4c1c868130789d
08e773074bd5f3c1c7d4be29faf7179f3c0b633d
5fb4c4b6a1e6013da5ae8a412acb1ba7d8279a098bbc4e248df1cd0d99d5c665

HTTP Headers

GET /_secure/ajax/api/handler/announcements/en-us?paymentGp=&riskId=N HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer OElWYW1NVTJsMU02UG5NdWFCc2RkNlVjcDhSTHpaazhxbW1CUVpvYlJxTUFkSitPM1Avc2t4NW0zR3Q3MlhPRkpCMy9WZm82ZlB4dElrWlQ3SXZaSG0yMHAzWTlwVE9BYlFkaHp0TFlTcTBSRUp0UmRsNGxVSDNoN1RUUit4a2w=
X-Requested-With: XMLHttpRequest
Request-Id: |49167c3dc3504342aabd28f49430feb0.288b03c935054f1f
traceparent: 00-49167c3dc3504342aabd28f49430feb0-288b03c935054f1f-01
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: application/json; charset=utf-8
cf-ray: 76c37dad8c7ab511-OSL
cache-control: private
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
request-context: appId=cid-v1:befc641a-1b45-4261-8b4f-ca637b9caad0
svr: 07
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X3BJCYrA3NQaTefi4dhzWKR3r6alYYdNbCSRwj3pef1GKbEwW8gWTZTKLcQTpgvl8KUuqxes5kDgVVkm3KPX%2FbtXb9%2FuyoTg%2FeBvsKc4Km5DOFm3Vz%2BxDYfGZfbQv8B67g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

static-global.static-bifrost.com/worldcup2022/Saudi-Arabia.png

172.66.40.164

200 OK

712 B

URL HTTP/2
static-global.static-bifrost.com/worldcup2022/Saudi-Arabia.png
IP
172.66.40.164:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
712 B (712 bytes)
Hash
370adcd4287346c832e27ba4d4c7fc2b
ff5dee664e2534df11674b5772395b2e6fb63764
b48555d7cffdaffdbef75c4d122f190addd60577c84cbba8dbde751bb88671ae

HTTP Headers

GET /worldcup2022/Saudi-Arabia.png HTTP/1.1
Host: static-global.static-bifrost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/webp
content-length: 712
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1843
content-disposition: inline; filename="Saudi-Arabia.webp"
etag: "2d6904740323b7faad5d6e874b407dcc"
last-modified: Wed, 12 Oct 2022 12:01:02 GMT
vary: Accept
x-amz-id-2: o1BWGzF4VTdqYqxD7QRsZYfyQ04vxMp2rDMmgkQDTkUxaY1Ejw3ekYY9nfBNm04BC25zOHwjlDw=
x-amz-request-id: 91APWWVD4BK2T6HT
cache-control: max-age=3600
cf-cache-status: HIT
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76c37daf0a6f0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
616234e812d0fe1b582a6e82479706be
837e990c8bc894af98a94e9314420f513272c17d
1fe5ed317cd396938dc7eb49b4424b75d1d8bc2855e582503cf05e7541b70170

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=135856
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 20:35:10 GMT
Etag: "63775c2d-117"
Expires: Sun, 20 Nov 2022 10:19:26 GMT
Last-Modified: Fri, 18 Nov 2022 10:19:25 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279

www.w88w981.com/_secure/ajax/api/menu/games/en-us/

172.66.40.129

200 OK

1.9 kB

URL HTTP/2
www.w88w981.com/_secure/ajax/api/menu/games/en-us/
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (9433), with no line terminators
Size
1.9 kB (1924 bytes)
Hash
358c7e890d8874d7fdd08e8c7af80aa9
a0ae78e254a6518db37678f965254fb1b3b6cb2e
6a8884ca4f7bc378e3599c6f4650b98ff1ad9405004cc68f73fe342249835228

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_secure/ajax/api/menu/games/en-us/ HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer OElWYW1NVTJsMU02UG5NdWFCc2RkNlVjcDhSTHpaazhxbW1CUVpvYlJxTUFkSitPM1Avc2t4NW0zR3Q3MlhPRkpCMy9WZm82ZlB4dElrWlQ3SXZaSG0yMHAzWTlwVE9BYlFkaHp0TFlTcTBSRUp0UmRsNGxVSDNoN1RUUit4a2w=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: application/json; charset=utf-8
cf-ray: 76c37dac7aa0b511-OSL
cache-control: private
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
request-context: appId=cid-v1:befc641a-1b45-4261-8b4f-ca637b9caad0
svr: 07
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FehEKFXUhQXBKrn2rVo4PVOIWHH9FejLswVUGiven6BHc4SynOmndBFRHL6BoFr7qSSlai3Q%2FLhNA0aOPR2iCbhNNVVDJyScytMIcL0dG4OkDv09N1dbhp%2BPB21ngus80A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/hotmatch/img/Countdown-WorldCup-2022-Big.png

172.66.40.129

200 OK

57 kB

URL HTTP/2
www.w88w981.com/_static/hotmatch/img/Countdown-WorldCup-2022-Big.png
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1280 x 96, 8-bit/color RGBA, non-interlaced\012- data
Size
57 kB (56657 bytes)
Hash
eee21e7010d17d1cc8333659a67e422c
367e1fb9db453bd9f46d9796667b43fc1a3fb599
60c703e17af44794e69cb04e47440187b6c1a01e5b0d5289ec5601c85254c449

HTTP Headers

GET /_static/hotmatch/img/Countdown-WorldCup-2022-Big.png HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/_static/_css/hotmatch.css?0.0.911
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 56657
cf-ray: 76c37daebe05b511-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "0da5daf2ffad81:0"
last-modified: Thu, 17 Nov 2022 02:52:52 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 05
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rdVCIqmJyrLDlA5760vXXl4o8urBt5Xeijg0d%2BnwlmZp406i6hl%2FSPy4I77iNnrFPSjHbbv5hyR0QWQIdglCNftpK00hvSuoEFWsSc37cQNLuQNVf%2FX0YPVuN5Pe8J1H3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/home/img/bannerV3/W88-Home-Live-Casino-Instant-Rebate08-202207-EN.jpg

172.66.40.161

200 OK

92 kB

URL HTTP/2
cdn.w88ux.net/_static/home/img/bannerV3/W88-Home-Live-Casino-Instant-Rebate08-202207-EN.jpg
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x500, components 3\012- data
Size
92 kB (92023 bytes)
Hash
3df2d6c68ca4bab44d1c8e7395341108
beeb02ccb3b8ebbc38017644566e94827a46858d
dc7736c1c40818f39e3f568045a1bc8d8853165371664ae4d794cac4c4c145bd

HTTP Headers

GET /_static/home/img/bannerV3/W88-Home-Live-Casino-Instant-Rebate08-202207-EN.jpg HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/jpeg
content-length: 92023
cf-ray: 76c37dad9cd0b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "695ce2ee23a3d81:0"
last-modified: Fri, 29 Jul 2022 08:19:33 GMT
vary: Accept-Encoding
cf-cache-status: HIT
cf-bgj: h2pri
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gG5SLwNEwvKTxoVmIWnKZWwxPmWa2hN2P0HaIFr%2BBGPzDrre3YXtixXnqy0XEyfqXlgd5wk99phqugVFjh2Fv0b6KjzR14F6v5rqzq5svQVdCsmIzQgQ6lihvQILkXI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/home/img/bannerV3/W88-Home-Ocean-Explorer-Mission-202208-ALL.jpg

172.66.40.161

200 OK

113 kB

URL HTTP/2
cdn.w88ux.net/_static/home/img/bannerV3/W88-Home-Ocean-Explorer-Mission-202208-ALL.jpg
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x500, components 3\012- data
Size
113 kB (113422 bytes)
Hash
51eb517bb52e6c377fc5098f7c8eeda3
f34879c16814d9daf9ed82da48e759652e81d82d
2615634e7c8e5dafe08c09d5f93073dd00b1a116808664063cc886a3adf7af8a

HTTP Headers

GET /_static/home/img/bannerV3/W88-Home-Ocean-Explorer-Mission-202208-ALL.jpg HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/jpeg
content-length: 113422
cf-ray: 76c37dad9cceb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "e73626cc1bb2d81:0"
last-modified: Wed, 17 Aug 2022 09:29:06 GMT
vary: Accept-Encoding
cf-cache-status: HIT
cf-bgj: h2pri
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w67wBJXA0gn8TYPloG3gyEtOGNLleybrLuOZM2s3AVBUmMRva981cN5COIOnQXQOYBR5RlBeMtCa0TyxFrN4BXP1UWZucI9G8A0bWyHirxeHJgl9rmfNrKh8XXPyVTo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/home/img/bannerV3/W88-Home-WC22WB150-20221116-EN2.jpg

172.66.40.161

200 OK

126 kB

URL HTTP/2
cdn.w88ux.net/_static/home/img/bannerV3/W88-Home-WC22WB150-20221116-EN2.jpg
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x500, components 3\012- data
Size
126 kB (125558 bytes)
Hash
c5a1d418d9a90d2b611766ee323ebd07
6175cd877f2cebcf567bcc3d111ec730d9baa80f
19233c37de49840dea505ee967e1723250bb4d62a69288806429cfdcb275b85d

HTTP Headers

GET /_static/home/img/bannerV3/W88-Home-WC22WB150-20221116-EN2.jpg HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/jpeg
content-length: 125558
cf-ray: 76c37dad9cc8b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "3fca4aeffefad81:0"
last-modified: Fri, 18 Nov 2022 03:36:25 GMT
vary: Accept-Encoding
cf-cache-status: HIT
cf-bgj: h2pri
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JrW3z6%2FdKhcxrOfIlFjly%2B5QEK%2FCWXRBQ2%2FfG0A0QHoEQzNtSsCJwVqG6LmUnJGMDtnrjFrkC8CEkgREwsWqBdAXsWMvt8v7VFmRwtkX%2FQQU3Ya17WGYMYxZvY7pIX8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/home/btm/img/Dividing-line-grey.png

172.66.40.161

200 OK

2.7 kB

URL HTTP/2
cdn.w88ux.net/_static/home/btm/img/Dividing-line-grey.png
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1280 x 562, 8-bit colormap, non-interlaced\012- data
Size
2.7 kB (2674 bytes)
Hash
14250d20e980f74818375c282f8b0ee2
b40aece998ea2e2cd678c00e72ffcae5d4a31222
e591834490daedbcb1a3f3211c0a540d7f9dd739af8e84112b688696c0e96d9f

HTTP Headers

GET /_static/home/btm/img/Dividing-line-grey.png HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 2674
cf-ray: 76c37db18b74b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "c97ac1928e54d81:0"
last-modified: Wed, 20 Apr 2022 08:13:53 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x2bhvZVGT4jWs3FC%2BwyUUCf2EPBe0gGHWlfu5YQBnZfaB6NX%2FfcQQElDdOUshKq2nrv8DQN%2FnmJMS%2FcSKT7p3XSesCwfGLfcSfa7i654G6jG9PzlxWEeMxdjAzUxLKM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/home/btm/img/Live-Chat-icon.png

172.66.40.161

200 OK

192 B

URL HTTP/2
cdn.w88ux.net/_static/home/btm/img/Live-Chat-icon.png
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 30 x 26, 2-bit colormap, non-interlaced\012- data
Size
192 B (192 bytes)
Hash
e63746e3f3ebe6a6cc52d21de236800f
77b0f7a9293bdbfccc8b101ea4798629c4f2cbcb
1b6882f367c328c67ac627216167a849375a98c41f488d1006a247e226ac365d

HTTP Headers

GET /_static/home/btm/img/Live-Chat-icon.png HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 192
cf-ray: 76c37db17b60b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "bdd19c938e54d81:0"
last-modified: Wed, 20 Apr 2022 08:13:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fzaJ29rs490GX0IkJu4%2FOQSvoyOwUBvvBPcy8bHGdXKLuw5bhy5SWw8X04hXxhO%2FGN8DkI%2BaUvUFqjom8WxKISD6vsPxpJ58cfAUTjm4VjqoIp%2Fh7Rwr4ADs3JSVm0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/home/en-us/images/8/Sub-Winner.png?0.0.1864

