www.win999win.com Open in urlscan Pro
157.185.170.144 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://win999win.com/
Effective URL:
https://www.win999win.com/en
Submission Tags: falconsandbox
Submission: On August 06 via api (August 6th 2024, 10:35:07 am UTC) from US — Scanned from US

Summary HTTP 112 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 35 IPs in 4 countries across 25 domains to perform 112 HTTP transactions. The main IP is 157.185.170.144, located in New York, United States and belongs to ML-1432-54994, CA. The main domain is www.win999win.com.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on April 22nd 2024. Valid for: a year.

This is the only time www.win999win.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 3	110.50.231.127 110.50.231.127	18018 (GAMEBUILD...) (GAMEBUILDERS-AS-PH Gamebuilders Inc.)
2 29	157.185.170.144 157.185.170.144	54994 (ML-1432-5...) (ML-1432-54994)
2	2607:f8b0:400... 2607:f8b0:400d:c0f::61	15169 (GOOGLE) (GOOGLE)
2	202.165.61.110 202.165.61.110	18018 (GAMEBUILD...) (GAMEBUILDERS-AS-PH Gamebuilders Inc.)
2	2001:4860:480... 2001:4860:4802:36::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c0f::9c	15169 (GOOGLE) (GOOGLE)
6	18.67.79.34 18.67.79.34	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:400d:c1d::66	15169 (GOOGLE) (GOOGLE)
1	52.84.18.89 52.84.18.89	16509 (AMAZON-02) (AMAZON-02)
1 3	45.54.49.5 45.54.49.5	63911 (NETACTUAT...) (NETACTUATE-AS-AP NetActuate)
1	185.167.164.45 185.167.164.45	198622 (ADFORM) (ADFORM)
2	2606:4700::68... 2606:4700::6812:1e1b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f00... 2a03:2880:f003:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:247... 2600:9000:2479:4000:c:7d55:b3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	172.67.175.82 172.67.175.82	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.191.82 172.67.191.82	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	100.29.180.185 100.29.180.185	14618 (AMAZON-AES) (AMAZON-AES)
1 2	68.67.179.153 68.67.179.153	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.225.10.227 104.225.10.227	36236 (NETACTUATE) (NETACTUATE)
1	64.233.180.97 64.233.180.97	15169 (GOOGLE) (GOOGLE)
1 3	185.84.60.20 185.84.60.20	198622 (ADFORM) (ADFORM)
1	13.224.214.103 13.224.214.103	16509 (AMAZON-02) (AMAZON-02)
8	2607:f740:e61... 2607:f740:e619::1	63911 (NETACTUAT...) (NETACTUATE-AS-AP NetActuate)
1	172.253.115.100 172.253.115.100	15169 (GOOGLE) (GOOGLE)
3	157.240.229.1 157.240.229.1	32934 (FACEBOOK) (FACEBOOK)
4	2a03:2880:f10... 2a03:2880:f103:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.79.118.14 52.79.118.14	16509 (AMAZON-02) (AMAZON-02)
1	185.167.164.49 185.167.164.49	198622 (ADFORM) (ADFORM)
1	104.225.10.226 104.225.10.226	36236 (NETACTUATE) (NETACTUATE)
4	157.240.229.35 157.240.229.35	32934 (FACEBOOK) (FACEBOOK)
19	52.78.8.111 52.78.8.111	16509 (AMAZON-02) (AMAZON-02)
2	157.185.160.33 157.185.160.33	54994 (ML-1432-5...) (ML-1432-54994)
1	2607:f8b0:400... 2607:f8b0:4004:c06::5f	15169 (GOOGLE) (GOOGLE)
2	23.45.181.163 23.45.181.163	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	45.60.12.120 45.60.12.120	19551 (INCAPSULA) (INCAPSULA)
112	35

3 110.50.231.127 (Philippines) 3 redirects

ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH)

win999win.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 157.185.170.144 (New York, United States) 2 redirects

ASN54994 (ML-1432-54994, CA)

www.win999win.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c0f::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 202.165.61.110 (Philippines)

ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH)

login.megasportcasino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0f::9c (Morganton, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.67.79.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-79-34.iad89.r.cloudfront.net

dk0tzorg7uge9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c1d::66 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.18.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-18-89.ord53.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.54.49.5 (United States) 1 redirects

ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US)
PTR: 5.49.54.45.ptr.anycast.net

radar.cedexis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.167.164.45 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1e1b (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.prdredir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtg.prdredir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2479:4000:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.175.82 (United States)

ASN13335 (CLOUDFLARENET, US)

adscool.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.191.82 (United States)

ASN13335 (CLOUDFLARENET, US)

rtgsystemsync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.29.180.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-29-180-185.compute-1.amazonaws.com

pixel.zprk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.179.153 (North Bergen, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.225.10.227 (Ashburn, United States)

ASN36236 (NETACTUATE, US)
PTR: 227.10.225.104.ptr.anycast.net

i2-bhsgkafrvyhbbeboejnwqtfyswmfpk.init.cedexis-radar.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.180.97 (United States)

ASN15169 (GOOGLE, US)
PTR: pe-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.84.60.20 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

asia.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
asia.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.214.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-103.phl50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f740:e619::1 (United States)

ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US)

rpt.cedexis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.115.100 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f100.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.229.1 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.79.118.14 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-79-118-14.ap-northeast-2.compute.amazonaws.com

dafabetcomasia.asia.frosmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.225.10.226 (Ashburn, United States)

ASN36236 (NETACTUATE, US)
PTR: 226.10.225.104.ptr.anycast.net

i1-j5-20-124-1-20200-1342837909-s.init.cedexis-radar.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.229.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-iad3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 52.78.8.111 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com

asia.frosmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.185.160.33 (Ashburn, United States)

ASN54994 (ML-1432-54994, CA)

cdn-sports.nextbet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.45.181.163 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-45-181-163.deploy.static.akamaitechnologies.com

aka-als.df-bet.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.60.12.120 (United States)

ASN19551 (INCAPSULA, US)

inc-www.dafalive88.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	win999win.com 5 redirects win999win.com www.win999win.com	1 MB
20	frosmo.com dafabetcomasia.asia.frosmo.com asia.frosmo.com — Cisco Umbrella Rank: 722016	133 KB
11	cedexis.com 1 redirects radar.cedexis.com — Cisco Umbrella Rank: 4858 rpt.cedexis.com — Cisco Umbrella Rank: 3415	25 KB
8	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	5 KB
6	cloudfront.net dk0tzorg7uge9.cloudfront.net	564 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	90 KB
4	adform.net 1 redirects s2.adform.net — Cisco Umbrella Rank: 8814 asia.adform.net — Cisco Umbrella Rank: 60937 c1.adform.net — Cisco Umbrella Rank: 1001	33 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	272 KB
2	df-bet.org aka-als.df-bet.org
2	nextbet.com cdn-sports.nextbet.com
2	cedexis-radar.net i2-bhsgkafrvyhbbeboejnwqtfyswmfpk.init.cedexis-radar.net i1-j5-20-124-1-20200-1342837909-s.init.cedexis-radar.net	2 KB
2	adnxs.com 1 redirects secure.adnxs.com — Cisco Umbrella Rank: 764	2 KB
2	rtgsystemsync.com rtgsystemsync.com	2 KB
2	adscool.net adscool.net — Cisco Umbrella Rank: 115140	3 KB
2	prdredir.com scripts.prdredir.com — Cisco Umbrella Rank: 59288 rtg.prdredir.com — Cisco Umbrella Rank: 99969	2 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1335 script.hotjar.com — Cisco Umbrella Rank: 2017	86 KB
2	google.com analytics.google.com — Cisco Umbrella Rank: 238
2	megasportcasino.com login.megasportcasino.com	5 KB
1	dafalive88.com inc-www.dafalive88.com
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	775 B
1	seadform.net asia.seadform.net — Cisco Umbrella Rank: 99516	457 B
1	zprk.io pixel.zprk.io — Cisco Umbrella Rank: 19690	462 B
1	matomo.cloud cdn.matomo.cloud — Cisco Umbrella Rank: 29612
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 252	247 B
112	25

	Domain	Requested by
29	www.win999win.com	2 redirects www.win999win.com
19	asia.frosmo.com	dk0tzorg7uge9.cloudfront.net
8	www.facebook.com
8	rpt.cedexis.com	radar.cedexis.com
6	dk0tzorg7uge9.cloudfront.net	www.win999win.com
5	connect.facebook.net	www.win999win.com connect.facebook.net
3	radar.cedexis.com	1 redirects radar.cedexis.com
3	www.google-analytics.com	www.win999win.com www.google-analytics.com www.googletagmanager.com
3	www.googletagmanager.com	www.win999win.com www.googletagmanager.com www.google-analytics.com
3	win999win.com	3 redirects
2	aka-als.df-bet.org	radar.cedexis.com
2	cdn-sports.nextbet.com	radar.cedexis.com
2	asia.adform.net	1 redirects
2	secure.adnxs.com	1 redirects
2	rtgsystemsync.com	www.googletagmanager.com rtgsystemsync.com
2	adscool.net	www.win999win.com adscool.net
2	analytics.google.com	www.googletagmanager.com
2	login.megasportcasino.com	www.win999win.com
1	inc-www.dafalive88.com	radar.cedexis.com
1	fonts.googleapis.com	dk0tzorg7uge9.cloudfront.net
1	i1-j5-20-124-1-20200-1342837909-s.init.cedexis-radar.net	radar.cedexis.com
1	asia.seadform.net
1	c1.adform.net	asia.adform.net
1	dafabetcomasia.asia.frosmo.com	dk0tzorg7uge9.cloudfront.net
1	script.hotjar.com	static.hotjar.com
1	i2-bhsgkafrvyhbbeboejnwqtfyswmfpk.init.cedexis-radar.net	radar.cedexis.com
1	rtg.prdredir.com
1	pixel.zprk.io
1	cdn.matomo.cloud	www.win999win.com
1	scripts.prdredir.com	www.googletagmanager.com
1	s2.adform.net	www.win999win.com
1	static.hotjar.com	www.win999win.com
1	stats.g.doubleclick.net	www.googletagmanager.com
112	33

This site contains links to these domains. Also see Links.

Domain
account.win999win.com
dafabet-partnership.com
www.promomenang.com
dfgameplay.com
dfplay888.com
twitter.com
www.youtube.com
www.dafabetaffiliates.com
www.jogadoresanonimos.org.br
www.dafabet.com

Subject Issuer	Validity	Valid
support13.cdnetworks.net GlobalSign RSA OV SSL CA 2018	`2024-04-22` - `2025-04-07`	a year	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.megasportcasino.com GeoTrust TLS RSA CA G1	`2024-03-01` - `2025-02-28`	a year	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
prdredir.com WE1	`2024-06-24` - `2024-09-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-15` - `2024-08-13`	3 months	crt.sh
cdn.matomo.cloud Amazon RSA 2048 M03	`2023-10-27` - `2024-11-23`	a year	crt.sh
adscool.net WE1	`2024-06-19` - `2024-09-17`	3 months	crt.sh
rtgsystemsync.com WE1	`2024-07-05` - `2024-10-03`	3 months	crt.sh
*.zprk.io Amazon RSA 2048 M03	`2023-09-19` - `2024-10-17`	a year	crt.sh
*.init.cedexis-radar.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-21` - `2025-02-20`	a year	crt.sh
radar.cedexis.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-29` - `2025-03-28`	a year	crt.sh
*.asia.frosmo.com E5	`2024-07-10` - `2024-10-08`	3 months	crt.sh
*.seadform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-08`	a year	crt.sh
*.nextbet.com GeoTrust TLS RSA CA G1	`2024-03-01` - `2025-02-28`	a year	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
df-bet.org R10	`2024-06-27` - `2024-09-25`	3 months	crt.sh
*.dafalive88.com GeoTrust TLS RSA CA G1	`2024-03-01` - `2025-02-28`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://www.win999win.com/en
Frame ID: 9AA8F2FC2BA6711628AE635D53C35021
Requests: 104 HTTP requests in this frame

Frame: https://dafabetcomasia.asia.frosmo.com/frosmo.xdm.html?24.51.0
Frame ID: 4D31C5F8C1A6813EBAF4AA08B1195C85
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?bt=0&uid=683281792579535459&agencyId=8910&advertiserId=2170253&src=tp&rnd=670673
Frame ID: 3F81DFCE9CC98EE945BFC6F07F161712
Requests: 1 HTTP requests in this frame

Frame: https://cdn-sports.nextbet.com/test/d17.html?rnd=1-1-20200-1-20200-47804-1203965508-_CgJqMRAUGHwiBggBEOidASjEnIy-BDDQ-Me1BjjQ-Me1BkCsjYXhAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vOD5ABAJgBAA
Frame ID: 0EB41FB246BC07898D18708583C8FC41
Requests: 1 HTTP requests in this frame

Frame: https://cdn-sports.nextbet.com/test/d17.html?rnd=0-1-20200-1-20200-47804-1203965508-_CgJqMRAUGHwiBggBEOidASjEnIy-BDDQ-Me1BjjQ-Me1BkCsjYXhAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vOD5ABAJgBAA
Frame ID: 2196D17DEB68CC4576DFAC16F5DC44B9
Requests: 1 HTTP requests in this frame

Frame: https://aka-als.df-bet.org/test/d17.html?rnd=1-1-20200-1-20200-47756-1203965508-_CgJqMRAUGHwiBggBEOidASjEnIy-BDDQ-Me1BjjQ-Me1BkCsjYXhAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vOD5ABAJgBAA
Frame ID: 565865CD22CB6997F16DCED9884BC6CD
Requests: 1 HTTP requests in this frame

Frame: https://aka-als.df-bet.org/test/d17.html?rnd=0-1-20200-1-20200-47756-1203965508-_CgJqMRAUGHwiBggBEOidASjEnIy-BDDQ-Me1BjjQ-Me1BkCsjYXhAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vOD5ABAJgBAA
Frame ID: 719228B3E7CD99544E864C26EFF72777
Requests: 1 HTTP requests in this frame

Frame: https://inc-www.dafalive88.com/en/promotions/sureroute.html?rnd=1-1-20200-1-20200-101264-1203965508-_CgJqMRAUGHwiBggBEOidASjEnIy-BDDQ-Me1BjjQ-Me1BkCsjYXhAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vOD5ABAJgBAA
Frame ID: F440B98B74C93F1A9092AC6E911060BC
Requests: 1 HTTP requests in this frame

Frame: https://inc-www.dafalive88.com/en/promotions/sureroute.html?rnd=0-1-20200-1-20200-101264-1203965508-_CgJqMRAUGHwiBggBEOidASjEnIy-BDDQ-Me1BjjQ-Me1BkCsjYXhAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vOD5ABAJgBAA
Frame ID: 2C30A23BC766D3813E8259B661D3D3AE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dafabet is The Most Secure Online Betting Company in Asia

Page URL History Show full URLs

http://win999win.com/ HTTP 307
https://win999win.com/ HTTP 301
https://www.win999win.com/ HTTP 302
https://www.win999win.com/en HTTP 307
http://win999win.com/ HTTP 301
https://win999win.com/ HTTP 301
https://www.win999win.com/ HTTP 302
https://www.win999win.com/en Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

112
Requests

96 %
HTTPS

29 %
IPv6

25
Domains

33
Subdomains

35
IPs

4
Countries

2615 kB
Transfer

5793 kB
Size

86
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://account.win999win.com/en/cant-login
Title: Can't login?

