Submitted URL: http://win999win.com/
Effective URL: https://www.win999win.com/en
Submission Tags: falconsandbox
Submission: On August 06 via api from US — Scanned from US

Summary

This website contacted 35 IPs in 4 countries across 25 domains to perform 112 HTTP transactions. The main IP is 157.185.170.144, located in New York, United States and belongs to ML-1432-54994, CA. The main domain is www.win999win.com.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on April 22nd 2024. Valid for: a year.
This is the only time www.win999win.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 3 110.50.231.127 18018 (GAMEBUILD...)
2 29 157.185.170.144 54994 (ML-1432-5...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 202.165.61.110 18018 (GAMEBUILD...)
2 2001:4860:480... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
6 18.67.79.34 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 52.84.18.89 16509 (AMAZON-02)
1 3 45.54.49.5 63911 (NETACTUAT...)
1 185.167.164.45 198622 (ADFORM)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f00... 32934 (FACEBOOK)
1 2600:9000:247... 16509 (AMAZON-02)
2 172.67.175.82 13335 (CLOUDFLAR...)
2 172.67.191.82 13335 (CLOUDFLAR...)
1 100.29.180.185 14618 (AMAZON-AES)
1 2 68.67.179.153 29990 (ASN-APPNEX)
1 104.225.10.227 36236 (NETACTUATE)
1 64.233.180.97 15169 (GOOGLE)
1 3 185.84.60.20 198622 (ADFORM)
1 13.224.214.103 16509 (AMAZON-02)
8 2607:f740:e61... 63911 (NETACTUAT...)
1 172.253.115.100 15169 (GOOGLE)
3 157.240.229.1 32934 (FACEBOOK)
4 2a03:2880:f10... 32934 (FACEBOOK)
1 52.79.118.14 16509 (AMAZON-02)
1 185.167.164.49 198622 (ADFORM)
1 104.225.10.226 36236 (NETACTUATE)
4 157.240.229.35 32934 (FACEBOOK)
19 52.78.8.111 16509 (AMAZON-02)
2 157.185.160.33 54994 (ML-1432-5...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 23.45.181.163 20940 (AKAMAI-ASN1)
1 45.60.12.120 19551 (INCAPSULA)
112 35
Apex Domain
Subdomains
Transfer
32 win999win.com
win999win.com
www.win999win.com
1 MB
20 frosmo.com
dafabetcomasia.asia.frosmo.com
asia.frosmo.com — Cisco Umbrella Rank: 722016
133 KB
11 cedexis.com
radar.cedexis.com — Cisco Umbrella Rank: 4858
rpt.cedexis.com — Cisco Umbrella Rank: 3415
25 KB
8 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
5 KB
6 cloudfront.net
dk0tzorg7uge9.cloudfront.net
564 KB
5 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
90 KB
4 adform.net
s2.adform.net — Cisco Umbrella Rank: 8814
asia.adform.net — Cisco Umbrella Rank: 60937
c1.adform.net — Cisco Umbrella Rank: 1001
33 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
272 KB
2 df-bet.org
aka-als.df-bet.org
2 nextbet.com
cdn-sports.nextbet.com
2 cedexis-radar.net
i2-bhsgkafrvyhbbeboejnwqtfyswmfpk.init.cedexis-radar.net
i1-j5-20-124-1-20200-1342837909-s.init.cedexis-radar.net
2 KB
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 764
2 KB
2 rtgsystemsync.com
rtgsystemsync.com
2 KB
2 adscool.net
adscool.net — Cisco Umbrella Rank: 115140
3 KB
2 prdredir.com
scripts.prdredir.com — Cisco Umbrella Rank: 59288
rtg.prdredir.com — Cisco Umbrella Rank: 99969
2 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1335
script.hotjar.com — Cisco Umbrella Rank: 2017
86 KB
2 google.com
analytics.google.com — Cisco Umbrella Rank: 238
2 megasportcasino.com
login.megasportcasino.com
5 KB
1 dafalive88.com
inc-www.dafalive88.com
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
775 B
1 seadform.net
asia.seadform.net — Cisco Umbrella Rank: 99516
457 B
1 zprk.io
pixel.zprk.io — Cisco Umbrella Rank: 19690
462 B
1 matomo.cloud
cdn.matomo.cloud — Cisco Umbrella Rank: 29612
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
247 B
112 25
Domain Requested by
29 www.win999win.com 2 redirects www.win999win.com
19 asia.frosmo.com dk0tzorg7uge9.cloudfront.net
8 www.facebook.com
8 rpt.cedexis.com radar.cedexis.com
6 dk0tzorg7uge9.cloudfront.net www.win999win.com
5 connect.facebook.net www.win999win.com
connect.facebook.net
3 radar.cedexis.com 1 redirects radar.cedexis.com
3 www.google-analytics.com www.win999win.com
www.google-analytics.com
www.googletagmanager.com
3 www.googletagmanager.com www.win999win.com
www.googletagmanager.com
www.google-analytics.com
3 win999win.com 3 redirects
2 aka-als.df-bet.org radar.cedexis.com
2 cdn-sports.nextbet.com radar.cedexis.com
2 asia.adform.net 1 redirects
2 secure.adnxs.com 1 redirects
2 rtgsystemsync.com www.googletagmanager.com
rtgsystemsync.com
2 adscool.net www.win999win.com
adscool.net
2 analytics.google.com www.googletagmanager.com
2 login.megasportcasino.com www.win999win.com
1 inc-www.dafalive88.com radar.cedexis.com
1 fonts.googleapis.com dk0tzorg7uge9.cloudfront.net
1 i1-j5-20-124-1-20200-1342837909-s.init.cedexis-radar.net radar.cedexis.com
1 asia.seadform.net
1 c1.adform.net asia.adform.net
1 dafabetcomasia.asia.frosmo.com dk0tzorg7uge9.cloudfront.net
1 script.hotjar.com static.hotjar.com
1 i2-bhsgkafrvyhbbeboejnwqtfyswmfpk.init.cedexis-radar.net radar.cedexis.com
1 rtg.prdredir.com
1 pixel.zprk.io
1 cdn.matomo.cloud www.win999win.com
1 scripts.prdredir.com www.googletagmanager.com
1 s2.adform.net www.win999win.com
1 static.hotjar.com www.win999win.com
1 stats.g.doubleclick.net www.googletagmanager.com
112 33
Subject Issuer Validity Valid
support13.cdnetworks.net
GlobalSign RSA OV SSL CA 2018
2024-04-22 -
2025-04-07
a year crt.sh
*.google-analytics.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.megasportcasino.com
GeoTrust TLS RSA CA G1
2024-03-01 -
2025-02-28
a year crt.sh
*.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.g.doubleclick.net
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2023-10-10 -
2024-09-19
a year crt.sh
*.hotjar.com
Amazon RSA 2048 M03
2024-05-22 -
2025-06-20
a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-06 -
2024-09-19
a year crt.sh
prdredir.com
WE1
2024-06-24 -
2024-09-22
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-05-15 -
2024-08-13
3 months crt.sh
cdn.matomo.cloud
Amazon RSA 2048 M03
2023-10-27 -
2024-11-23
a year crt.sh
adscool.net
WE1
2024-06-19 -
2024-09-17
3 months crt.sh
rtgsystemsync.com
WE1
2024-07-05 -
2024-10-03
3 months crt.sh
*.zprk.io
Amazon RSA 2048 M03
2023-09-19 -
2024-10-17
a year crt.sh
*.init.cedexis-radar.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-21 -
2025-02-20
a year crt.sh
radar.cedexis.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-03-29 -
2025-03-28
a year crt.sh
*.asia.frosmo.com
E5
2024-07-10 -
2024-10-08
3 months crt.sh
*.seadform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-23 -
2024-11-08
a year crt.sh
*.nextbet.com
GeoTrust TLS RSA CA G1
2024-03-01 -
2025-02-28
a year crt.sh
upload.video.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
df-bet.org
R10
2024-06-27 -
2024-09-25
3 months crt.sh
*.dafalive88.com
GeoTrust TLS RSA CA G1
2024-03-01 -
2025-02-28
a year crt.sh

This page contains 9 frames:

Primary Page: https://www.win999win.com/en
Frame ID: 9AA8F2FC2BA6711628AE635D53C35021
Requests: 104 HTTP requests in this frame

Frame: https://dafabetcomasia.asia.frosmo.com/frosmo.xdm.html?24.51.0
Frame ID: 4D31C5F8C1A6813EBAF4AA08B1195C85
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?bt=0&uid=683281792579535459&agencyId=8910&advertiserId=2170253&src=tp&rnd=670673
Frame ID: 3F81DFCE9CC98EE945BFC6F07F161712
Requests: 1 HTTP requests in this frame