172.66.40.161

200 OK

5.3 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/home/en-us/images/8/Sub-Winner.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 160 x 164, 8-bit/color RGBA, non-interlaced\012- data
Size
5.3 kB (5251 bytes)
Hash
e55a10fde0f2a791b1b268f55f980c8d
4ddc2b952e03bb9eaa828e61bdc648f900041ac9
8e4bf37a801b826de1a08bf086413bb2ffd847b23a9fcc07ebaae07e0a12809e

HTTP Headers

GET /_static/menuApi/prod/menu/home/en-us/images/8/Sub-Winner.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 5251
cf-ray: 76c37db1dc08b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "3c8e61cd258d81:0"
last-modified: Thu, 13 Jan 2022 02:32:25 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MCXHANMEW8iUTziuDnx2eYzj7Jf8XKbR9%2BudP4ZSbpxurDWPRTSfXx1sLqnGjC3wydij6hQSZH%2F3PkkWaXt5bcNIPViz2Sw4ZgWhflZGK2CverciE9IVYNTmFD61lq8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_secure/ajax/api/member/hotmatches/get/featured/0/en-us

172.66.40.129

200 OK

5.3 kB

URL HTTP/2
www.w88w981.com/_secure/ajax/api/member/hotmatches/get/featured/0/en-us
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with no line terminators
Size
5.3 kB (5315 bytes)
Hash
37c1a93d458cd9d8a14caee2921a4c9a
0ae7301af5702ae4690a8cd75f047a77ceb13295
4e007edb5d3d512ed68d664aa4fc8d367241f6f89b08d472e657576aed7f0976

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_secure/ajax/api/member/hotmatches/get/featured/0/en-us HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer OElWYW1NVTJsMU02UG5NdWFCc2RkNlVjcDhSTHpaazhxbW1CUVpvYlJxTUFkSitPM1Avc2t4NW0zR3Q3MlhPRkpCMy9WZm82ZlB4dElrWlQ3SXZaSG0yMHAzWTlwVE9BYlFkaHp0TFlTcTBSRUp0UmRsNGxVSDNoN1RUUit4a2w=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: application/json; charset=utf-8
cf-ray: 76c37daa8fe3b511-OSL
cache-control: private
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
request-context: appId=cid-v1:befc641a-1b45-4261-8b4f-ca637b9caad0
svr: 07
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQZ6qx5%2Fr%2FWA7q%2BnP5gcdsl3DhWV8zOrpab1L3lMIg5Mrarv%2FjBAj%2FDi9%2BD1vhHrV9yv4aygWJTQRmljmFZaU5UWaYkIRrjbRfrJspxQHAHtXHo89K5NGV%2BHMPKaKKtjuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/

172.66.40.129

200 OK

57 kB

URL HTTP/2
www.w88w981.com/
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4510), with CRLF, LF line terminators
Size
57 kB (56870 bytes)
Hash
814d447b83b2d57c3bfeef089c43b986
0a71d7f5c0119a9254b21a76e127c8e86a832143
f750295c223ae47dab35389c32cffe4ce5e3674c67a57d0b97dd2c52e3362d81

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: text/html; charset=utf-8
cf-ray: 76c37d9e3c51b511-OSL
cache-control: private, no-store
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
request-context: appId=cid-v1:7a62fb4e-d728-4460-b21d-e45c61815c0c
set-cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; path=/; HttpOnly; SameSite=Lax
s=; domain=.w88w981.com; expires=Thu, 18-Nov-2021 20:35:06 GMT; path=/
g=; domain=.w88w981.com; expires=Thu, 18-Nov-2021 20:35:06 GMT; path=/
mi=; domain=.w88w981.com; expires=Thu, 18-Nov-2021 20:35:06 GMT; path=/
crt=; domain=.w88w981.com; expires=Thu, 18-Nov-2021 20:35:06 GMT; path=/
lnkMem=; domain=.w88w981.com; expires=Thu, 18-Nov-2021 20:35:06 GMT; path=/
two=; domain=.w88w981.com; expires=Thu, 18-Nov-2021 20:35:06 GMT; path=/
NR=; domain=.w88w981.com; expires=Thu, 18-Nov-2021 20:35:06 GMT; path=/
language=en-us; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
color=grey; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
language=en-us; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
color=grey; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
language=en-us; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
color=grey; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
language=en-us; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
color=grey; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
language=en-us; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
color=grey; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
language=en-us; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
color=grey; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
language=en-us; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
color=grey; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
language=en-us; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
color=grey; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
language=en-us; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
color=grey; domain=.w88w981.com; expires=Sat, 18-Nov-2023 20:35:06 GMT; path=/
SERVERID=twmsweb107; path=/
svr: 07
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ktju6qn5JmVVfObotH5GcVUmEls3gNIfAXr%2BM1wvUNcBkBqSrg26RzFffeuP3JcEgjJG4JlB9hiLK5AEauxgoWMDVhzdyfYwV34N3eUrui60ODa%2Bqc5ekFpFtwxtvXU06A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/fishing/en-us/images/4/Fishing-King-Sea-Beasts.png?0.0.1864

172.66.40.161

200 OK

12 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/fishing/en-us/images/4/Fishing-King-Sea-Beasts.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 320 x 164, 8-bit colormap, non-interlaced\012- data
Size
12 kB (11558 bytes)
Hash
7cbe6b39790447d0dbb7ce9093f63597
a1866ebefbe82df4d8f4fe1b5547b58d030d446d
92cf593e6d8bc39100ed00012bd412dda96bafe289d5680c444f0311f65cdcfc

HTTP Headers

GET /_static/menuApi/prod/menu/fishing/en-us/images/4/Fishing-King-Sea-Beasts.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 11558
cf-ray: 76c37db24cd4b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "4a2228bc3e9d81:0"
last-modified: Thu, 27 Oct 2022 05:14:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LaWpY6umGaDTScqFL5O7NbgSyGbVukRz9ESWsll7%2FVVNdmOSUa4mBc5hoM5boh%2Fz2K%2BLD82xHf%2BdSIJ4eGjSajNz3uZEdowTLAH1RPRbgRLMiG%2FFQi9XrAA2vV3ZmMo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/Playtech.png?0.0.1864

172.66.40.161

200 OK

20 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/Playtech.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 256 x 164, 8-bit colormap, non-interlaced\012- data
Size
20 kB (20462 bytes)
Hash
59d469ee15b93a32bd2bfb36b87a9a81
04bf36a91790737111b2fc5edcbae6b2e0e3e47f
2882954f5e24c4a5f3e47115e1cf17e3b71f8775d9e67abc6753fa15aa2aa516

HTTP Headers

GET /_static/menuApi/prod/menu/slots/en-us/images/5/Playtech.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 20462
cf-ray: 76c37db22c95b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "bdf2a9d92f8cd81:0"
last-modified: Thu, 30 Jun 2022 03:16:55 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0HnFr2f4TnTki5%2BV2nKYNueVgQEhcZio7T%2FCkJxSumqmedi9yb1rzTu9ZxsZIGAJT8B7BwyUaAr7ZRuFYJFEzxxuxynrLeYLUNm%2BZoTa3g2uNQmXJKz38ieiRxIfDY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/microgaming.png?0.0.1864

172.66.40.161

200 OK

19 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/5/microgaming.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 256 x 164, 8-bit colormap, non-interlaced\012- data
Size
19 kB (19343 bytes)
Hash
d8d5c7121e463c36b92e08954f415ee7
393ad813aad4974591356dda47594ef152c35bb9
a947227eda34e29450c1543347b29d4b63732838cff49fba957482e0ed89c96e

HTTP Headers

GET /_static/menuApi/prod/menu/slots/en-us/images/5/microgaming.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 19343
cf-ray: 76c37db21c77b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "4990a7d92f8cd81:0"
last-modified: Thu, 30 Jun 2022 03:16:55 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bWZPr%2FpeHOXKgEK3gqOKIL65sR%2FYNU8DQafIrtdFoplWfy6tG0aF8hpcseF1iRf2fh%2FHrmGAlPzp8aMIU67o8oQE74LeRTVWB5nLGN1z6jKZUjow7xN7wGmkcqTOMr4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/casino/en-us/images/5/Sub-Club-Evolution.png?0.0.1864

172.66.40.161

200 OK

36 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/casino/en-us/images/5/Sub-Club-Evolution.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 256 x 164, 8-bit/color RGBA, non-interlaced\012- data
Size
36 kB (35837 bytes)
Hash
3880a4b00e0ee4a908cd26110744fa72
42e455cf9ed18850a8ba82e4d719fced77401717
2a4c718b4face6931235ab8a1088770b355106a27620b7ce5908d8e5d5c344ac

HTTP Headers

GET /_static/menuApi/prod/menu/casino/en-us/images/5/Sub-Club-Evolution.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 35837
cf-ray: 76c37db20c60b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "ffc5b33da2f4d81:0"
last-modified: Thu, 10 Nov 2022 01:17:46 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HSaZ9KqGM0H8IE4%2BG%2BFkCZr8JL9T11%2BHRjCInlBquBqGjkndcPFkRkOjhZXXhKarvTEezCiEIwEWS75mIRqKByY9yhfdT8%2Ft4NTa0HXOmfcYNlpQ%2FGxB0wwHx6pNmA4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/fishing/en-us/images/3/Chill-Fishing.png?0.0.1864

172.66.40.161

200 OK

11 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/fishing/en-us/images/3/Chill-Fishing.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 426 x 164, 8-bit colormap, non-interlaced\012- data
Size
11 kB (10930 bytes)
Hash
bd23530211f08aa1bc34446a25a67a16
1a2a1dacf0532cde200d8375c1cc1c2411814270
be3ea6875220ea7a5df34d7a7dace4bad45a03864b9adaa16c41ac7157d08446

HTTP Headers

GET /_static/menuApi/prod/menu/fishing/en-us/images/3/Chill-Fishing.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 10930
cf-ray: 76c37db25ceeb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "d872f8ac3e9d81:0"
last-modified: Thu, 27 Oct 2022 05:14:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JS3aG02JQ%2FO3atLN1J1qchFkojhr10CoLmc9A1VjnF2YRMEV32Tc%2Fmc6mPJq0vIIdM4S9TCSyR57j7E%2FTWgK6pcr8o1iedXtfaTaxFG4y96bHUzHfmDV%2FqM8z5ILGgw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/4/more-slot.png?0.0.1864

172.66.40.161

200 OK

2.7 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/slots/en-us/images/4/more-slot.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 320 x 164, 8-bit/color RGBA, non-interlaced\012- data
Size
2.7 kB (2694 bytes)
Hash
15dd7368a13e4b1da6d7bcd8cc067a0f
82ae4c1781dda216f187fa87a42689699f573871
cfa9d33dba2606952feb05f01f784fd8bcb546fdb20196b830c82ac1067a4cd8

HTTP Headers

GET /_static/menuApi/prod/menu/slots/en-us/images/4/more-slot.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 2694
cf-ray: 76c37db23cabb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "fbcc83d92f8cd81:0"
last-modified: Thu, 30 Jun 2022 03:16:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8C25rQRGKu71kAGOrJNLTHlW7BDH9l3TRomELcaigLxWUNxroSOLrwZkxkDZUADansp6n7Fe3rf%2B%2FeahM9BVY27ZEUzJ%2BnIaeUIJrKlck4ltbh%2FNjJ%2F3DHX1C%2FG4E4g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/fishing/en-us/images/4/Ocean-Explorer.png?0.0.1864

172.66.40.161

200 OK

11 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/fishing/en-us/images/4/Ocean-Explorer.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 320 x 164, 8-bit colormap, non-interlaced\012- data
Size
11 kB (10751 bytes)
Hash
afdaa8bf193d93b586cbc974e41a0f76
96632e33d033f0cf418ffc9253ddf75c3a19adf2
dfe1faa8e60093966ec99829da15f7824d91a01f9918c1bb2878974b8d299fab