Search URL Search Domain Scan URL

URL: https://dafabet-partnership.com/

Search URL Search Domain Scan URL

URL: https://www.promomenang.com/sportsbook/app/en/#dafaowsports
Title: DAFA OW APP

Search URL Search Domain Scan URL

URL: https://www.promomenang.com/sportsbook/app/en/#dafasports
Title: DAFA SPORTS APP

Search URL Search Domain Scan URL

URL: https://dfgameplay.com/gjdnjr
Title: DafaAsia

Search URL Search Domain Scan URL

URL: https://dfplay888.com/gjdubr
Title: Dafabet Support

Search URL Search Domain Scan URL

URL: https://dafabet-partnership.com/#brand-ambassadors

Search URL Search Domain Scan URL

URL: https://twitter.com/dafabet
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TheDafabetChannel
Title: youtube

Search URL Search Domain Scan URL

URL: https://www.dafabetaffiliates.com/en
Title: Affiliates

Search URL Search Domain Scan URL

URL: http://www.jogadoresanonimos.org.br/
Title: Jogue com responsabilidade.

Search URL Search Domain Scan URL

URL: https://www.dafabet.com/pt/responsible-gaming
Title: Jogo Responsável

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://win999win.com/ HTTP 307
https://win999win.com/ HTTP 301
https://www.win999win.com/ HTTP 302
https://www.win999win.com/en HTTP 307
http://win999win.com/ HTTP 301
https://win999win.com/ HTTP 301
https://www.win999win.com/ HTTP 302
https://www.win999win.com/en Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://radar.cedexis.com/1/20200/radar.js HTTP 302
https://radar.cedexis.com/1707728419/radar.js

Request Chain 39

https://secure.adnxs.com/px?id=1766814&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1766814%26t%3D2

Request Chain 48

https://asia.adform.net/Serving/TrackPoint/?pm=3095779&ADFPageName=Dafabet%20All%20Pages&ADFdivider=%7C&ord=200043971843&ADFtpmode=2&loc=https%3A%2F%2Fwww.win999win.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=3095779&ADFPageName=Dafabet%20All%20Pages&ADFdivider=%7C&ord=200043971843&ADFtpmode=2&loc=https%3A%2F%2Fwww.win999win.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24

112 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request en Show response
www.win999win.com/
Redirect Chain

http://win999win.com/
https://win999win.com/
https://www.win999win.com/
https://www.win999win.com/en
http://win999win.com/
https://win999win.com/
https://www.win999win.com/
https://www.win999win.com/en

111 KB
40 KB

777ms
777ms

Document
text/html

157.185.170.144
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL

https://www.win999win.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

3df995887eb53a59cf2518528e5c2232100541f77fc7930f152cb5638fa479c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Language: en
Content-Type: text/html; charset=UTF-8
Date: Tue, 06 Aug 2024 10:34:54 GMT
Page-Cache: Hit
Server: PWS/8.3.1.0.8
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
Via: 1.1 PSmgnyNY3mk42:10 (W)
X-Frame-Options: deny
X-Px: ms PSmgnyNY3mk42JFK(origin)
X-Ws-Request-Id: 66b1fc4d_PSmgnyNY3aa36_43674-10804

Redirect headers

Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Tue, 06 Aug 2024 10:34:53 GMT
Location: /en
Server: PWS/8.3.1.0.8
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.0 PSmgnyNY3mk42:10 (W)
X-Px: ms PSmgnyNY3mk42JFK(origin)
X-Ws-Request-Id: 66b1fc4d_PSmgnyNY3aa36_43674-10784

GET
H/1.1 200
OK common.52a6941f046fba92b535d0fb9357a8bc.css
www.win999win.com/en/dafa/css/ 90 KB
17 KB 406ms
397ms Stylesheet
text/css 157.185.170.144
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL

https://www.win999win.com/en/dafa/css/common.52a6941f046fba92b535d0fb9357a8bc.css

Requested by

Host: www.win999win.com
URL: https://www.win999win.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

7f830154472627a3c6290881c786ec59ce96238bbb8a721e8349002d4e60f4d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.win999win.com/en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:34:55 GMT
Content-Encoding: gzip
Via: 1.1 PS-TPE-01qXz223:0 (W), 1.1 PSxgHK5dz198:7 (W), 1.1 PS-DFW-01ItT28:2 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 18 Jul 2024 07:11:52 GMT
Server: PWS/8.3.1.0.8
ETag: "6698c038-1667e"
Transfer-Encoding: chunked
X-Ws-Request-Id: 66b1fc4e_PSmgnyNY3aa36_43674-10820
Content-Type: text/css
Cache-Control: max-age=31536000, public
X-Px: ms PSmgnyNY3mk42JFK,ms PS-DFW-01ItT28DFW,ms PSxgHK5dz198HKG,ms PS-TPE-01qXz223TPE(origin)
Connection: keep-alive
Accept-Ranges: bytes
Expires: Wed, 06 Aug 2025 10:34:55 GMT

GET
H/1.1 200
OK home.816cbee270a3f8dd704b9552a16aa39c.css
www.win999win.com/en/css/ 57 KB
11 KB 637ms
387ms Stylesheet
text/css 157.185.170.144
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL

https://www.win999win.com/en/css/home.816cbee270a3f8dd704b9552a16aa39c.css

Requested by

Host: www.win999win.com
URL: https://www.win999win.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

9450251542f5c3ff7355bbd37c6b4c97e5ae5f0a291cfb91765694dd93267ff3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.win999win.com/en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:34:55 GMT
Content-Encoding: gzip
Via: 1.1 PS-TPE-01qXz223:0 (W), 1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Fri, 19 Jul 2024 08:19:53 GMT
Server: PWS/8.3.1.0.8
ETag: "669a21a9-e26a"
Transfer-Encoding: chunked
X-Ws-Request-Id: 66b1fc4e_PSmgnyNY3aa36_44991-5785
Content-Type: text/css
Cache-Control: max-age=31536000, public
X-Px: ms PSmgnyNY3mk42JFK,ms PSmgdfDEN1rj88DEN,ms PSxgHK5dz198HKG,ms PS-TPE-01qXz223TPE(origin)
Connection: keep-alive
Accept-Ranges: bytes
Expires: Wed, 06 Aug 2025 10:34:55 GMT

GET
H/1.1 200
OK default_image.52a6941f046fba92b535d0fb9357a8bc.png
www.win999win.com/en/dafa/images/ 593 B
1 KB 1083ms
831ms Image
image/png 157.185.170.144
ML-1432-54994

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.win999win.com/en/dafa/images/default_image.52a6941f046fba92b535d0fb9357a8bc.png

Requested by

Host: www.win999win.com
URL: https://www.win999win.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

180109f8f37c833e1f965c5662f54e73b3e1291117a3c7fa320dab4ae7727dcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.win999win.com/en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:34:55 GMT
Via: 1.1 PS-TPE-01qXz223:0 (W), 1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 18 Jul 2024 07:11:52 GMT
Server: PWS/8.3.1.0.8
ETag: "6698c038-251"
X-Ws-Request-Id: 66b1fc4e_PSmgnyNY3aa36_44251-26203
Content-Type: image/png
Cache-Control: max-age=31536000, public
X-Px: ms PSmgnyNY3mk42JFK,ms PSmgdfDEN1rj88DEN,ms PSxgHK5dz198HKG,ms PS-TPE-01qXz223TPE(origin)
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 593
Expires: Wed, 06 Aug 2025 10:34:55 GMT

GET
H/1.1 200
OK loader.gif
www.win999win.com/en/images/ 25 KB
25 KB 609ms
358ms Image
image/gif 157.185.170.144
ML-1432-54994

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.win999win.com/en/images/loader.gif

Requested by

Host: www.win999win.com
URL: https://www.win999win.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

1255cfe05d68366b2f1784987c772a817da92099f4922498a445f8768c52a710

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.win999win.com/en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:34:55 GMT
Via: 1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Tue, 09 Jul 2024 07:05:28 GMT
Server: PWS/8.3.1.0.8
ETag: "668ce138-6240"
X-Ws-Request-Id: 66b1fc4e_PSmgnyNY3aa36_42032-22008
Content-Type: image/gif
Cache-Control: max-age=31536000, public
X-Px: ms PSmgnyNY3mk42JFK,ms PSmgdfDEN1rj88DEN,ht PSxgHK5dz198HKG
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25152
Expires: Wed, 06 Aug 2025 10:34:55 GMT

GET
H/1.1 200
OK 1920x150_en-eu.jpg
www.win999win.com/en/2024-07/ 196 KB
197 KB 1052ms
801ms Image
image/jpeg 157.185.170.144
ML-1432-54994

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.win999win.com/en/2024-07/1920x150_en-eu.jpg

Requested by

Host: www.win999win.com
URL: https://www.win999win.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

bdb6ddca3d50cf396d4405cae018178d212a8221fa120550babc712fdf94d463

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.win999win.com/en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:34:55 GMT
Via: 1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Fri, 19 Jul 2024 08:14:50 GMT
Server: PWS/8.3.1.0.8
ETag: "669a207a-311a7"
X-Ws-Request-Id: 66b1fc4e_PSmgnyNY3aa36_44300-11294
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
X-Px: ms PSmgnyNY3mk42JFK,ms PSmgdfDEN1rj88DEN,ht PSxgHK5dz198HKG
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 201127
Expires: Wed, 06 Aug 2025 10:34:55 GMT

GET
H/1.1 200
OK Games%20573x337.jpg
www.win999win.com/en/2024-07/ 97 KB
98 KB 559ms
165ms Image
image/jpeg 157.185.170.144
ML-1432-54994

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.win999win.com/en/2024-07/Games%20573x337.jpg

Requested by

Host: www.win999win.com
URL: https://www.win999win.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

07cca08aa80ee4a07c441e3df70052eaf04dece1af5faa4beb3f0a64bed14226

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

Referer: https://www.win999win.com/en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:34:55 GMT
Via: 1.1 PS-TPE-01TU5222:5 (W), 1.1 PSxgHK5yp199:12 (W), 1.1 PS-DFW-01ItT28:2 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Tue, 16 Jul 2024 08:26:20 GMT
Server: PWS/8.3.1.0.8
ETag: "66962eac-18527"
X-Frame-Options: deny
X-Ws-Request-Id: 66b1fc4f_PSmgnyNY3aa36_43674-10827
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
X-Px: ms PSmgnyNY3mk42JFK,ht PS-DFW-01ItT28DFW
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 99623
Expires: Wed, 06 Aug 2025 10:34:55 GMT

GET
H/1.1 200
OK casino-resize-573x337_0.jpg
www.win999win.com/en/2024-07/ 99 KB
100 KB 217ms
167ms Image
image/jpeg 157.185.170.144
ML-1432-54994

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.win999win.com/en/2024-07/casino-resize-573x337_0.jpg

Requested by

Host: www.win999win.com
URL: https://www.win999win.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

4f21d8615d3335ef138f4cba56ba1b593964dc1faca6c927d2b79f72dc1c01cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

Referer: https://www.win999win.com/en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:34:55 GMT
Via: 1.1 PS-TPE-01TU5222:10 (W), 1.1 PSxgHK5dz198:11 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Tue, 16 Jul 2024 08:29:04 GMT
Server: PWS/8.3.1.0.8
ETag: "66962f50-18db9"
X-Frame-Options: deny
X-Ws-Request-Id: 66b1fc4f_PSmgnyNY3aa36_43674-10833
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
X-Px: ms PSmgnyNY3mk42JFK,ht PSmgdfDEN1rj88DEN
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 101817
Expires: Wed, 06 Aug 2025 10:34:55 GMT

GET
H/1.1 200
OK livedealer-resize-573x337.jpg
www.win999win.com/en/2024-07/ 177 KB
178 KB 504ms
353ms Image
image/jpeg 157.185.170.144
ML-1432-54994

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.win999win.com/en/2024-07/livedealer-resize-573x337.jpg

Requested by

Host: www.win999win.com
URL: https://www.win999win.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

e9ae28e34ba985057a08b71feb1556be602ece965b741234b757b85e400321c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.win999win.com/en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:34:55 GMT
Via: 1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Tue, 16 Jul 2024 08:28:05 GMT
Server: PWS/8.3.1.0.8
ETag: "66962f15-2c424"
X-Ws-Request-Id: 66b1fc4f_PSmgnyNY3aa36_44991-5800
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
X-Px: ms PSmgnyNY3mk42JFK,ms PSmgdfDEN1rj88DEN,ht PSxgHK5dz198HKG
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 181284
Expires: Wed, 06 Aug 2025 10:34:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 231 KB
76 KB 386ms
139ms Script
application/javascript 2607:f8b0:400d:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TQD7V7Q

Requested by

Host: www.win999win.com
URL: https://www.win999win.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0f::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5568709dc3edbbdf0bbc30a2079611b358fa900f58ec14a756daaeee9c37a8f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 10:34:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77823
x-xss-protection: 0
last-modified: Tue, 06 Aug 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 06 Aug 2024 10:34:55 GMT

GET
H/1.1 200
OK es5.min.js Show response
www.win999win.com/en/dafa/js/ 11 KB
4 KB 576ms
352ms Script
application/javascript 157.185.170.144
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL

https://www.win999win.com/en/dafa/js/es5.min.js

Requested by

Host: www.win999win.com
URL: https://www.win999win.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

ac3d45538ffdd87732763521ea21e1f9695551d5c8a1b506935fb9bbc5253bfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.win999win.com/en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:34:55 GMT
Content-Encoding: gzip
Via: 1.1 PSxgHK5dz198:7 (W), 1.1 PS-DFW-01ItT28:2 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 08 Jul 2024 06:56:37 GMT
Server: PWS/8.3.1.0.8
ETag: "668b8da5-2b85"
Transfer-Encoding: chunked
X-Ws-Request-Id: 66b1fc4e_PSmgnyNY3aa36_41758-16674
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
X-Px: ms PSmgnyNY3mk42JFK,ms PS-DFW-01ItT28DFW,ht PSxgHK5dz198HKG
Connection: keep-alive
Accept-Ranges: bytes
Expires: Wed, 06 Aug 2025 10:34:55 GMT

GET
H/1.1 200
OK integration.js.php Show response
www.win999win.com/jswrapper/ 45 KB
12 KB 325ms
324ms Script
application/javascript 157.185.170.144
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL

https://www.win999win.com/jswrapper/integration.js.php?casino=dafa888&min=1

Requested by

Host: www.win999win.com
URL: https://www.win999win.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

2b540d3b5cadb4b549a559969e75bb91092574a6c756007ee4854456c2770c7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.win999win.com/en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:34:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 PSmgnyNY3mk42:10 (W)
Server: PWS/8.3.1.0.8
X-Cache-Status: HIT
Transfer-Encoding: chunked
X-Ws-Request-Id: 66b1fc4f_PSmgnyNY3aa36_41758-16680
Content-Language: en-US
Content-Type: application/javascript
Cache-Control: no-cache
X-Px: ms PSmgnyNY3mk42JFK(origin)
Connection: keep-alive
Expires: Tue, 06 Aug 2024 10:49:55 GMT

GET
H/1.1 200
OK manifest.816cbee270a3f8dd704b9552a16aa39c.bundle.js Show response
www.win999win.com/en/js/ 1 KB
2 KB 359ms
358ms Script
application/javascript 157.185.170.144
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL

https://www.win999win.com/en/js/manifest.816cbee270a3f8dd704b9552a16aa39c.bundle.js

Requested by

Host: www.win999win.com
URL: https://www.win999win.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

fd189b75930b5891de5d6be7bd5de3edc41f3faf8e7ec22299fde3c157a5038d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