Frame: https://cdn-sports.nextbet.com/test/d17.html?rnd=1-1-20200-1-20200-47804-1203965508-_CgJqMRAUGHwiBggBEOidASjEnIy-BDDQ-Me1BjjQ-Me1BkCsjYXhAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vOD5ABAJgBAA
Frame ID: 0EB41FB246BC07898D18708583C8FC41
Requests: 1 HTTP requests in this frame

Frame: https://cdn-sports.nextbet.com/test/d17.html?rnd=0-1-20200-1-20200-47804-1203965508-_CgJqMRAUGHwiBggBEOidASjEnIy-BDDQ-Me1BjjQ-Me1BkCsjYXhAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vOD5ABAJgBAA
Frame ID: 2196D17DEB68CC4576DFAC16F5DC44B9
Requests: 1 HTTP requests in this frame

Frame: https://aka-als.df-bet.org/test/d17.html?rnd=1-1-20200-1-20200-47756-1203965508-_CgJqMRAUGHwiBggBEOidASjEnIy-BDDQ-Me1BjjQ-Me1BkCsjYXhAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vOD5ABAJgBAA
Frame ID: 565865CD22CB6997F16DCED9884BC6CD
Requests: 1 HTTP requests in this frame

Frame: https://aka-als.df-bet.org/test/d17.html?rnd=0-1-20200-1-20200-47756-1203965508-_CgJqMRAUGHwiBggBEOidASjEnIy-BDDQ-Me1BjjQ-Me1BkCsjYXhAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vOD5ABAJgBAA
Frame ID: 719228B3E7CD99544E864C26EFF72777
Requests: 1 HTTP requests in this frame

Frame: https://inc-www.dafalive88.com/en/promotions/sureroute.html?rnd=1-1-20200-1-20200-101264-1203965508-_CgJqMRAUGHwiBggBEOidASjEnIy-BDDQ-Me1BjjQ-Me1BkCsjYXhAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vOD5ABAJgBAA
Frame ID: F440B98B74C93F1A9092AC6E911060BC
Requests: 1 HTTP requests in this frame

Frame: https://inc-www.dafalive88.com/en/promotions/sureroute.html?rnd=0-1-20200-1-20200-101264-1203965508-_CgJqMRAUGHwiBggBEOidASjEnIy-BDDQ-Me1BjjQ-Me1BkCsjYXhAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vOD5ABAJgBAA
Frame ID: 2C30A23BC766D3813E8259B661D3D3AE
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Dafabet is The Most Secure Online Betting Company in Asia

Page URL History Show full URLs

  1. http://win999win.com/ HTTP 307
    https://win999win.com/ HTTP 301
    https://www.win999win.com/ HTTP 302
    https://www.win999win.com/en HTTP 307
    http://win999win.com/ HTTP 301
    https://win999win.com/ HTTP 301
    https://www.win999win.com/ HTTP 302
    https://www.win999win.com/en Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

112
Requests

96 %
HTTPS

29 %
IPv6

25
Domains

33
Subdomains

35
IPs

4
Countries

2615 kB
Transfer

5793 kB
Size

86
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://win999win.com/ HTTP 307
    https://win999win.com/ HTTP 301
    https://www.win999win.com/ HTTP 302
    https://www.win999win.com/en HTTP 307
    http://win999win.com/ HTTP 301
    https://win999win.com/ HTTP 301
    https://www.win999win.com/ HTTP 302
    https://www.win999win.com/en Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://radar.cedexis.com/1/20200/radar.js HTTP 302
  • https://radar.cedexis.com/1707728419/radar.js
Request Chain 39
  • https://secure.adnxs.com/px?id=1766814&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1766814%26t%3D2
Request Chain 48
  • https://asia.adform.net/Serving/TrackPoint/?pm=3095779&ADFPageName=Dafabet%20All%20Pages&ADFdivider=%7C&ord=200043971843&ADFtpmode=2&loc=https%3A%2F%2Fwww.win999win.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
  • https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=3095779&ADFPageName=Dafabet%20All%20Pages&ADFdivider=%7C&ord=200043971843&ADFtpmode=2&loc=https%3A%2F%2Fwww.win999win.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24

112 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request en
www.win999win.com/
Redirect Chain
  • http://win999win.com/
  • https://win999win.com/
  • https://www.win999win.com/
  • https://www.win999win.com/en
  • http://win999win.com/
  • https://win999win.com/
  • https://www.win999win.com/
  • https://www.win999win.com/en
111 KB
40 KB
Document
General
Full URL
https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
3df995887eb53a59cf2518528e5c2232100541f77fc7930f152cb5638fa479c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Language
en
Content-Type
text/html; charset=UTF-8
Date
Tue, 06 Aug 2024 10:34:54 GMT
Page-Cache
Hit
Server
PWS/8.3.1.0.8
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
Via
1.1 PSmgnyNY3mk42:10 (W)
X-Frame-Options
deny
X-Px
ms PSmgnyNY3mk42JFK(origin)
X-Ws-Request-Id
66b1fc4d_PSmgnyNY3aa36_43674-10804