HTTP Headers

GET /_static/menuApi/prod/menu/fishing/en-us/images/4/Ocean-Explorer.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 10751
cf-ray: 76c37db25ce8b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "8e72cbc3e9d81:0"
last-modified: Thu, 27 Oct 2022 05:14:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6t3xezTpqzy5wGjS4WoqvN4QzOysvBmGalz4O2UobNAtvb3QHYYc5Dd3HjUdoyyrhfzvGXse2CGaXKacC2xG%2F54PgktTLJ0GziKlpi7ik7uLPflCCx%2FwzWJfi%2B03tP0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Thai-Hi-Lo.png?0.0.1864

172.66.40.161

200 OK

6.1 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Thai-Hi-Lo.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 213 x 164, 8-bit colormap, non-interlaced\012- data
Size
6.1 kB (6108 bytes)
Hash
54dfd30189bae2901f5b01853d95ca4e
09f3ff04eac55e96b25924cef842c79a30e1a898
3659fff3caa2f7c423c33afce8bbd9a8e2c0c89346e5cf632a305aaaeb72ffdb

HTTP Headers

GET /_static/menuApi/prod/menu/games/en-au/images/6/Thai-Hi-Lo.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 6108
cf-ray: 76c37db26d10b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "4ffedabf3ac7d81:0"
last-modified: Tue, 13 Sep 2022 06:33:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0SXGgOJY1lADrLAy8%2FDmiLs8DEhgV1hwHIoK5sy1ulUl8gH9fvzQ%2BFxv87r8QaSxGB%2B8h%2F68nFQZETmlNt84X6un7WbH%2ByowaWXR3WDElSY23Eq5dQPYy89vdUBxUpM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/FPC-Scratch-to-win.png?0.0.1864

172.66.40.161

200 OK

6.5 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/FPC-Scratch-to-win.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 213 x 164, 8-bit colormap, non-interlaced\012- data
Size
6.5 kB (6504 bytes)
Hash
25fea218d4ccc8803a1806014e54df77
a1931bf89a761eb9c4a7b9761f6b8ee3ca54fc2b
27f6f67eab3e67eabc626aff186ea3959c7aa6b6302c123b944f085f59780420

HTTP Headers

GET /_static/menuApi/prod/menu/games/en-au/images/6/FPC-Scratch-to-win.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 6504
cf-ray: 76c37db27d1bb4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "e774d1bf3ac7d81:0"
last-modified: Tue, 13 Sep 2022 06:33:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F0QWYNbOteZ942%2Fn2E5z8tbKOpEX%2FD55mudU43f26XBzghuubWarcNroQraRSpsYQBImhykj03%2FuQEU4AWXi9HGfuuSqs5dxshHxGwNgd93efifApI4rMStVUl%2F2jnY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Microgaming.png?0.0.1864

172.66.40.161

200 OK

6.7 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Microgaming.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 213 x 164, 8-bit colormap, non-interlaced\012- data
Size
6.7 kB (6735 bytes)
Hash
bda7590b86d237be2d071b644253d6b2
4cb15810b4f62553bce323d2e0fa1cdbd6d25ea9
7cb44ffa06f934952e29a51b7640cad46531e5bfe21cc409c49696bf15ec106e

HTTP Headers

GET /_static/menuApi/prod/menu/games/en-au/images/6/Microgaming.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 6735
cf-ray: 76c37db29d51b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "e774d1bf3ac7d81:0"
last-modified: Tue, 13 Sep 2022 06:33:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fel2LvpJXRdQkppxYy5hBZwGmFqCT6SlNqWYn%2BmbCpp%2FS14bG6Dgh58kJcdmm%2B%2FJx7mzpKukiM0KKJteN21VWCGZ7WP4fPA1q1JnQXQ1BoBEdckq1IlKDESPoSE2NCU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_static/_css/custom-theme/jquery-ui.min.css

172.66.40.129

200 OK

11 kB

URL HTTP/2
www.w88w981.com/_static/_css/custom-theme/jquery-ui.min.css
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (25659), with CRLF line terminators
Size
11 kB (10679 bytes)
Hash
26bc23d1083fd28878dabe7ef4ecd9e8
e9adcd69bb973a1eaf0a4030efa783a7959dba88
965bab7ab3420f7125af9e7973d2d2b18e19e48f6ffa072dbdbbce3c871ecb60

HTTP Headers

GET /_static/_css/custom-theme/jquery-ui.min.css HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: text/css
cf-ray: 76c37da22b05b511-OSL
cache-control: max-age=14400
etag: W/"087ad5a43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:18 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OyRWTQ6%2Fjg4pqK6P0kJpXhNbZMXJSIoHTwAxTf%2BcN5Jv4ju5aw78C7m1H3lR%2FWiyRDnyXq3eGJM2ekL77GF8eaZ%2BKBbQg%2FI7JbYOIexzDQPt0QZUgtgaRFZyyg0C6ZzsKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/fishing/en-us/images/3/Pirates-Fishing.png?0.0.1864

172.66.40.161

200 OK

13 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/fishing/en-us/images/3/Pirates-Fishing.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 426 x 164, 8-bit colormap, non-interlaced\012- data
Size
13 kB (13429 bytes)
Hash
01b04aa7c47b5f62adc196b3390d17bc
41de288b8400488392b4cfafac1fd1e880406c29
0abaf7aa7a2eea2392ec91c07db6b4568e476bf94e10e46e0224532dc7fd80b5

HTTP Headers

GET /_static/menuApi/prod/menu/fishing/en-us/images/3/Pirates-Fishing.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 13429
cf-ray: 76c37db26cf9b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "13c16bc3e9d81:0"
last-modified: Thu, 27 Oct 2022 05:14:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FVMDYP%2BtQ8tzxE2DkAlUCE1ORofWXuADsm0MYOmmJy2j4W3ss18aOxWA3MSfCaNB3hzxqWEGkIs8B%2B54hg%2FcDdVmZtXBkdPHK7vlixUvGq4VhTz2wIFbeR3cyk1fBH4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.w88w981.com/_secure/ajax/api/menu/casino/en-us/

172.66.40.129

200 OK

8.6 kB

URL HTTP/2
www.w88w981.com/_secure/ajax/api/menu/casino/en-us/
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (2278), with no line terminators
Size
8.6 kB (8572 bytes)
Hash
91310abe1837cfee8bbc204c51748e3f
e396dd45bab887a5b41d515f036acb97060857fa
1ca29d70399c70cdc74fd2cf1cb2cf2671b01eaf57ce0c92281b775cd6944d49

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_secure/ajax/api/menu/casino/en-us/ HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer OElWYW1NVTJsMU02UG5NdWFCc2RkNlVjcDhSTHpaazhxbW1CUVpvYlJxTUFkSitPM1Avc2t4NW0zR3Q3MlhPRkpCMy9WZm82ZlB4dElrWlQ3SXZaSG0yMHAzWTlwVE9BYlFkaHp0TFlTcTBSRUp0UmRsNGxVSDNoN1RUUit4a2w=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: application/json; charset=utf-8
cf-ray: 76c37dac6a93b511-OSL
cache-control: private
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
request-context: appId=cid-v1:befc641a-1b45-4261-8b4f-ca637b9caad0
svr: 07
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7Zii7IFyA%2BNRn2R%2BsQbxqlECrP7Ie9PqpqyASuXQelwZOAdLASch7y1LVrYFs6EA80xfN2Yd%2B0FCfCgwsfSv6A%2F8Lvo3%2F94gr24f7AtItY8U8Mh9zAn7BtpNR7vRImmTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Thai-Hi-Lo-Deluxe.png?0.0.1864

172.66.40.161

200 OK

6.7 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Thai-Hi-Lo-Deluxe.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 213 x 164, 8-bit colormap, non-interlaced\012- data
Size
6.7 kB (6697 bytes)
Hash
8e400de0fd92c16f4a0bc39d827e44ee
2e7bfd0d5cee33d7d3db2858fc717b09f60fe9d3
bb3b5aa0a592e24974f4e909de03db309e5d34bc8ac6f7acae4e43e658cb9cd5

HTTP Headers

GET /_static/menuApi/prod/menu/games/en-au/images/6/Thai-Hi-Lo-Deluxe.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 6697
cf-ray: 76c37db26d11b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "4ffedabf3ac7d81:0"
last-modified: Tue, 13 Sep 2022 06:33:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYPayEMGeUBuMjOV78ILKk3UR7uJYjbM8jlVEXIRTTSuB1ws9czLjmdkKmSZXaMjDKiEFsgIVFP8oKf7C4ot%2FGHfOUaJwoZX3HtCqK6ydbZLvFw9hqR1X4D4JZES2LY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Tai-Xiu.png?0.0.1864

172.66.40.161

200 OK

6.2 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/games/en-au/images/6/Tai-Xiu.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 213 x 164, 8-bit colormap, non-interlaced\012- data
Size
6.2 kB (6166 bytes)
Hash
594b59729d6ebfbcd7bb262e7fc82b9d
b59748c643bb49bc2f0c0c819f07f581db8bb8da
57b1d287366867f14018a76c9eec99efc0ebe0217ade85c67ce7d659c1a13d62

HTTP Headers

GET /_static/menuApi/prod/menu/games/en-au/images/6/Tai-Xiu.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 6166
cf-ray: 76c37db26d04b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "f39bd8bf3ac7d81:0"
last-modified: Tue, 13 Sep 2022 06:33:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EOhvppJVNeEA6DYy%2FQN0X1%2FRQFGUaOjOeAuB%2BTLrTniUiGOCejIBRTWAHHzB3zIC%2FWJ6%2Fj85bcBXTXb%2FNGPDL%2FsTqbAG343ERQzRKazhcBVisLsfveBkgo7e%2Fj%2FbBbA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/p2p/en-us/images/4/domino-qq.png?0.0.1864

172.66.40.161

200 OK

23 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/p2p/en-us/images/4/domino-qq.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 320 x 164, 8-bit/color RGBA, non-interlaced\012- data
Size
23 kB (23069 bytes)
Hash
6c5d5a4b65714735cd065858ff5d3c40
c6a1af9a5770591ff17e3e3afe0f869939f0eb27
4d85dfc474b052a3496541d4b5a171930c7dca9f9d1e35272f44427234abb0fa

HTTP Headers

GET /_static/menuApi/prod/menu/p2p/en-us/images/4/domino-qq.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/png
content-length: 23069
cf-ray: 76c37db2bd72b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "cbcff9e3293fd81:0"
last-modified: Thu, 24 Mar 2022 02:50:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8O4YjjXUo3ldonDgHm9Zn1J4mB9tYfCU4vSEjVrr1P61Wj6opV6zPGkuSlkyN0BeW6wIlu1ljknpW8MBhaYPNC4BZkn9cmEzyjJ%2F50AIzFUg0jspShqi%2BQWqd6v1P8g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

216.239.38.178

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
216.239.38.178:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 18 Nov 2022 18:41:09 GMT
expires: Fri, 18 Nov 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 6842
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn.w88ux.net/_static/menuApi/prod/menu/casino/en-us/images/5/Sub-Club-W-Casino.png?0.0.1864

172.66.40.161

200 OK

69 kB

URL HTTP/2
cdn.w88ux.net/_static/menuApi/prod/menu/casino/en-us/images/5/Sub-Club-W-Casino.png?0.0.1864
IP
172.66.40.161:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 256 x 164, 8-bit/color RGBA, non-interlaced\012- data
Size
69 kB (69273 bytes)
Hash
aad591f9b9da734b1cd4d4e160595581
72aba075540111e216d36da15339872d0e2e50a2
3c24f0a9f039ea17bf515ae0880ade441e915c56dd2b7d8eab76a40c7b8fcd3d