Referer: https://www.win999win.com/en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:34:55 GMT
Via: 1.1 PS-TPE-01TU5222:6 (W), 1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Fri, 19 Jul 2024 08:19:53 GMT
Server: PWS/8.3.1.0.8
ETag: "669a21a9-5a7"
X-Frame-Options: deny
X-Ws-Request-Id: 66b1fc4f_PSmgnyNY3aa36_42032-22016
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
X-Px: ms PSmgnyNY3mk42JFK,ms PSmgdfDEN1rj88DEN,ht PSxgHK5dz198HKG
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1447
Expires: Wed, 06 Aug 2025 10:34:55 GMT

GET
H/1.1 200
OK vendor.816cbee270a3f8dd704b9552a16aa39c.bundle.js Show response
www.win999win.com/en/js/ 107 KB
35 KB 167ms
167ms Script
application/javascript 157.185.170.144
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL

https://www.win999win.com/en/js/vendor.816cbee270a3f8dd704b9552a16aa39c.bundle.js

Requested by

Host: www.win999win.com
URL: https://www.win999win.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

a733d21fc6d59ac3de5f51290f2fc0aabaff13804501178c3f9297860def8311

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.win999win.com/en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:34:55 GMT
Content-Encoding: gzip
Via: 1.1 PS-TPE-01TU5222:8 (W), 1.1 dianxun231:4 (W), 1.1 PS-DFW-01ItT28:2 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Fri, 19 Jul 2024 08:19:53 GMT
Server: PWS/8.3.1.0.8
ETag: "669a21a9-1acc4"
Transfer-Encoding: chunked
X-Ws-Request-Id: 66b1fc4f_PSmgnyNY3aa36_44991-5796
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
X-Px: ms PSmgnyNY3mk42JFK,ht PS-DFW-01ItT28DFW
Connection: keep-alive
Accept-Ranges: bytes
Expires: Wed, 06 Aug 2025 10:34:55 GMT

GET
H/1.1 200
OK common.52a6941f046fba92b535d0fb9357a8bc.bundle.js Show response
www.win999win.com/en/dafa/js/ 271 KB
75 KB 172ms
172ms Script
application/javascript 157.185.170.144
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL

https://www.win999win.com/en/dafa/js/common.52a6941f046fba92b535d0fb9357a8bc.bundle.js

Requested by

Host: www.win999win.com
URL: https://www.win999win.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

189809272214325b7221ac7da3641ec69dd844cc43ce5ad73a428bf1a4e9b37b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

Referer: https://www.win999win.com/en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:34:55 GMT
Content-Encoding: gzip
Via: 1.1 PS-TPE-01TU5222:9 (W), 1.1 dianxun231:13 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
X-Px: ms PSmgnyNY3mk42JFK,ht PSmgdfDEN1rj88DEN
Connection: keep-alive
Last-Modified: Thu, 18 Jul 2024 07:11:52 GMT
Server: PWS/8.3.1.0.8
ETag: "6698c038-43cbf"
X-Frame-Options: deny
X-Ws-Request-Id: 66b1fc4f_PSmgnyNY3aa36_42032-22034
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Expires: Wed, 06 Aug 2025 10:34:55 GMT

GET
H/1.1 200
OK home.816cbee270a3f8dd704b9552a16aa39c.bundle.js Show response
www.win999win.com/en/js/ 32 KB
8 KB 386ms
386ms Script
application/javascript 157.185.170.144
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL

https://www.win999win.com/en/js/home.816cbee270a3f8dd704b9552a16aa39c.bundle.js

Requested by

Host: www.win999win.com
URL: https://www.win999win.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

b9d21261ceee8c27f95bd6d11a993bbdba6a3ebf6d00d4c952273cc2278e7e6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.win999win.com/en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:34:56 GMT
Content-Encoding: gzip
Via: 1.1 PS-TPE-01qXz223:0 (W), 1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Fri, 19 Jul 2024 08:19:53 GMT
Server: PWS/8.3.1.0.8
ETag: "669a21a9-7f03"
Transfer-Encoding: chunked
X-Ws-Request-Id: 66b1fc4f_PSmgnyNY3aa36_44251-26221
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
X-Px: ms PSmgnyNY3mk42JFK,ms PSmgdfDEN1rj88DEN,ms PSxgHK5dz198HKG,ms PS-TPE-01qXz223TPE(origin)
Connection: keep-alive
Accept-Ranges: bytes
Expires: Wed, 06 Aug 2025 10:34:56 GMT

GET
H/1.1 200
OK default_image.816cbee270a3f8dd704b9552a16aa39c.png
www.win999win.com/en/promotions/images/ 593 B
1 KB 661ms
382ms Image
image/png 157.185.170.144
ML-1432-54994

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.win999win.com/en/promotions/images/default_image.816cbee270a3f8dd704b9552a16aa39c.png

Requested by

Host: www.win999win.com
URL: https://www.win999win.com/en/css/home.816cbee270a3f8dd704b9552a16aa39c.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

180109f8f37c833e1f965c5662f54e73b3e1291117a3c7fa320dab4ae7727dcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.win999win.com/en/css/home.816cbee270a3f8dd704b9552a16aa39c.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:34:55 GMT
Via: 1.1 PS-TPE-01qXz223:0 (W), 1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Fri, 19 Jul 2024 08:19:53 GMT
Server: PWS/8.3.1.0.8
ETag: "669a21a9-251"
X-Ws-Request-Id: 66b1fc4f_PSmgnyNY3aa36_43674-10836
Content-Type: image/png
Cache-Control: max-age=31536000, public
X-Px: ms PSmgnyNY3mk42JFK,ms PSmgdfDEN1rj88DEN,ms PSxgHK5dz198HKG,ms PS-TPE-01qXz223TPE(origin)
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 593
Expires: Wed, 06 Aug 2025 10:34:55 GMT

GET
H/1.1 200
OK sprite.52a6941f046fba92b535d0fb9357a8bc.png
www.win999win.com/en/dafa/images/ 206 KB
207 KB 640ms
383ms Image
image/png 157.185.170.144
ML-1432-54994

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.win999win.com/en/dafa/images/sprite.52a6941f046fba92b535d0fb9357a8bc.png

Requested by

Host: www.win999win.com
URL: https://www.win999win.com/en/dafa/css/common.52a6941f046fba92b535d0fb9357a8bc.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

4865df327140a52e50f92d603b9a546fba023ae7bc05c28904f5ccaf77675e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.win999win.com/en/dafa/css/common.52a6941f046fba92b535d0fb9357a8bc.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:34:55 GMT
Via: 1.1 PS-TPE-01qXz223:0 (W), 1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 18 Jul 2024 07:11:52 GMT
Server: PWS/8.3.1.0.8
ETag: "6698c038-337ae"
X-Ws-Request-Id: 66b1fc4f_PSmgnyNY3aa36_41758-16687
Content-Type: image/png
Cache-Control: max-age=31536000, public
X-Px: ms PSmgnyNY3mk42JFK,ms PSmgdfDEN1rj88DEN,ms PSxgHK5dz198HKG,ms PS-TPE-01qXz223TPE(origin)
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 210862
Expires: Wed, 06 Aug 2025 10:34:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 301 KB
100 KB 133ms
133ms Script
application/javascript 2607:f8b0:400d:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S5WHEF6PM5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQD7V7Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0f::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b3579279bc227c8855665a05ab07284cf7fee43951cdce24764bccebd8f113c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 10:34:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102447
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 06 Aug 2024 10:34:55 GMT

GET
H/1.1 200
OK dacs.js Show response
login.megasportcasino.com/jswrapper/ 9 KB
4 KB 654ms
196ms Script
application/javascript 202.165.61.110
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.megasportcasino.com/jswrapper/dacs.js?v=3

Requested by

Host: www.win999win.com
URL: https://www.win999win.com/jswrapper/integration.js.php?casino=dafa888&min=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

202.165.61.110 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

Resource Hash

9acce1202062518523f1976a37510b6fcb7beb5a6b68205032e14b971a3a0e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:34:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400; includeSubDomains
Vary: Accept-Encoding
Content-Type: application/javascript
Content-Language: en-US
Cache-Control: private, max-age=604800, immutable
Content-Length: 3552

GET
H/1.1 200
OK clientHintHeaders.js Show response
login.megasportcasino.com/jswrapper/ 2 KB
1006 B 654ms
197ms Script
application/javascript 202.165.61.110
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.megasportcasino.com/jswrapper/clientHintHeaders.js?v=3

Requested by

Host: www.win999win.com
URL: https://www.win999win.com/jswrapper/integration.js.php?casino=dafa888&min=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

202.165.61.110 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

Resource Hash

142617edf27459c2a888daaf7d0bf7777a3fb328fbe9a771fcb7059044791247

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:34:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400; includeSubDomains
Vary: Accept-Encoding
Content-Type: application/javascript
Content-Language: en-US
Cache-Control: private, max-age=604800, immutable
Content-Length: 671

POST
H2 204 collect
analytics.google.com/g/ 0
0 224ms
87ms Fetch
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-S5WHEF6PM5&gtm=45je47v0v890350493z8890334128za200zb890334128&_p=1722940494679&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=182577859.1722940496&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722940495&sct=1&seg=0&dl=https%3A%2F%2Fwww.win999win.com%2Fen&dt=Dafabet%20is%20The%20Most%20Secure%20Online%20Betting%20Company%20in%20Asia&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5983
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S5WHEF6PM5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Aug 2024 10:34:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.win999win.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
247 B 370ms
122ms Ping
text/plain 2607:f8b0:400d:c0f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-S5WHEF6PM5&cid=182577859.1722940496&gtm=45je47v0v890350493z8890334128za200zb890334128&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=95250753
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S5WHEF6PM5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c0f::9c Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Aug 2024 10:34:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.win999win.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK floating-banners Show response
www.win999win.com/en/ajax/ 24 KB
3 KB 357ms
356ms XHR
application/json 157.185.170.144
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL

https://www.win999win.com/en/ajax/floating-banners?path=%252F

Requested by

Host: www.win999win.com
URL: https://www.win999win.com/en/dafa/js/common.52a6941f046fba92b535d0fb9357a8bc.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

2dba38ef8b67689693f2a3e9c481baf5df4ee236ee3ed7a88b47c5e97ce30c43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/javascript
Referer: https://www.win999win.com/en
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Tue, 06 Aug 2024 10:34:56 GMT
Content-Encoding: gzip
Via: 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: PWS/8.3.1.0.8
Transfer-Encoding: chunked
X-Ws-Request-Id: 66b1fc50_PSmgnyNY3aa36_42032-22059
Content-Language: en
Content-Type: application/json
Cache-Control: no-cache
X-Px: ms PSmgnyNY3mk42JFK(origin)
Connection: keep-alive

GET
H/1.1 200
OK dafabet_logo.png
www.win999win.com/en/dafa/images/ 3 KB
4 KB 353ms
353ms Image
image/png 157.185.170.144
ML-1432-54994

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.win999win.com/en/dafa/images/dafabet_logo.png

Requested by

Host: www.win999win.com
URL: https://www.win999win.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

0ea8ad9a1b5a3e3e0950b9dd614a5056250369587ff45165dacafd8d13e838e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.win999win.com/en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:34:56 GMT
Via: 1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 08 Jul 2024 06:56:37 GMT
Server: PWS/8.3.1.0.8
ETag: "668b8da5-d3d"
X-Ws-Request-Id: 66b1fc50_PSmgnyNY3aa36_43674-10846
Content-Type: image/png
Cache-Control: max-age=31536000, public
X-Px: ms PSmgnyNY3mk42JFK,ms PSmgdfDEN1rj88DEN,ht PSxgHK5dz198HKG
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3389
Expires: Wed, 06 Aug 2025 10:34:56 GMT

GET
H/1.1 200
OK sprite.816cbee270a3f8dd704b9552a16aa39c.png
www.win999win.com/en/images/ 113 KB
113 KB 380ms
380ms Image
image/png 157.185.170.144
ML-1432-54994

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.win999win.com/en/images/sprite.816cbee270a3f8dd704b9552a16aa39c.png

Requested by

Host: www.win999win.com
URL: https://www.win999win.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

0f47272de3875f1531038d1dd74318d65615e4a01403492d95d4de9d218ac06b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.win999win.com/en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:34:56 GMT
Via: 1.1 PS-TPE-01qXz223:0 (W), 1.1 PSxgHK5dz198:7 (W), 1.1 PS-DFW-01ItT28:2 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Fri, 19 Jul 2024 08:19:53 GMT
Server: PWS/8.3.1.0.8
ETag: "669a21a9-1c211"
X-Ws-Request-Id: 66b1fc50_PSmgnyNY3aa36_44300-11317
Content-Type: image/png
Cache-Control: max-age=31536000, public
X-Px: ms PSmgnyNY3mk42JFK,ms PS-DFW-01ItT28DFW,ms PSxgHK5dz198HKG,ms PS-TPE-01qXz223TPE(origin)
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 115217
Expires: Wed, 06 Aug 2025 10:34:56 GMT

GET
H/1.1 200
OK slider Show response
www.win999win.com/en/ajax/ 1 KB
1 KB 755ms
754ms XHR
application/json 157.185.170.144
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL

https://www.win999win.com/en/ajax/slider?nc=202476

Requested by

Host: www.win999win.com
URL: https://www.win999win.com/en/js/vendor.816cbee270a3f8dd704b9552a16aa39c.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

cef4bf94d1e9936d52f3a0871fc270d604bf67829360f33b788b56b35a34e913

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://www.win999win.com/en
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Tue, 06 Aug 2024 10:34:56 GMT
Content-Encoding: gzip
Via: 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: PWS/8.3.1.0.8
Transfer-Encoding: chunked
X-Ws-Request-Id: 66b1fc50_PSmgnyNY3aa36_44251-26237
Content-Language: en
Content-Type: application/json
Cache-Control: no-cache
X-Px: ms PSmgnyNY3mk42JFK(origin)
Connection: keep-alive

GET
H/1.1 200
OK announcements Show response
www.win999win.com/en/ajax/v2/ 24 B
667 B 355ms
354ms XHR
application/json 157.185.170.144
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL

https://www.win999win.com/en/ajax/v2/announcements?nocache=1722940496570

Requested by

Host: www.win999win.com
URL: https://www.win999win.com/en/dafa/js/common.52a6941f046fba92b535d0fb9357a8bc.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

ea1bd05db50c7890dd053edf77ee864749a4d8d726a063c80c606a88d095cabd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://www.win999win.com/en
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Tue, 06 Aug 2024 10:34:56 GMT
Content-Encoding: gzip
Via: 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: PWS/8.3.1.0.8
Transfer-Encoding: chunked
X-Ws-Request-Id: 66b1fc50_PSmgnyNY3aa36_44300-11323
Content-Language: en
Content-Type: application/json
Cache-Control: no-cache
X-Px: ms PSmgnyNY3mk42JFK(origin)
Connection: keep-alive

GET
H/1.1 200
OK frosmo.easy.js Show response
dk0tzorg7uge9.cloudfront.net/ 183 KB
52 KB 399ms
138ms Script
application/javascript 18.67.79.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Requested by: Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.79.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-79-34.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 393a9815cb19251d0868f317157743f0cf1c2d60a2e130ce7474a737e1016e29