Redirect headers

Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 06 Aug 2024 10:34:53 GMT
Location
/en
Server
PWS/8.3.1.0.8
Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.0 PSmgnyNY3mk42:10 (W)
X-Px
ms PSmgnyNY3mk42JFK(origin)
X-Ws-Request-Id
66b1fc4d_PSmgnyNY3aa36_43674-10784
common.52a6941f046fba92b535d0fb9357a8bc.css
www.win999win.com/en/dafa/css/
90 KB
17 KB
Stylesheet
General
Full URL
https://www.win999win.com/en/dafa/css/common.52a6941f046fba92b535d0fb9357a8bc.css
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
7f830154472627a3c6290881c786ec59ce96238bbb8a721e8349002d4e60f4d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 10:34:55 GMT
Content-Encoding
gzip
Via
1.1 PS-TPE-01qXz223:0 (W), 1.1 PSxgHK5dz198:7 (W), 1.1 PS-DFW-01ItT28:2 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 18 Jul 2024 07:11:52 GMT
Server
PWS/8.3.1.0.8
ETag
"6698c038-1667e"
Transfer-Encoding
chunked
X-Ws-Request-Id
66b1fc4e_PSmgnyNY3aa36_43674-10820
Content-Type
text/css
Cache-Control
max-age=31536000, public
X-Px
ms PSmgnyNY3mk42JFK,ms PS-DFW-01ItT28DFW,ms PSxgHK5dz198HKG,ms PS-TPE-01qXz223TPE(origin)
Connection
keep-alive
Accept-Ranges
bytes
Expires
Wed, 06 Aug 2025 10:34:55 GMT
home.816cbee270a3f8dd704b9552a16aa39c.css
www.win999win.com/en/css/
57 KB
11 KB
Stylesheet
General
Full URL
https://www.win999win.com/en/css/home.816cbee270a3f8dd704b9552a16aa39c.css
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
9450251542f5c3ff7355bbd37c6b4c97e5ae5f0a291cfb91765694dd93267ff3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 10:34:55 GMT
Content-Encoding
gzip
Via
1.1 PS-TPE-01qXz223:0 (W), 1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Fri, 19 Jul 2024 08:19:53 GMT
Server
PWS/8.3.1.0.8
ETag
"669a21a9-e26a"
Transfer-Encoding
chunked
X-Ws-Request-Id
66b1fc4e_PSmgnyNY3aa36_44991-5785
Content-Type
text/css
Cache-Control
max-age=31536000, public
X-Px
ms PSmgnyNY3mk42JFK,ms PSmgdfDEN1rj88DEN,ms PSxgHK5dz198HKG,ms PS-TPE-01qXz223TPE(origin)
Connection
keep-alive
Accept-Ranges
bytes
Expires
Wed, 06 Aug 2025 10:34:55 GMT
default_image.52a6941f046fba92b535d0fb9357a8bc.png
www.win999win.com/en/dafa/images/
593 B
1 KB
Image
General
Full URL
https://www.win999win.com/en/dafa/images/default_image.52a6941f046fba92b535d0fb9357a8bc.png
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
180109f8f37c833e1f965c5662f54e73b3e1291117a3c7fa320dab4ae7727dcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 10:34:55 GMT
Via
1.1 PS-TPE-01qXz223:0 (W), 1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 18 Jul 2024 07:11:52 GMT
Server
PWS/8.3.1.0.8
ETag
"6698c038-251"
X-Ws-Request-Id
66b1fc4e_PSmgnyNY3aa36_44251-26203
Content-Type
image/png
Cache-Control
max-age=31536000, public
X-Px
ms PSmgnyNY3mk42JFK,ms PSmgdfDEN1rj88DEN,ms PSxgHK5dz198HKG,ms PS-TPE-01qXz223TPE(origin)
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
593
Expires
Wed, 06 Aug 2025 10:34:55 GMT
loader.gif
www.win999win.com/en/images/
25 KB
25 KB
Image
General
Full URL
https://www.win999win.com/en/images/loader.gif
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
1255cfe05d68366b2f1784987c772a817da92099f4922498a445f8768c52a710
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 10:34:55 GMT
Via
1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Tue, 09 Jul 2024 07:05:28 GMT
Server
PWS/8.3.1.0.8
ETag
"668ce138-6240"
X-Ws-Request-Id
66b1fc4e_PSmgnyNY3aa36_42032-22008
Content-Type
image/gif
Cache-Control
max-age=31536000, public
X-Px
ms PSmgnyNY3mk42JFK,ms PSmgdfDEN1rj88DEN,ht PSxgHK5dz198HKG
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25152
Expires
Wed, 06 Aug 2025 10:34:55 GMT
1920x150_en-eu.jpg
www.win999win.com/en/2024-07/
196 KB
197 KB
Image
General
Full URL
https://www.win999win.com/en/2024-07/1920x150_en-eu.jpg
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
bdb6ddca3d50cf396d4405cae018178d212a8221fa120550babc712fdf94d463
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 10:34:55 GMT
Via
1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Fri, 19 Jul 2024 08:14:50 GMT
Server
PWS/8.3.1.0.8
ETag
"669a207a-311a7"
X-Ws-Request-Id
66b1fc4e_PSmgnyNY3aa36_44300-11294
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
X-Px
ms PSmgnyNY3mk42JFK,ms PSmgdfDEN1rj88DEN,ht PSxgHK5dz198HKG
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
201127
Expires
Wed, 06 Aug 2025 10:34:55 GMT
Games%20573x337.jpg
www.win999win.com/en/2024-07/
97 KB
98 KB
Image
General
Full URL
https://www.win999win.com/en/2024-07/Games%20573x337.jpg
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
07cca08aa80ee4a07c441e3df70052eaf04dece1af5faa4beb3f0a64bed14226
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 10:34:55 GMT
Via
1.1 PS-TPE-01TU5222:5 (W), 1.1 PSxgHK5yp199:12 (W), 1.1 PS-DFW-01ItT28:2 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Tue, 16 Jul 2024 08:26:20 GMT
Server
PWS/8.3.1.0.8
ETag
"66962eac-18527"
X-Frame-Options
deny
X-Ws-Request-Id
66b1fc4f_PSmgnyNY3aa36_43674-10827
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
X-Px
ms PSmgnyNY3mk42JFK,ht PS-DFW-01ItT28DFW
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
99623
Expires
Wed, 06 Aug 2025 10:34:55 GMT
casino-resize-573x337_0.jpg
www.win999win.com/en/2024-07/
99 KB
100 KB
Image
General
Full URL
https://www.win999win.com/en/2024-07/casino-resize-573x337_0.jpg
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
4f21d8615d3335ef138f4cba56ba1b593964dc1faca6c927d2b79f72dc1c01cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 10:34:55 GMT
Via
1.1 PS-TPE-01TU5222:10 (W), 1.1 PSxgHK5dz198:11 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Tue, 16 Jul 2024 08:29:04 GMT
Server
PWS/8.3.1.0.8
ETag
"66962f50-18db9"
X-Frame-Options
deny
X-Ws-Request-Id
66b1fc4f_PSmgnyNY3aa36_43674-10833
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
X-Px
ms PSmgnyNY3mk42JFK,ht PSmgdfDEN1rj88DEN
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
101817
Expires
Wed, 06 Aug 2025 10:34:55 GMT
livedealer-resize-573x337.jpg
www.win999win.com/en/2024-07/
177 KB
178 KB
Image
General
Full URL
https://www.win999win.com/en/2024-07/livedealer-resize-573x337.jpg
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
e9ae28e34ba985057a08b71feb1556be602ece965b741234b757b85e400321c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 10:34:55 GMT
Via
1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Tue, 16 Jul 2024 08:28:05 GMT
Server
PWS/8.3.1.0.8
ETag
"66962f15-2c424"
X-Ws-Request-Id
66b1fc4f_PSmgnyNY3aa36_44991-5800
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
X-Px
ms PSmgnyNY3mk42JFK,ms PSmgdfDEN1rj88DEN,ht PSxgHK5dz198HKG
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
181284
Expires
Wed, 06 Aug 2025 10:34:55 GMT
gtm.js
www.googletagmanager.com/
231 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TQD7V7Q
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5568709dc3edbbdf0bbc30a2079611b358fa900f58ec14a756daaeee9c37a8f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:34:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77823
x-xss-protection
0
last-modified
Tue, 06 Aug 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 06 Aug 2024 10:34:55 GMT
es5.min.js
www.win999win.com/en/dafa/js/
11 KB
4 KB
Script
General
Full URL
https://www.win999win.com/en/dafa/js/es5.min.js
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
ac3d45538ffdd87732763521ea21e1f9695551d5c8a1b506935fb9bbc5253bfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 10:34:55 GMT
Content-Encoding
gzip
Via
1.1 PSxgHK5dz198:7 (W), 1.1 PS-DFW-01ItT28:2 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Mon, 08 Jul 2024 06:56:37 GMT
Server
PWS/8.3.1.0.8
ETag
"668b8da5-2b85"
Transfer-Encoding
chunked
X-Ws-Request-Id
66b1fc4e_PSmgnyNY3aa36_41758-16674
Content-Type
application/javascript
Cache-Control
max-age=31536000, public
X-Px
ms PSmgnyNY3mk42JFK,ms PS-DFW-01ItT28DFW,ht PSxgHK5dz198HKG
Connection
keep-alive
Accept-Ranges
bytes
Expires
Wed, 06 Aug 2025 10:34:55 GMT
integration.js.php
www.win999win.com/jswrapper/
45 KB
12 KB
Script
General
Full URL
https://www.win999win.com/jswrapper/integration.js.php?casino=dafa888&min=1
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
2b540d3b5cadb4b549a559969e75bb91092574a6c756007ee4854456c2770c7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 10:34:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 PSmgnyNY3mk42:10 (W)
Server
PWS/8.3.1.0.8
X-Cache-Status
HIT
Transfer-Encoding
chunked
X-Ws-Request-Id
66b1fc4f_PSmgnyNY3aa36_41758-16680
Content-Language
en-US
Content-Type
application/javascript
Cache-Control
no-cache
X-Px
ms PSmgnyNY3mk42JFK(origin)
Connection
keep-alive
Expires
Tue, 06 Aug 2024 10:49:55 GMT
manifest.816cbee270a3f8dd704b9552a16aa39c.bundle.js
www.win999win.com/en/js/
1 KB
2 KB
Script
General
Full URL
https://www.win999win.com/en/js/manifest.816cbee270a3f8dd704b9552a16aa39c.bundle.js
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
fd189b75930b5891de5d6be7bd5de3edc41f3faf8e7ec22299fde3c157a5038d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 10:34:55 GMT
Via
1.1 PS-TPE-01TU5222:6 (W), 1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Fri, 19 Jul 2024 08:19:53 GMT
Server
PWS/8.3.1.0.8
ETag
"669a21a9-5a7"
X-Frame-Options
deny
X-Ws-Request-Id
66b1fc4f_PSmgnyNY3aa36_42032-22016
Content-Type
application/javascript
Cache-Control
max-age=31536000, public
X-Px
ms PSmgnyNY3mk42JFK,ms PSmgdfDEN1rj88DEN,ht PSxgHK5dz198HKG
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1447
Expires
Wed, 06 Aug 2025 10:34:55 GMT
vendor.816cbee270a3f8dd704b9552a16aa39c.bundle.js
www.win999win.com/en/js/
107 KB
35 KB
Script
General
Full URL
https://www.win999win.com/en/js/vendor.816cbee270a3f8dd704b9552a16aa39c.bundle.js
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
a733d21fc6d59ac3de5f51290f2fc0aabaff13804501178c3f9297860def8311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 10:34:55 GMT
Content-Encoding
gzip
Via
1.1 PS-TPE-01TU5222:8 (W), 1.1 dianxun231:4 (W), 1.1 PS-DFW-01ItT28:2 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Fri, 19 Jul 2024 08:19:53 GMT
Server
PWS/8.3.1.0.8
ETag
"669a21a9-1acc4"
Transfer-Encoding
chunked
X-Ws-Request-Id
66b1fc4f_PSmgnyNY3aa36_44991-5796
Content-Type
application/javascript
Cache-Control
max-age=31536000, public
X-Px
ms PSmgnyNY3mk42JFK,ht PS-DFW-01ItT28DFW
Connection
keep-alive
Accept-Ranges
bytes
Expires
Wed, 06 Aug 2025 10:34:55 GMT
common.52a6941f046fba92b535d0fb9357a8bc.bundle.js
www.win999win.com/en/dafa/js/
271 KB
75 KB
Script
General
Full URL
https://www.win999win.com/en/dafa/js/common.52a6941f046fba92b535d0fb9357a8bc.bundle.js
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
189809272214325b7221ac7da3641ec69dd844cc43ce5ad73a428bf1a4e9b37b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 10:34:55 GMT
Content-Encoding
gzip
Via
1.1 PS-TPE-01TU5222:9 (W), 1.1 dianxun231:13 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
X-Px
ms PSmgnyNY3mk42JFK,ht PSmgdfDEN1rj88DEN
Connection
keep-alive
Last-Modified
Thu, 18 Jul 2024 07:11:52 GMT