HTTP Headers

GET /_static/menuApi/prod/menu/casino/en-us/images/5/Sub-Club-W-Casino.png?0.0.1864 HTTP/1.1
Host: cdn.w88ux.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:11 GMT
content-type: image/png
content-length: 69273
cf-ray: 76c37db20c67b4ed-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "b888b83da2f4d81:0"
last-modified: Thu, 10 Nov 2022 01:17:46 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RrCYGjCTp0jbZtHaaGMsvs6PYoyNPswkybruyrq%2B4ThGdXGC0crVt3Dfr1ZssMG%2BsAw%2BwZGoKpLHFSeM15Atnr6B6d7JPvPq6NMLkUi5OjKBQAg%2Bm0DgvgdNjL5wE%2Fc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.google-analytics.com/j/collect?v=1&_v=j98&a=1658773833&t=pageview&_s=1&dl=https%3A%2F%2Fwww.w88w981.com%2F&ul=en-us&de=UTF-8&dt=W88.com%20Online%20Sportsbook%2C%20Live%20Casino%2C%20Slots%2C%20Keno%2C%20Lottery%2C%20%E4%BC%98%E5%BE%B7W88&sd=24-bit&sr=1280x1024&vp=1268x927&je=0&_u=YEBAAUABAAAAACAAI~&jid=922871372&gjid=1852863034&cid=571471605.1668803709&tid=UA-160363484-1&_gid=1502655946.1668803709&_r=1&gtm=2oub90&z=992227444

216.239.38.178

200 OK

1 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j98&a=1658773833&t=pageview&_s=1&dl=https%3A%2F%2Fwww.w88w981.com%2F&ul=en-us&de=UTF-8&dt=W88.com%20Online%20Sportsbook%2C%20Live%20Casino%2C%20Slots%2C%20Keno%2C%20Lottery%2C%20%E4%BC%98%E5%BE%B7W88&sd=24-bit&sr=1280x1024&vp=1268x927&je=0&_u=YEBAAUABAAAAACAAI~&jid=922871372&gjid=1852863034&cid=571471605.1668803709&tid=UA-160363484-1&_gid=1502655946.1668803709&_r=1&gtm=2oub90&z=992227444
IP
216.239.38.178:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

OPTIONS /j/collect?v=1&_v=j98&a=1658773833&t=pageview&_s=1&dl=https%3A%2F%2Fwww.w88w981.com%2F&ul=en-us&de=UTF-8&dt=W88.com%20Online%20Sportsbook%2C%20Live%20Casino%2C%20Slots%2C%20Keno%2C%20Lottery%2C%20%E4%BC%98%E5%BE%B7W88&sd=24-bit&sr=1280x1024&vp=1268x927&je=0&_u=YEBAAUABAAAAACAAI~&jid=922871372&gjid=1852863034&cid=571471605.1668803709&tid=UA-160363484-1&_gid=1502655946.1668803709&_r=1&gtm=2oub90&z=992227444 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: request-id,traceparent
Referer: https://www.w88w981.com/
Origin: https://www.w88w981.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
date: Fri, 18 Nov 2022 20:35:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
57e245b8193ae7901b332a125f1c7e75
bf2ae9af39c6e940bd116565af3b8df13e7244fa
80ff1ce0f537364d0b8820f5fb659556f2f3c7ba6b6702c3cc068bb30a446cea

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 20:35:11 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 03:43:27 GMT
Expires: Wed, 23 Nov 2022 03:43:26 GMT
Etag: "bf2ae9af39c6e940bd116565af3b8df13e7244fa"
Cache-Control: max-age=370694,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76c37dba58fdb518-OSL

lptag.liveperson.net/tag/tag.js?site=60004665

178.249.101.23

200 OK

7.6 kB

URL HTTP/2
lptag.liveperson.net/tag/tag.js?site=60004665
IP
178.249.101.23:0
ASN
#11054 LIVEPERSON

File type
ASCII text, with very long lines (21652), with no line terminators
Size
7.6 kB (7567 bytes)
Hash
6b675640425ec8551a433e26a377d954
7234f02cce1ccb2a4facf2b34b9185cfcf27299d
8c9716f14d2e964be7c93d3d8c28819cb35c529fce6206a79061cda509e05bfd

HTTP Headers

GET /tag/tag.js?site=60004665 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:11 GMT
content-type: application/javascript
content-length: 7567
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
etag: "5f50a905-1d8f"
content-encoding: gzip
server: ws
strict-transport-security: max-age=300; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
cache-control: public, max-age=630
x-content-type-options: nosniff
X-Firefox-Spdy: h2

static.pupbg-static.com/flgs/Germany.png

104.26.3.60

200 OK

452 B

URL HTTP/2
static.pupbg-static.com/flgs/Germany.png
IP
104.26.3.60:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
452 B (452 bytes)
Hash
ae19f901c9b0cb2d0ab291ec9a61bf60
b5c2997f6be9eb9cbba73c9a20ad9a71b24f1f4f
0c3172017569c11416a46a1e27dbed43350345e34bbf9524d73700dd3de9a44c

HTTP Headers

GET /flgs/Germany.png HTTP/1.1
Host: static.pupbg-static.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:11 GMT
content-type: image/webp
content-length: 452
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1056
content-disposition: inline; filename="Germany.webp"
etag: "06700748022249e1922263892aaa7aa0"
last-modified: Wed, 26 May 2021 08:34:17 GMT
vary: Accept
x-amz-id-2: 3n76k/8xhZdIYGWNsBmxI6SthXJucgb8rE1EjiKxuAP9NhpPzQdd75jCLY1bYUPcHZqF2PSdOf4=
x-amz-request-id: 5SNF48BTQHVFHBQ6
cache-control: max-age=1800
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZdnt%2BIteRfNk5IPv9T%2FsNgHuxfqSN9usTXF7MxeMCQ54035YuG%2FxrXfjrRTUT%2F48z8QlzbGv31smjkhdlJCR%2Bspf4JDGNQNq64%2FWNoO0ctAbft7GcNodVqAfwv5XJ0kzD%2FRRJfi1Ao2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76c37dbaba29fab4-OSL
X-Firefox-Spdy: h2

static.pupbg-static.com/flgs/Poland.png

104.26.3.60

200 OK

462 B

URL HTTP/2
static.pupbg-static.com/flgs/Poland.png
IP
104.26.3.60:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
462 B (462 bytes)
Hash
2c57d6b5a2775a965d22bf4b2191b170
28cbc46d8c644e3946c5568a18473b78c600c419
e2b1fccb1c52045b59458b3462ef726160877ad9899ab564c5a9e3d91d91ed3b

HTTP Headers

GET /flgs/Poland.png HTTP/1.1
Host: static.pupbg-static.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:11 GMT
content-type: image/webp
content-length: 462
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1184
content-disposition: inline; filename="Poland.webp"
etag: "718c2fc2a97bc4c195dd2de59e70d94a"
last-modified: Wed, 26 May 2021 08:34:16 GMT
vary: Accept
x-amz-id-2: o3gkCUr0rLluDj6dKBdE+zb2z01Z56y8ZL7MfjFtgwaqCoTNUMzSFcDM2BvlAbjER1coMFbxk5A=
x-amz-request-id: 5AAEK6TGSTRWMYQZ
cache-control: max-age=1800
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Tiok8jZzDKj1lbQKauV9F89UMmh%2Fczv99tcA0Po8VZykd0JTu2coqxSRXk29Wzf98exJm5GOF41QCxEcz6SXREhKwHNxjAKgfz65bzkQ0MnAJsMls8clInj3X511E%2BAZfKC3uptpBFn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76c37dbaaa21fab4-OSL
X-Firefox-Spdy: h2

static.pupbg-static.com/flgs/Denmark.png

104.26.3.60

200 OK

488 B

URL HTTP/2
static.pupbg-static.com/flgs/Denmark.png
IP
104.26.3.60:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
488 B (488 bytes)
Hash
85d4ca794b82da4eb2a95056fdb098f8
382ae0cd05fd38a957b9ec70743cbb60a0e33a35
0c7cea3083bc07f4d00713335789b6f83ce808c00845a162dd6748cf31b408a6

HTTP Headers

GET /flgs/Denmark.png HTTP/1.1
Host: static.pupbg-static.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:12 GMT
content-type: image/webp
content-length: 488
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1293
content-disposition: inline; filename="Denmark.webp"
etag: "e94f3595b081e6d4cf797e8bf50234fa"
last-modified: Wed, 26 May 2021 08:34:16 GMT
vary: Accept
x-amz-id-2: qINk+01og5pVKFkDGIdP/rpyAo/wsQHVZuKIka9V4OB+fk5sIriXH5dXjAtDaNZ01p3v6+gBW9vcOoFgqDq86A==
x-amz-request-id: TKVG4CXWYW6AJ096
cache-control: max-age=1800
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rm%2BZiqw80brU9n%2B4i%2FFY0h8dzJ0tgTK%2FS3xE45zLW2HkwEGfT7pWcgZ2cR7Fq%2BVRVK%2BjngAqH%2FcQcZwbkmcoHV%2Fi8EIrUVwMTxhOAf7Lp9NS5TMcF5FOvL4GjNP6DRQ0pOON9g%2BIBDkL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76c37dbaaa23fab4-OSL
X-Firefox-Spdy: h2

static.pupbg-static.com/flgs/France.png

104.26.3.60

200 OK

508 B

URL HTTP/2
static.pupbg-static.com/flgs/France.png
IP
104.26.3.60:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
508 B (508 bytes)
Hash
ed481ceb1f31afd09aa9917cfddcfdee
82d4edcd8989fa340243150c4eaa72dda416cdff
8f894bbaa66e44a4089af1c0142e74f5c91974d0e8df9f3091b82bdf17bb1d2d

HTTP Headers

GET /flgs/France.png HTTP/1.1
Host: static.pupbg-static.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:12 GMT
content-type: image/webp
content-length: 508
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1273
content-disposition: inline; filename="France.webp"
etag: "88998292fa121d91a835229651f66bd5"
last-modified: Wed, 26 May 2021 08:34:16 GMT
vary: Accept
x-amz-id-2: /tE8pDoeqgP2Vub/iib1r3QDtNrjN/IjifTm6sDnRDO3F7xqgl8MelLjdMqzvHadfiPhOUelsuQ=
x-amz-request-id: H4Z6VS6CPG2S84PV
cache-control: max-age=1800
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MGz327sy%2FzEg%2F%2BAfXgXZhjEGGU3bu8qGond6JrcMf2vPyJWfMUApSYABaH49JcWjBqyPXsVojcbXOoIaggaDyeykueRHwr%2FyqBJzFrsLidcsFepM0fpVqvIPulUWmTNVAlRD57nrgCo0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76c37dbaaa24fab4-OSL
X-Firefox-Spdy: h2

static.pupbg-static.com/flgs/Croatia.png

104.26.3.60

200 OK

1.3 kB

URL HTTP/2
static.pupbg-static.com/flgs/Croatia.png
IP
104.26.3.60:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.3 kB (1266 bytes)
Hash
4a07d33b2ffd3c080fde0487c538307a
7eb5c31ce5607db1249297258397acf66327d8dd
4c12ea7f471aee2589337e90fc7879f58465fe513b40a7adb7d18b6665792201

HTTP Headers

GET /flgs/Croatia.png HTTP/1.1
Host: static.pupbg-static.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:12 GMT
content-type: image/webp
content-length: 1266
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=2141
content-disposition: inline; filename="Croatia.webp"
etag: "a40ff80bd57ac7ec9b5e3a4a1770c44b"
last-modified: Wed, 26 May 2021 08:34:16 GMT
vary: Accept
x-amz-id-2: NI1NDJz6lXk4DzK6FtKc17RuPeJ6xpcE74EXNAP8QNr8BqjHoRTQjsApmzp3wOrDi6ak8puet+0=
x-amz-request-id: H4ZA2M5SR4MQFV6H
cache-control: max-age=1800
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TXimiQGHx%2FE5%2FQlIzuQ61Ud%2BjOschArxDbI%2F6T782CAhkNAAompIFJHalgU6iwZK6chrx%2FlfxlqTkpQEk3Upy8oL1yRvWrv%2Fd8CUXQmKm066%2BzbW2seOx5FneEE4VwWiFNnimJodJMR9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76c37dbaba26fab4-OSL
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
401b16112e86bc48e9a6a71ef8703a8f
1040628849c2689ef425fb3b7afa7fc444b48cfd
c5569578db11133f26a4be79b0b969cf340755ba5e26c865ec81ecb6c5beb51d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 20:35:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 18 Nov 2022 16:31:55 GMT
Expires: Fri, 25 Nov 2022 16:31:54 GMT
Etag: "1040628849c2689ef425fb3b7afa7fc444b48cfd"
Cache-Control: max-age=589601,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76c37dc30964b4ee-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
401b16112e86bc48e9a6a71ef8703a8f
1040628849c2689ef425fb3b7afa7fc444b48cfd
c5569578db11133f26a4be79b0b969cf340755ba5e26c865ec81ecb6c5beb51d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 20:35:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 18 Nov 2022 16:31:55 GMT
Expires: Fri, 25 Nov 2022 16:31:54 GMT
Etag: "1040628849c2689ef425fb3b7afa7fc444b48cfd"
Cache-Control: max-age=589601,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76c37dc35dd1b4ed-OSL

www.w88w981.com/_secure/ajax/api/handler/contactus/home/en-us/USD?riskId=N

172.66.40.129

200 OK

757 B

URL HTTP/2
www.w88w981.com/_secure/ajax/api/handler/contactus/home/en-us/USD?riskId=N
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (838), with no line terminators
Size
757 B (757 bytes)
Hash
3749e7b5281a43c7e70632e653a7703c
12dc08f3f622eeb85f0dd20d1fa05cc85a62e9b0
25b38a01a114699df4f2a70fa7e019602d433651a7c9f526ed27cf53dbd9f1a5