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:34:57 GMT
Content-Encoding: gzip
Via: 1.1 4b0dd366e44414a4e7e6ed6970080d58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: IAD89-P2
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 52123
Last-Modified: Tue, 18 Jun 2024 05:23:49 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1687630540/ctime:1718484008/gid:700/gname:developers/md5:8cbc3bd687fa6767a01ae9c273365f7b/mode:33188/mtime:1718484008/uid:1024/uname:martyn
ETag: "8cbc3bd687fa6767a01ae9c273365f7b"
Content-Type: application/javascript
Cache-Control: public, max-age=86400
Accept-Ranges: bytes
X-Amz-Cf-Id: EvKGhuBZW2R7NfE2ndrRetJqEdrRfU1H3kW2QkODY5ufNO6_FUZykw==

GET
H/1.1 200
OK 283cd6f3bdbf77c939ae868613cb575a.js Show response
dk0tzorg7uge9.cloudfront.net/sites/ 758 KB
145 KB 1118ms
858ms Script
application/javascript 18.67.79.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk0tzorg7uge9.cloudfront.net/sites/283cd6f3bdbf77c939ae868613cb575a.js
Requested by: Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.79.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-79-34.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 47c35a4db35363fbddefbde5a902eaf3547fbed8d4fe1b9a31bd3e6b640e15b7

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:34:58 GMT
Content-Encoding: gzip
Via: 1.1 c3af1bb2028605770032345c7c19b7aa.cloudfront.net (CloudFront)
Last-Modified: Mon, 24 Jun 2024 06:00:03 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1719208801/ctime:1719208801/gid:501/gname:fcp/md5:74c480832d466401145422cba922687f/mode:33204/mtime:1719208735/uid:501/uname:fcp
X-Amz-Cf-Pop: IAD89-P2
x-amz-server-side-encryption: AES256
ETag: "74c480832d466401145422cba922687f"
X-Cache: RefreshHit from cloudfront
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 147602
X-Amz-Cf-Id: PrSrp24VLmifjFg4gNn5tpcJBgptztxmX1CltdmYclEdkBa4lZydgA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 366ms
121ms Script
text/javascript 2607:f8b0:400d:c1d::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.win999win.com
URL: https://www.win999win.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c1d::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 06 Aug 2024 09:05:44 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5352
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 06 Aug 2024 11:05:44 GMT

GET
H2 200 hotjar-121800.js Show response
static.hotjar.com/c/ 185 KB
30 KB 570ms
299ms Script
application/javascript 52.84.18.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-121800.js?sv=5

Requested by

Host: www.win999win.com
URL: https://www.win999win.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.18.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-18-89.ord53.r.cloudfront.net

Software

Resource Hash

9fa0f7a729fa74c94e8034ad485bee3443cf1de9a516666441fa7b163a06c576

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 10:34:56 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 260fbb348a8054aa94835db0d4a40e00.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD53-C2
etag: W/bd91a864088a513fb559c33817917246
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: _coN-Kh6_uS2opYBe8Ww4AcILITNIqmGUuP1QeWuy0bktNf2AM_h3A==

GET
H/1.1

200
OK

radar.js Show response
radar.cedexis.com/1707728419/
Redirect Chain

https://radar.cedexis.com/1/20200/radar.js
https://radar.cedexis.com/1707728419/radar.js

44 KB
19 KB

143ms
143ms

Script
application/javascript

45.54.49.5
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://radar.cedexis.com/1707728419/radar.js
Protocol: HTTP/1.1
Server: 45.54.49.5 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS: 5.49.54.45.ptr.anycast.net
Software: nginx /
Resource Hash: 2c5b3aeacf827e181a8131451f9a2a2f402ce22800d2365feb071f1fb7bf666d

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:34:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Feb 2024 09:51:48 GMT
Server: nginx
ETag: W/"65c9ea34-af82"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1209600, public
Connection: keep-alive
Expires: Tue, 20 Aug 2024 10:34:56 GMT

Redirect headers

Date: Tue, 06 Aug 2024 10:34:56 GMT
Server: nginx
Vary: User-Agent,DNT
Content-Type: text/html
Location: /1707728419/radar.js
Cache-Control: max-age=600
Connection: keep-alive
Content-Length: 154
Expires: Tue, 06 Aug 2024 10:44:56 GMT

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 80 KB
31 KB 455ms
124ms Script
application/javascript 185.167.164.45
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.45 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8ddc6cbdb63a791bfc33f40d4b0a250a18e85e0ae93f72389ebda9242bef010d

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 10:34:56 GMT
content-encoding: gzip
last-modified: Fri, 08 Mar 2024 07:02:31 GMT
server: nginx
x-amz-request-id: tx00000a762dbecf9209264-006657c4e1-329875c8-default
etag: W/"1c188eabf1f0749a0cffb2c108473370"
x-cache-status: HIT, BYPASS, HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 k_dafabet.js Show response
scripts.prdredir.com/scripts/ 2 KB
1 KB 282ms
152ms Script
text/javascript 2606:4700::6812:1e1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.prdredir.com/scripts/k_dafabet.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQD7V7Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 448d305ad6e8d6b57c5e4d37afbf26c77bcf2c2548e1fe462772757ee6ccbbe1

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-runtime: 0.016301
date: Tue, 06 Aug 2024 10:34:56 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"448d305ad6e8d6b57c5e4d37afbf26c7"
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 8aee6098992d7cc2-LAX
x-request-id: 85d195aa-fbf8-4ca9-8bf6-5b28607086c1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
60 KB 366ms
121ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.win999win.com
URL: https://www.win999win.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 06 Aug 2024 10:34:56 GMT
document-policy: force-load-at-top
x-fb-server-load: 33
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58865
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=119, rtx=0, c=12, mss=1297, tbw=2768, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: Wpl2ANbtWyLobyGWnFo0H9a0G0+plCVfhRBys7lOQXqBN5fCXcRDOenqmtQBwH+/cyAAIyvu7e4Pl2cbxaJ9YA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 404 container_iPEHBueP.js
cdn.matomo.cloud/blockchainads.matomo.cloud/ 0
0 763ms
500ms Script
text/html 2600:9000:2479:4000:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.matomo.cloud/blockchainads.matomo.cloud/container_iPEHBueP.js

Requested by

Host: www.win999win.com
URL: https://www.win999win.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2479:4000:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 06:00:38 GMT
x-amz-version-id: x8CUW72Cdy4wRBv1lXTNc2XlWFvGGyiM
via: 1.1 cfbbd45bc29ebb0e8475ffa26dff7618.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD61-P3
age: 16460
x-cache: Error from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 0
last-modified: Thu, 02 Nov 2023 02:17:11 GMT
server: CloudFront
etag: "d41d8cd98f00b204e9800998ecf8427e"
content-type: text/html
accept-ranges: bytes
x-amz-cf-id: RBGh6OdJjLC1K5VyaLb3dwZL9Fevw0AFsC2Mf9zL2YdGvFCnitkHCA==

GET
H3 200 wwdafabet.js Show response
adscool.net/resources/content/ 5 KB
3 KB 292ms
217ms Script
text/javascript 172.67.175.82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adscool.net/resources/content/wwdafabet.js

Requested by

Host: www.win999win.com
URL: https://www.win999win.com/en

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.175.82 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee9fbd1433074584fcfcb86657af0c29339bd6644b87b656cdcb29788cda1bd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 10:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
status: 200 OK
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 6a7b0396-a2b3-49e0-bc66-28dce9cccea1
x-runtime: 0.001139
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"ee9fbd1433074584fcfcb86657af0c29"
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yMc%2BnZA0Bjhm49%2Ba1CANholWd9cDX%2Bt1itjYxj9%2FMoRBvvjBvshv7xAwAMjYBXs1UkU9BGIP%2FawkY%2BKw4hTV1XmvZ99qy7OtO5tluW2QXJVICRjN%2Bt41jfO5HqtnpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800, private
cf-ray: 8aee609848e72eed-LAX

GET
H3 200 js Show response
rtgsystemsync.com/tag/ 2 KB
1 KB 223ms
147ms Script
text/javascript 172.67.191.82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtgsystemsync.com/tag/js?rtid=AEH-1722891893963441
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQD7V7Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.191.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d8b7618affc4d80078ebb51119d5e13a2d8cfb47c1fb434d91e79dd35a02c9c

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Aug 2024 10:34:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ExGQBzDvJSJwMhFtBa6yAFuHTEm3zG13er6%2BJxNTw4AL4J6EXE8Di8Fbdl3ZpIHRpsoIRSPeIxjIhi1razMD%2BfJI2gHH1ndovx1vG0tBRlPQRYum8AB8zVR8%2BOn9Hav30klKiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8aee609a0ead52ef-LAX
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H2 200 FQkqJiAx4e.gif
pixel.zprk.io/v5/pixel/ 35 B
462 B 390ms
121ms Image
image/gif 100.29.180.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.zprk.io/v5/pixel/FQkqJiAx4e.gif?ssid=1&gtmcb=1150099876
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.29.180.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-29-180-185.compute-1.amazonaws.com
Software: /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 10:34:57 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age: 3600
access-control-allow-methods: POST, GET, DELETE, PUT
content-type: image/gif
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 35

GET
H2

200

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1766814&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1766814%26t%3D2

43 B
1 KB

125ms
125ms

Image
image/gif

68.67.179.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1766814%26t%3D2

Protocol

Server

68.67.179.153 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Aug 2024 10:34:57 GMT
an-x-request-uuid: c61c02ba-43d0-46b3-b177-5bc4e02a885a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 162.245.206.249; 162.245.206.249; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Aug 2024 10:34:56 GMT
an-x-request-uuid: 79687229-d254-4183-9483-4e7ea8d4ec90
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1766814%26t%3D2
cache-control: no-store, no-cache, private
x-proxy-origin: 162.245.206.249; 162.245.206.249; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK favicon.ico
www.win999win.com/en/dafa/images/ 1 KB
2 KB 166ms
166ms Other
image/x-icon 157.185.170.144
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL

https://www.win999win.com/en/dafa/images/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

b8fbacf4998ff7253c5fab185a6058959851c8f02d64f257ec5be076b41aa3a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.win999win.com/en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:34:56 GMT
Via: 1.1 PSxgHK5yp199:8 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 08 Jul 2024 06:56:37 GMT
Server: PWS/8.3.1.0.8
ETag: "668b8da5-47e"
X-Ws-Request-Id: 66b1fc50_PSmgnyNY3aa36_41758-16701
Content-Type: image/x-icon
Cache-Control: max-age=31536000, public
X-Px: ms PSmgnyNY3mk42JFK,ht PSmgdfDEN1rj88DEN
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1150
Expires: Wed, 06 Aug 2025 10:34:56 GMT

GET
H2 200 sync
rtg.prdredir.com/ 43 B
456 B 169ms
165ms Image
image/gif 2606:4700::6812:1e1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtg.prdredir.com/sync?ref=&lp=https%3A%2F%2Fwww.win999win.com%2Fen&sh=1200&sw=1600&date=1722940496864&fp=uid-6031985127.7614472888

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 10:34:57 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-transfer-encoding: binary
content-disposition: inline; filename="pixel.gif"
content-length: 43
x-xss-protection: 1; mode=block
x-request-id: 79348e6a-320d-4621-9ad0-b8839eddd71d
x-runtime: 0.018292
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache
cf-ray: 8aee609a19d27cc2-LAX

GET
H3 200 wwdafabet Show response
adscool.net/pageview/ 0
600 B 146ms
146ms Script
text/javascript 172.67.175.82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adscool.net/pageview/wwdafabet?usr=v1.3%3A10873518357%3A1722940496875%3A1722940496875&scr=1600x1200%7C1600x1200&scv=1600x1200%7C0&pgh=www.win999win.com&pgl=%2Fen&pgs=&pgr=

Requested by

Host: adscool.net
URL: https://adscool.net/resources/content/wwdafabet.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.175.82 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 10:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
status: 200 OK
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: ec1adf4c-fbac-44dd-ab6d-c086047a2565
x-runtime: 0.003161
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HA5ivKCix%2BU6uG7Fqr9lGxirc89jWN%2Bc%2BtrJrXVnztw18TogYe6OudZ98k5RnkJYBlLud96fPoaXjGUBOyh7jlHqSkijpMQqLJdOyDJGA45nCiblQoEBy9FS9JR4bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 8aee6099a9f22eed-LAX

GET
H/1.1 200
OK 1920x360_74.jpg
www.win999win.com/en/2024-07/ 96 KB
97 KB 353ms
353ms Image
image/jpeg 157.185.170.144
ML-1432-54994

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.win999win.com/en/2024-07/1920x360_74.jpg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

b9ed282711156d16da803cf78c07bf10218f08f9923767974776abdcd30bb83b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.win999win.com/en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:34:57 GMT
Via: 1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 15 Jul 2024 05:06:00 GMT
Server: PWS/8.3.1.0.8
ETag: "6694ae38-1808c"
X-Ws-Request-Id: 66b1fc50_PSmgnyNY3aa36_44251-26257
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
X-Px: ms PSmgnyNY3mk42JFK,ms PSmgdfDEN1rj88DEN,ht PSxgHK5dz198HKG
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 98444
Expires: Wed, 06 Aug 2025 10:34:57 GMT

GET
H/1.1 200
Ok providers.json Show response
i2-bhsgkafrvyhbbeboejnwqtfyswmfpk.init.cedexis-radar.net/i2/1/20200/j1/20/124/1722940496/0/0/ 3 KB
1 KB 363ms
120ms XHR
application/json 104.225.10.227
NETACTUATE

General

Check archive.org

Show headers Download Go to

Full URL: https://i2-bhsgkafrvyhbbeboejnwqtfyswmfpk.init.cedexis-radar.net/i2/1/20200/j1/20/124/1722940496/0/0/providers.json?imagesok=1&n=1&p=1&r=1&s=1&t=1
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.225.10.227 Ashburn, United States, ASN36236 (NETACTUATE, US),
Reverse DNS: 227.10.225.104.ptr.anycast.net
Software: nginx /
Resource Hash: 9ff2eb39ec96e2d2a7e114a786ce1f240ad99e0c4c3d53e854591a9e7c22310f

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:34:57 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
223 B 123ms
122ms XHR
text/plain 2607:f8b0:400d:c1d::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=851247502&t=pageview&_s=1&dl=https%3A%2F%2Fwww.win999win.com%2Fen&ul=en-us&de=UTF-8&dt=Dafabet%20is%20The%20Most%20Secure%20Online%20Betting%20Company%20in%20Asia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1531560531&gjid=2035975456&cid=182577859.1722940496&tid=UA-89039619-1&_gid=1277585488.1722940497&_r=1&_slc=1&z=1216912546

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c1d::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

69e5bd6a3392e9ac3ad144d8b727223f7d655288d7fe2723debd7b964925197e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 06 Aug 2024 10:34:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.win999win.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 wmetrics
rtgsystemsync.com/ 0
405 B 141ms
141ms Ping
text/plain 172.67.191.82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtgsystemsync.com/wmetrics?rtid=AEH-1722891893963441&fr=0&dr=&dl=https%3A%2F%2Fwww.win999win.com%2Fen
Requested by: Host: rtgsystemsync.com
URL: https://rtgsystemsync.com/tag/js?rtid=AEH-1722891893963441
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.191.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 10:34:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CupjvX%2BEJuqgMQIUMhuEgDztCL%2BpitnmTrmHzwSjlmKS%2BJKp%2BveTOD4lq3AkM8EyA%2BSBtrCrTtJ2uUMDO7kDVmfBisdVUQhWcKkWx8E2yrGHFhCk2eLvMFNVbyDZYl16jVMFgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8aee609aff5352ef-LAX
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 280 KB
95 KB 144ms
144ms Script
application/javascript 64.233.180.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XTJPZCJBEY&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.180.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pe-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

15106c045f24b3a862e3f20b704b028c989d16753f402390b32210275b689e53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 10:34:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97274
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 06 Aug 2024 10:34:57 GMT

GET
H2

200

/ Show response
asia.adform.net/Serving/TrackPoint/
Redirect Chain

https://asia.adform.net/Serving/TrackPoint/?pm=3095779&ADFPageName=Dafabet%20All%20Pages&ADFdivider=%7C&ord=200043971843&ADFtpmode=2&loc=https%3A%2F%2Fwww.win999win.com%2Fen&Set1=en-US%7Cen-US%7C16...
https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=3095779&ADFPageName=Dafabet%20All%20Pages&ADFdivider=%7C&ord=200043971843&ADFtpmode=2&loc=https%3A%2F%2Fwww.win999win.com%2Fen&Set1=en-US%7Cen-US...