Server
PWS/8.3.1.0.8
ETag
"6698c038-43cbf"
X-Frame-Options
deny
X-Ws-Request-Id
66b1fc4f_PSmgnyNY3aa36_42032-22034
Content-Type
application/javascript
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
Expires
Wed, 06 Aug 2025 10:34:55 GMT
home.816cbee270a3f8dd704b9552a16aa39c.bundle.js
www.win999win.com/en/js/
32 KB
8 KB
Script
General
Full URL
https://www.win999win.com/en/js/home.816cbee270a3f8dd704b9552a16aa39c.bundle.js
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
b9d21261ceee8c27f95bd6d11a993bbdba6a3ebf6d00d4c952273cc2278e7e6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 10:34:56 GMT
Content-Encoding
gzip
Via
1.1 PS-TPE-01qXz223:0 (W), 1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Fri, 19 Jul 2024 08:19:53 GMT
Server
PWS/8.3.1.0.8
ETag
"669a21a9-7f03"
Transfer-Encoding
chunked
X-Ws-Request-Id
66b1fc4f_PSmgnyNY3aa36_44251-26221
Content-Type
application/javascript
Cache-Control
max-age=31536000, public
X-Px
ms PSmgnyNY3mk42JFK,ms PSmgdfDEN1rj88DEN,ms PSxgHK5dz198HKG,ms PS-TPE-01qXz223TPE(origin)
Connection
keep-alive
Accept-Ranges
bytes
Expires
Wed, 06 Aug 2025 10:34:56 GMT
default_image.816cbee270a3f8dd704b9552a16aa39c.png
www.win999win.com/en/promotions/images/
593 B
1 KB
Image
General
Full URL
https://www.win999win.com/en/promotions/images/default_image.816cbee270a3f8dd704b9552a16aa39c.png
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en/css/home.816cbee270a3f8dd704b9552a16aa39c.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
180109f8f37c833e1f965c5662f54e73b3e1291117a3c7fa320dab4ae7727dcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en/css/home.816cbee270a3f8dd704b9552a16aa39c.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 10:34:55 GMT
Via
1.1 PS-TPE-01qXz223:0 (W), 1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Fri, 19 Jul 2024 08:19:53 GMT
Server
PWS/8.3.1.0.8
ETag
"669a21a9-251"
X-Ws-Request-Id
66b1fc4f_PSmgnyNY3aa36_43674-10836
Content-Type
image/png
Cache-Control
max-age=31536000, public
X-Px
ms PSmgnyNY3mk42JFK,ms PSmgdfDEN1rj88DEN,ms PSxgHK5dz198HKG,ms PS-TPE-01qXz223TPE(origin)
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
593
Expires
Wed, 06 Aug 2025 10:34:55 GMT
sprite.52a6941f046fba92b535d0fb9357a8bc.png
www.win999win.com/en/dafa/images/
206 KB
207 KB
Image
General
Full URL
https://www.win999win.com/en/dafa/images/sprite.52a6941f046fba92b535d0fb9357a8bc.png
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en/dafa/css/common.52a6941f046fba92b535d0fb9357a8bc.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
4865df327140a52e50f92d603b9a546fba023ae7bc05c28904f5ccaf77675e95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en/dafa/css/common.52a6941f046fba92b535d0fb9357a8bc.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 10:34:55 GMT
Via
1.1 PS-TPE-01qXz223:0 (W), 1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 18 Jul 2024 07:11:52 GMT
Server
PWS/8.3.1.0.8
ETag
"6698c038-337ae"
X-Ws-Request-Id
66b1fc4f_PSmgnyNY3aa36_41758-16687
Content-Type
image/png
Cache-Control
max-age=31536000, public
X-Px
ms PSmgnyNY3mk42JFK,ms PSmgdfDEN1rj88DEN,ms PSxgHK5dz198HKG,ms PS-TPE-01qXz223TPE(origin)
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
210862
Expires
Wed, 06 Aug 2025 10:34:55 GMT
js
www.googletagmanager.com/gtag/
301 KB
100 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-S5WHEF6PM5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQD7V7Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b3579279bc227c8855665a05ab07284cf7fee43951cdce24764bccebd8f113c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:34:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102447
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 06 Aug 2024 10:34:55 GMT
dacs.js
login.megasportcasino.com/jswrapper/
9 KB
4 KB
Script
General
Full URL
https://login.megasportcasino.com/jswrapper/dacs.js?v=3
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/jswrapper/integration.js.php?casino=dafa888&min=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.165.61.110 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),
Reverse DNS
Software
/
Resource Hash
9acce1202062518523f1976a37510b6fcb7beb5a6b68205032e14b971a3a0e9b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 10:34:56 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=16070400; includeSubDomains
Vary
Accept-Encoding
Content-Type
application/javascript
Content-Language
en-US
Cache-Control
private, max-age=604800, immutable
Content-Length
3552
clientHintHeaders.js
login.megasportcasino.com/jswrapper/
2 KB
1006 B
Script
General
Full URL
https://login.megasportcasino.com/jswrapper/clientHintHeaders.js?v=3
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/jswrapper/integration.js.php?casino=dafa888&min=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.165.61.110 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),
Reverse DNS
Software
/
Resource Hash
142617edf27459c2a888daaf7d0bf7777a3fb328fbe9a771fcb7059044791247
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 10:34:56 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=16070400; includeSubDomains
Vary
Accept-Encoding
Content-Type
application/javascript
Content-Language
en-US
Cache-Control
private, max-age=604800, immutable
Content-Length
671
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-S5WHEF6PM5&gtm=45je47v0v890350493z8890334128za200zb890334128&_p=1722940494679&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=182577859.1722940496&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722940495&sct=1&seg=0&dl=https%3A%2F%2Fwww.win999win.com%2Fen&dt=Dafabet%20is%20The%20Most%20Secure%20Online%20Betting%20Company%20in%20Asia&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5983
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S5WHEF6PM5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 10:34:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.win999win.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
247 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-S5WHEF6PM5&cid=182577859.1722940496&gtm=45je47v0v890350493z8890334128za200zb890334128&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=95250753
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S5WHEF6PM5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::9c Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 10:34:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.win999win.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
floating-banners
www.win999win.com/en/ajax/
24 KB
3 KB
XHR
General
Full URL
https://www.win999win.com/en/ajax/floating-banners?path=%252F
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en/dafa/js/common.52a6941f046fba92b535d0fb9357a8bc.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
2dba38ef8b67689693f2a3e9c481baf5df4ee236ee3ed7a88b47c5e97ce30c43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/javascript
Referer
https://www.win999win.com/en
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 06 Aug 2024 10:34:56 GMT
Content-Encoding
gzip
Via
1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
PWS/8.3.1.0.8
Transfer-Encoding
chunked
X-Ws-Request-Id
66b1fc50_PSmgnyNY3aa36_42032-22059
Content-Language
en
Content-Type
application/json
Cache-Control
no-cache
X-Px
ms PSmgnyNY3mk42JFK(origin)
Connection
keep-alive
dafabet_logo.png
www.win999win.com/en/dafa/images/
3 KB
4 KB
Image
General
Full URL
https://www.win999win.com/en/dafa/images/dafabet_logo.png
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
0ea8ad9a1b5a3e3e0950b9dd614a5056250369587ff45165dacafd8d13e838e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 10:34:56 GMT
Via
1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Mon, 08 Jul 2024 06:56:37 GMT
Server
PWS/8.3.1.0.8
ETag
"668b8da5-d3d"
X-Ws-Request-Id
66b1fc50_PSmgnyNY3aa36_43674-10846
Content-Type
image/png
Cache-Control
max-age=31536000, public
X-Px
ms PSmgnyNY3mk42JFK,ms PSmgdfDEN1rj88DEN,ht PSxgHK5dz198HKG
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3389
Expires
Wed, 06 Aug 2025 10:34:56 GMT
sprite.816cbee270a3f8dd704b9552a16aa39c.png
www.win999win.com/en/images/
113 KB
113 KB
Image
General
Full URL
https://www.win999win.com/en/images/sprite.816cbee270a3f8dd704b9552a16aa39c.png
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
0f47272de3875f1531038d1dd74318d65615e4a01403492d95d4de9d218ac06b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 10:34:56 GMT
Via
1.1 PS-TPE-01qXz223:0 (W), 1.1 PSxgHK5dz198:7 (W), 1.1 PS-DFW-01ItT28:2 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Fri, 19 Jul 2024 08:19:53 GMT
Server
PWS/8.3.1.0.8
ETag
"669a21a9-1c211"
X-Ws-Request-Id
66b1fc50_PSmgnyNY3aa36_44300-11317
Content-Type
image/png
Cache-Control
max-age=31536000, public
X-Px
ms PSmgnyNY3mk42JFK,ms PS-DFW-01ItT28DFW,ms PSxgHK5dz198HKG,ms PS-TPE-01qXz223TPE(origin)
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
115217
Expires
Wed, 06 Aug 2025 10:34:56 GMT
slider
www.win999win.com/en/ajax/
1 KB
1 KB
XHR
General
Full URL
https://www.win999win.com/en/ajax/slider?nc=202476
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en/js/vendor.816cbee270a3f8dd704b9552a16aa39c.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
cef4bf94d1e9936d52f3a0871fc270d604bf67829360f33b788b56b35a34e913
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
text/javascript, text/html, application/xml, text/xml, */*
Referer
https://www.win999win.com/en
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 06 Aug 2024 10:34:56 GMT
Content-Encoding
gzip
Via
1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
PWS/8.3.1.0.8
Transfer-Encoding
chunked
X-Ws-Request-Id
66b1fc50_PSmgnyNY3aa36_44251-26237
Content-Language
en
Content-Type
application/json
Cache-Control
no-cache
X-Px
ms PSmgnyNY3mk42JFK(origin)
Connection
keep-alive
announcements
www.win999win.com/en/ajax/v2/
24 B
667 B
XHR
General
Full URL
https://www.win999win.com/en/ajax/v2/announcements?nocache=1722940496570
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en/dafa/js/common.52a6941f046fba92b535d0fb9357a8bc.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
ea1bd05db50c7890dd053edf77ee864749a4d8d726a063c80c606a88d095cabd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
text/javascript, text/html, application/xml, text/xml, */*
Referer
https://www.win999win.com/en
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 06 Aug 2024 10:34:56 GMT
Content-Encoding
gzip
Via
1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
PWS/8.3.1.0.8
Transfer-Encoding
chunked
X-Ws-Request-Id
66b1fc50_PSmgnyNY3aa36_44300-11323
Content-Language
en
Content-Type
application/json
Cache-Control
no-cache
X-Px
ms PSmgnyNY3mk42JFK(origin)
Connection
keep-alive
frosmo.easy.js
dk0tzorg7uge9.cloudfront.net/
183 KB
52 KB
Script
General
Full URL
https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.67.79.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-79-34.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
393a9815cb19251d0868f317157743f0cf1c2d60a2e130ce7474a737e1016e29