HTTP Headers

GET /_secure/ajax/api/handler/contactus/home/en-us/USD?riskId=N HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer OElWYW1NVTJsMU02UG5NdWFCc2RkNlVjcDhSTHpaazhxbW1CUVpvYlJxTUFkSitPM1Avc2t4NW0zR3Q3MlhPRkpCMy9WZm82ZlB4dElrWlQ3SXZaSG0yMHAzWTlwVE9BYlFkaHp0TFlTcTBSRUp0UmRsNGxVSDNoN1RUUit4a2w=
X-Requested-With: XMLHttpRequest
Request-Id: |49167c3dc3504342aabd28f49430feb0.9dc56c0c930d4d10
traceparent: 00-49167c3dc3504342aabd28f49430feb0-9dc56c0c930d4d10-01
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z; clientIp=91.90.42.154; ai_session=YvtLmJSUPX+wIkHQCMK4tc|1668803707751|1668803707751; popup=6478
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: application/json; charset=utf-8; =utf-8
cf-ray: 76c37db32d4bb511-OSL
cache-control: must-revalidate, max-age=1800
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
cache-src: red
request-context: appId=cid-v1:befc641a-1b45-4261-8b4f-ca637b9caad0
svr: 07
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t994y%2F%2FRBghmzLQefH0d%2BguWzwXwB77H9GADCQTI3%2FGojpeiB%2BaJtiugEg%2FsateN4u7Oe48hgUkkR6ZM6yF8l4oZGjiUBiGhpFPej5z5j6mU7qN7MWa0IsS1wNZGZOMVAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

dc.services.visualstudio.com/v2/track

13.69.106.208

200 OK

0 B

URL HTTP/2
dc.services.visualstudio.com/v2/track
IP
13.69.106.208:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /v2/track HTTP/1.1
Host: dc.services.visualstudio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Referer: https://www.w88w981.com/
Origin: https://www.w88w981.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Fri, 18 Nov 2022 20:35:11 GMT
content-length: 0
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
401b16112e86bc48e9a6a71ef8703a8f
1040628849c2689ef425fb3b7afa7fc444b48cfd
c5569578db11133f26a4be79b0b969cf340755ba5e26c865ec81ecb6c5beb51d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 20:35:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 18 Nov 2022 16:31:55 GMT
Expires: Fri, 25 Nov 2022 16:31:54 GMT
Etag: "1040628849c2689ef425fb3b7afa7fc444b48cfd"
Cache-Control: max-age=589601,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76c37dc30d3fb518-OSL

lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/surveylogicinstance.min.js?version=10.23.0.0-release_5549

178.249.97.98

200 OK

3.3 kB

URL HTTP/2
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/surveylogicinstance.min.js?version=10.23.0.0-release_5549
IP
178.249.97.98:0
ASN
#11054 LIVEPERSON

File type
data
Size
3.3 kB (3327 bytes)
Hash
3d9265e32f8d3d365e895e2e5ac6a2f0
12f05815a3cc2e95ae79e5ee85c5238c3804b275
c37ca2e1cc7a81ac375d0ac638ca16189948a8e35bde0aa3a810aae356b06a62

HTTP Headers

GET /le_unified_window/10.23.0.0-release_5549/surveylogicinstance.min.js?version=10.23.0.0-release_5549 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:12 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 22:03:25 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sat, 18 Nov 2023 20:35:12 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2

accdn.lpsnmedia.net/api/account/60004665/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

178.249.101.99

200 OK

1.0 kB

URL HTTP/2
accdn.lpsnmedia.net/api/account/60004665/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
IP
178.249.101.99:0
ASN
#11054 LIVEPERSON

File type
data
Size
1.0 kB (1011 bytes)
Hash
379a977ff6e0380f4139506c67133381
7993e538bdd19ed84fab3c690c6b9552e066b226
a46daa06d9865793e066e8463b100d49d6cbf6d01f4547135f3e2e33f8142a2b

HTTP Headers

GET /api/account/60004665/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:12 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:24|g:5fa6ec9d-736e-43c5-9a6a-3280f39f831d; Max-Age=30; Expires=Fri, 18-Nov-2022 20:35:42 GMT; Path=/
ADRUM_BTa=R:24|g:5fa6ec9d-736e-43c5-9a6a-3280f39f831d|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Fri, 18-Nov-2022 20:35:42 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Fri, 18-Nov-2022 20:35:42 GMT; Path=/; Secure
ADRUM_BT1=R:24|i:2241585; Max-Age=30; Expires=Fri, 18-Nov-2022 20:35:42 GMT; Path=/
ADRUM_BT1=R:24|i:2241585|e:5; Max-Age=30; Expires=Fri, 18-Nov-2022 20:35:42 GMT; Path=/
vary: Accept
expires: Fri, 18 Nov 2022 20:36:12 GMT
x-envoy-upstream-service-time: 0
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: MISS
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ui-framework.js?version=10.23.0.0-release_5549

178.249.97.98

200 OK

321 kB

URL HTTP/2
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ui-framework.js?version=10.23.0.0-release_5549
IP
178.249.97.98:0
ASN
#11054 LIVEPERSON

File type
data
Size
321 kB (320719 bytes)
Hash
952dced6f8bbc7b2f3ec66175b3fab0c
31701df14540c357e7d8a3e46113fd87344c111c
2fdb7e2060b69ebd81d063fba82bb37d0af9256114f5e847447671e24c2beb8e

HTTP Headers

GET /le_unified_window/10.23.0.0-release_5549/ui-framework.js?version=10.23.0.0-release_5549 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:12 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 22:03:25 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sat, 18 Nov 2023 20:35:12 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9672fb80-baaa-4ab8-b080-dc8c1ce94400.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12065 bytes)
Hash
05289172c1455c4134e496c6f4606efd
ce1bb33256b0754f9acc01e7e9f3e5dc85f89244
a8b4411a0310cc376efe2aec7c0830b8d3b63b8827631b0ff43ec092f1f80f82

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9672fb80-baaa-4ab8-b080-dc8c1ce94400.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 12065
x-amzn-requestid: 45c97153-71c7-4985-a1ad-fc21a509d153
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-K5FyVIAMFtDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376aa45-0f9d22dd544a4580570f3089;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dxT2WJB7m5tUhgBn2PwTIN4Zskzm3X7CW-29hl1nCyNPbKt5j6q5iA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:55:27 GMT
age: 81588
etag: "ce1bb33256b0754f9acc01e7e9f3e5dc85f89244"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

lpcdn.lpsnmedia.net/le_re/3.53.1.0-release_5134/jsv2/UISuite.js?_v=3.53.1.0-release_5134

178.249.97.98

200 OK

12 kB

URL HTTP/2
lpcdn.lpsnmedia.net/le_re/3.53.1.0-release_5134/jsv2/UISuite.js?_v=3.53.1.0-release_5134
IP
178.249.97.98:0
ASN
#11054 LIVEPERSON

File type
data
Size
12 kB (11853 bytes)
Hash
b57c4770b357f4011c5530a6303c0a79
b2d3deb5a77d70dc0db1981a5dafcdc56b63b371
142b2bdff6f93e0367974c649f94005179da2508fccadcc6887869eefe4da097

HTTP Headers

GET /le_re/3.53.1.0-release_5134/jsv2/UISuite.js?_v=3.53.1.0-release_5134 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:15 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 21:59:46 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sat, 18 Nov 2023 20:35:15 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2

www.w88w981.com/_static/js/client.pushy.v2.js?0.0.911

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/js/client.pushy.v2.js?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/js/client.pushy.v2.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da24b45b511-OSL
cache-control: max-age=14400
etag: W/"0e7198c99ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:46 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c6ixWV7WIrLlPCZcDQHe68raOQ4LkY1DLE9tp%2F92JOWqKPaNX7M7bbeZLzfcSbykYyAFEzdfQVMLN8O2XuBFeChtR2cCcblIwLBDPNsX2zy90M2F2dtJUyJxiB1a5g7vSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_secure/ajax/api/qrcode/floating/download/w88w981.com/true/en-us

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_secure/ajax/api/qrcode/floating/download/w88w981.com/true/en-us
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_secure/ajax/api/qrcode/floating/download/w88w981.com/true/en-us HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer OElWYW1NVTJsMU02UG5NdWFCc2RkNlVjcDhSTHpaazhxbW1CUVpvYlJxTUFkSitPM1Avc2t4NW0zR3Q3MlhPRkpCMy9WZm82ZlB4dElrWlQ3SXZaSG0yMHAzWTlwVE9BYlFkaHp0TFlTcTBSRUp0UmRsNGxVSDNoN1RUUit4a2w=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: application/json; charset=utf-8
cf-ray: 76c37daa6fbdb511-OSL
cache-control: private
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
request-context: appId=cid-v1:befc641a-1b45-4261-8b4f-ca637b9caad0
svr: 07
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8bH%2F6dqwWGPPVcuOcPJqNfqVWVlv7o7WtXFS5FC8lZKQeaZY1FMOfpGDvBgHB4mG2IHPdxUS3fPuTD6CFDfz2NTxyb3qjkclvHX0EuS3qcaGmSByx5HWEfH2tllJigNv9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.js?loc=https%3A%2F%2Fwww.w88w981.com&site=60004665&force=1&env=prod

178.249.97.98

200 OK

0 B

URL HTTP/2
lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.js?loc=https%3A%2F%2Fwww.w88w981.com&site=60004665&force=1&env=prod
IP
178.249.97.98:0
ASN
#11054 LIVEPERSON

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /le_secure_storage/3.19.0.0-release_5079/storage.secure.min.js?loc=https%3A%2F%2Fwww.w88w981.com&site=60004665&force=1&env=prod HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:13 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 22:00:32 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sat, 18 Nov 2023 20:35:13 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2

www.w88w981.com/_static/js/daily.attendance.js?0.0.911

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/js/daily.attendance.js?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/js/daily.attendance.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da24b51b511-OSL
cache-control: max-age=14400
etag: W/"0af356fa5f4d81:0"
last-modified: Thu, 10 Nov 2022 01:40:38 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fG%2F%2FIaaiTi8D88wTtDNTcV77Pa3m95btzvlQzpPB7Dfh879b%2Bg8suDTqPRyBQIRR3Zq6d4ugCTo0w73gydaQDB9DsUW%2F2XAUeCqQP0P2yLLB%2BIXIP6qRaH9XIE0jiHlfRg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/plugins/jquery/knockout.mapping.min.js

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/plugins/jquery/knockout.mapping.min.js
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/plugins/jquery/knockout.mapping.min.js HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da24b33b511-OSL
cache-control: max-age=14400
etag: W/"038b67343fbd51:0"
last-modified: Mon, 16 Mar 2020 03:32:00 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rdrjbZSgUwMyXaz3FuTke3ztKswmthQiJQ1IMZh9wRagITppI0JQaVkLEsUzycx75gXxza%2BAEVkhriR23giloXeOi9r0oMr4lDW6g8FBnu5YooN1J1nrP2wsTzVZrcH31g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/svg/grey/announcement-right.svg