845 B
1 KB

218ms
217ms

Script
text/javascript

185.84.60.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=3095779&ADFPageName=Dafabet%20All%20Pages&ADFdivider=%7C&ord=200043971843&ADFtpmode=2&loc=https%3A%2F%2Fwww.win999win.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Server

185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a8eef464beb53d07e574e2731879a8dbc3d9e436d2c6bf44315a93f33e3a6daa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Aug 2024 10:34:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 690
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 06 Aug 2024 10:34:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=3095779&ADFPageName=Dafabet%20All%20Pages&ADFdivider=%7C&ord=200043971843&ADFtpmode=2&loc=https%3A%2F%2Fwww.win999win.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 200 modules.8da33a8f469c3b5ffcec.js Show response
script.hotjar.com/ 223 KB
56 KB 425ms
148ms Script
application/javascript 13.224.214.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-121800.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.214.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-214-103.phl50.r.cloudfront.net

Software

Resource Hash

76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 14:23:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 6ef53c06467f47a1223db91b4e03cb22.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL50-C1
age: 591111
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56385
last-modified: Tue, 30 Jul 2024 14:22:40 GMT
etag: "0728625a147ca79276a1790b9cf3175d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: REwT6-YahL42iDJRMz6HMVtq1wAZYEe0JRRCvKLkHYWJ6SnETtl59A==

GET
H2 200 1727308371340020 Show response
connect.facebook.net/signals/config/ 66 KB
15 KB 335ms
334ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1727308371340020?v=2.9.164&r=stable&domain=www.win999win.com&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9629be600d6a69cdb1cd767b965a389ffc59444f309329ace4595906488a88ae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 06 Aug 2024 10:34:57 GMT
document-policy: force-load-at-top
x-fb-server-load: 31
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=128, rtx=0, c=65, mss=1297, tbw=64358, tp=-1, tpl=-1, uplat=214, ullat=0
pragma: public
x-fb-debug: ONQjSRYh9aoil2eqhatw+no6ow5vt4uJJNQ9+dPY58MQYrOnYFwh70V5yQm7WoFL5XlhTRb9cfXqj0WUQB5/Qg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK impact.js Show response
radar.cedexis.com/releases/1707728419/ 7 KB
4 KB 72ms
72ms Script
application/javascript 45.54.49.5
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://radar.cedexis.com/releases/1707728419/impact.js
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.54.49.5 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS: 5.49.54.45.ptr.anycast.net
Software: nginx /
Resource Hash: 70ba610e8b04346fcfaf7131529082ab2f9cec6954ce32552b1cac0a9e567aba

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:34:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Feb 2024 09:51:35 GMT
Server: nginx
ETag: W/"65c9ea27-1c28"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1209600, public
Connection: keep-alive
Expires: Tue, 20 Aug 2024 10:34:57 GMT

GET
H/1.1 200
Ok 1722940495369 Show response
rpt.cedexis.com/n1/0/1722940489695/0/0/0/0/1722940493866/1722940493866/1722940493866/1722940493866/1722940493866/0/1722940493867/1722940494643/1722940494666/1722940494656/1722940496144/172294049614... 16 B
276 B 221ms
72ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/n1/0/1722940489695/0/0/0/0/1722940493866/1722940493866/1722940493866/1722940493866/1722940493866/0/1722940493867/1722940494643/1722940494666/1722940494656/1722940496144/1722940496144/1722940496150/1722940496569/1722940496569/1722940496572/_CgJqMRAUGHwiBggBEOidASjEnIy-BDDQ-Me1BjjQ-Me1BkCsjYXhAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vOD5ABAJgBAA/0/1722940495369
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:34:57 GMT
Server: nginx
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 131ms
131ms Fetch
text/plain 172.253.115.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-XTJPZCJBEY&gtm=45je47v0v9126248990za200&_p=1722940494679&gcd=13l3l3l3l2&npa=0&dma=0&tag_exp=95250753&ul=en-us&sr=1600x1200&cid=182577859.1722940496&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.win999win.com%2Fen&dt=Dafabet%20is%20The%20Most%20Secure%20Online%20Betting%20Company%20in%20Asia&sid=1722940497&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=7904
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XTJPZCJBEY&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.115.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bg-in-f100.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Aug 2024 10:34:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.win999win.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1111248093529440 Show response
connect.facebook.net/signals/config/ 34 KB
7 KB 354ms
352ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1111248093529440?v=2.9.164&r=stable&domain=www.win999win.com&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C195%2C194%2C196%2C201%2C202%2C203%2C199%2C191%2C128%2C158%2C190%2C192%2C119%2C152%2C141%2C146%2C184%2C185%2C125%2C227%2C113%2C124%2C228%2C160%2C116%2C230%2C161%2C132%2C120%2C149%2C144

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

73eaba89aac24d3fcc3a20c41cab7d2e9ad79805deb5f53bb420e9b6db47d354

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 06 Aug 2024 10:34:57 GMT
document-policy: force-load-at-top
x-fb-server-load: 37
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=26, mss=1232, tbw=8280, tp=17, tpl=0, uplat=231, ullat=0
pragma: public
x-fb-debug: pmGIz1ULHN2nljRpz47izz+gYu2q/QigVkzPWCzP5Y/ingsLFwGSiQq+frElnV+xVjyo1us5ycvXmk9nKESBXA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
270 B 372ms
121ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1727308371340020&ev=PageView&dl=https%3A%2F%2Fwww.win999win.com%2Fen&rl=&if=false&ts=1722940497623&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722940497621.518987459221054995&ler=empty&cdl=API_unavailable&it=1722940497245&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=10, mss=1297, tbw=2774, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 06 Aug 2024 10:34:57 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 451ms
200ms Image
image/png 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1727308371340020&ev=PageView&dl=https%3A%2F%2Fwww.win999win.com%2Fen&rl=&if=false&ts=1722940497623&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722940497621.518987459221054995&ler=empty&cdl=API_unavailable&it=1722940497245&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Tue, 06 Aug 2024 10:34:58 GMT
document-policy: force-load-at-top
x-fb-server-load: 40
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7399973089227829981", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=10, mss=1297, tbw=3088, tp=-1, tpl=-1, uplat=79, ullat=0
pragma: no-cache
x-fb-debug: SRqSK1wU4oaFqdCZGg+kAMHXet0fjRVPlP2oaz7pQ4PtTjcYOECJE3BukZKq0Xn/HPzH5IIQe1UxrTIdjwSLfw==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7399973089227829981"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK Brand%20Ambassador_EN.png
www.win999win.com/en/ambassadors/ 133 KB
133 KB 356ms
355ms Image
image/png 157.185.170.144
ML-1432-54994

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.win999win.com/en/ambassadors/Brand%20Ambassador_EN.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

3ba02d21c9b69018b9ff62768156c206f0a05255c368b2166adda35b7067dd62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.win999win.com/en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:34:58 GMT
Via: 1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Tue, 16 Jul 2024 07:48:36 GMT
Server: PWS/8.3.1.0.8
ETag: "669625d4-21260"
X-Ws-Request-Id: 66b1fc52_PSmgnyNY3aa36_44251-26301
Content-Type: image/png
Cache-Control: max-age=31536000, public
X-Px: ms PSmgnyNY3mk42JFK,ms PSmgdfDEN1rj88DEN,ht PSxgHK5dz198HKG
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 135776
Expires: Wed, 06 Aug 2025 10:34:58 GMT

GET
H/1.1 200
OK playtech-footer.png
www.win999win.com/en/2022-07/ 6 KB
6 KB 354ms
353ms Image
image/png 157.185.170.144
ML-1432-54994

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.win999win.com/en/2022-07/playtech-footer.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

caed37875e80934c7f52564ca26b7846bd1f7bfa26f6eb74994556ee9777dbec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.win999win.com/en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:34:58 GMT
Via: 1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 20 Jul 2022 08:22:19 GMT
Server: PWS/8.3.1.0.8
ETag: "62d7bb3b-1709"
X-Ws-Request-Id: 66b1fc52_PSmgnyNY3aa36_44300-11357
Content-Type: image/png
Cache-Control: max-age=31536000, public
X-Px: ms PSmgnyNY3mk42JFK,ms PSmgdfDEN1rj88DEN,ht PSxgHK5dz198HKG
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5897
Expires: Wed, 06 Aug 2025 10:34:58 GMT

GET
H/1.1 200
OK bitcoin_Footer%20160x41.png
www.win999win.com/en/2019-09/ 2 KB
3 KB 355ms
354ms Image
image/png 157.185.170.144
ML-1432-54994

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.win999win.com/en/2019-09/bitcoin_Footer%20160x41.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

1fad8a0d38b8307c0781fbfd3222b43917c5c879bbcfb3d5e0b96d1b4416e5a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.win999win.com/en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:34:58 GMT
Via: 1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 23 Sep 2019 09:48:31 GMT
Server: PWS/8.3.1.0.8
ETag: "5d8894ef-9ad"
X-Ws-Request-Id: 66b1fc52_PSmgnyNY3aa36_41758-16726
Content-Type: image/png
Cache-Control: max-age=31536000, public
X-Px: ms PSmgnyNY3mk42JFK,ms PSmgdfDEN1rj88DEN,ht PSxgHK5dz198HKG
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2477
Expires: Wed, 06 Aug 2025 10:34:58 GMT

GET
H2 200 frosmo.xdm.html
dafabetcomasia.asia.frosmo.com/ Frame 4D31 0
0 770ms
202ms Document
text/html 52.79.118.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dafabetcomasia.asia.frosmo.com/frosmo.xdm.html?24.51.0
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.79.118.14 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-79-118-14.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://www.win999win.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-length: 1104
content-type: text/html
date: Tue, 06 Aug 2024 10:34:58 GMT
etag: "5bea9576-450"
last-modified: Tue, 13 Nov 2018 09:12:22 GMT
server: nginx
vary: Accept-Encoding

GET
H3 200 1232172684609899 Show response
connect.facebook.net/signals/config/ 25 KB
5 KB 669ms
668ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1232172684609899?v=2.9.164&r=stable&domain=www.win999win.com&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C195%2C194%2C196%2C201%2C202%2C203%2C199%2C191%2C128%2C158%2C190%2C192%2C119%2C152%2C141%2C146%2C184%2C185%2C125%2C227%2C113%2C124%2C228%2C160%2C116%2C230%2C161%2C132%2C120%2C149%2C144%2C130%2C123

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

5b9227e39552179d38911c5f39bed2cd915f706ad9ef6ed6c6b5a060375c3915

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 06 Aug 2024 10:34:58 GMT
document-policy: force-load-at-top
x-fb-server-load: 44
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=34, mss=1232, tbw=17608, tp=28, tpl=0, uplat=547, ullat=0
pragma: public
x-fb-debug: Nv3b990sl3lRhKZVZWn1q5bhr6pSKyGWyRsV2uTy9KrmtLgu6ud96HjaY9ZZmCjPQyJVKW7CaZMWMSP+vdX9CQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
98 B 121ms
120ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1111248093529440&ev=PageView&dl=https%3A%2F%2Fwww.win999win.com%2Fen&rl=&if=false&ts=1722940498025&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722940497621.518987459221054995&ler=empty&cdl=API_unavailable&cs_est=true&it=1722940497245&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=15, mss=1297, tbw=6447, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 06 Aug 2024 10:34:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
848 B 157ms
156ms Image
image/png 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1111248093529440&ev=PageView&dl=https%3A%2F%2Fwww.win999win.com%2Fen&rl=&if=false&ts=1722940498025&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722940497621.518987459221054995&ler=empty&cdl=API_unavailable&cs_est=true&it=1722940497245&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Tue, 06 Aug 2024 10:34:58 GMT
document-policy: force-load-at-top
x-fb-server-load: 42
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7399973092344275826", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=15, mss=1297, tbw=6589, tp=-1, tpl=-1, uplat=37, ullat=0
pragma: no-cache
x-fb-debug: b5n3J94J5L/jqT4bkLdKaPF7y8wyAL8aNltkcqRAwvHBEmkw2TAJoJK25aWJkaZeRT5dcbOhG7BmqQccMe5C0A==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7399973092344275826"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pixels
c1.adform.net/imatch/ Frame 3F81 0
0 389ms
125ms Document
text/html 185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?bt=0&uid=683281792579535459&agencyId=8910&advertiserId=2170253&src=tp&rnd=670673

Requested by

Host: asia.adform.net
URL: https://asia.adform.net/Serving/TrackPoint/?pm=3095779&ADFPageName=Dafabet%20All%20Pages&ADFdivider=%7C&ord=200043971843&ADFtpmode=2&loc=https%3A%2F%2Fwww.win999win.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.win999win.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 06 Aug 2024 10:34:58 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
asia.seadform.net/serving/cookie/sync/ 35 B
457 B 736ms
222ms Image
image/gif 185.84.60.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://asia.seadform.net/serving/cookie/sync/?uid=683281792579535459&stamp=6-Kzuc8k-wMDvP-67D9Y4w2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 10:34:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: private

GET
H/1.1 200
Ok json Show response
i1-j5-20-124-1-20200-1342837909-s.init.cedexis-radar.net/i1/1722940498/1342837909/ 217 B
484 B 394ms
119ms XHR
application/json 104.225.10.226
NETACTUATE

General

Check archive.org

Show headers Download Go to

Full URL: https://i1-j5-20-124-1-20200-1342837909-s.init.cedexis-radar.net/i1/1722940498/1342837909/json?seed=i1-j5-20-124-1-20200-1342837909-s
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.225.10.226 Ashburn, United States, ASN36236 (NETACTUATE, US),
Reverse DNS: 226.10.225.104.ptr.anycast.net
Software: nginx /
Resource Hash: 51553f7bcfd0ba07683cbe0f1a1ec53a91bfaacc8c8a466ca913a152b510eac8

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:34:58 GMT
Server: nginx
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 217

GET
H3 200 988361329509623 Show response
connect.facebook.net/signals/config/ 24 KB
4 KB 716ms
715ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/988361329509623?v=2.9.164&r=stable&domain=www.win999win.com&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C195%2C194%2C196%2C201%2C202%2C203%2C199%2C191%2C128%2C158%2C190%2C192%2C119%2C152%2C141%2C146%2C184%2C185%2C125%2C227%2C113%2C124%2C228%2C160%2C116%2C230%2C161%2C132%2C120%2C149%2C144%2C130%2C123