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 10:34:57 GMT
Content-Encoding
gzip
Via
1.1 4b0dd366e44414a4e7e6ed6970080d58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
IAD89-P2
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
52123
Last-Modified
Tue, 18 Jun 2024 05:23:49 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1687630540/ctime:1718484008/gid:700/gname:developers/md5:8cbc3bd687fa6767a01ae9c273365f7b/mode:33188/mtime:1718484008/uid:1024/uname:martyn
ETag
"8cbc3bd687fa6767a01ae9c273365f7b"
Content-Type
application/javascript
Cache-Control
public, max-age=86400
Accept-Ranges
bytes
X-Amz-Cf-Id
EvKGhuBZW2R7NfE2ndrRetJqEdrRfU1H3kW2QkODY5ufNO6_FUZykw==
283cd6f3bdbf77c939ae868613cb575a.js
dk0tzorg7uge9.cloudfront.net/sites/
758 KB
145 KB
Script
General
Full URL
https://dk0tzorg7uge9.cloudfront.net/sites/283cd6f3bdbf77c939ae868613cb575a.js
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.67.79.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-79-34.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
47c35a4db35363fbddefbde5a902eaf3547fbed8d4fe1b9a31bd3e6b640e15b7

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 10:34:58 GMT
Content-Encoding
gzip
Via
1.1 c3af1bb2028605770032345c7c19b7aa.cloudfront.net (CloudFront)
Last-Modified
Mon, 24 Jun 2024 06:00:03 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1719208801/ctime:1719208801/gid:501/gname:fcp/md5:74c480832d466401145422cba922687f/mode:33204/mtime:1719208735/uid:501/uname:fcp
X-Amz-Cf-Pop
IAD89-P2
x-amz-server-side-encryption
AES256
ETag
"74c480832d466401145422cba922687f"
X-Cache
RefreshHit from cloudfront
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
147602
X-Amz-Cf-Id
PrSrp24VLmifjFg4gNn5tpcJBgptztxmX1CltdmYclEdkBa4lZydgA==
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::66 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Aug 2024 09:05:44 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5352
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 06 Aug 2024 11:05:44 GMT
hotjar-121800.js
static.hotjar.com/c/
185 KB
30 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-121800.js?sv=5
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.18.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-18-89.ord53.r.cloudfront.net
Software
/
Resource Hash
9fa0f7a729fa74c94e8034ad485bee3443cf1de9a516666441fa7b163a06c576
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:34:56 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 260fbb348a8054aa94835db0d4a40e00.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD53-C2
etag
W/bd91a864088a513fb559c33817917246
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
_coN-Kh6_uS2opYBe8Ww4AcILITNIqmGUuP1QeWuy0bktNf2AM_h3A==
radar.js
radar.cedexis.com/1707728419/
Redirect Chain
  • https://radar.cedexis.com/1/20200/radar.js
  • https://radar.cedexis.com/1707728419/radar.js
44 KB
19 KB
Script
General
Full URL
https://radar.cedexis.com/1707728419/radar.js
Protocol
HTTP/1.1
Server
45.54.49.5 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
5.49.54.45.ptr.anycast.net
Software
nginx /
Resource Hash
2c5b3aeacf827e181a8131451f9a2a2f402ce22800d2365feb071f1fb7bf666d

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 10:34:56 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Feb 2024 09:51:48 GMT
Server
nginx
ETag
W/"65c9ea34-af82"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=1209600, public
Connection
keep-alive
Expires
Tue, 20 Aug 2024 10:34:56 GMT

Redirect headers

Date
Tue, 06 Aug 2024 10:34:56 GMT
Server
nginx
Vary
User-Agent,DNT
Content-Type
text/html
Location
/1707728419/radar.js
Cache-Control
max-age=600
Connection
keep-alive
Content-Length
154
Expires
Tue, 06 Aug 2024 10:44:56 GMT
trackpoint-async.js
s2.adform.net/banners/scripts/st/
80 KB
31 KB
Script
General
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.45 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8ddc6cbdb63a791bfc33f40d4b0a250a18e85e0ae93f72389ebda9242bef010d

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:34:56 GMT
content-encoding
gzip
last-modified
Fri, 08 Mar 2024 07:02:31 GMT
server
nginx
x-amz-request-id
tx00000a762dbecf9209264-006657c4e1-329875c8-default
etag
W/"1c188eabf1f0749a0cffb2c108473370"
x-cache-status
HIT, BYPASS, HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
k_dafabet.js
scripts.prdredir.com/scripts/
2 KB
1 KB
Script
General
Full URL
https://scripts.prdredir.com/scripts/k_dafabet.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQD7V7Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
448d305ad6e8d6b57c5e4d37afbf26c77bcf2c2548e1fe462772757ee6ccbbe1