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/svg/grey/announcement-right.svg
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/svg/grey/announcement-right.svg HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/_static/_css/icons.css?0.0.911
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: image/svg+xml
cf-ray: 76c37da9be9db511-OSL
cache-control: max-age=14400
etag: W/"0dabeddfd47d81:0"
last-modified: Mon, 04 Apr 2022 08:27:48 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BsfnTxzkmlwqQaCDIhj8%2Fyng7yzPHVZN4VnbBlc%2FmQrhjopb4ysSzLYZYyQGkgBP0WrZno7q9YFlbdxGqererUZUwaYMHMxJgwIajmHTiPv2FrfjhG8MBrFORbTlB3yDEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/js/mobile.download.js?0.0.911

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/js/mobile.download.js?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/js/mobile.download.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da37d0fb511-OSL
cache-control: max-age=14400
etag: W/"0af356fa5f4d81:0"
last-modified: Thu, 10 Nov 2022 01:40:38 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 04
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R4hVV6Db3TWkQn01yNWjGRu7I6DVEe2KS1%2FosWRlxgbRctyKufUm0l4Wxga5d9ZziE11bSbMXp08TDv1M2A5KiCo1Uo11ZJKH0vQ9MGliDJw1Yx2%2Fgv6SN1PywmU5kvErQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fwww.w88w981.com&site=60004665&env=prod

178.249.97.98

200 OK

0 B

URL HTTP/2
lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fwww.w88w981.com&site=60004665&env=prod
IP
178.249.97.98:0
ASN
#11054 LIVEPERSON

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fwww.w88w981.com&site=60004665&env=prod HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:13 GMT
content-type: text/html
last-modified: Thu, 03 Nov 2022 22:00:32 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sat, 18 Nov 2023 20:35:13 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2

www.w88w981.com/_static/_script/jquery.linkselect.min.js

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/_script/jquery.linkselect.min.js
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/_script/jquery.linkselect.min.js HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da23b22b511-OSL
cache-control: max-age=14400
etag: W/"087ad5a43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:18 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HwgFz7d1NreAHNnevlbZPu54jK0ymthG8nI6BH5TRAmeKUgoxoWSLPm1cUMwZFeiKSi4W47228RY76GKtLZVv44cttkEkcSb0PdC4yz0CdUBYkn9xnNqfHd75VDU7yKJ%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/js/line.messenger.js?0.0.911

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/js/line.messenger.js?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_static/js/line.messenger.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da25b54b511-OSL
cache-control: max-age=14400
etag: W/"0e7198c99ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:46 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmD7dMXoXhfXwrUp4sUlQUQ1wLXryqbM65XU1WasvrzrM3a4fRtZrfkczOLfmsQA%2B7RyrnKcxgkHmccNLNl4LgjQtOU%2FPEsqO5ft5O%2BxbrMOS1cjOrFnSroUkVnvbdtHpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/js/common.helper.js?0.0.911

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/js/common.helper.js?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/js/common.helper.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da24b27b511-OSL
cache-control: max-age=14400
etag: W/"0af356fa5f4d81:0"
last-modified: Thu, 10 Nov 2022 01:40:38 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8eQQHWQinxQsKPgKxrBhMFNbNhg4jnVgjrRWZMK9gApjxKaE9cYT0zqax9j1nLIyXOZ%2FcnH5IWocIHNhH2SFlTcZJFz3GECqcBs0qOUQ%2Fv8hnJe3TZ3uJXsA2b1B2AOVhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/js/register.modal.js?0.0.911

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/js/register.modal.js?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_static/js/register.modal.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da25b56b511-OSL
cache-control: max-age=14400
etag: W/"0af356fa5f4d81:0"
last-modified: Thu, 10 Nov 2022 01:40:38 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pgwqhBLr5E53S%2BtYsVs4JMuBbxqEbnc6s9RIFm%2BXh%2BZGpwXqOB%2BRn3NLcr4eXcJ1jjjobxsX3yteJsI7vyXZtvHQhHpgfs2ehnSYnT17gPbi70B5q3jG7OAKL4%2FgcHABQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/_script/gt4.js

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/_script/gt4.js
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/_script/gt4.js HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da24b47b511-OSL
cache-control: max-age=14400
etag: W/"06248699ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:36 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6y6S%2Fqt%2B%2BHwiEhmxEo8sq1B7AMYz1DXU03K33lpTL0%2FDJAz2BWaDHgBDqlwGqetVfMNmMmEgTADUtSx8uEK50pk2tnHOgha4swJMH69MiHfqMQVaNqAwav9gfR0UJJmoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/_script/fingerprint2.min.js

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/_script/fingerprint2.min.js
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/_script/fingerprint2.min.js HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da35ce2b511-OSL
cache-control: max-age=14400
etag: W/"037d5d8e719d61:0"
last-modified: Fri, 24 Apr 2020 03:24:22 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cpCeyZGvHlKiOKeNGLCTQa0Rsqs%2Bdmva9ZGYiGAwbKyJEDhFACUetN8elZkffC9KqRe%2BXC5jUx93y9As2GNmhDGP8uWXk0t5O84inRq%2FaFp1vSePuD5NVLbVpLuB2MEjWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_secure/ajax/api/sftp/home/btm/grey/en-us/N

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_secure/ajax/api/sftp/home/btm/grey/en-us/N
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_secure/ajax/api/sftp/home/btm/grey/en-us/N HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer OElWYW1NVTJsMU02UG5NdWFCc2RkNlVjcDhSTHpaazhxbW1CUVpvYlJxTUFkSitPM1Avc2t4NW0zR3Q3MlhPRkpCMy9WZm82ZlB4dElrWlQ3SXZaSG0yMHAzWTlwVE9BYlFkaHp0TFlTcTBSRUp0UmRsNGxVSDNoN1RUUit4a2w=
X-Requested-With: XMLHttpRequest
Request-Id: |49167c3dc3504342aabd28f49430feb0.28ac91ecd3de4192
traceparent: 00-49167c3dc3504342aabd28f49430feb0-28ac91ecd3de4192-01
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: application/json; charset=utf-8
cf-ray: 76c37dae6daeb511-OSL
cache-control: private
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
request-context: appId=cid-v1:befc641a-1b45-4261-8b4f-ca637b9caad0
svr: 07
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7mFIYZqIu05Ex3yGdoJ12fvpeCKhP0Ur9ROw2PTce3v5pYPXrf1iLsDMMNBtxT67u1JNSb7Xa%2BKivO0vqlK6t1zcXA2ciCcNi3PvG0BfHBCrGLgaHhBwcYW6WIAxv4NHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

lptag.liveperson.net/lptag/api/account/60004665/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3

178.249.101.23

200 OK

0 B

URL HTTP/2
lptag.liveperson.net/lptag/api/account/60004665/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3
IP
178.249.101.23:0
ASN
#11054 LIVEPERSON

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /lptag/api/account/60004665/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:12 GMT
content-type: application/x-javascript
cache-control: public, max-age=630
server: ws
strict-transport-security: max-age=300; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: MISS
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

www.w88w981.com/_static/_css/icons.css?0.0.911

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/_css/icons.css?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_static/_css/icons.css?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: text/css
cf-ray: 76c37da23b19b511-OSL
cache-control: max-age=14400
etag: W/"03299cb2dd9d81:0"
last-modified: Thu, 06 Oct 2022 02:46:12 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BT9CqMFDj6FZzfsTZSGvJMH%2BAw735TVdDtfyu1xqJAAgs00e2zg7ql%2B149yeBWZR2gT5ut%2FKC9KTcVl7dkm1s0qrmFpdVKRB60O8picFuK2R5dYiNv5FUejrXJLZmSVnAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/svg/grey/announcement-notif-right.svg

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/svg/grey/announcement-notif-right.svg
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/svg/grey/announcement-notif-right.svg HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/_static/_css/icons.css?0.0.911
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z; clientIp=91.90.42.154; ai_session=YvtLmJSUPX+wIkHQCMK4tc|1668803707751|1668803707751
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: image/svg+xml
cf-ray: 76c37db13a21b511-OSL
cache-control: max-age=14400
etag: W/"0dabeddfd47d81:0"
last-modified: Mon, 04 Apr 2022 08:27:48 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1pljjqyY7PHy0OMqanVVf9SEz29CsHwKcOdhyKDmKM2pX16ADJxx9WofFrfHIG%2BN3lwQic%2FhtxgqQU2y1aqKDKl3yOMAN81Y%2BUswPJSd4FllyFl4roYMpOVm9UqE259Tvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/_css/fonts.css?0.0.911

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/_css/fonts.css?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_static/_css/fonts.css?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: text/css
cf-ray: 76c37da23b1eb511-OSL
cache-control: max-age=14400
etag: W/"0b377542efad81:0"
last-modified: Thu, 17 Nov 2022 02:43:10 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QjKQ9ta32F5QEkARXvB%2F9Eu2FBoLavWXoFaxqsEH5cm%2B%2BPwMn1dxMbqBTRY5P580XfnueFeDVTnx%2BtFaaox5CrMv4B13hdZchIrYd5PyiNX1AaMVxkZHGJ0gq4BqGl0QpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/js/two-fa.js?0.0.911

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/js/two-fa.js?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/js/two-fa.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da24b3cb511-OSL
cache-control: max-age=14400
etag: W/"0af356fa5f4d81:0"
last-modified: Thu, 10 Nov 2022 01:40:38 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bc%2B6z1qSWwg1iuD8Ca8EuDC8uMHFcgIG9%2FGBEw9def7t0m5nR8HceFyMF4qLzzSci6LxYUEtPt5jNJ4rDsR7taeI%2FWFhq6lhrn33Qn7kmYmPslNsIpoSiprDxaLalIY0MA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/_css/jquery.linkselect/jquery.linkselect.style.select.css

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/_css/jquery.linkselect/jquery.linkselect.style.select.css
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_static/_css/jquery.linkselect/jquery.linkselect.style.select.css HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: text/css
cf-ray: 76c37da23b0eb511-OSL
cache-control: max-age=14400
etag: W/"087ad5a43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:18 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=neyg2epOJ00CErmRwRU8W4AUFSSKaP7ui5PjoRKF8LAujlgQboOzBOy3zFKFpXsi4haZAwD3ays3XFpESTBAKUpcmOFy8XUY%2FZQNAgJRZrDXFy2s3247VnALM3FAEXjDTA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/_css/main.login.css?0.0.911

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/_css/main.login.css?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/_css/main.login.css?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: text/css
cf-ray: 76c37da23b1bb511-OSL
cache-control: max-age=14400
etag: W/"06248699ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:36 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajuHK1nRFukRVlypvDoXnKsCfVaahNnFIwHOfrfcsPL%2BkIex4YVUgH2svn6n9nTgSYGffdEukfA%2BxCaESKFWfTcCQwQREMgK%2BN23wM%2BmVv05dSS%2FQAa4fQxKjDe8nNTHVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/_css/img/favicon.ico

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/_css/img/favicon.ico
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_static/_css/img/favicon.ico HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z; clientIp=91.90.42.154; ai_session=YvtLmJSUPX+wIkHQCMK4tc|1668803707751|1668803707751; popup=6478
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:11 GMT
content-type: image/x-icon
cf-ray: 76c37db9bfdab511-OSL
access-control-allow-origin: *
cache-control: max-age=14400
etag: W/"087ad5a43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
svr: 01
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVeSqwJnsk2VsybQvJQgFcYbONDoL%2BHJ5EVn1a%2FEI0Ebga%2Fx6R%2FRWTH5n0cZUPbw%2BPzqiI8aCPh3fo9VAmC3GHHyG2oARMiA%2BF1lcMagaIUpTbYIyGNsyiDfRhz5SFd%2FzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/_css/input.css?0.0.911

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/_css/input.css?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_static/_css/input.css?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: text/css
cf-ray: 76c37da23b18b511-OSL
cache-control: max-age=14400
etag: W/"0d9f28499ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:34 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VHPozoqG%2FElbvNI%2FuwhToO%2FAwxOw3qO%2B0MchcWU7asgRezt7TWm%2Bi0e6KPfObV86SleKSdZqZfxQTYvNdZJSy2L48jQ1hZRqiT8MALduq0%2FkyRAx07O%2FmNwbZNjhfhClkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/_css/Main.css?0.0.911