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

0de2c4f7bd67b21d5570cdb86c0ca3b6d2b7ce10df73ff3a5d63731001091b7f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 06 Aug 2024 10:34:59 GMT
document-policy: force-load-at-top
x-fb-server-load: 20
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=121, rtx=0, c=38, mss=1232, tbw=22488, tp=33, tpl=0, uplat=594, ullat=0
pragma: public
x-fb-debug: tGVYc/IKGKLh3L7N3/uO707fXttpV1beGyi/+PgB7dwSgcqOty9oxA+4c6UttctWD8wPJETeI/eI0xNsHKtWTw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 120ms
119ms Image
text/plain 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1232172684609899&ev=PageView&dl=https%3A%2F%2Fwww.win999win.com%2Fen&rl=&if=false&ts=1722940498702&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722940497621.518987459221054995&ler=empty&cdl=API_unavailable&it=1722940497245&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=26, mss=1232, tbw=8329, tp=18, tpl=0, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 06 Aug 2024 10:34:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
193 B 158ms
157ms Image
image/png 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1232172684609899&ev=PageView&dl=https%3A%2F%2Fwww.win999win.com%2Fen&rl=&if=false&ts=1722940498702&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722940497621.518987459221054995&ler=empty&cdl=API_unavailable&it=1722940497245&coo=false&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Tue, 06 Aug 2024 10:34:58 GMT
document-policy: force-load-at-top
x-fb-server-load: 53
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7399973093239797130", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=26, mss=1232, tbw=8649, tp=20, tpl=0, uplat=36, ullat=0
pragma: no-cache
x-fb-debug: 1r1nbwyp5orR8G0l4o8/zHFD2QJ2flSAoXyiCjSNesuyTooB9DriUHEY2lxzT2yovx/4GMgmIvJJcg6e5DFQeg==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7399973093239797130"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 200
Ok _CgJqNRAUGHwiBggBEOidASiVqaiABTDS-Me1BjjS-Me1BkCsj4WeAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24yLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vODw Show response
rpt.cedexis.com/r1/1/20200/ 16 B
276 B 215ms
72ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/r1/1/20200/_CgJqNRAUGHwiBggBEOidASiVqaiABTDS-Me1BjjS-Me1BkCsj4WeAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24yLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vODw?rnd=gpuzghbrrdenebwrbllsbjrkjiqldnne
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 06 Aug 2024 10:34:58 GMT
Server: nginx
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
174 B 697ms
191ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=visit&source=direct&device=desktop&sessionStart=20240806103458&cookieId=locldg.lziaaclq&origin=dafabet_com_asia&ver=24.51.0-3.6&segments=&06103441
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: Thu, 01 Jan 1970 00:00:01 GMT
date: Tue, 06 Aug 2024 10:34:59 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
content-type: image/gif

POST
H2 200 eventsApi
asia.frosmo.com/ 43 B
123 B 673ms
193ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/eventsApi?method=customAction&name=userLoggedIn&value=false&title=&cookieId=locldg.lziaaclq&origin=dafabet_com_asia&ver=24.51.0-3.6&0
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 10:34:59 GMT
server: openresty
x-robots-tag: none
content-length: 43
content-type: image/gif

POST
H2 200 eventsApi
asia.frosmo.com/ 43 B
123 B 689ms
211ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/eventsApi?method=customAction&name=chrome53&value=true&title=&cookieId=locldg.lziaaclq&origin=dafabet_com_asia&ver=24.51.0-3.6&1
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 10:34:59 GMT
server: openresty
x-robots-tag: none
content-length: 43
content-type: image/gif

POST
H2 200 eventsApi
asia.frosmo.com/ 43 B
123 B 669ms
194ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/eventsApi?method=customAction&name=chrome&value=true&title=&cookieId=locldg.lziaaclq&origin=dafabet_com_asia&ver=24.51.0-3.6&2
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 10:34:59 GMT
server: openresty
x-robots-tag: none
content-length: 43
content-type: image/gif

POST
H2 200 eventsApi
asia.frosmo.com/ 43 B
123 B 685ms
211ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/eventsApi?method=customAction&name=popupNrSpecificPlayers&value=1&title=&cookieId=locldg.lziaaclq&origin=dafabet_com_asia&ver=24.51.0-3.6&3
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 10:34:59 GMT
server: openresty
x-robots-tag: none
content-length: 43
content-type: image/gif

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 656ms
191ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=showMessage&messageId=2236&revision=1&sessionStart=20240806103458&cookieId=locldg.lziaaclq&origin=dafabet_com_asia&ver=24.51.0-3.6&segments=&061034462
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: Thu, 01 Jan 1970 00:00:01 GMT
date: Tue, 06 Aug 2024 10:34:59 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
content-type: image/gif

GET
H2 200 location Show response
asia.frosmo.com/ 43 B
491 B 643ms
188ms XHR
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/location
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 10:34:59 GMT
x-real-ip: 162.245.206.249
x-longitude: -118.41600
x-isp: i3D.net B.V
x-city: El Segundo
content-length: 43
x-country-name: United States
server: openresty
x-country2: US
content-type: image/gif
access-control-allow-origin: *
x-region-code: CA
access-control-expose-headers: X-Country2,X-latitude,X-longitude,X-Region-Code,X-City,X-ISP,X-Real-IP
cache-control: no-cache, private
x-latitude: 33.91920
access-control-allow-headers: X-Country2,X-latitude,X-longitude,X-Region-Code,X-City,X-ISP,X-Real-IP
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 193ms
193ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=setUserSegment&segmentName=sgmt_1978&segmentValue=value1&sessionStart=20240806103458&cookieId=locldg.lziaaclq&origin=dafabet_com_asia&ver=24.51.0-3.6&segments=1978&061034513
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: Thu, 01 Jan 1970 00:00:01 GMT
date: Tue, 06 Aug 2024 10:34:59 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
content-type: image/gif

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 193ms
193ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=setUserSegment&segmentName=sgmt_1548&segmentValue=value1&sessionStart=20240806103458&cookieId=locldg.lziaaclq&origin=dafabet_com_asia&ver=24.51.0-3.6&segments=1978.1548&061034514
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: Thu, 01 Jan 1970 00:00:01 GMT
date: Tue, 06 Aug 2024 10:34:59 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
content-type: image/gif

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 265ms
265ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=setUserSegment&segmentName=sgmt_1563&segmentValue=value1&sessionStart=20240806103458&cookieId=locldg.lziaaclq&origin=dafabet_com_asia&ver=24.51.0-3.6&segments=1978.1548.1563&061034525
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: Thu, 01 Jan 1970 00:00:01 GMT
date: Tue, 06 Aug 2024 10:34:59 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
content-type: image/gif

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 265ms
265ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=setUserSegment&segmentName=sgmt_1569&segmentValue=value1&sessionStart=20240806103458&cookieId=locldg.lziaaclq&origin=dafabet_com_asia&ver=24.51.0-3.6&segments=1978.1548.1563.1569&061034536
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: Thu, 01 Jan 1970 00:00:01 GMT
date: Tue, 06 Aug 2024 10:34:59 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
content-type: image/gif

GET
H2 200 messageApi Show response
asia.frosmo.com/ 780 KB
129 KB 612ms
191ms XHR
application/json 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/messageApi?method=multifetch&origin=dafabet_com_asia&cookieId=locldg.lziaaclq&loginId=&positions=190.191.199.200.218.219.220.229.250.328.335.336.337.338.339.340.349.362.363.460.501.517.520.650.743.745.746.752.753.758.759.809.810.811.815.819.820.821.822.823.824.825.886.887.888.889.890.891.892.893.894.895.896.897.898.899.900.901.954.1199.1204.1476.1667.1775.1780.1861.1862.1863.1896.2095.2000.1999.1998.1997.923.903.881.761.760.756.755.754.751.750.749.748.747.744.742.741.735.734.733.732.731.730.729.728.727.726.725.724.723.722.721.720.719.718.717.716.715.714.713.712.711.710.709.708.707.706.705.704.690.676.651.649.400.247.244.222.221.189&states=%7B%22_device%22%3A%22desktop%22%2C%22loginStatus%22%3A%22unauthenticated%22%2C%22userLoggedIn%22%3A%22false%22%2C%22popupNrSpecificPlayers%22%3A%221%22%7D&debug=false&_ver=24.51.0-3.6&_source=core&_ts=1722940498869&segments=1978.1548.1563.1569&source=direct&sessionStart=20240806103458
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: 5e537fbaf33731a08fbc0ebb18d63d89bf05dedf5c87389edc0775ed2528dcce

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 10:34:59 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
x-robots-tag: none
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 d17.html
cdn-sports.nextbet.com/test/ Frame 0EB4 0
0 2092ms
443ms Document
text/html 157.185.160.33
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-sports.nextbet.com/test/d17.html?rnd=1-1-20200-1-20200-47804-1203965508-_CgJqMRAUGHwiBggBEOidASjEnIy-BDDQ-Me1BjjQ-Me1BkCsjYXhAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vOD5ABAJgBAA

Requested by

Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

157.185.160.33 Ashburn, United States, ASN54994 (ML-1432-54994, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.win999win.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html
date: Tue, 06 Aug 2024 10:35:00 GMT
expires: 0
pragma: no-cache
server: PWS/8.3.1.0.8
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 PS-SIN-04geo172:2 (W), 1.1 hx171:3 (W), 1.1 PS-IAD-0455N220:11 (W)
x-px: ms PS-IAD-0455N220IAD,ms hx171SJC,ms PS-SIN-04geo172SIN(origin)
x-ws-request-id: 66b1fc54_PS-IAD-0455N220_32419-10897

POST
H/1.1 200
Ok _CgJqNRAUGHwiBggBEOidASiVqaiABTDS-Me1BjjS-Me1BkCsj4WeAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24yLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vODw Show response
rpt.cedexis.com/r1/1/20200/ 16 B
276 B 74ms
73ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/r1/1/20200/_CgJqNRAUGHwiBggBEOidASiVqaiABTDS-Me1BjjS-Me1BkCsj4WeAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24yLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vODw?rnd=ovzqnmntjnrcljesgllscehefesmxnib
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 06 Aug 2024 10:34:59 GMT
Server: nginx
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 120ms
120ms Image
text/plain 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=988361329509623&ev=PageView&dl=https%3A%2F%2Fwww.win999win.com%2Fen&rl=&if=false&ts=1722940499423&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722940497621.518987459221054995&ler=empty&cdl=API_unavailable&it=1722940497245&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=29, mss=1232, tbw=12089, tp=27, tpl=0, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 06 Aug 2024 10:34:59 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 151ms
151ms Image
image/png 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=988361329509623&ev=PageView&dl=https%3A%2F%2Fwww.win999win.com%2Fen&rl=&if=false&ts=1722940499423&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722940497621.518987459221054995&ler=empty&cdl=API_unavailable&it=1722940497245&coo=false&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Tue, 06 Aug 2024 10:34:59 GMT
document-policy: force-load-at-top
x-fb-server-load: 34
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7399973097897945042", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=29, mss=1232, tbw=12281, tp=29, tpl=0, uplat=30, ullat=0
pragma: no-cache
x-fb-debug: 42O0dO+Soxh5xru5W5Puh474PVvLNMAi+BFuzqBpli/nVYHY16tbxAhW4Hek05nuQA/+Dz2jwM4CuTQX61HCvw==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7399973097897945042"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
775 B 384ms
137ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Aug 2024 10:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 06 Aug 2024 10:35:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Aug 2024 10:35:00 GMT

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 192ms
191ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=showMessage&messageId=2214&revision=1&sessionStart=20240806103458&cookieId=locldg.lziaaclq&origin=dafabet_com_asia&ver=24.51.0-3.6&segments=1978.1548.1563.1569&06103512747
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: Thu, 01 Jan 1970 00:00:01 GMT
date: Tue, 06 Aug 2024 10:35:00 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
content-type: image/gif

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 192ms
191ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=showMessage&messageId=8756&revision=1&sessionStart=20240806103458&cookieId=locldg.lziaaclq&origin=dafabet_com_asia&ver=24.51.0-3.6&segments=1978.1548.1563.1569&06103513308
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: Thu, 01 Jan 1970 00:00:01 GMT
date: Tue, 06 Aug 2024 10:35:00 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
content-type: image/gif

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 191ms
190ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=showMessage&messageId=3172&revision=1&sessionStart=20240806103458&cookieId=locldg.lziaaclq&origin=dafabet_com_asia&ver=24.51.0-3.6&segments=1978.1548.1563.1569&06103513829
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: Thu, 01 Jan 1970 00:00:01 GMT
date: Tue, 06 Aug 2024 10:35:00 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
content-type: image/gif

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 191ms
190ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=showMessage&messageId=2195&revision=2&sessionStart=20240806103458&cookieId=locldg.lziaaclq&origin=dafabet_com_asia&ver=24.51.0-3.6&segments=1978.1548.1563.1569&061035141310
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: Thu, 01 Jan 1970 00:00:01 GMT
date: Tue, 06 Aug 2024 10:35:00 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
content-type: image/gif

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 192ms
192ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=showMessage&messageId=4560&revision=8&sessionStart=20240806103458&cookieId=locldg.lziaaclq&origin=dafabet_com_asia&ver=24.51.0-3.6&segments=1978.1548.1563.1569&061035142011
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: Thu, 01 Jan 1970 00:00:01 GMT
date: Tue, 06 Aug 2024 10:35:00 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK arrow-down-triple-white.png
dk0tzorg7uge9.cloudfront.net/message_files/40/2061/193/ 511 B
1 KB 835ms
834ms Image
image/png 18.67.79.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dk0tzorg7uge9.cloudfront.net/message_files/40/2061/193/arrow-down-triple-white.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.79.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-79-34.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e32d0137b37137e902d7be5b6de744893db6fd2e2be566a66db6d1582418294a

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:35:01 GMT
Via: 1.1 c3af1bb2028605770032345c7c19b7aa.cloudfront.net (CloudFront)
Last-Modified: Wed, 23 May 2018 08:56:23 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:505/gname:fcp-php/uname:fcp-php/gid:505/mode:33188/mtime:1527065782/atime:1527065782/md5:24706a99cc619b6439dadf6cc02cdd8a/ctime:1527065782
X-Amz-Cf-Pop: IAD89-P2
ETag: "24706a99cc619b6439dadf6cc02cdd8a"
X-Cache: RefreshHit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 511
X-Amz-Cf-Id: kv_gsHD4kOQZaQlo9Eetzq7dYkqYumXf76iaXNKUfmVhTA59jNOTKA==

GET
H/1.1 200
OK arrow-down-triple-yellow.png
dk0tzorg7uge9.cloudfront.net/message_files/40/2061/194/ 511 B
1 KB 841ms
840ms Image
image/png 18.67.79.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dk0tzorg7uge9.cloudfront.net/message_files/40/2061/194/arrow-down-triple-yellow.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.79.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-79-34.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d01e7f7bc38eeccd2397c1df224742f91cfbc6b59cfd8a4f0296eb9fd8e8de78

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:35:01 GMT
Via: 1.1 4b0dd366e44414a4e7e6ed6970080d58.cloudfront.net (CloudFront)
Last-Modified: Wed, 23 May 2018 08:56:57 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:505/gname:fcp-php/uname:fcp-php/gid:505/mode:33188/mtime:1527065816/atime:1527065816/md5:eeae68f9e6712f3e82800d34760a6640/ctime:1527065816
X-Amz-Cf-Pop: IAD89-P2
ETag: "eeae68f9e6712f3e82800d34760a6640"
X-Cache: RefreshHit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 511
X-Amz-Cf-Id: 9I5K-q0GkThv0wc0HeaEKyNZbN9A2Yg4rqneIkE1OG2mPsaMrs6H1A==