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-runtime
0.016301
date
Tue, 06 Aug 2024 10:34:56 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
etag
W/"448d305ad6e8d6b57c5e4d37afbf26c7"
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
cf-ray
8aee6098992d7cc2-LAX
x-request-id
85d195aa-fbf8-4ca9-8bf6-5b28607086c1
fbevents.js
connect.facebook.net/en_US/
225 KB
60 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 06 Aug 2024 10:34:56 GMT
document-policy
force-load-at-top
x-fb-server-load
33
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58865
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=119, rtx=0, c=12, mss=1297, tbw=2768, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
Wpl2ANbtWyLobyGWnFo0H9a0G0+plCVfhRBys7lOQXqBN5fCXcRDOenqmtQBwH+/cyAAIyvu7e4Pl2cbxaJ9YA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
container_iPEHBueP.js
cdn.matomo.cloud/blockchainads.matomo.cloud/
0
0
Script
General
Full URL
https://cdn.matomo.cloud/blockchainads.matomo.cloud/container_iPEHBueP.js
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2479:4000:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 06:00:38 GMT
x-amz-version-id
x8CUW72Cdy4wRBv1lXTNc2XlWFvGGyiM
via
1.1 cfbbd45bc29ebb0e8475ffa26dff7618.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
IAD61-P3
age
16460
x-cache
Error from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
0
last-modified
Thu, 02 Nov 2023 02:17:11 GMT
server
CloudFront
etag
"d41d8cd98f00b204e9800998ecf8427e"
content-type
text/html
accept-ranges
bytes
x-amz-cf-id
RBGh6OdJjLC1K5VyaLb3dwZL9Fevw0AFsC2Mf9zL2YdGvFCnitkHCA==
wwdafabet.js
adscool.net/resources/content/
5 KB
3 KB
Script
General
Full URL
https://adscool.net/resources/content/wwdafabet.js
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee9fbd1433074584fcfcb86657af0c29339bd6644b87b656cdcb29788cda1bd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:34:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
status
200 OK
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
6a7b0396-a2b3-49e0-bc66-28dce9cccea1
x-runtime
0.001139
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"ee9fbd1433074584fcfcb86657af0c29"
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yMc%2BnZA0Bjhm49%2Ba1CANholWd9cDX%2Bt1itjYxj9%2FMoRBvvjBvshv7xAwAMjYBXs1UkU9BGIP%2FawkY%2BKw4hTV1XmvZ99qy7OtO5tluW2QXJVICRjN%2Bt41jfO5HqtnpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800, private
cf-ray
8aee609848e72eed-LAX
js
rtgsystemsync.com/tag/
2 KB
1 KB
Script
General
Full URL
https://rtgsystemsync.com/tag/js?rtid=AEH-1722891893963441
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQD7V7Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d8b7618affc4d80078ebb51119d5e13a2d8cfb47c1fb434d91e79dd35a02c9c

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 10:34:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ExGQBzDvJSJwMhFtBa6yAFuHTEm3zG13er6%2BJxNTw4AL4J6EXE8Di8Fbdl3ZpIHRpsoIRSPeIxjIhi1razMD%2BfJI2gHH1ndovx1vG0tBRlPQRYum8AB8zVR8%2BOn9Hav30klKiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8aee609a0ead52ef-LAX
alt-svc
h3=":443"; ma=86400
expires
0
FQkqJiAx4e.gif
pixel.zprk.io/v5/pixel/
35 B
462 B
Image
General
Full URL
https://pixel.zprk.io/v5/pixel/FQkqJiAx4e.gif?ssid=1&gtmcb=1150099876
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.29.180.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-29-180-185.compute-1.amazonaws.com
Software
/
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:34:57 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
image/gif
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
35
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1766814&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1766814%26t%3D2
43 B
1 KB
Image
General
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1766814%26t%3D2
Protocol
H2
Server
68.67.179.153 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 10:34:57 GMT
an-x-request-uuid
c61c02ba-43d0-46b3-b177-5bc4e02a885a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
162.245.206.249; 162.245.206.249; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Aug 2024 10:34:56 GMT
an-x-request-uuid
79687229-d254-4183-9483-4e7ea8d4ec90
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1766814%26t%3D2
cache-control
no-store, no-cache, private
x-proxy-origin
162.245.206.249; 162.245.206.249; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
favicon.ico
www.win999win.com/en/dafa/images/
1 KB
2 KB
Other
General
Full URL
https://www.win999win.com/en/dafa/images/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
b8fbacf4998ff7253c5fab185a6058959851c8f02d64f257ec5be076b41aa3a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 10:34:56 GMT
Via
1.1 PSxgHK5yp199:8 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Mon, 08 Jul 2024 06:56:37 GMT
Server
PWS/8.3.1.0.8
ETag
"668b8da5-47e"
X-Ws-Request-Id
66b1fc50_PSmgnyNY3aa36_41758-16701
Content-Type
image/x-icon
Cache-Control
max-age=31536000, public
X-Px
ms PSmgnyNY3mk42JFK,ht PSmgdfDEN1rj88DEN
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1150
Expires
Wed, 06 Aug 2025 10:34:56 GMT
sync
rtg.prdredir.com/
43 B
456 B
Image
General
Full URL
https://rtg.prdredir.com/sync?ref=&lp=https%3A%2F%2Fwww.win999win.com%2Fen&sh=1200&sw=1600&date=1722940496864&fp=uid-6031985127.7614472888
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:34:57 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
content-transfer-encoding
binary
content-disposition
inline; filename="pixel.gif"
content-length
43
x-xss-protection
1; mode=block
x-request-id
79348e6a-320d-4621-9ad0-b8839eddd71d
x-runtime
0.018292
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache
cf-ray
8aee609a19d27cc2-LAX
wwdafabet
adscool.net/pageview/
0
600 B
Script
General
Full URL
https://adscool.net/pageview/wwdafabet?usr=v1.3%3A10873518357%3A1722940496875%3A1722940496875&scr=1600x1200%7C1600x1200&scv=1600x1200%7C0&pgh=www.win999win.com&pgl=%2Fen&pgs=&pgr=
Requested by
Host: adscool.net
URL: https://adscool.net/resources/content/wwdafabet.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:34:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
status
200 OK
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
ec1adf4c-fbac-44dd-ab6d-c086047a2565
x-runtime
0.003161
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding,Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HA5ivKCix%2BU6uG7Fqr9lGxirc89jWN%2Bc%2BtrJrXVnztw18TogYe6OudZ98k5RnkJYBlLud96fPoaXjGUBOyh7jlHqSkijpMQqLJdOyDJGA45nCiblQoEBy9FS9JR4bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
cf-ray
8aee6099a9f22eed-LAX
1920x360_74.jpg
www.win999win.com/en/2024-07/
96 KB
97 KB
Image
General
Full URL
https://www.win999win.com/en/2024-07/1920x360_74.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
b9ed282711156d16da803cf78c07bf10218f08f9923767974776abdcd30bb83b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 10:34:57 GMT
Via
1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Mon, 15 Jul 2024 05:06:00 GMT
Server
PWS/8.3.1.0.8
ETag
"6694ae38-1808c"
X-Ws-Request-Id
66b1fc50_PSmgnyNY3aa36_44251-26257
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
X-Px
ms PSmgnyNY3mk42JFK,ms PSmgdfDEN1rj88DEN,ht PSxgHK5dz198HKG
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
98444
Expires
Wed, 06 Aug 2025 10:34:57 GMT
providers.json
i2-bhsgkafrvyhbbeboejnwqtfyswmfpk.init.cedexis-radar.net/i2/1/20200/j1/20/124/1722940496/0/0/
3 KB
1 KB
XHR
General
Full URL
https://i2-bhsgkafrvyhbbeboejnwqtfyswmfpk.init.cedexis-radar.net/i2/1/20200/j1/20/124/1722940496/0/0/providers.json?imagesok=1&n=1&p=1&r=1&s=1&t=1
Requested by
Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.225.10.227 Ashburn, United States, ASN36236 (NETACTUATE, US),
Reverse DNS
227.10.225.104.ptr.anycast.net
Software
nginx /
Resource Hash
9ff2eb39ec96e2d2a7e114a786ce1f240ad99e0c4c3d53e854591a9e7c22310f