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/_css/Main.css?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/_css/Main.css?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: text/css
cf-ray: 76c37da23b07b511-OSL
cache-control: max-age=14400
etag: W/"0d9f28499ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:34 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IlsuuBOBz%2FR80CSiWQiJOYwyDVh6QS106zsK%2BkpKItIK0nRqVK9WdrFRRwcNbR4rExMvmi1%2BxFRAVHzKKiZanuC9dqq%2BrxeUdTsO9nTHjgv%2BX%2FmMf4fYTwB%2BTLNXNj8nyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/js/livechat.js?0.0.911

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/js/livechat.js?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_static/js/livechat.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da24b3db511-OSL
cache-control: max-age=14400
etag: W/"0e7198c99ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:46 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eYEmV2j1EVYmoHWkNfrZ8IraTx3clBYMRVJvvuCTQUu0CwVbiE%2BMn115jstPS3aSwhtZlYZhSjMjHU7INyP%2BKbrcnQ2QHo71pIsJ0%2Bx0YRjxwacz5nrvBzJ7g%2FaVzCu69w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/js/modal.js?0.0.911

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/js/modal.js?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_static/js/modal.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: application/javascript
cf-ray: 76c37da25b53b511-OSL
cache-control: max-age=14400
etag: W/"0e7198c99ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:46 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z2g3hbpkTKzMeYe2lhoEJ55NCmOT6eQcmC%2BUHN6QahNgd3W6PWma4nk%2F6oJOTM5UUvAsS8mRzfqjge3c3L6TTP9F0mCdtPUpb2heBk3xHxD1sUV%2FZvTt4wOTk0G%2BOiesQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/_script/jquery.idle.js

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/_script/jquery.idle.js
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/_script/jquery.idle.js HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da24b25b511-OSL
cache-control: max-age=14400
etag: W/"06248699ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:36 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QNgZ3hsBXKb0%2BSOa3NY1cyuTyf%2FVfq%2ByvCeJT%2F1v86rOL1bnlcPpRQIc0syGr%2FY1wKDzDozUyJOnWBmfwAyzg%2Fq6TN6cP0LsZf%2BuqpCJAo3JuRl%2BvlHVLx4qoqZ5YgafRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/plugins/jquery/knockout-3.5.0.js

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/plugins/jquery/knockout-3.5.0.js
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/plugins/jquery/knockout-3.5.0.js HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da24b2fb511-OSL
cache-control: max-age=14400
etag: W/"038b67343fbd51:0"
last-modified: Mon, 16 Mar 2020 03:32:00 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OrKhdc9QLvf%2F3zvHP6X%2FD3q43KfO%2FIZZNB1A%2BXsYbc%2F%2FZ%2F9BunAhnV%2BweCtJI1x%2FShhMYteDKy1YaNT00vUbmD9GduiC0NhhWIWCXcHWz3wlzkN8StgGFQzYtVs6g1SnKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/js/captcha-vendor.js?0.0.911

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/js/captcha-vendor.js?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_static/js/captcha-vendor.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da24b4db511-OSL
cache-control: max-age=14400
etag: W/"0e7198c99ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:46 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WaYoDz22XZxKurn16baXyeNvzwyWy7ABswdSvNRezlhCPB9zQdX9TFr0%2Bccq3P8UvISambE5cusvtSsNWOkOssyChqwOvQLG7%2FxCPKgvgXZMe4MDdjZI9on2qKu6WcWT2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/svg/grey/phone.svg

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/svg/grey/phone.svg
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/svg/grey/phone.svg HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/_static/_css/icons.css?0.0.911
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z; clientIp=91.90.42.154; ai_session=YvtLmJSUPX+wIkHQCMK4tc|1668803707751|1668803707751; popup=6478
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:11 GMT
content-type: image/svg+xml
cf-ray: 76c37db9e810b511-OSL
cache-control: max-age=14400
etag: W/"0dabeddfd47d81:0"
last-modified: Mon, 04 Apr 2022 08:27:48 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuX%2B8VnTnE23drjhvhQDnCtTGK6bMgOv7wFnoJo%2F102Yje%2BbbgfDIkYFvw0JaBls7EjVcYXysmme8fUYfmQ1NiapdsgimMCzjYCmwR4glLlIMcBB7mIhB3trlmdVQZciGg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/_css/menu.css?0.0.911

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/_css/menu.css?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/_css/menu.css?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: text/css
cf-ray: 76c37da23b12b511-OSL
cache-control: max-age=14400
etag: W/"06248699ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:36 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e7Mjcr3SWQuZmQmbB%2F97BSCFc%2BD8aF%2B14tEVA7bZUAiQU1bgZDK5zyX8iN6%2FW1EVsg2vCkl1aIEERD0u8GOwzQk7MFXcH5okjq1sUFkeiJSBBIZpKwg3xzu%2FlznPLb9Otw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/_css/custom.selectbox.css

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/_css/custom.selectbox.css
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_static/_css/custom.selectbox.css HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: text/css
cf-ray: 76c37da23b11b511-OSL
cache-control: max-age=14400
etag: W/"0d9f28499ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:34 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dSjlpPL8Kf9t1XYIEKMkmcfBEeUPXITzqW5DbDAVV7Fx1dFTHG%2B5I%2FEznF%2FB8lc3Mgj%2BLVCQk03sjFeC1BezHBMP7kr%2FnawUQLCchfNGt0LB2C1yflVyJqITJSq2oWnw1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/_script/jquery.carouFredSel.js

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/_script/jquery.carouFredSel.js
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/_script/jquery.carouFredSel.js HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da23b23b511-OSL
cache-control: max-age=14400
etag: W/"087ad5a43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:18 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=baNXY0SYe3pd58e6ejagz27UPMyapTDUiixyMI91yQjbKfl8rJ%2BQE%2FVO13maPVt1MvqAXWme1V5C2izrzlanTD56wzBVXVlsjR1rxw6o5JbthDnCCv9kcFJH4F50XvgSAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/js/crm.popup.js?0.0.911

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/js/crm.popup.js?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/js/crm.popup.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da24b37b511-OSL
cache-control: max-age=14400
etag: W/"0af356fa5f4d81:0"
last-modified: Thu, 10 Nov 2022 01:40:38 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8GbKlY%2BoIJL1%2FTzteyjgulfrUW%2FHtJ1WemVFo0Sq3dWhDn9i3T%2FVz%2BbFWCctEwmiMB1Qnlb4EQwC8WTLSCCIOcoGoZHMZB0uu55%2FDh7w31dLjcUarDxPD2seLbx0txkUZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/_css/mobile.download.css?0.0.911

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/_css/mobile.download.css?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/_css/mobile.download.css?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: text/css
cf-ray: 76c37da37d13b511-OSL
cache-control: max-age=14400
etag: W/"06248699ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:36 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 04
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sv%2Bb%2BUBtBq%2BJFXGbLSDGwWCADySE6aaC2eLV1pk05XM2f2zjOlG4JkpheUCpQaWkeX5NwbYNC6fYoUFCVtZ27pSePKUJN6Hm%2BHv4vMi6uTEe5loj529xG%2BKsWMTLBU5qZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

skynet.whiteproj.com/?timestamp=1668803706964&stage=PROD&eventName=pageTrack&language=en-us&page=www.w88w981.com&fingerprint=undefined&platform=WEB&spfid=23&p-av=0.0.911&from=home

104.26.1.184

200 OK

0 B

URL HTTP/2
skynet.whiteproj.com/?timestamp=1668803706964&stage=PROD&eventName=pageTrack&language=en-us&page=www.w88w981.com&fingerprint=undefined&platform=WEB&spfid=23&p-av=0.0.911&from=home
IP
104.26.1.184:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?timestamp=1668803706964&stage=PROD&eventName=pageTrack&language=en-us&page=www.w88w981.com&fingerprint=undefined&platform=WEB&spfid=23&p-av=0.0.911&from=home HTTP/1.1
Host: skynet.whiteproj.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.w88w981.com
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:10 GMT
content-type: text/html
last-modified: Wed, 18 Mar 2020 03:38:33 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS, PUT
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
app-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=smADBoQ3F0qSnHa2Niuolxeq8EAfnMlDPDoY3QoJhJ2AtUf6vZvOrOsnvb5dQEjlMSxgqk4j8BWVU6z77uy1rm7%2B4Y5weKs323WhWbU1tN9Fhpq9XGQWfB7hA8NbRMDFFtNdpJa7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76c37dad3ee1b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.w88w981.com/_static/svg/grey/skype.svg

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/svg/grey/skype.svg
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/svg/grey/skype.svg HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/_static/_css/icons.css?0.0.911
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0; ai_user=68TgqYBFlWryXXPoKIwQ+b|2022-11-18T20:35:07.072Z; clientIp=91.90.42.154; ai_session=YvtLmJSUPX+wIkHQCMK4tc|1668803707751|1668803707751; popup=6478
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:11 GMT
content-type: image/svg+xml
cf-ray: 76c37db9e80db511-OSL
cache-control: max-age=14400
etag: W/"0dabeddfd47d81:0"
last-modified: Mon, 04 Apr 2022 08:27:48 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fAFdIVmFpEGA3%2BY4esbb6z8JN47QO%2BVVZa3YEGUQ73uLDgvLgBJ%2F3MnDVd6D2RfxOX6tO4jon4JHEk8HYbdZrMBlPwxCouc%2FxXMMpHxec1bND9nT3j0HgUFbXqsqTquZbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/UMSClientAPI.min.js?version=10.23.0.0-release_5549

178.249.97.98

200 OK

0 B

URL HTTP/2
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/UMSClientAPI.min.js?version=10.23.0.0-release_5549
IP
178.249.97.98:0
ASN
#11054 LIVEPERSON

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /le_unified_window/10.23.0.0-release_5549/UMSClientAPI.min.js?version=10.23.0.0-release_5549 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:12 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 22:03:24 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sat, 18 Nov 2023 20:35:12 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2

www.w88w981.com/_static/_css/sprite.css?0.0.911

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/_css/sprite.css?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/_css/sprite.css?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: text/css
cf-ray: 76c37da23b0ab511-OSL
cache-control: max-age=14400
etag: W/"0f93e5e9f4d81:0"
last-modified: Thu, 10 Nov 2022 09:44:26 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Z5NwLUqwAhBYQn%2BU0q1FSCWIJHdE9KtL9uRYyXvfCs6WLaTdiSD9C72Edw1PGun%2Bh3kI0TbPuF5SgQvmCjGTni4%2Bw1IA8eAR8z%2B3I7c8Aik87tyivCir7uIUATWekNcaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/_css/main.modal.css?0.0.911

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/_css/main.modal.css?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/_css/main.modal.css?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: text/css
cf-ray: 76c37da23b1db511-OSL
cache-control: max-age=14400
etag: W/"06248699ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:36 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wn2ETWUBgTGGunEikEi%2Bbclehg4PLHoUe6Kj1tkAl4oujJWsfIC3Va0wtkKyhTY43OdqU9wZL0QqN0FcehWc3aBPuCnABhZRQPgsWX97OZnxX3NncYVJ1lF9qStKvv%2F%2FTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/js/custom.selectbox.js

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/js/custom.selectbox.js
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/js/custom.selectbox.js HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da23b24b511-OSL
cache-control: max-age=14400
etag: W/"0e7198c99ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:46 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SR7cabYMwWHBWyjSjyhzldx03gO4rfu5jsOLNQBP25NLHVaynJK4eUBIsXtK6fRZ8Z52N4t%2B0Apex9RTiOJwZb0A2ebJn0VTLMoAM1PBYsS%2FAk4zAfUNZh16kxa4xvEk3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_secure/ajax/api/menu/header/en-us/