GET
H/1.1 200
OK mdd-on.jpg
dk0tzorg7uge9.cloudfront.net/message_files/40/4716/533/ 191 KB
191 KB 1080ms
842ms Image
image/jpeg 18.67.79.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dk0tzorg7uge9.cloudfront.net/message_files/40/4716/533/mdd-on.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.79.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-79-34.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 296f80730ee5d3a6ae96d1a4cafbdd77272091194fd0c0d5ac21d94654e68dcf

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:35:02 GMT
Via: 1.1 4e6e9c8ad6e40529a0e7659f2f4c5f28.cloudfront.net (CloudFront)
Last-Modified: Tue, 05 Oct 2021 12:48:04 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1633438083/ctime:1633438083/gid:505/gname:fcp-php/md5:9d0298037833ae35c02390736c85d776/mode:33188/mtime:1633438083/uid:505/uname:fcp-php
X-Amz-Cf-Pop: IAD89-P2
ETag: "9d0298037833ae35c02390736c85d776"
X-Cache: RefreshHit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 195409
X-Amz-Cf-Id: OL50D3G6NVTFSkyoFNRnQ8yH8687dK1sBgPOwsyJtDp2Q2g7lGlyrg==

GET
H/1.1 200
OK mdd-off.jpg
dk0tzorg7uge9.cloudfront.net/message_files/40/4716/534/ 173 KB
173 KB 1103ms
864ms Image
image/jpeg 18.67.79.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dk0tzorg7uge9.cloudfront.net/message_files/40/4716/534/mdd-off.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.79.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-79-34.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31344945c1c2dc743640442fd4508719a4a3801e096e631a92cf737067a91e53

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:35:02 GMT
Via: 1.1 68d323cfd4a0f1ae252f92c083654190.cloudfront.net (CloudFront)
Last-Modified: Tue, 05 Oct 2021 12:48:15 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1633438093/ctime:1633438093/gid:505/gname:fcp-php/md5:3e35b417207e32dd3fd707d34ff22f4e/mode:33188/mtime:1633438093/uid:505/uname:fcp-php
X-Amz-Cf-Pop: IAD89-P2
ETag: "3e35b417207e32dd3fd707d34ff22f4e"
X-Cache: RefreshHit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 176929
X-Amz-Cf-Id: HnOnwau-i8IppwvGT13A_XIHww8zAxj4CDMkDdaRwvV4FhJeIcTvIA==

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 191ms
191ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=setUserSegment&segmentName=sgmt_1942&segmentValue=value1&sessionStart=20240806103458&cookieId=locldg.lziaaclq&origin=dafabet_com_asia&ver=24.51.0-3.6&segments=1978.1548.1563.1569.1942&061035147012
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: Thu, 01 Jan 1970 00:00:01 GMT
date: Tue, 06 Aug 2024 10:35:00 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
content-type: image/gif

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHwiBggBEOidASjEnIy-BDDQ-Me1BjjQ-Me1BkCsjYXhAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vOD5ABA... 16 B
276 B 216ms
72ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHwiBggBEOidASjEnIy-BDDQ-Me1BjjQ-Me1BkCsjYXhAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vOD5ABAJgBAA/1/20200/47804/1,16/0/2104/0/0
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:35:01 GMT
Server: nginx
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 d17.html
cdn-sports.nextbet.com/test/ Frame 2196 0
0 442ms
442ms Document
text/html 157.185.160.33
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-sports.nextbet.com/test/d17.html?rnd=0-1-20200-1-20200-47804-1203965508-_CgJqMRAUGHwiBggBEOidASjEnIy-BDDQ-Me1BjjQ-Me1BkCsjYXhAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vOD5ABAJgBAA

Requested by

Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

157.185.160.33 Ashburn, United States, ASN54994 (ML-1432-54994, CA),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.win999win.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html
date: Tue, 06 Aug 2024 10:35:01 GMT
expires: 0
pragma: no-cache
server: PWS/8.3.1.0.8
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 PS-SIN-04geo172:2 (W), 1.1 hx171:3 (W), 1.1 PS-IAD-0455N220:11 (W)
x-px: ms PS-IAD-0455N220IAD,ms hx171SJC,ms PS-SIN-04geo172SIN(origin)
x-ws-request-id: 66b1fc55_PS-IAD-0455N220_32419-10911

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHwiBggBEOidASjEnIy-BDDQ-Me1BjjQ-Me1BkCsjYXhAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vOD5ABA... 16 B
276 B 71ms
71ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHwiBggBEOidASjEnIy-BDDQ-Me1BjjQ-Me1BkCsjYXhAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vOD5ABAJgBAA/1/20200/47804/0,16/0/457/0/0
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:35:01 GMT
Server: nginx
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 d17.html
aka-als.df-bet.org/test/ Frame 5658 0
0 1425ms
944ms Document
text/html 23.45.181.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://aka-als.df-bet.org/test/d17.html?rnd=1-1-20200-1-20200-47756-1203965508-_CgJqMRAUGHwiBggBEOidASjEnIy-BDDQ-Me1BjjQ-Me1BkCsjYXhAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vOD5ABAJgBAA

Requested by

Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.181.163 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-181-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer: https://www.win999win.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1557
content-type: text/html
date: Tue, 06 Aug 2024 10:35:02 GMT
expires: Tue, 06 Aug 2024 10:35:02 GMT
pragma: no-cache
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept-Encoding

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHwiBggBEOidASjEnIy-BDDQ-Me1BjjQ-Me1BkCsjYXhAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vOD5ABA... 16 B
276 B 214ms
71ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHwiBggBEOidASjEnIy-BDDQ-Me1BjjQ-Me1BkCsjYXhAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vOD5ABAJgBAA/1/20200/47756/1,16/0/1440/0/0
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:35:03 GMT
Server: nginx
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 d17.html
aka-als.df-bet.org/test/ Frame 7192 0
0 945ms
944ms Document
text/html 23.45.181.163
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://aka-als.df-bet.org/test/d17.html?rnd=0-1-20200-1-20200-47756-1203965508-_CgJqMRAUGHwiBggBEOidASjEnIy-BDDQ-Me1BjjQ-Me1BkCsjYXhAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vOD5ABAJgBAA

Requested by

Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.181.163 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-181-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer: https://www.win999win.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1557
content-type: text/html
date: Tue, 06 Aug 2024 10:35:03 GMT
expires: Tue, 06 Aug 2024 10:35:03 GMT
pragma: no-cache
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept-Encoding

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 192ms
192ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=trueDisplay&messageId=2195&revision=2&sessionStart=20240806103458&cookieId=locldg.lziaaclq&origin=dafabet_com_asia&ver=24.51.0-3.6&segments=1978.1548.1563.1569.1942&061035441813
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: Thu, 01 Jan 1970 00:00:01 GMT
date: Tue, 06 Aug 2024 10:35:03 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
content-type: image/gif

POST
H/1.1 200
Ok _CgJqNRAUGHwiBggBEOidASiVqaiABTDS-Me1BjjS-Me1BkCsj4WeAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24yLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vODw Show response
rpt.cedexis.com/r1/1/20200/ 16 B
276 B 76ms
72ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/r1/1/20200/_CgJqNRAUGHwiBggBEOidASiVqaiABTDS-Me1BjjS-Me1BkCsj4WeAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24yLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vODw?rnd=cahzcsrrbwssaplmgrzpwebumaxczufh
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 06 Aug 2024 10:35:03 GMT
Server: nginx
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHwiBggBEOidASjEnIy-BDDQ-Me1BjjQ-Me1BkCsjYXhAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vOD5ABA... 16 B
276 B 73ms
72ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHwiBggBEOidASjEnIy-BDDQ-Me1BjjQ-Me1BkCsjYXhAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vOD5ABAJgBAA/1/20200/47756/0,16/0/961/0/0
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 10:35:03 GMT
Server: nginx
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 sureroute.html
inc-www.dafalive88.com/en/promotions/ Frame F440 0
0 969ms
660ms Document
text/html 45.60.12.120
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://inc-www.dafalive88.com/en/promotions/sureroute.html?rnd=1-1-20200-1-20200-101264-1203965508-_CgJqMRAUGHwiBggBEOidASjEnIy-BDDQ-Me1BjjQ-Me1BkCsjYXhAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vOD5ABAJgBAA

Requested by

Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.12.120 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.win999win.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Tue, 06 Aug 2024 10:35:04 GMT
etag: "6571cc64-211b"
expires: Thu, 01 Jan 1970 00:00:01 GMT
last-modified: Thu, 07 Dec 2023 13:45:08 GMT
server: nginx/1.11.10
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 9-9345068-9345072 NNYN CT(146 294 0) RT(1722940504142 65) q(0 0 4 10) r(6 6) U2

GET 0
rpt.cedexis.com/f1/_CgJqMRAUGHwiBggBEOidASjEnIy-BDDQ-Me1BjjQ-Me1BkCsjYXhAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vOD5ABA... 0
0

GET sureroute.html
inc-www.dafalive88.com/en/promotions/ Frame 2C30 0
0

POST
H2 204 collect
analytics.google.com/g/ 0
0 87ms
86ms Fetch
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-S5WHEF6PM5&gtm=45je47v0v890350493za200zb890334128&_p=1722940494679&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=182577859.1722940496&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1722940495&sct=1&seg=0&dl=https%3A%2F%2Fwww.win999win.com%2Fen&dt=Dafabet%20is%20The%20Most%20Secure%20Online%20Betting%20Company%20in%20Asia&en=scroll&epn.percent_scrolled=90&_et=4542&tfd=15529
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S5WHEF6PM5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.win999win.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Aug 2024 10:35:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.win999win.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: rpt.cedexis.com
URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHwiBggBEOidASjEnIy-BDDQ-Me1BjjQ-Me1BkCsjYXhAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vOD5ABAJgBAA/1/20200/101264/1,16/0/1198/0/0

Domain: inc-www.dafalive88.com
URL: https://inc-www.dafalive88.com/en/promotions/sureroute.html?rnd=0-1-20200-1-20200-101264-1203965508-_CgJqMRAUGHwiBggBEOidASjEnIy-BDDQ-Me1BjjQ-Me1BkCsjYXhAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vOD5ABAJgBAA

Verdicts & Comments Add Verdict or Comment

209 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

86 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.win999win.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0qc1gjmv6hikckgf48md63bpgc
.win999win.com/	1970-01-21 07:21:37	Name: mhlanguage Value: en
www.win999win.com/	1970-01-21 07:21:16	Name: __user_id Value: uid-6031985127.7614472888
www.win999win.com/	1970-01-21 07:21:16	Name: __visitor_id Value: v1.3:10873518357:1722940496875:1722940496875
.adnxs.com/	1970-01-21 00:45:16	Name: XANDR_PANID Value: -SQ2sl1FxHMEeqBt_BD-qvxY_d2dk1ACBDkW0A7NK35_kM3ePVuj_n31T6_4gSKO8_QXgo-v1nlXs3rJEnP28WI0d4JsFFuFla1QZZZUkLc.
.adnxs.com/	1970-01-21 08:11:40	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 00:45:16	Name: uuid2 Value: 2969518706992867737
.win999win.com/	1970-01-21 08:11:40	Name: _ga Value: GA1.2.182577859.1722940496
.win999win.com/	1970-01-20 22:37:06	Name: _gid Value: GA1.2.1277585488.1722940497
.win999win.com/	1970-01-20 22:35:40	Name: _gat Value: 1
.adnxs.com/	1970-01-21 00:45:16	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2GVOE/l@h!@wnf-Te9(>wL5L!!'Yu$n^lf
.win999win.com/	1970-01-21 08:11:40	Name: _ga_XTJPZCJBEY Value: GS1.2.1722940497.1.0.1722940497.0.0.0
.win999win.com/	1970-01-21 00:45:16	Name: _fbp Value: fb.1.1722940497621.518987459221054995
.win999win.com/	1970-01-21 07:21:16	Name: _hjSessionUser_121800 Value: eyJpZCI6IjJiNzI0ZGYwLWUyZjMtNTBjZS05NWZlLTg4ZTNmMzgyMzRjNCIsImNyZWF0ZWQiOjE3MjI5NDA0OTc4MjMsImV4aXN0aW5nIjpmYWxzZX0=
.win999win.com/	1970-01-20 22:35:42	Name: _hjSession_121800 Value: eyJpZCI6ImM4ZWRlYjM1LWU4NjItNDdlOC05ODc5LWVjODU2NzZmMGYwZSIsImMiOjE3MjI5NDA0OTc4MjQsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.adform.net/	1970-01-20 23:20:18	Name: C Value: 1
.adform.net/	1970-01-21 00:02:04	Name: uid Value: 683281792579535459
.adform.net/	1970-01-20 22:37:06	Name: CM Value: 1\|1
.adform.net/	1970-01-20 22:55:50	Name: CM14 Value: 1723026898_1722940498_1722940498_1_Hu7u4e4e4R7u4e4REREeEREREAAA4Q
.casalemedia.com/	1970-01-21 07:21:16	Name: CMID Value: ZrH8UsAoImoAAE2UAp8DIwAA
.casalemedia.com/	1970-01-21 00:45:16	Name: CMPS Value: 2057
.casalemedia.com/	1970-01-21 00:45:16	Name: CMPRO Value: 2057
www.win999win.com/	1970-01-21 07:21:16	Name: frosmo_quickContext Value: %7B%22VERSION%22%3A%221.1.0%22%2C%22UID%22%3A%22locldg.lziaaclq%22%2C%22origin%22%3A%22dafabet_com_asia%22%2C%22lastDisplayTime%22%3A%7B%222236%22%3A1722940499%7D%2C%22lastRevisionId%22%3A%7B%222236%22%3A1%7D%2C%22lastPageView%22%3A%7B%22time%22%3A1722940498794%7D%2C%22states%22%3A%7B%22session%22%3A%7B%7D%7D%7D
.seadform.net/	1970-01-21 00:02:04	Name: uid Value: 683281792579535459
.rubiconproject.com/	1970-01-21 07:21:16	Name: audit_p Value: 1\|GIsAzgue/gJ0MbbU4H1mbRAkb+jje9UAYNsABqx1qxqCZIg+tqclATtWBU93malYkm8Y/uFiSizyUhTWCqUS/I+whRf0v/l/RtI1f8Ra/4/tJtwAZnY3qlInEUebYXeOcCygDcYSdD/OZF4C5xzkLg==
.rubiconproject.com/	1970-01-21 07:21:16	Name: khaos Value: LZIAADA3-W-6AMT
.rubiconproject.com/	1970-01-21 07:21:16	Name: khaos_p Value: LZIAADA3-W-6AMT
.rubiconproject.com/	1970-01-21 07:21:16	Name: audit Value: 1\|GIsAzgue/gJ0MbbU4H1mbRAkb+jje9UAYNsABqx1qxqCZIg+tqclATtWBU93malYkm8Y/uFiSizyUhTWCqUS/I+whRf0v/l/RtI1f8Ra/4/tJtwAZnY3qlInEUebYXeOcCygDcYSdD/OZF4C5xzkLg==
.smartadserver.com/	1970-01-21 08:05:54	Name: pid Value: 1571498164511759044
.smartadserver.com/	1970-01-21 08:05:54	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 07:21:16	Name: csync Value: 22:683281792579535459
.bidswitch.net/	1970-01-21 07:21:16	Name: tuuid Value: 9c037d45-f81a-4ef0-8d36-120650f65de3
.bidswitch.net/	1970-01-21 07:21:16	Name: c Value: 1722940498
.360yield.com/	1970-01-21 00:45:16	Name: tuuid Value: c315d63c-b018-43ba-9278-58195a3d2f1f
.360yield.com/	1970-01-21 00:45:16	Name: tuuid_lu Value: 1722940498
.semasio.net/	1970-01-21 07:21:16	Name: SEUNCY Value: B82B23E8020F4FD9
.eyeota.net/	1970-01-21 07:21:16	Name: mako_uid Value: 1912741a435-20440000010a47bf
.eyeota.net/	1970-01-20 22:35:41	Name: SERVERID Value: 18367~DM
.360yield.com/	1970-01-21 00:45:16	Name: um Value: !42,ZZZz96gXVS.Avvq3q3LT.ghu7mrb9mfCiaaEJeofPJs,1724150098
.360yield.com/	1970-01-21 00:45:16	Name: umeh Value: !42,0,1785148499,-1
.bidswitch.net/	1970-01-21 07:21:16	Name: tuuid_lu Value: 1722940499
.rlcdn.com/	1970-01-21 07:21:16	Name: rlas3 Value: qEGGbim72U8XuIxVAhK2e5Q/Mrcit/+YzJ57WiEDHBg=
.rlcdn.com/	1970-01-21 00:02:04	Name: pxrc Value: CNP4x7UGEgUI6AcQABIFCOhHEAA=
.bluekai.com/	1970-01-21 03:00:38	Name: bku Value: /Ux99awXLVRLGTDM
.crwdcntrl.net/	1970-01-21 05:04:26	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 05:04:26	Name: _cc_id Value: 4f4251628fb0446b3adc8d4705abecba
.pippio.com/	1970-01-21 07:21:16	Name: did Value: FoqEcFsJsVDhgF7p
.pippio.com/	1970-01-21 07:21:16	Name: didts Value: 1722940499
.pippio.com/	1970-01-21 00:02:04	Name: nnls Value:
.pippio.com/	1970-01-21 00:02:04	Name: pxrc Value: CNP4x7UGEgYIgr0rEAA=
.pubmatic.com/	1970-01-20 23:18:52	Name: KRTBCOOKIE_391 Value: 22924-683281792579535459&KRTB&23231-683281792579535459&KRTB&23263-683281792579535459&KRTB&23481-683281792579535459
.pubmatic.com/	1970-01-20 23:18:52	Name: PugT Value: 1722940499
.linkedin.com/	1970-01-21 00:45:16	Name: li_sugr Value: 07cbf953-669c-47af-9a34-19cbba0a761c
.linkedin.com/	1970-01-21 07:21:16	Name: bcookie Value: "v=2&c74294fc-afff-4faf-80e5-31c92ba43b9c"
.linkedin.com/	1970-01-20 22:37:06	Name: lidc Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2940:u=1:x=1:i=1722940499:t=1723026899:v=2:sig=AQGH4dqL3sIKxmGmU7ILQ-ZKcYIkH0uh"
.adsrvr.org/	1970-01-21 07:21:16	Name: TDID Value: 6d046d4c-7fc9-4f89-9819-e01bc148e591
.adsrvr.org/	1970-01-21 07:21:16	Name: TDCPM Value: CAEYBSABKAIyCwiI27b3xIObPRAFOAE.
.demdex.net/	1970-01-21 02:54:52	Name: demdex Value: 41695890409461038401205342179863024892
.agkn.com/	1970-01-21 07:21:16	Name: ab Value: 0001%3A2jYyReqQhZWuwOqOtlUtiZ1Oh0y9Ohdv
.dpm.demdex.net/	1970-01-21 02:54:52	Name: dpm Value: 41695890409461038401205342179863024892
.w55c.net/	1970-01-21 08:05:54	Name: wfivefivec Value: I8GZThRK1SBhwU5
.win999win.com/	1970-01-21 08:11:40	Name: _ga_S5WHEF6PM5 Value: GS1.1.1722940495.1.0.1722940500.55.0.0
.weborama.fr/	1970-01-21 08:01:35	Name: AFFICHE_W Value: XQ0zDWkghWNd17
.w55c.net/	1970-01-20 23:18:52	Name: matchadform Value: 5
.audrte.com/	1970-01-20 22:57:16	Name: arcki2 Value: 8d9dM62j-D6QY-33mQX9qJ-vQ!20220908!1722940500261!ip#162.245.206.249
.audrte.com/	1970-01-20 22:57:16	Name: arcki2_adform Value: 683281792579535459!20220908!1722940500261
.teads.tv/	1970-01-21 07:19:50	Name: tt_viewer Value: 09aed09e-0a3e-40ce-b502-cd68bd2baece
.doubleclick.net/	1970-01-21 08:11:40	Name: IDE Value: AHWqTUnBrcqLRieXF3erK5YCmSrhqD58eckGjaix7g8NWMZbu0ZtXQSRfy3cgQGCWUE
.smaato.net/	1970-01-20 23:05:54	Name: SCM Value: cbb2046ec2
.smaato.net/	1970-01-20 23:05:54	Name: SCMs Value: cbb2046ec2
.smaato.net/	1970-01-20 23:05:54	Name: SCM1001213 Value: cbb2046ec2
.audrte.com/	1970-01-20 22:57:16	Name: arcki2_ddp2 Value: 8d9dM62j-D6QY-33mQX9qJ-vQ!20220908!1722940500593
.3lift.com/	1970-01-21 00:45:16	Name: tluidp Value: 3235526636408943298155
.3lift.com/	1970-01-21 00:45:16	Name: tluid Value: 3235526636408943298155
.sharethrough.com/	1970-01-20 23:18:52	Name: stx_user_id Value: da9e4a2e-f9bd-46ec-9aa5-3e8812597bad
.onaudience.com/	1970-01-20 22:37:06	Name: done_redirects161 Value: 1
.onaudience.com/	1970-01-21 07:21:16	Name: cookie Value: c79bab05921cd182
.onaudience.com/	1970-01-20 22:37:06	Name: done_redirects252 Value: 1
.onaudience.com/	1970-01-20 22:37:06	Name: done_redirects147 Value: 1
.yahoo.com/	1970-01-21 07:21:38	Name: A3 Value: d=AQABBFX8sWYCEPddtivTYmaRCV6M-ItZrzwFEgEBAQFNs2a7ZtwAAAAA_eMAAA&S=AQAAAgtA4_vXs68SUaVMbLJ8M1A
.analytics.yahoo.com/	1970-01-21 07:21:16	Name: IDSYNC Value: 199z~2jyy
.onaudience.com/	1970-01-20 22:37:06	Name: done_redirects219 Value: 1
.zeotap.com/	1970-01-21 07:21:16	Name: zc Value: 1fdab89d-38d7-44cf-4d13-463c16737111
.zeotap.com/	1970-01-20 22:37:06	Name: zsc Value: %C4%A4%B8%8B%5B2%F0+%5B5%F7UO%BE-H%8C%DA%C6%F5%8C%F2%8AE%EDI%D1C%F5F%91%0FW%22B%A8I%1ET%A0%85%0F%B9%26%FD%CCN%BFk%96%82%1E%AC%82%18%0B%7C%97%84u%97%1F%E1%86_%1F%83V%EB%2C%FE%A0%12%27%D1%872%21%EB%FC%A0%C9%CF
.dafalive88.com/	1970-01-21 07:21:02	Name: visid_incap_2644565 Value: Xse2sbcITiC93AVmYilTCFj8sWYAAAAAQUIPAAAAAADUUQEkSzbS7xPuZlwFfev5
.dafalive88.com/	1969-12-31 23:59:59	Name: incap_ses_133_2644565 Value: j1i/Xcx4ZySK+gk27ILYAVj8sWYAAAAAPUXtNsylazg65IQmKDBLvQ==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://www.win999win.com/en Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://cdn.matomo.cloud/blockchainads.matomo.cloud/container_iPEHBueP.js Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adscool.net
aka-als.df-bet.org
analytics.google.com
asia.adform.net
asia.frosmo.com
asia.seadform.net
c1.adform.net
cdn-sports.nextbet.com
cdn.matomo.cloud
connect.facebook.net
dafabetcomasia.asia.frosmo.com
dk0tzorg7uge9.cloudfront.net
fonts.googleapis.com
i1-j5-20-124-1-20200-1342837909-s.init.cedexis-radar.net
i2-bhsgkafrvyhbbeboejnwqtfyswmfpk.init.cedexis-radar.net
inc-www.dafalive88.com
login.megasportcasino.com
pixel.zprk.io
radar.cedexis.com
rpt.cedexis.com
rtg.prdredir.com
rtgsystemsync.com
s2.adform.net
script.hotjar.com
scripts.prdredir.com
secure.adnxs.com
static.hotjar.com
stats.g.doubleclick.net
win999win.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.win999win.com
inc-www.dafalive88.com
rpt.cedexis.com
100.29.180.185
104.225.10.226
104.225.10.227
110.50.231.127
13.224.214.103
157.185.160.33
157.185.170.144
157.240.229.1
157.240.229.35
172.253.115.100
172.67.175.82
172.67.191.82
18.67.79.34
185.167.164.45
185.167.164.49
185.84.60.20
2001:4860:4802:36::181
202.165.61.110
23.45.181.163
2600:9000:2479:4000:c:7d55:b3c0:93a1
2606:4700::6812:1e1b
2607:f740:e619::1
2607:f8b0:4004:c06::5f
2607:f8b0:400d:c0f::61
2607:f8b0:400d:c0f::9c
2607:f8b0:400d:c1d::66
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
45.54.49.5
45.60.12.120
52.78.8.111
52.79.118.14
52.84.18.89
64.233.180.97
68.67.179.153
07cca08aa80ee4a07c441e3df70052eaf04dece1af5faa4beb3f0a64bed14226
0de2c4f7bd67b21d5570cdb86c0ca3b6d2b7ce10df73ff3a5d63731001091b7f
0ea8ad9a1b5a3e3e0950b9dd614a5056250369587ff45165dacafd8d13e838e4
0f47272de3875f1531038d1dd74318d65615e4a01403492d95d4de9d218ac06b
1255cfe05d68366b2f1784987c772a817da92099f4922498a445f8768c52a710
142617edf27459c2a888daaf7d0bf7777a3fb328fbe9a771fcb7059044791247
15106c045f24b3a862e3f20b704b028c989d16753f402390b32210275b689e53
180109f8f37c833e1f965c5662f54e73b3e1291117a3c7fa320dab4ae7727dcd
189809272214325b7221ac7da3641ec69dd844cc43ce5ad73a428bf1a4e9b37b
1fad8a0d38b8307c0781fbfd3222b43917c5c879bbcfb3d5e0b96d1b4416e5a9
296f80730ee5d3a6ae96d1a4cafbdd77272091194fd0c0d5ac21d94654e68dcf
2b540d3b5cadb4b549a559969e75bb91092574a6c756007ee4854456c2770c7e
2c5b3aeacf827e181a8131451f9a2a2f402ce22800d2365feb071f1fb7bf666d
2dba38ef8b67689693f2a3e9c481baf5df4ee236ee3ed7a88b47c5e97ce30c43
31344945c1c2dc743640442fd4508719a4a3801e096e631a92cf737067a91e53
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
393a9815cb19251d0868f317157743f0cf1c2d60a2e130ce7474a737e1016e29
3ba02d21c9b69018b9ff62768156c206f0a05255c368b2166adda35b7067dd62
3df995887eb53a59cf2518528e5c2232100541f77fc7930f152cb5638fa479c8
448d305ad6e8d6b57c5e4d37afbf26c77bcf2c2548e1fe462772757ee6ccbbe1
47c35a4db35363fbddefbde5a902eaf3547fbed8d4fe1b9a31bd3e6b640e15b7
4865df327140a52e50f92d603b9a546fba023ae7bc05c28904f5ccaf77675e95
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
4f21d8615d3335ef138f4cba56ba1b593964dc1faca6c927d2b79f72dc1c01cd
51553f7bcfd0ba07683cbe0f1a1ec53a91bfaacc8c8a466ca913a152b510eac8
5568709dc3edbbdf0bbc30a2079611b358fa900f58ec14a756daaeee9c37a8f5
5b9227e39552179d38911c5f39bed2cd915f706ad9ef6ed6c6b5a060375c3915
5e537fbaf33731a08fbc0ebb18d63d89bf05dedf5c87389edc0775ed2528dcce
69e5bd6a3392e9ac3ad144d8b727223f7d655288d7fe2723debd7b964925197e
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
70ba610e8b04346fcfaf7131529082ab2f9cec6954ce32552b1cac0a9e567aba
73eaba89aac24d3fcc3a20c41cab7d2e9ad79805deb5f53bb420e9b6db47d354
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
7f830154472627a3c6290881c786ec59ce96238bbb8a721e8349002d4e60f4d0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4
8d8b7618affc4d80078ebb51119d5e13a2d8cfb47c1fb434d91e79dd35a02c9c
8ddc6cbdb63a791bfc33f40d4b0a250a18e85e0ae93f72389ebda9242bef010d
9450251542f5c3ff7355bbd37c6b4c97e5ae5f0a291cfb91765694dd93267ff3
9629be600d6a69cdb1cd767b965a389ffc59444f309329ace4595906488a88ae
9acce1202062518523f1976a37510b6fcb7beb5a6b68205032e14b971a3a0e9b
9fa0f7a729fa74c94e8034ad485bee3443cf1de9a516666441fa7b163a06c576
9ff2eb39ec96e2d2a7e114a786ce1f240ad99e0c4c3d53e854591a9e7c22310f
a733d21fc6d59ac3de5f51290f2fc0aabaff13804501178c3f9297860def8311
a8eef464beb53d07e574e2731879a8dbc3d9e436d2c6bf44315a93f33e3a6daa
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac3d45538ffdd87732763521ea21e1f9695551d5c8a1b506935fb9bbc5253bfc
b3579279bc227c8855665a05ab07284cf7fee43951cdce24764bccebd8f113c4
b8fbacf4998ff7253c5fab185a6058959851c8f02d64f257ec5be076b41aa3a2
b9d21261ceee8c27f95bd6d11a993bbdba6a3ebf6d00d4c952273cc2278e7e6a
b9ed282711156d16da803cf78c07bf10218f08f9923767974776abdcd30bb83b
bdb6ddca3d50cf396d4405cae018178d212a8221fa120550babc712fdf94d463
caed37875e80934c7f52564ca26b7846bd1f7bfa26f6eb74994556ee9777dbec
cef4bf94d1e9936d52f3a0871fc270d604bf67829360f33b788b56b35a34e913
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d01e7f7bc38eeccd2397c1df224742f91cfbc6b59cfd8a4f0296eb9fd8e8de78
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e32d0137b37137e902d7be5b6de744893db6fd2e2be566a66db6d1582418294a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9ae28e34ba985057a08b71feb1556be602ece965b741234b757b85e400321c5
ea1bd05db50c7890dd053edf77ee864749a4d8d726a063c80c606a88d095cabd
ee9fbd1433074584fcfcb86657af0c29339bd6644b87b656cdcb29788cda1bd1
fd189b75930b5891de5d6be7bd5de3edc41f3faf8e7ec22299fde3c157a5038d

www.win999win.com Open in urlscan Pro 157.185.170.144 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

112 Requests

96 %HTTPS

29 %IPv6

25 Domains

33 Subdomains

35 IPs

4 Countries

2615 kBTransfer

5793 kBSize

86 Cookies

12 Outgoing links

Page URL History

Redirected requests

112 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.win999win.com Open in urlscan Pro
157.185.170.144 Public Scan

Screenshot
Live screenshot

Full Image

112
Requests

96 %
HTTPS

29 %
IPv6

25
Domains

33
Subdomains

35
IPs

4
Countries

2615 kB
Transfer

5793 kB
Size

86
Cookies

112 HTTP transactions
0 data transactions