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 10:34:57 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Keep-Alive
timeout=1
collect
www.google-analytics.com/j/
15 B
223 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=851247502&t=pageview&_s=1&dl=https%3A%2F%2Fwww.win999win.com%2Fen&ul=en-us&de=UTF-8&dt=Dafabet%20is%20The%20Most%20Secure%20Online%20Betting%20Company%20in%20Asia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1531560531&gjid=2035975456&cid=182577859.1722940496&tid=UA-89039619-1&_gid=1277585488.1722940497&_r=1&_slc=1&z=1216912546
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::66 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
69e5bd6a3392e9ac3ad144d8b727223f7d655288d7fe2723debd7b964925197e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 10:34:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.win999win.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
wmetrics
rtgsystemsync.com/
0
405 B
Ping
General
Full URL
https://rtgsystemsync.com/wmetrics?rtid=AEH-1722891893963441&fr=0&dr=&dl=https%3A%2F%2Fwww.win999win.com%2Fen
Requested by
Host: rtgsystemsync.com
URL: https://rtgsystemsync.com/tag/js?rtid=AEH-1722891893963441
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:34:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CupjvX%2BEJuqgMQIUMhuEgDztCL%2BpitnmTrmHzwSjlmKS%2BJKp%2BveTOD4lq3AkM8EyA%2BSBtrCrTtJ2uUMDO7kDVmfBisdVUQhWcKkWx8E2yrGHFhCk2eLvMFNVbyDZYl16jVMFgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8aee609aff5352ef-LAX
alt-svc
h3=":443"; ma=86400
content-length
0
js
www.googletagmanager.com/gtag/
280 KB
95 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XTJPZCJBEY&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pe-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
15106c045f24b3a862e3f20b704b028c989d16753f402390b32210275b689e53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:34:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97274
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 06 Aug 2024 10:34:57 GMT
/
asia.adform.net/Serving/TrackPoint/
Redirect Chain
  • https://asia.adform.net/Serving/TrackPoint/?pm=3095779&ADFPageName=Dafabet%20All%20Pages&ADFdivider=%7C&ord=200043971843&ADFtpmode=2&loc=https%3A%2F%2Fwww.win999win.com%2Fen&Set1=en-US%7Cen-US%7C16...
  • https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=3095779&ADFPageName=Dafabet%20All%20Pages&ADFdivider=%7C&ord=200043971843&ADFtpmode=2&loc=https%3A%2F%2Fwww.win999win.com%2Fen&Set1=en-US%7Cen-US...
845 B
1 KB
Script
General
Full URL
https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=3095779&ADFPageName=Dafabet%20All%20Pages&ADFdivider=%7C&ord=200043971843&ADFtpmode=2&loc=https%3A%2F%2Fwww.win999win.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24
Protocol
H2
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a8eef464beb53d07e574e2731879a8dbc3d9e436d2c6bf44315a93f33e3a6daa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 10:34:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
690
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 06 Aug 2024 10:34:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
text/html; charset=utf-8
location
https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=3095779&ADFPageName=Dafabet%20All%20Pages&ADFdivider=%7C&ord=200043971843&ADFtpmode=2&loc=https%3A%2F%2Fwww.win999win.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
modules.8da33a8f469c3b5ffcec.js
script.hotjar.com/
223 KB
56 KB
Script
General
Full URL
https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-121800.js?sv=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-103.phl50.r.cloudfront.net
Software
/
Resource Hash
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 14:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 6ef53c06467f47a1223db91b4e03cb22.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
591111
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56385
last-modified
Tue, 30 Jul 2024 14:22:40 GMT
etag
"0728625a147ca79276a1790b9cf3175d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
REwT6-YahL42iDJRMz6HMVtq1wAZYEe0JRRCvKLkHYWJ6SnETtl59A==
1727308371340020
connect.facebook.net/signals/config/
66 KB
15 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1727308371340020?v=2.9.164&r=stable&domain=www.win999win.com&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9629be600d6a69cdb1cd767b965a389ffc59444f309329ace4595906488a88ae
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 06 Aug 2024 10:34:57 GMT
document-policy
force-load-at-top
x-fb-server-load
31
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=128, rtx=0, c=65, mss=1297, tbw=64358, tp=-1, tpl=-1, uplat=214, ullat=0
pragma
public
x-fb-debug
ONQjSRYh9aoil2eqhatw+no6ow5vt4uJJNQ9+dPY58MQYrOnYFwh70V5yQm7WoFL5XlhTRb9cfXqj0WUQB5/Qg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
impact.js
radar.cedexis.com/releases/1707728419/
7 KB
4 KB
Script
General
Full URL
https://radar.cedexis.com/releases/1707728419/impact.js
Requested by
Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.54.49.5 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
5.49.54.45.ptr.anycast.net
Software
nginx /
Resource Hash
70ba610e8b04346fcfaf7131529082ab2f9cec6954ce32552b1cac0a9e567aba

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 10:34:57 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Feb 2024 09:51:35 GMT
Server
nginx
ETag
W/"65c9ea27-1c28"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=1209600, public
Connection
keep-alive
Expires
Tue, 20 Aug 2024 10:34:57 GMT
1722940495369
rpt.cedexis.com/n1/0/1722940489695/0/0/0/0/1722940493866/1722940493866/1722940493866/1722940493866/1722940493866/0/1722940493867/1722940494643/1722940494666/1722940494656/1722940496144/172294049614...
16 B
276 B
XHR
General
Full URL
https://rpt.cedexis.com/n1/0/1722940489695/0/0/0/0/1722940493866/1722940493866/1722940493866/1722940493866/1722940493866/0/1722940493867/1722940494643/1722940494666/1722940494656/1722940496144/1722940496144/1722940496150/1722940496569/1722940496569/1722940496572/_CgJqMRAUGHwiBggBEOidASjEnIy-BDDQ-Me1BjjQ-Me1BkCsjYXhAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24zLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vOD5ABAJgBAA/0/1722940495369
Requested by
Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 10:34:57 GMT
Server
nginx
Content-Type
text/plain
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Keep-Alive
timeout=1
Content-Length
16
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-XTJPZCJBEY&gtm=45je47v0v9126248990za200&_p=1722940494679&gcd=13l3l3l3l2&npa=0&dma=0&tag_exp=95250753&ul=en-us&sr=1600x1200&cid=182577859.1722940496&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.win999win.com%2Fen&dt=Dafabet%20is%20The%20Most%20Secure%20Online%20Betting%20Company%20in%20Asia&sid=1722940497&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=7904
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XTJPZCJBEY&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f100.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 10:34:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.win999win.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1111248093529440
connect.facebook.net/signals/config/
34 KB
7 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1111248093529440?v=2.9.164&r=stable&domain=www.win999win.com&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C195%2C194%2C196%2C201%2C202%2C203%2C199%2C191%2C128%2C158%2C190%2C192%2C119%2C152%2C141%2C146%2C184%2C185%2C125%2C227%2C113%2C124%2C228%2C160%2C116%2C230%2C161%2C132%2C120%2C149%2C144
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
73eaba89aac24d3fcc3a20c41cab7d2e9ad79805deb5f53bb420e9b6db47d354
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 06 Aug 2024 10:34:57 GMT
document-policy
force-load-at-top
x-fb-server-load
37
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=118, rtx=0, c=26, mss=1232, tbw=8280, tp=17, tpl=0, uplat=231, ullat=0
pragma
public
x-fb-debug
pmGIz1ULHN2nljRpz47izz+gYu2q/QigVkzPWCzP5Y/ingsLFwGSiQq+frElnV+xVjyo1us5ycvXmk9nKESBXA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
270 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1727308371340020&ev=PageView&dl=https%3A%2F%2Fwww.win999win.com%2Fen&rl=&if=false&ts=1722940497623&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722940497621.518987459221054995&ler=empty&cdl=API_unavailable&it=1722940497245&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=118, rtx=0, c=10, mss=1297, tbw=2774, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 06 Aug 2024 10:34:57 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
3 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1727308371340020&ev=PageView&dl=https%3A%2F%2Fwww.win999win.com%2Fen&rl=&if=false&ts=1722940497623&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722940497621.518987459221054995&ler=empty&cdl=API_unavailable&it=1722940497245&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Tue, 06 Aug 2024 10:34:58 GMT
document-policy
force-load-at-top
x-fb-server-load
40
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7399973089227829981", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=118, rtx=0, c=10, mss=1297, tbw=3088, tp=-1, tpl=-1, uplat=79, ullat=0
pragma
no-cache
x-fb-debug
SRqSK1wU4oaFqdCZGg+kAMHXet0fjRVPlP2oaz7pQ4PtTjcYOECJE3BukZKq0Xn/HPzH5IIQe1UxrTIdjwSLfw==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7399973089227829981"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
Brand%20Ambassador_EN.png
www.win999win.com/en/ambassadors/
133 KB
133 KB
Image
General
Full URL
https://www.win999win.com/en/ambassadors/Brand%20Ambassador_EN.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
3ba02d21c9b69018b9ff62768156c206f0a05255c368b2166adda35b7067dd62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 10:34:58 GMT
Via
1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Tue, 16 Jul 2024 07:48:36 GMT
Server
PWS/8.3.1.0.8
ETag
"669625d4-21260"
X-Ws-Request-Id
66b1fc52_PSmgnyNY3aa36_44251-26301
Content-Type
image/png
Cache-Control
max-age=31536000, public
X-Px
ms PSmgnyNY3mk42JFK,ms PSmgdfDEN1rj88DEN,ht PSxgHK5dz198HKG
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
135776
Expires
Wed, 06 Aug 2025 10:34:58 GMT
playtech-footer.png
www.win999win.com/en/2022-07/
6 KB
6 KB
Image
General
Full URL
https://www.win999win.com/en/2022-07/playtech-footer.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
caed37875e80934c7f52564ca26b7846bd1f7bfa26f6eb74994556ee9777dbec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 10:34:58 GMT
Via
1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 20 Jul 2022 08:22:19 GMT
Server
PWS/8.3.1.0.8
ETag
"62d7bb3b-1709"
X-Ws-Request-Id
66b1fc52_PSmgnyNY3aa36_44300-11357
Content-Type
image/png
Cache-Control
max-age=31536000, public
X-Px
ms PSmgnyNY3mk42JFK,ms PSmgdfDEN1rj88DEN,ht PSxgHK5dz198HKG
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5897
Expires
Wed, 06 Aug 2025 10:34:58 GMT
bitcoin_Footer%20160x41.png
www.win999win.com/en/2019-09/
2 KB
3 KB
Image
General
Full URL
https://www.win999win.com/en/2019-09/bitcoin_Footer%20160x41.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
1fad8a0d38b8307c0781fbfd3222b43917c5c879bbcfb3d5e0b96d1b4416e5a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 10:34:58 GMT
Via
1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Mon, 23 Sep 2019 09:48:31 GMT
Server
PWS/8.3.1.0.8
ETag
"5d8894ef-9ad"
X-Ws-Request-Id
66b1fc52_PSmgnyNY3aa36_41758-16726
Content-Type
image/png
Cache-Control
max-age=31536000, public
X-Px
ms PSmgnyNY3mk42JFK,ms PSmgdfDEN1rj88DEN,ht PSxgHK5dz198HKG
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2477
Expires
Wed, 06 Aug 2025 10:34:58 GMT
frosmo.xdm.html
dafabetcomasia.asia.frosmo.com/ Frame 4D31
0
0
Document
General
Full URL
https://dafabetcomasia.asia.frosmo.com/frosmo.xdm.html?24.51.0
Requested by
Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
52.79.118.14 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-79-118-14.ap-northeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://www.win999win.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-length
1104
content-type
text/html
date
Tue, 06 Aug 2024 10:34:58 GMT
etag
"5bea9576-450"
last-modified
Tue, 13 Nov 2018 09:12:22 GMT
server
nginx
vary
Accept-Encoding
1232172684609899
connect.facebook.net/signals/config/
25 KB
5 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1232172684609899?v=2.9.164&r=stable&domain=www.win999win.com&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C195%2C194%2C196%2C201%2C202%2C203%2C199%2C191%2C128%2C158%2C190%2C192%2C119%2C152%2C141%2C146%2C184%2C185%2C125%2C227%2C113%2C124%2C228%2C160%2C116%2C230%2C161%2C132%2C120%2C149%2C144%2C130%2C123
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
5b9227e39552179d38911c5f39bed2cd915f706ad9ef6ed6c6b5a060375c3915
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 06 Aug 2024 10:34:58 GMT
document-policy
force-load-at-top
x-fb-server-load
44
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=118, rtx=0, c=34, mss=1232, tbw=17608, tp=28, tpl=0, uplat=547, ullat=0
pragma
public
x-fb-debug
Nv3b990sl3lRhKZVZWn1q5bhr6pSKyGWyRsV2uTy9KrmtLgu6ud96HjaY9ZZmCjPQyJVKW7CaZMWMSP+vdX9CQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
98 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1111248093529440&ev=PageView&dl=https%3A%2F%2Fwww.win999win.com%2Fen&rl=&if=false&ts=1722940498025&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722940497621.518987459221054995&ler=empty&cdl=API_unavailable&cs_est=true&it=1722940497245&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=118, rtx=0, c=15, mss=1297, tbw=6447, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 06 Aug 2024 10:34:58 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
848 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1111248093529440&ev=PageView&dl=https%3A%2F%2Fwww.win999win.com%2Fen&rl=&if=false&ts=1722940498025&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722940497621.518987459221054995&ler=empty&cdl=API_unavailable&cs_est=true&it=1722940497245&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Tue, 06 Aug 2024 10:34:58 GMT
document-policy
force-load-at-top
x-fb-server-load
42
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7399973092344275826", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=118, rtx=0, c=15, mss=1297, tbw=6589, tp=-1, tpl=-1, uplat=37, ullat=0
pragma
no-cache
x-fb-debug
b5n3J94J5L/jqT4bkLdKaPF7y8wyAL8aNltkcqRAwvHBEmkw2TAJoJK25aWJkaZeRT5dcbOhG7BmqQccMe5C0A==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7399973092344275826"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixels
c1.adform.net/imatch/ Frame 3F81
0
0
Document
General
Full URL
https://c1.adform.net/imatch/pixels?bt=0&uid=683281792579535459&agencyId=8910&advertiserId=2170253&src=tp&rnd=670673
Requested by
Host: asia.adform.net
URL: https://asia.adform.net/Serving/TrackPoint/?pm=3095779&ADFPageName=Dafabet%20All%20Pages&ADFdivider=%7C&ord=200043971843&ADFtpmode=2&loc=https%3A%2F%2Fwww.win999win.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 06 Aug 2024 10:34:58 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
/
asia.seadform.net/serving/cookie/sync/
35 B
457 B
Image
General
Full URL
https://asia.seadform.net/serving/cookie/sync/?uid=683281792579535459&stamp=6-Kzuc8k-wMDvP-67D9Y4w2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:34:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
json
i1-j5-20-124-1-20200-1342837909-s.init.cedexis-radar.net/i1/1722940498/1342837909/
217 B
484 B
XHR
General
Full URL
https://i1-j5-20-124-1-20200-1342837909-s.init.cedexis-radar.net/i1/1722940498/1342837909/json?seed=i1-j5-20-124-1-20200-1342837909-s
Requested by
Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.225.10.226 Ashburn, United States, ASN36236 (NETACTUATE, US),
Reverse DNS
226.10.225.104.ptr.anycast.net
Software
nginx /
Resource Hash
51553f7bcfd0ba07683cbe0f1a1ec53a91bfaacc8c8a466ca913a152b510eac8

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 10:34:58 GMT
Server
nginx
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Keep-Alive
timeout=1
Content-Length
217
988361329509623
connect.facebook.net/signals/config/
24 KB
4 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/988361329509623?v=2.9.164&r=stable&domain=www.win999win.com&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C195%2C194%2C196%2C201%2C202%2C203%2C199%2C191%2C128%2C158%2C190%2C192%2C119%2C152%2C141%2C146%2C184%2C185%2C125%2C227%2C113%2C124%2C228%2C160%2C116%2C230%2C161%2C132%2C120%2C149%2C144%2C130%2C123
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
0de2c4f7bd67b21d5570cdb86c0ca3b6d2b7ce10df73ff3a5d63731001091b7f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 06 Aug 2024 10:34:59 GMT
document-policy
force-load-at-top
x-fb-server-load
20
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=121, rtx=0, c=38, mss=1232, tbw=22488, tp=33, tpl=0, uplat=594, ullat=0
pragma
public
x-fb-debug
tGVYc/IKGKLh3L7N3/uO707fXttpV1beGyi/+PgB7dwSgcqOty9oxA+4c6UttctWD8wPJETeI/eI0xNsHKtWTw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
18 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1232172684609899&ev=PageView&dl=https%3A%2F%2Fwww.win999win.com%2Fen&rl=&if=false&ts=1722940498702&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722940497621.518987459221054995&ler=empty&cdl=API_unavailable&it=1722940497245&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=118, rtx=0, c=26, mss=1232, tbw=8329, tp=18, tpl=0, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 06 Aug 2024 10:34:58 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
193 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1232172684609899&ev=PageView&dl=https%3A%2F%2Fwww.win999win.com%2Fen&rl=&if=false&ts=1722940498702&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722940497621.518987459221054995&ler=empty&cdl=API_unavailable&it=1722940497245&coo=false&rqm=FGET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Tue, 06 Aug 2024 10:34:58 GMT
document-policy
force-load-at-top
x-fb-server-load
53
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7399973093239797130", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=118, rtx=0, c=26, mss=1232, tbw=8649, tp=20, tpl=0, uplat=36, ullat=0
pragma
no-cache
x-fb-debug
1r1nbwyp5orR8G0l4o8/zHFD2QJ2flSAoXyiCjSNesuyTooB9DriUHEY2lxzT2yovx/4GMgmIvJJcg6e5DFQeg==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7399973093239797130"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
_CgJqNRAUGHwiBggBEOidASiVqaiABTDS-Me1BjjS-Me1BkCsj4WeAkoUCAEQ3wEYl2gggoCAwAQorYCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24yLmlhZC5odi5wcm9kggEVCAEQ3wEYiIMDIIqAgMAEKIWAgKAEiAGi67vODw
rpt.cedexis.com/r1/1/20200/
16 B
276 B
XHR