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_secure/ajax/api/menu/header/en-us/
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_secure/ajax/api/menu/header/en-us/ HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer OElWYW1NVTJsMU02UG5NdWFCc2RkNlVjcDhSTHpaazhxbW1CUVpvYlJxTUFkSitPM1Avc2t4NW0zR3Q3MlhPRkpCMy9WZm82ZlB4dElrWlQ3SXZaSG0yMHAzWTlwVE9BYlFkaHp0TFlTcTBSRUp0UmRsNGxVSDNoN1RUUit4a2w=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: application/json; charset=utf-8; =utf-8
cf-ray: 76c37daa4f99b511-OSL
cache-control: private
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
cache-src: red
request-context: appId=cid-v1:befc641a-1b45-4261-8b4f-ca637b9caad0
svr: 07
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uYjbXGFP8N%2FJt2tc3ghcf4d%2ByOZgSTEFzDdbEQrFU8hM2jP1KKtzPiTHZk%2BarH86MxusvNQROtkNi8A3Sq2gifUQsMlUca9mKdAWMxzEiiLHdBh2QCsablZNlexNP0Uy%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/_css/bootstrap/bootstrap.min.css

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/_css/bootstrap/bootstrap.min.css
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_static/_css/bootstrap/bootstrap.min.css HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: text/css
cf-ray: 76c37da22b06b511-OSL
cache-control: max-age=14400
etag: W/"087ad5a43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:18 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZC68n9dcpuDndc7Ohmde73DJwxlsdikUr1HrVFnqDmi3NbHxMVE1Jko9HLep4JKq8vROKNj%2BVhbb7RWeQCIGX7Zncx%2BQnqLMwgcsQ8tMyq2ugLKh3M3GzPcIxEnltpD6fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/_script/main.js?0.0.911

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/_script/main.js?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/_script/main.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da24b2ab511-OSL
cache-control: max-age=14400
etag: W/"0e4f38d84f9d81:0"
last-modified: Wed, 16 Nov 2022 06:27:52 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dYsqLR12kJdGrpqpHVg9JTzrBJVA%2FlWuwEB5B5pi03oHLbn%2FTf5WnqtJ6WXYcvC8HJYmdjLj2qgHbE9ifMe081F9tm7pVTVQY%2BAtaF%2FmGUP21az2%2FYcqoZtU1RqsLgrrHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/_script/combined.js

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/_script/combined.js
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/_script/combined.js HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da23b21b511-OSL
cache-control: max-age=14400
etag: W/"087ad5a43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:18 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 06
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYrCBcOYm2KQyNzZ%2FX%2FPtjhBuvcn%2BohHoonaII6KxgGEOz1xI6DBQRq2saDsVuXrC8vKUjWVOMQT%2FoB%2FQQ3pY15NCF%2FnORt3Y2k3hDAOpmRqs0sLiDTkE0DOd9tftT74SA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

accdn.lpsnmedia.net/api/account/60004665/configuration/setting/accountproperties/?cb=accountSettingsCB

178.249.101.99

200 OK

0 B

URL HTTP/2
accdn.lpsnmedia.net/api/account/60004665/configuration/setting/accountproperties/?cb=accountSettingsCB
IP
178.249.101.99:0
ASN
#11054 LIVEPERSON

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /api/account/60004665/configuration/setting/accountproperties/?cb=accountSettingsCB HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:12 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:24|g:60095400-0453-4bdb-bbcb-569a519a08fd; Max-Age=30; Expires=Fri, 18-Nov-2022 20:35:42 GMT; Path=/
ADRUM_BTa=R:24|g:60095400-0453-4bdb-bbcb-569a519a08fd|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Fri, 18-Nov-2022 20:35:42 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Fri, 18-Nov-2022 20:35:42 GMT; Path=/; Secure
ADRUM_BT1=R:24|i:2241585; Max-Age=30; Expires=Fri, 18-Nov-2022 20:35:42 GMT; Path=/
ADRUM_BT1=R:24|i:2241585|e:5; Max-Age=30; Expires=Fri, 18-Nov-2022 20:35:42 GMT; Path=/
vary: Accept
expires: Fri, 18 Nov 2022 20:36:12 GMT
x-envoy-upstream-service-time: 0
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/lpChatV3.min.js?version=10.23.0.0-release_5549

178.249.97.98

200 OK

0 B

URL HTTP/2
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/lpChatV3.min.js?version=10.23.0.0-release_5549
IP
178.249.97.98:0
ASN
#11054 LIVEPERSON

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /le_unified_window/10.23.0.0-release_5549/lpChatV3.min.js?version=10.23.0.0-release_5549 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:12 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 22:03:25 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sat, 18 Nov 2023 20:35:12 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2

www.w88w981.com/_static/_script/jquery.countdown.min.js?0.0.911

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/_script/jquery.countdown.min.js?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/_script/jquery.countdown.min.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da24b4eb511-OSL
cache-control: max-age=14400
etag: W/"087ad5a43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:18 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ZAjqccoZF3UkKppTVZTsF%2B0dFT7G7SfeIyPtx993igp0SFClkhBgr%2B7U%2F8TqOCj5oNyqIZJpdwDl0oWJySsj5fWC04o7oyoTEbbPz%2FV7DtJgcecQty705XkJgRmw%2BIYeA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/js/login-validator.js?0.0.911

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/js/login-validator.js?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/js/login-validator.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da24b49b511-OSL
cache-control: max-age=14400
etag: W/"0e7198c99ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:46 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hxg87olp20QOZ3p1Rtlu7Bf0vawmkG43mkoZcEM9Y%2BF3zINJ%2B2dYJACtXr2Z9Tyn127YpaV6OdIjpLnZ%2Fyov%2BegvjJZk%2Fc740L6%2BZ10cdRAKi7qQrfx3EdLFIfrTgzo%2B1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/_css/font.en-us.css?0.0.911

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/_css/font.en-us.css?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/_css/font.en-us.css?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: text/css
cf-ray: 76c37da23b20b511-OSL
cache-control: max-age=14400
etag: W/"0d9f28499ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:34 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 01
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmysgM3Ov4Ts%2BN1Fg%2BhWkhzUPENrwpfRu6xhtbpL2xoSfq%2BDkKy4kQL3xEX1iY%2BwpQaCm1kmg2Cmmze0g8pRSev8qlwHXdK8c8PxLO9XfV%2BL%2FAC03UhYtf2TXkKzAnf4FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/js/menu.js?0.0.911

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/js/menu.js?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/js/menu.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: application/javascript
cf-ray: 76c37da24b36b511-OSL
cache-control: max-age=14400
etag: W/"0e4f38d84f9d81:0"
last-modified: Wed, 16 Nov 2022 06:27:52 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 02
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kAK9c6tp2FRoSk4y0Br9CdC88bm1X0a4u%2ByWc4qJT414yo1NaQh4YaLTYNcvPFK%2B9V6tgdQHD4I4tQrIEydzmXlVc278YOIOhqLmEfPfHM7Xv3a0LvFsAzoAw8rmAMATTA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/svg/grey/cellphone.svg

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/svg/grey/cellphone.svg
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/svg/grey/cellphone.svg HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/_static/_css/icons.css?0.0.911
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: image/svg+xml
cf-ray: 76c37da9be9ab511-OSL
cache-control: max-age=14400
etag: W/"0dabeddfd47d81:0"
last-modified: Mon, 04 Apr 2022 08:27:48 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ECA7WHM3j%2FVkrM5OMd2GoW1ZlleHhc1AovngD4RtqbCRcKPTvQ9RWcA5R%2BRldyGKsMWosPdc7kliXTzlHq%2BwGfiWI4syq37hO7%2F2hyK%2FKmFy8r8lTCg7WiA%2BFinEIoqKcA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/_css/din-regular/stylesheet.css?0.0.911

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/_css/din-regular/stylesheet.css?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/_css/din-regular/stylesheet.css?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: text/css
cf-ray: 76c37da23b0bb511-OSL
cache-control: max-age=14400
etag: W/"087ad5a43fbd51:0"
last-modified: Mon, 16 Mar 2020 03:31:18 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 01
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a0i1XX17Y7AmnBQKOmxQGx6uqzqnQkBoyC0kuB%2BGGEOpXFUfvQbVkqmzFriQGEVxBWOe%2BqoUdpzUXQj7q90lWkJXCxDBD1ypL6pc1%2FkG2bGxGKtUQShi%2Fc3tiO2YZ5PP4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/cdn-cgi/apps/head/oHcadEuRzlBiLb4PI3HaIbQXY2w.js

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/cdn-cgi/apps/head/oHcadEuRzlBiLb4PI3HaIbQXY2w.js
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cdn-cgi/apps/head/oHcadEuRzlBiLb4PI3HaIbQXY2w.js HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: mwNyiXcQvcq1UkRjYudRXVR1ypMtrLwX9qU2vly1PfK/RHRoCMC7Lj61L6CFXiBfo7w90g94Ie8=
x-amz-request-id: F5RP7RE0NQCG5G8C
cache-control: public, max-age=31536000
last-modified: Fri, 25 Sep 2020 07:59:08 GMT
x-amz-version-id: tGe_AtM0toNKik8o7mlIIGmRNGH3QyKD
etag: W/"9dfca18425e6b0535d836b92479a76ab"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b34UKdFE6uKsz21mJm1xWvjDRUVzW7J%2BmITaHxBEoilsaaepEZR0z8K5UlDKLho1urmpm77i%2FfVO4%2Fie%2FMf5DLa%2B06XUz2ICYpZMzO7H1H2o8AVLhQgh7%2BHn1U%2BknbEpOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c37da22afab511-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/js/sftp.js?0.0.911

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/js/sftp.js?0.0.911
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/js/sftp.js?0.0.911 HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:07 GMT
content-type: application/javascript
cf-ray: 76c37da38d29b511-OSL
cache-control: max-age=14400
etag: W/"0e7198c99ccd81:0"
last-modified: Tue, 20 Sep 2022 02:34:46 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 04
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HMwIpyIAxedomwda%2BNLx%2BRnJFltCGJuPzZ8s53ynYW8075hvPinofjuqFAGmLS6dev6hsFuDBAzMS8aZPzmUJjc6mS14RWcwrv2qq6ApnnSFk1A8TblYrjbcp5XNI7O0jw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_static/message/404.html

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_static/message/404.html
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_static/message/404.html HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:08 GMT
content-type: text/html
cf-ray: 76c37da4ff40b511-OSL
last-modified: Tue, 06 Sep 2022 08:05:40 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding
cf-cache-status: DYNAMIC
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
svr: 07
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUilbBF8CrKakEQhAPVyyRrXKdl%2B8ZbjIpW63FmdKsWYhHUojg%2BUw5JRPFrFeH%2FO5akhQ33H%2FDmlmMqwquIM8i%2BtSNByFJ1zJsFXFV%2FmfkP%2BOCdvum534y9GFNQ0sN4HRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.w88w981.com/_secure/ajax/api/menu/fishing/en-us/

172.66.40.129

200 OK

0 B

URL HTTP/2
www.w88w981.com/_secure/ajax/api/menu/fishing/en-us/
IP
172.66.40.129:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_secure/ajax/api/menu/fishing/en-us/ HTTP/1.1
Host: www.w88w981.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer OElWYW1NVTJsMU02UG5NdWFCc2RkNlVjcDhSTHpaazhxbW1CUVpvYlJxTUFkSitPM1Avc2t4NW0zR3Q3MlhPRkpCMy9WZm82ZlB4dElrWlQ3SXZaSG0yMHAzWTlwVE9BYlFkaHp0TFlTcTBSRUp0UmRsNGxVSDNoN1RUUit4a2w=
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.w88w981.com/
Cookie: ASP.NET_SessionId=x1z21pj2o0vokm4t5uweis4u; language=en-us; color=grey; SERVERID=twmsweb107; fs-float=1; fingerprint=531e0abc63b0a3d92e656259ec49c2bc; W88Pushy=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 20:35:09 GMT
content-type: application/json; charset=utf-8
cf-ray: 76c37dac6a9db511-OSL
cache-control: private
strict-transport-security: max-age=31536000;includeSubDomains
cf-cache-status: DYNAMIC
access-control-expose-headers: Request-Context
request-context: appId=cid-v1:befc641a-1b45-4261-8b4f-ca637b9caad0
svr: 07
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iebb6uEFWcbfXDtnX3xP9NiAX8pG1p%2F0r31RHeserKH1m1l6kJwGXJ53oyCpboRCsA%2FC4EFGor3zayyJXJ4xBlLw3Z8T3%2Br4ta6YleY9RmtEQQf7hS%2BJFiGH6ORLOe5RIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (75)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations