Submitted URL: http://www.win999win.com/
Effective URL: https://www.win999win.com/en
Submission Tags: falconsandbox
Submission: On August 06 via api from US — Scanned from US

Summary

This website contacted 32 IPs in 4 countries across 23 domains to perform 96 HTTP transactions. The main IP is 157.185.170.144, located in New York, United States and belongs to ML-1432-54994, CA. The main domain is www.win999win.com.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on April 22nd 2024. Valid for: a year.
This is the only time www.win999win.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 30 157.185.170.144 54994 (ML-1432-5...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 202.165.61.110 18018 (GAMEBUILD...)
2 2001:4860:480... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 18.67.79.195 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 108.138.106.124 16509 (AMAZON-02)
1 3 45.54.49.5 63911 (NETACTUAT...)
1 185.167.164.45 198622 (ADFORM)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f00... 32934 (FACEBOOK)
1 2600:9000:247... 16509 (AMAZON-02)
2 172.67.175.82 13335 (CLOUDFLAR...)
2 172.67.191.82 13335 (CLOUDFLAR...)
1 100.29.180.185 14618 (AMAZON-AES)
1 2 68.67.160.184 29990 (ASN-APPNEX)
1 104.225.10.225 36236 (NETACTUATE)
1 18.164.96.87 16509 (AMAZON-02)
1 172.253.115.97 15169 (GOOGLE)
1 3 185.84.60.20 198622 (ADFORM)
1 142.251.163.139 15169 (GOOGLE)
4 2607:f740:e61... 63911 (NETACTUAT...)
1 52.79.118.14 16509 (AMAZON-02)
3 157.240.229.1 32934 (FACEBOOK)
4 2a03:2880:f10... 32934 (FACEBOOK)
1 185.167.164.53 198622 (ADFORM)
12 52.78.8.111 16509 (AMAZON-02)
2 45.60.12.120 19551 (INCAPSULA)
4 157.240.229.35 32934 (FACEBOOK)
1 23.62.230.70 20940 (AKAMAI-ASN1)
96 32
Apex Domain
Subdomains
Transfer
30 win999win.com
www.win999win.com
1 MB
13 frosmo.com
dafabetcomasia.asia.frosmo.com
asia.frosmo.com — Cisco Umbrella Rank: 722016
2 KB
8 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
5 KB
7 cedexis.com
radar.cedexis.com — Cisco Umbrella Rank: 4858
rpt.cedexis.com — Cisco Umbrella Rank: 3415
24 KB
5 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
90 KB
4 adform.net
s2.adform.net — Cisco Umbrella Rank: 8814
asia.adform.net — Cisco Umbrella Rank: 60937
c1.adform.net — Cisco Umbrella Rank: 1001
33 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
272 KB
2 dafalive88.com
inc-www.dafalive88.com
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 764
2 KB
2 rtgsystemsync.com
rtgsystemsync.com
2 KB
2 adscool.net
adscool.net — Cisco Umbrella Rank: 115140
3 KB
2 prdredir.com
scripts.prdredir.com — Cisco Umbrella Rank: 59288
rtg.prdredir.com — Cisco Umbrella Rank: 99969
2 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1335
script.hotjar.com — Cisco Umbrella Rank: 2017
86 KB
2 cloudfront.net
dk0tzorg7uge9.cloudfront.net
196 KB
2 google.com
analytics.google.com — Cisco Umbrella Rank: 238
2 megasportcasino.com
login.megasportcasino.com
5 KB
1 df-bet.org
aka-als.df-bet.org
edg-als.df-bet.org Failed
1 seadform.net
asia.seadform.net — Cisco Umbrella Rank: 99516
466 B
1 cedexis-radar.net
i2-xpabrpsgvlbhvlzwrjqecgkhgwuyvf.init.cedexis-radar.net
1 KB
1 zprk.io
pixel.zprk.io — Cisco Umbrella Rank: 19690
463 B
1 matomo.cloud
cdn.matomo.cloud — Cisco Umbrella Rank: 29612
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
256 B
96 23
Domain Requested by
30 www.win999win.com 1 redirects www.win999win.com
12 asia.frosmo.com dk0tzorg7uge9.cloudfront.net
8 www.facebook.com
5 connect.facebook.net www.win999win.com
connect.facebook.net
4 rpt.cedexis.com radar.cedexis.com
3 radar.cedexis.com 1 redirects radar.cedexis.com
3 www.google-analytics.com www.win999win.com
www.google-analytics.com
www.googletagmanager.com
3 www.googletagmanager.com www.win999win.com
www.googletagmanager.com
www.google-analytics.com
2 inc-www.dafalive88.com radar.cedexis.com
2 asia.adform.net 1 redirects
2 secure.adnxs.com 1 redirects
2 rtgsystemsync.com www.googletagmanager.com
rtgsystemsync.com
2 adscool.net www.win999win.com
adscool.net
2 dk0tzorg7uge9.cloudfront.net www.win999win.com
2 analytics.google.com www.googletagmanager.com
2 login.megasportcasino.com www.win999win.com
1 aka-als.df-bet.org radar.cedexis.com
1 asia.seadform.net
1 c1.adform.net asia.adform.net
1 dafabetcomasia.asia.frosmo.com dk0tzorg7uge9.cloudfront.net
1 script.hotjar.com static.hotjar.com
1 i2-xpabrpsgvlbhvlzwrjqecgkhgwuyvf.init.cedexis-radar.net radar.cedexis.com
1 rtg.prdredir.com
1 pixel.zprk.io
1 cdn.matomo.cloud www.win999win.com
1 scripts.prdredir.com www.googletagmanager.com
1 s2.adform.net www.win999win.com
1 static.hotjar.com www.win999win.com
1 stats.g.doubleclick.net www.googletagmanager.com
0 edg-als.df-bet.org Failed radar.cedexis.com
96 30
Subject Issuer Validity Valid
support13.cdnetworks.net
GlobalSign RSA OV SSL CA 2018
2024-04-22 -
2025-04-07
a year crt.sh
*.google-analytics.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.megasportcasino.com
GeoTrust TLS RSA CA G1
2024-03-01 -
2025-02-28
a year crt.sh
*.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.g.doubleclick.net
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2023-10-10 -
2024-09-19
a year crt.sh
*.hotjar.com
Amazon RSA 2048 M03
2024-05-22 -
2025-06-20
a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-06 -
2024-09-19
a year crt.sh
prdredir.com
WE1
2024-06-24 -
2024-09-22
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-05-15 -
2024-08-13
3 months crt.sh
cdn.matomo.cloud
Amazon RSA 2048 M03
2023-10-27 -
2024-11-23
a year crt.sh
adscool.net
WE1
2024-06-19 -
2024-09-17
3 months crt.sh
rtgsystemsync.com
WE1
2024-07-05 -
2024-10-03
3 months crt.sh
*.zprk.io
Amazon RSA 2048 M03
2023-09-19 -
2024-10-17
a year crt.sh
*.init.cedexis-radar.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-21 -
2025-02-20
a year crt.sh
radar.cedexis.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-03-29 -
2025-03-28
a year crt.sh
*.asia.frosmo.com
E5
2024-07-10 -
2024-10-08
3 months crt.sh
*.seadform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-23 -
2024-11-08
a year crt.sh
*.dafalive88.com
GeoTrust TLS RSA CA G1
2024-03-01 -
2025-02-28
a year crt.sh
df-bet.org
R10
2024-06-27 -
2024-09-25
3 months crt.sh

This page contains 8 frames:

Primary Page: https://www.win999win.com/en
Frame ID: 89F2847347D10FAA708994BC6410F94E
Requests: 89 HTTP requests in this frame

Frame: https://dafabetcomasia.asia.frosmo.com/frosmo.xdm.html?24.51.0
Frame ID: 151970C396215AB62AAFDC9EDFEB68CA
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?bt=0&uid=439906683004740082&agencyId=8910&advertiserId=2170253&src=tp&rnd=105875
Frame ID: B138C32929FD77C5AFAC8A2E450CFFC8
Requests: 1 HTTP requests in this frame

Frame: https://inc-www.dafalive88.com/en/promotions/sureroute.html?rnd=1-1-20200-1-20200-101264-2941970030-_CgJqMRAUGHwiBggBEOidASjuzOv6CjCXgsm1BjiXgsm1BkDA5ZKxAUoUCAEQ3wEYwXYgg4CAwAQoj4CAoARQhcKOB1oVCAEQ3wEY7oENIIKAgMAEKK2AgKAEYAFqE2J1dHRvbjEuaWFkLmh2LnByb2SCARUIARDfARiIgwMgioCAwAQohYCAoASIAaLru84PkAEAmAEA
Frame ID: 720784E80233BAC3F8B3D1E4043C239C
Requests: 1 HTTP requests in this frame

Frame: https://inc-www.dafalive88.com/en/promotions/sureroute.html?rnd=0-1-20200-1-20200-101264-2941970030-_CgJqMRAUGHwiBggBEOidASjuzOv6CjCXgsm1BjiXgsm1BkDA5ZKxAUoUCAEQ3wEYwXYgg4CAwAQoj4CAoARQhcKOB1oVCAEQ3wEY7oENIIKAgMAEKK2AgKAEYAFqE2J1dHRvbjEuaWFkLmh2LnByb2SCARUIARDfARiIgwMgioCAwAQohYCAoASIAaLru84PkAEAmAEA
Frame ID: 4735775B7023DD7D721672A245128ABA
Requests: 1 HTTP requests in this frame

Frame: https://aka-als.df-bet.org/test/d17.html?rnd=1-1-20200-1-20200-47756-2941970030-_CgJqMRAUGHwiBggBEOidASjuzOv6CjCXgsm1BjiXgsm1BkDA5ZKxAUoUCAEQ3wEYwXYgg4CAwAQoj4CAoARQhcKOB1oVCAEQ3wEY7oENIIKAgMAEKK2AgKAEYAFqE2J1dHRvbjEuaWFkLmh2LnByb2SCARUIARDfARiIgwMgioCAwAQohYCAoASIAaLru84PkAEAmAEA
Frame ID: 16BBDDF3A0DEEFA4AC5BE41150836674
Requests: 1 HTTP requests in this frame

Frame: https://aka-als.df-bet.org/test/d17.html?rnd=0-1-20200-1-20200-47756-2941970030-_CgJqMRAUGHwiBggBEOidASjuzOv6CjCXgsm1BjiXgsm1BkDA5ZKxAUoUCAEQ3wEYwXYgg4CAwAQoj4CAoARQhcKOB1oVCAEQ3wEY7oENIIKAgMAEKK2AgKAEYAFqE2J1dHRvbjEuaWFkLmh2LnByb2SCARUIARDfARiIgwMgioCAwAQohYCAoASIAaLru84PkAEAmAEA
Frame ID: A9A7052FA114FF40EAF0ED3BAD41E1D6
Requests: 1 HTTP requests in this frame

Frame: https://edg-als.df-bet.org/test/d17.html?rnd=1-1-20200-1-20200-47758-2941970030-_CgJqMRAUGHwiBggBEOidASjuzOv6CjCXgsm1BjiXgsm1BkDA5ZKxAUoUCAEQ3wEYwXYgg4CAwAQoj4CAoARQhcKOB1oVCAEQ3wEY7oENIIKAgMAEKK2AgKAEYAFqE2J1dHRvbjEuaWFkLmh2LnByb2SCARUIARDfARiIgwMgioCAwAQohYCAoASIAaLru84PkAEAmAEA
Frame ID: 38AE00C572BFDE3B3CD4D2EF055D2B5C
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Dafabet is The Most Secure Online Betting Company in Asia

Page URL History Show full URLs

  1. http://www.win999win.com/ HTTP 307
    https://www.win999win.com/ HTTP 302
    https://www.win999win.com/en Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

96
Requests

94 %
HTTPS

29 %
IPv6

23
Domains

30
Subdomains

32
IPs

4
Countries

2114 kB
Transfer

5416 kB
Size

83
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.win999win.com/ HTTP 307
    https://www.win999win.com/ HTTP 302
    https://www.win999win.com/en Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://radar.cedexis.com/1/20200/radar.js HTTP 302
  • https://radar.cedexis.com/1707728419/radar.js
Request Chain 40
  • https://secure.adnxs.com/px?id=1766814&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1766814%26t%3D2
Request Chain 48
  • https://asia.adform.net/Serving/TrackPoint/?pm=3095779&ADFPageName=Dafabet%20All%20Pages&ADFdivider=%7C&ord=125288451995&ADFtpmode=2&loc=https%3A%2F%2Fwww.win999win.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
  • https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=3095779&ADFPageName=Dafabet%20All%20Pages&ADFdivider=%7C&ord=125288451995&ADFtpmode=2&loc=https%3A%2F%2Fwww.win999win.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24

96 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request en
www.win999win.com/
Redirect Chain
  • http://www.win999win.com/
  • https://www.win999win.com/
  • https://www.win999win.com/en
111 KB
40 KB
Document
General
Full URL
https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
4e54df5d719fbbf92f74e7e195a5213fa312c3b0660294d375d13d68cb7ac428
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Language
en
Content-Type
text/html; charset=UTF-8
Date
Tue, 06 Aug 2024 15:28:20 GMT
Page-Cache
Hit
Server
PWS/8.3.1.0.8
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
Via
1.1 PSmgnyNY3mk42:10 (W)
X-Frame-Options
deny
X-Px
ms PSmgnyNY3mk42JFK(origin)
X-Ws-Request-Id
66b24114_PSmgnyNY3aa36_44209-63090

Redirect headers

Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 06 Aug 2024 15:28:20 GMT
Location
/en
Server
PWS/8.3.1.0.8
Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.0 PSmgnyNY3mk42:10 (W)
X-Px
ms PSmgnyNY3mk42JFK(origin)
X-Ws-Request-Id
66b24113_PSmgnyNY3aa36_44209-63057
common.52a6941f046fba92b535d0fb9357a8bc.css
www.win999win.com/en/dafa/css/
90 KB
17 KB
Stylesheet
General
Full URL
https://www.win999win.com/en/dafa/css/common.52a6941f046fba92b535d0fb9357a8bc.css
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
7f830154472627a3c6290881c786ec59ce96238bbb8a721e8349002d4e60f4d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 15:28:20 GMT
Content-Encoding
gzip
Via
1.1 PS-TPE-01qXz223:0 (W), 1.1 PSxgHK5dz198:7 (W), 1.1 PS-DFW-01ItT28:2 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Age
17605
Transfer-Encoding
chunked
X-Px
ht PSmgnyNY3mk42JFK
Connection
keep-alive
Last-Modified
Thu, 18 Jul 2024 07:11:52 GMT
Server
PWS/8.3.1.0.8
ETag
"6698c038-1667e"
X-Ws-Request-Id
66b24114_PSmgnyNY3aa36_44209-63132
Content-Type
text/css
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
Expires
Wed, 06 Aug 2025 10:34:55 GMT
home.816cbee270a3f8dd704b9552a16aa39c.css
www.win999win.com/en/css/
57 KB
11 KB
Stylesheet
General
Full URL
https://www.win999win.com/en/css/home.816cbee270a3f8dd704b9552a16aa39c.css
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
9450251542f5c3ff7355bbd37c6b4c97e5ae5f0a291cfb91765694dd93267ff3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 15:28:21 GMT
Content-Encoding
gzip
Via
1.1 PS-TPE-01qXz223:0 (W), 1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Age
17606
Transfer-Encoding
chunked
X-Px
ht PSmgnyNY3mk42JFK
Connection
keep-alive
Last-Modified
Fri, 19 Jul 2024 08:19:53 GMT
Server
PWS/8.3.1.0.8
ETag
"669a21a9-e26a"
X-Ws-Request-Id
66b24115_PSmgnyNY3aa36_44209-63137
Content-Type
text/css
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
Expires
Wed, 06 Aug 2025 10:34:55 GMT
default_image.52a6941f046fba92b535d0fb9357a8bc.png
www.win999win.com/en/dafa/images/
593 B
1 KB
Image
General
Full URL
https://www.win999win.com/en/dafa/images/default_image.52a6941f046fba92b535d0fb9357a8bc.png
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
180109f8f37c833e1f965c5662f54e73b3e1291117a3c7fa320dab4ae7727dcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 15:28:21 GMT
Via
1.1 PS-TPE-01qXz223:0 (W), 1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 18 Jul 2024 07:11:52 GMT
Server
PWS/8.3.1.0.8
Age
17606
ETag
"6698c038-251"
X-Ws-Request-Id
66b24115_PSmgnyNY3aa36_45076-53913
Content-Type
image/png
Cache-Control
max-age=31536000, public
X-Px
ht PSmgnyNY3mk42JFK
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
593
Expires
Wed, 06 Aug 2025 10:34:55 GMT
loader.gif
www.win999win.com/en/images/
25 KB
25 KB
Image
General
Full URL
https://www.win999win.com/en/images/loader.gif
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
1255cfe05d68366b2f1784987c772a817da92099f4922498a445f8768c52a710
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 15:28:21 GMT
Via
1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Tue, 09 Jul 2024 07:05:28 GMT
Server
PWS/8.3.1.0.8
Age
17606
ETag
"668ce138-6240"
X-Ws-Request-Id
66b24115_PSmgnyNY3aa36_45228-61223
Content-Type
image/gif
Cache-Control
max-age=31536000, public
X-Px
ht PSmgnyNY3mk42JFK
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25152
Expires
Wed, 06 Aug 2025 10:34:55 GMT
1920x150_en-eu.jpg
www.win999win.com/en/2024-07/
196 KB
197 KB
Image
General
Full URL
https://www.win999win.com/en/2024-07/1920x150_en-eu.jpg
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
bdb6ddca3d50cf396d4405cae018178d212a8221fa120550babc712fdf94d463
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 15:28:21 GMT
Via
1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Fri, 19 Jul 2024 08:14:50 GMT
Server
PWS/8.3.1.0.8
Age
17606
ETag
"669a207a-311a7"
X-Ws-Request-Id
66b24115_PSmgnyNY3aa36_44209-63143
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
X-Px
ht PSmgnyNY3mk42JFK
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
201127
Expires
Wed, 06 Aug 2025 10:34:55 GMT
Games%20573x337.jpg
www.win999win.com/en/2024-07/
97 KB
98 KB
Image
General
Full URL
https://www.win999win.com/en/2024-07/Games%20573x337.jpg
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
07cca08aa80ee4a07c441e3df70052eaf04dece1af5faa4beb3f0a64bed14226
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 15:28:21 GMT
Via
1.1 PS-TPE-01TU5222:5 (W), 1.1 PSxgHK5yp199:12 (W), 1.1 PS-DFW-01ItT28:2 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Age
17606
X-Px
ht PSmgnyNY3mk42JFK
Connection
keep-alive
Content-Length
99623
Last-Modified
Tue, 16 Jul 2024 08:26:20 GMT
Server
PWS/8.3.1.0.8
ETag
"66962eac-18527"
X-Frame-Options
deny
X-Ws-Request-Id
66b24115_PSmgnyNY3aa36_44209-63146
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
Expires
Wed, 06 Aug 2025 10:34:55 GMT
casino-resize-573x337_0.jpg
www.win999win.com/en/2024-07/
99 KB
100 KB
Image
General
Full URL
https://www.win999win.com/en/2024-07/casino-resize-573x337_0.jpg
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
4f21d8615d3335ef138f4cba56ba1b593964dc1faca6c927d2b79f72dc1c01cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 15:28:21 GMT
Via
1.1 PS-TPE-01TU5222:10 (W), 1.1 PSxgHK5dz198:11 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Age
17606
X-Px
ht PSmgnyNY3mk42JFK
Connection
keep-alive
Content-Length
101817
Last-Modified
Tue, 16 Jul 2024 08:29:04 GMT
Server
PWS/8.3.1.0.8
ETag
"66962f50-18db9"
X-Frame-Options
deny
X-Ws-Request-Id
66b24115_PSmgnyNY3aa36_45228-61226
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
Expires
Wed, 06 Aug 2025 10:34:55 GMT
livedealer-resize-573x337.jpg
www.win999win.com/en/2024-07/
177 KB
178 KB
Image
General
Full URL
https://www.win999win.com/en/2024-07/livedealer-resize-573x337.jpg
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
e9ae28e34ba985057a08b71feb1556be602ece965b741234b757b85e400321c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 15:28:21 GMT
Via
1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Tue, 16 Jul 2024 08:28:05 GMT
Server
PWS/8.3.1.0.8
Age
17606
ETag
"66962f15-2c424"
X-Ws-Request-Id
66b24115_PSmgnyNY3aa36_45076-53924
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
X-Px
ht PSmgnyNY3mk42JFK
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
181284
Expires
Wed, 06 Aug 2025 10:34:55 GMT
es5.min.js
www.win999win.com/en/dafa/js/
11 KB
3 KB
Script
General
Full URL
https://www.win999win.com/en/dafa/js/es5.min.js
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
ac3d45538ffdd87732763521ea21e1f9695551d5c8a1b506935fb9bbc5253bfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 15:28:21 GMT
Content-Encoding
gzip
Via
1.1 PSxgHK5dz198:7 (W), 1.1 PS-DFW-01ItT28:2 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Age
17606
Transfer-Encoding
chunked
X-Px
ht PSmgnyNY3mk42JFK
Connection
keep-alive
Last-Modified
Mon, 08 Jul 2024 06:56:37 GMT
Server
PWS/8.3.1.0.8
ETag
"668b8da5-2b85"
X-Ws-Request-Id
66b24115_PSmgnyNY3aa36_45076-53912
Content-Type
application/javascript
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
Expires
Wed, 06 Aug 2025 10:34:55 GMT
integration.js.php
www.win999win.com/jswrapper/
45 KB
12 KB
Script
General
Full URL
https://www.win999win.com/jswrapper/integration.js.php?casino=dafa888&min=1
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
2b540d3b5cadb4b549a559969e75bb91092574a6c756007ee4854456c2770c7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 15:28:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 PSmgnyNY3mk42:10 (W)
Server
PWS/8.3.1.0.8
X-Cache-Status
HIT
Transfer-Encoding
chunked
X-Ws-Request-Id
66b24115_PSmgnyNY3aa36_45228-61229
Content-Language
en-US
Content-Type
application/javascript
Cache-Control
no-cache
X-Px
ms PSmgnyNY3mk42JFK(origin)
Connection
keep-alive
Expires
Tue, 06 Aug 2024 15:43:21 GMT
manifest.816cbee270a3f8dd704b9552a16aa39c.bundle.js
www.win999win.com/en/js/
1 KB
2 KB
Script
General
Full URL
https://www.win999win.com/en/js/manifest.816cbee270a3f8dd704b9552a16aa39c.bundle.js
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
fd189b75930b5891de5d6be7bd5de3edc41f3faf8e7ec22299fde3c157a5038d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 15:28:21 GMT
Via
1.1 PS-TPE-01TU5222:6 (W), 1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Age
17606
X-Px
ht PSmgnyNY3mk42JFK
Connection
keep-alive
Content-Length
1447
Last-Modified
Fri, 19 Jul 2024 08:19:53 GMT
Server
PWS/8.3.1.0.8
ETag
"669a21a9-5a7"
X-Frame-Options
deny
X-Ws-Request-Id
66b24115_PSmgnyNY3aa36_45228-61237
Content-Type
application/javascript
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
Expires
Wed, 06 Aug 2025 10:34:55 GMT
vendor.816cbee270a3f8dd704b9552a16aa39c.bundle.js
www.win999win.com/en/js/
107 KB
35 KB
Script
General
Full URL
https://www.win999win.com/en/js/vendor.816cbee270a3f8dd704b9552a16aa39c.bundle.js
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
a733d21fc6d59ac3de5f51290f2fc0aabaff13804501178c3f9297860def8311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 15:28:21 GMT
Content-Encoding
gzip
Via
1.1 PS-TPE-01TU5222:8 (W), 1.1 dianxun231:4 (W), 1.1 PS-DFW-01ItT28:2 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Age
17606
Transfer-Encoding
chunked
X-Px
ht PSmgnyNY3mk42JFK
Connection
keep-alive
Last-Modified
Fri, 19 Jul 2024 08:19:53 GMT
Server
PWS/8.3.1.0.8
ETag
"669a21a9-1acc4"
X-Ws-Request-Id
66b24115_PSmgnyNY3aa36_44209-63156
Content-Type
application/javascript
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
Expires
Wed, 06 Aug 2025 10:34:55 GMT
common.52a6941f046fba92b535d0fb9357a8bc.bundle.js
www.win999win.com/en/dafa/js/
271 KB
75 KB
Script
General
Full URL
https://www.win999win.com/en/dafa/js/common.52a6941f046fba92b535d0fb9357a8bc.bundle.js
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
189809272214325b7221ac7da3641ec69dd844cc43ce5ad73a428bf1a4e9b37b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 15:28:21 GMT
Content-Encoding
gzip
Via
1.1 PS-TPE-01TU5222:9 (W), 1.1 dianxun231:13 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Age
17606
Transfer-Encoding
chunked
X-Px
ht PSmgnyNY3mk42JFK
Connection
keep-alive
Last-Modified
Thu, 18 Jul 2024 07:11:52 GMT
Server
PWS/8.3.1.0.8
ETag
"6698c038-43cbf"
X-Frame-Options
deny
X-Ws-Request-Id
66b24115_PSmgnyNY3aa36_44209-63155
Content-Type
application/javascript
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
Expires
Wed, 06 Aug 2025 10:34:55 GMT
home.816cbee270a3f8dd704b9552a16aa39c.bundle.js
www.win999win.com/en/js/
32 KB
8 KB
Script
General
Full URL
https://www.win999win.com/en/js/home.816cbee270a3f8dd704b9552a16aa39c.bundle.js
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
b9d21261ceee8c27f95bd6d11a993bbdba6a3ebf6d00d4c952273cc2278e7e6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 15:28:21 GMT
Content-Encoding
gzip
Via
1.1 PS-TPE-01qXz223:0 (W), 1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Age
17605
Transfer-Encoding
chunked
X-Px
ht PSmgnyNY3mk42JFK
Connection
keep-alive
Last-Modified
Fri, 19 Jul 2024 08:19:53 GMT
Server
PWS/8.3.1.0.8
ETag
"669a21a9-7f03"
X-Ws-Request-Id
66b24115_PSmgnyNY3aa36_45228-61243
Content-Type
application/javascript
Cache-Control
max-age=31536000, public
Accept-Ranges
bytes
Expires
Wed, 06 Aug 2025 10:34:56 GMT
gtm.js
www.googletagmanager.com/
231 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TQD7V7Q
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4fab3a4ea4b328c214dd137d13924c0b3beb648c921c386af233d667fcdb3629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 15:28:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77820
x-xss-protection
0
last-modified
Tue, 06 Aug 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 06 Aug 2024 15:28:21 GMT
default_image.816cbee270a3f8dd704b9552a16aa39c.png
www.win999win.com/en/promotions/images/
593 B
1 KB
Image
General
Full URL
https://www.win999win.com/en/promotions/images/default_image.816cbee270a3f8dd704b9552a16aa39c.png
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en/css/home.816cbee270a3f8dd704b9552a16aa39c.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
180109f8f37c833e1f965c5662f54e73b3e1291117a3c7fa320dab4ae7727dcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en/css/home.816cbee270a3f8dd704b9552a16aa39c.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 15:28:21 GMT
Via
1.1 PS-TPE-01qXz223:0 (W), 1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Fri, 19 Jul 2024 08:19:53 GMT
Server
PWS/8.3.1.0.8
Age
17606
ETag
"669a21a9-251"
X-Ws-Request-Id
66b24115_PSmgnyNY3aa36_45076-53917
Content-Type
image/png
Cache-Control
max-age=31536000, public
X-Px
ht PSmgnyNY3mk42JFK
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
593
Expires
Wed, 06 Aug 2025 10:34:55 GMT
sprite.52a6941f046fba92b535d0fb9357a8bc.png
www.win999win.com/en/dafa/images/
206 KB
207 KB
Image
General
Full URL
https://www.win999win.com/en/dafa/images/sprite.52a6941f046fba92b535d0fb9357a8bc.png
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en/dafa/css/common.52a6941f046fba92b535d0fb9357a8bc.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
4865df327140a52e50f92d603b9a546fba023ae7bc05c28904f5ccaf77675e95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en/dafa/css/common.52a6941f046fba92b535d0fb9357a8bc.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 15:28:21 GMT
Via
1.1 PS-TPE-01qXz223:0 (W), 1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 18 Jul 2024 07:11:52 GMT
Server
PWS/8.3.1.0.8
Age
17606
ETag
"6698c038-337ae"
X-Ws-Request-Id
66b24115_PSmgnyNY3aa36_45076-53916
Content-Type
image/png
Cache-Control
max-age=31536000, public
X-Px
ht PSmgnyNY3mk42JFK
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
210862
Expires
Wed, 06 Aug 2025 10:34:55 GMT
dacs.js
login.megasportcasino.com/jswrapper/
9 KB
4 KB
Script
General
Full URL
https://login.megasportcasino.com/jswrapper/dacs.js?v=3
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/jswrapper/integration.js.php?casino=dafa888&min=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.165.61.110 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),
Reverse DNS
Software
/
Resource Hash
9acce1202062518523f1976a37510b6fcb7beb5a6b68205032e14b971a3a0e9b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 15:28:22 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=16070400; includeSubDomains
Vary
Accept-Encoding
Content-Type
application/javascript
Content-Language
en-US
Cache-Control
private, max-age=604800, immutable
Content-Length
3552
clientHintHeaders.js
login.megasportcasino.com/jswrapper/
2 KB
1006 B
Script
General
Full URL
https://login.megasportcasino.com/jswrapper/clientHintHeaders.js?v=3
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/jswrapper/integration.js.php?casino=dafa888&min=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.165.61.110 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),
Reverse DNS
Software
/
Resource Hash
142617edf27459c2a888daaf7d0bf7777a3fb328fbe9a771fcb7059044791247
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 15:28:22 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=16070400; includeSubDomains
Vary
Accept-Encoding
Content-Type
application/javascript
Content-Language
en-US
Cache-Control
private, max-age=604800, immutable
Content-Length
671
floating-banners
www.win999win.com/en/ajax/
24 KB
3 KB
XHR
General
Full URL
https://www.win999win.com/en/ajax/floating-banners?path=%252F
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en/dafa/js/common.52a6941f046fba92b535d0fb9357a8bc.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
2dba38ef8b67689693f2a3e9c481baf5df4ee236ee3ed7a88b47c5e97ce30c43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/javascript
Referer
https://www.win999win.com/en
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 06 Aug 2024 15:28:22 GMT
Content-Encoding
gzip
Via
1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
PWS/8.3.1.0.8
Transfer-Encoding
chunked
X-Ws-Request-Id
66b24115_PSmgnyNY3aa36_44209-63164
Content-Language
en
Content-Type
application/json
Cache-Control
no-cache
X-Px
ms PSmgnyNY3mk42JFK(origin)
Connection
keep-alive
dafabet_logo.png
www.win999win.com/en/dafa/images/
3 KB
4 KB
Image
General
Full URL
https://www.win999win.com/en/dafa/images/dafabet_logo.png
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
0ea8ad9a1b5a3e3e0950b9dd614a5056250369587ff45165dacafd8d13e838e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 15:28:21 GMT
Via
1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Mon, 08 Jul 2024 06:56:37 GMT
Server
PWS/8.3.1.0.8
Age
17605
ETag
"668b8da5-d3d"
X-Ws-Request-Id
66b24115_PSmgnyNY3aa36_45076-53937
Content-Type
image/png
Cache-Control
max-age=31536000, public
X-Px
ht PSmgnyNY3mk42JFK
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3389
Expires
Wed, 06 Aug 2025 10:34:56 GMT
sprite.52a6941f046fba92b535d0fb9357a8bc.png
www.win999win.com/en/dafa/images/
206 KB
0
Image
General
Full URL
https://www.win999win.com/en/dafa/images/sprite.52a6941f046fba92b535d0fb9357a8bc.png
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
4865df327140a52e50f92d603b9a546fba023ae7bc05c28904f5ccaf77675e95

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 15:28:21 GMT
Via
1.1 PS-TPE-01qXz223:0 (W), 1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Last-Modified
Thu, 18 Jul 2024 07:11:52 GMT
Server
PWS/8.3.1.0.8
Age
17606
ETag
"6698c038-337ae"
X-Ws-Request-Id
66b24115_PSmgnyNY3aa36_45076-53916
Content-Type
image/png
Cache-Control
max-age=31536000, public
X-Px
ht PSmgnyNY3mk42JFK
Accept-Ranges
bytes
Content-Length
210862
Expires
Wed, 06 Aug 2025 10:34:55 GMT
sprite.816cbee270a3f8dd704b9552a16aa39c.png
www.win999win.com/en/images/
113 KB
113 KB
Image
General
Full URL
https://www.win999win.com/en/images/sprite.816cbee270a3f8dd704b9552a16aa39c.png
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
0f47272de3875f1531038d1dd74318d65615e4a01403492d95d4de9d218ac06b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 15:28:21 GMT
Via
1.1 PS-TPE-01qXz223:0 (W), 1.1 PSxgHK5dz198:7 (W), 1.1 PS-DFW-01ItT28:2 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Fri, 19 Jul 2024 08:19:53 GMT
Server
PWS/8.3.1.0.8
Age
17605
ETag
"669a21a9-1c211"
X-Ws-Request-Id
66b24115_PSmgnyNY3aa36_44209-63175
Content-Type
image/png
Cache-Control
max-age=31536000, public
X-Px
ht PSmgnyNY3mk42JFK
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
115217
Expires
Wed, 06 Aug 2025 10:34:56 GMT
slider
www.win999win.com/en/ajax/
1 KB
1 KB
XHR
General
Full URL
https://www.win999win.com/en/ajax/slider?nc=202476
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en/js/vendor.816cbee270a3f8dd704b9552a16aa39c.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
cef4bf94d1e9936d52f3a0871fc270d604bf67829360f33b788b56b35a34e913
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
text/javascript, text/html, application/xml, text/xml, */*
Referer
https://www.win999win.com/en
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 06 Aug 2024 15:28:23 GMT
Content-Encoding
gzip
Via
1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
PWS/8.3.1.0.8
Transfer-Encoding
chunked
X-Ws-Request-Id
66b24115_PSmgnyNY3aa36_45228-61251
Content-Language
en
Content-Type
application/json
Cache-Control
no-cache
X-Px
ms PSmgnyNY3mk42JFK(origin)
Connection
keep-alive
js
www.googletagmanager.com/gtag/
301 KB
100 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-S5WHEF6PM5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQD7V7Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4a24f641db013e5cf56a9c0c92a4f9c3572e5c1a5a73d2112697b39ee300339a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 15:28:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102457
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 06 Aug 2024 15:28:22 GMT
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-S5WHEF6PM5&gtm=45je47v0v890350493z8890334128za200zb890334128&_p=1722958100961&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=1570167632.1722958103&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722958102&sct=1&seg=0&dl=https%3A%2F%2Fwww.win999win.com%2Fen&dt=Dafabet%20is%20The%20Most%20Secure%20Online%20Betting%20Company%20in%20Asia&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4074
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S5WHEF6PM5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 15:28:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.win999win.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
256 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-S5WHEF6PM5&cid=1570167632.1722958103&gtm=45je47v0v890350493z8890334128za200zb890334128&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=95250753
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S5WHEF6PM5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::9c Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 15:28:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.win999win.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
announcements
www.win999win.com/en/ajax/v2/
24 B
667 B
XHR
General
Full URL
https://www.win999win.com/en/ajax/v2/announcements?nocache=1722958102634
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en/dafa/js/common.52a6941f046fba92b535d0fb9357a8bc.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
ea1bd05db50c7890dd053edf77ee864749a4d8d726a063c80c606a88d095cabd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
text/javascript, text/html, application/xml, text/xml, */*
Referer
https://www.win999win.com/en
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 06 Aug 2024 15:28:22 GMT
Content-Encoding
gzip
Via
1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
PWS/8.3.1.0.8
Transfer-Encoding
chunked
X-Ws-Request-Id
66b24116_PSmgnyNY3aa36_44209-63199
Content-Language
en
Content-Type
application/json
Cache-Control
no-cache
X-Px
ms PSmgnyNY3mk42JFK(origin)
Connection
keep-alive
frosmo.easy.js
dk0tzorg7uge9.cloudfront.net/
183 KB
52 KB
Script
General
Full URL
https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.67.79.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-79-195.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
393a9815cb19251d0868f317157743f0cf1c2d60a2e130ce7474a737e1016e29

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 15:28:23 GMT
Content-Encoding
gzip
Via
1.1 e7e267d22aaab825174c9e30c630f528.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
IAD89-P2
Age
3
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
52123
Last-Modified
Tue, 18 Jun 2024 05:23:49 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1687630540/ctime:1718484008/gid:700/gname:developers/md5:8cbc3bd687fa6767a01ae9c273365f7b/mode:33188/mtime:1718484008/uid:1024/uname:martyn
ETag
"8cbc3bd687fa6767a01ae9c273365f7b"
Content-Type
application/javascript
Cache-Control
public, max-age=86400
Accept-Ranges
bytes
X-Amz-Cf-Id
dO9xKicXEoKjTJGJZaZ_fKJjBMKTSZv7-qvWWS46_2HCw7NJ5QXiRg==
283cd6f3bdbf77c939ae868613cb575a.js
dk0tzorg7uge9.cloudfront.net/sites/
758 KB
145 KB
Script
General
Full URL
https://dk0tzorg7uge9.cloudfront.net/sites/283cd6f3bdbf77c939ae868613cb575a.js
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.67.79.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-79-195.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
47c35a4db35363fbddefbde5a902eaf3547fbed8d4fe1b9a31bd3e6b640e15b7

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 15:28:24 GMT
Content-Encoding
gzip
Via
1.1 122cd39a473c6e4835362753fc929a08.cloudfront.net (CloudFront)
Last-Modified
Mon, 24 Jun 2024 06:00:03 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1719208801/ctime:1719208801/gid:501/gname:fcp/md5:74c480832d466401145422cba922687f/mode:33204/mtime:1719208735/uid:501/uname:fcp
X-Amz-Cf-Pop
IAD89-P2
x-amz-server-side-encryption
AES256
ETag
"74c480832d466401145422cba922687f"
X-Cache
RefreshHit from cloudfront
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
147602
X-Amz-Cf-Id
0I_THC2z3lwFkeCafg9_SkDeGL9GZegLGeq7NP9yNn2hZqjL5eqA9w==
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::66 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Aug 2024 15:05:44 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1358
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 06 Aug 2024 17:05:44 GMT
hotjar-121800.js
static.hotjar.com/c/
185 KB
30 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-121800.js?sv=5
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-124.jfk50.r.cloudfront.net
Software
/
Resource Hash
3e0737fe174925e9c9f651a8b954f203955fc527922adad7c14645173062c789
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 15:28:23 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 1dd1e483fa41d512929f44790f141972.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
etag
W/d936400fcaf952269bc625d6d9554a01
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
6p8DtFpZKa1hQ25amXyLQzUj3ZVwWSwoyu3wU_tVd6ymcIz_aPwi6g==
radar.js
radar.cedexis.com/1707728419/
Redirect Chain
  • https://radar.cedexis.com/1/20200/radar.js
  • https://radar.cedexis.com/1707728419/radar.js
44 KB
19 KB
Script
General
Full URL
https://radar.cedexis.com/1707728419/radar.js
Protocol
HTTP/1.1
Server
45.54.49.5 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
5.49.54.45.ptr.anycast.net
Software
nginx /
Resource Hash
2c5b3aeacf827e181a8131451f9a2a2f402ce22800d2365feb071f1fb7bf666d

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 15:28:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Feb 2024 09:51:35 GMT
Server
nginx
ETag
W/"65c9ea27-af82"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=1209600, public
Connection
keep-alive
Expires
Tue, 20 Aug 2024 15:28:22 GMT

Redirect headers

Date
Tue, 06 Aug 2024 15:28:22 GMT
Server
nginx
Vary
User-Agent,DNT
Content-Type
text/html
Location
/1707728419/radar.js
Cache-Control
max-age=600
Connection
keep-alive
Content-Length
154
Expires
Tue, 06 Aug 2024 15:38:22 GMT
trackpoint-async.js
s2.adform.net/banners/scripts/st/
80 KB
31 KB
Script
General
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.45 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8ddc6cbdb63a791bfc33f40d4b0a250a18e85e0ae93f72389ebda9242bef010d

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 15:28:22 GMT
content-encoding
gzip
last-modified
Fri, 08 Mar 2024 07:02:31 GMT
server
nginx
x-amz-request-id
tx00000a762dbecf9209264-006657c4e1-329875c8-default
etag
W/"1c188eabf1f0749a0cffb2c108473370"
x-cache-status
HIT, BYPASS, HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
k_dafabet.js
scripts.prdredir.com/scripts/
2 KB
1 KB
Script
General
Full URL
https://scripts.prdredir.com/scripts/k_dafabet.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQD7V7Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
448d305ad6e8d6b57c5e4d37afbf26c77bcf2c2548e1fe462772757ee6ccbbe1

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-runtime
0.043028
date
Tue, 06 Aug 2024 15:28:22 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
etag
W/"448d305ad6e8d6b57c5e4d37afbf26c7"
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
cf-ray
8af00e6eede32b8a-LAX
x-request-id
7274121d-b9fd-4b96-97e6-232744c37d53
fbevents.js
connect.facebook.net/en_US/
225 KB
60 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 06 Aug 2024 15:28:22 GMT
document-policy
force-load-at-top
x-fb-server-load
60
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58865
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=118, rtx=0, c=12, mss=1297, tbw=2770, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
Qr2qyfkiDT+37gWM830RbqjP9p23JcbDaTtm1aD5FH//l6cnGM/FW6sCAQ1z/4JmMuT9AVLrZ2KvOe8AoboPZw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
container_iPEHBueP.js
cdn.matomo.cloud/blockchainads.matomo.cloud/
0
0
Script
General
Full URL
https://cdn.matomo.cloud/blockchainads.matomo.cloud/container_iPEHBueP.js
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2479:9e00:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 12:00:38 GMT
x-amz-version-id
x8CUW72Cdy4wRBv1lXTNc2XlWFvGGyiM
via
1.1 6123d2a57c9fa3d5613bea69a7290ae0.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
IAD61-P3
age
12466
x-cache
Error from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
0
last-modified
Thu, 02 Nov 2023 02:17:11 GMT
server
CloudFront
etag
"d41d8cd98f00b204e9800998ecf8427e"
content-type
text/html
accept-ranges
bytes
x-amz-cf-id
3uIRBcEFW3mtPns1CnQKNpijvQ5rE3VaynG4z11m5rumnaEhRT8egA==
wwdafabet.js
adscool.net/resources/content/
5 KB
3 KB
Script
General
Full URL
https://adscool.net/resources/content/wwdafabet.js
Requested by
Host: www.win999win.com
URL: https://www.win999win.com/en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee9fbd1433074584fcfcb86657af0c29339bd6644b87b656cdcb29788cda1bd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 15:28:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
status
200 OK
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
0b54f601-0ea6-4c2b-b469-83bf2c2d1791
x-runtime
0.001658
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"ee9fbd1433074584fcfcb86657af0c29"
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ez66Z1JytTGeazNYZCGzf2GalDgS1ZXaYCpKFQoAPF4DDt9Llv58XLR2GWfkWQB%2B1eS%2Fi8WHYI%2FTkzjgrjWInviXl%2FnS72Oxwp%2FE8kCa4ba71weIULK0Ey%2FRS4LsSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800, private
cf-ray
8af00e711e507c6b-LAX
js
rtgsystemsync.com/tag/
2 KB
1 KB
Script
General
Full URL
https://rtgsystemsync.com/tag/js?rtid=AEH-1722891893963441
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQD7V7Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d8b7618affc4d80078ebb51119d5e13a2d8cfb47c1fb434d91e79dd35a02c9c

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 15:28:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VLFIn0pjZooBhG%2FMLAIeuKJC81fb9WgkB%2FT4fqFR3MixpmRicuTXAwCwWj1hyR6HJWNzgel%2BcH0Zhka%2FUzw3wyWRnq93FKJNF8sUCkndoDHrI6ZZHMbOn7EHTuTtBlQ%2F1PUFQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8af00e714bc6310d-LAX
alt-svc
h3=":443"; ma=86400
expires
0
FQkqJiAx4e.gif
pixel.zprk.io/v5/pixel/
35 B
463 B
Image
General
Full URL
https://pixel.zprk.io/v5/pixel/FQkqJiAx4e.gif?ssid=1&gtmcb=1557938001
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.29.180.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-29-180-185.compute-1.amazonaws.com
Software
/
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 15:28:23 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
image/gif
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
35
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1766814&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1766814%26t%3D2
43 B
1 KB
Image
General
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1766814%26t%3D2
Protocol
H2
Server
68.67.160.184 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 15:28:23 GMT
an-x-request-uuid
a034e1cf-988f-4d0f-8080-8a342349d49c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
162.245.206.249; 162.245.206.249; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Aug 2024 15:28:23 GMT
an-x-request-uuid
af698cd0-4a90-4625-9a02-5cfb2db18c57
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1766814%26t%3D2
cache-control
no-store, no-cache, private
x-proxy-origin
162.245.206.249; 162.245.206.249; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
favicon.ico
www.win999win.com/en/dafa/images/
1 KB
2 KB
Other
General
Full URL
https://www.win999win.com/en/dafa/images/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
b8fbacf4998ff7253c5fab185a6058959851c8f02d64f257ec5be076b41aa3a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 15:28:22 GMT
Via
1.1 PSxgHK5yp199:8 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Mon, 08 Jul 2024 06:56:37 GMT
Server
PWS/8.3.1.0.8
Age
17606
ETag
"668b8da5-47e"
X-Ws-Request-Id
66b24116_PSmgnyNY3aa36_44209-63201
Content-Type
image/x-icon
Cache-Control
max-age=31536000, public
X-Px
ht PSmgnyNY3mk42JFK
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1150
Expires
Wed, 06 Aug 2025 10:34:56 GMT
sync
rtg.prdredir.com/
43 B
455 B
Image
General
Full URL
https://rtg.prdredir.com/sync?ref=&lp=https%3A%2F%2Fwww.win999win.com%2Fen&sh=1200&sw=1600&date=1722958103031&fp=uid-3715488562.3900472547
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 15:28:23 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
content-transfer-encoding
binary
content-disposition
inline; filename="pixel.gif"
content-length
43
x-xss-protection
1; mode=block
x-request-id
a2287b69-ca62-44b9-b095-d619d4323957
x-runtime
0.001448
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache
cf-ray
8af00e7129252b8a-LAX
providers.json
i2-xpabrpsgvlbhvlzwrjqecgkhgwuyvf.init.cedexis-radar.net/i2/1/20200/j1/20/124/1722958103/0/0/
3 KB
1 KB
XHR
General
Full URL
https://i2-xpabrpsgvlbhvlzwrjqecgkhgwuyvf.init.cedexis-radar.net/i2/1/20200/j1/20/124/1722958103/0/0/providers.json?imagesok=1&n=1&p=1&r=1&s=1&t=1
Requested by
Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.225.10.225 Ashburn, United States, ASN36236 (NETACTUATE, US),
Reverse DNS
225.10.225.104.ptr.anycast.net
Software
nginx /
Resource Hash
b596686d53c6f3e2e195fcf0a33e828ae9a2a7716e713e0ebf93e7c44beb6c8f

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 15:28:23 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Keep-Alive
timeout=1
collect
www.google-analytics.com/j/
15 B
223 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1296408105&t=pageview&_s=1&dl=https%3A%2F%2Fwww.win999win.com%2Fen&ul=en-us&de=UTF-8&dt=Dafabet%20is%20The%20Most%20Secure%20Online%20Betting%20Company%20in%20Asia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1690548697&gjid=1796175748&cid=1570167632.1722958103&tid=UA-89039619-1&_gid=1225411534.1722958103&_r=1&_slc=1&z=1555782170
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::66 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
69e5bd6a3392e9ac3ad144d8b727223f7d655288d7fe2723debd7b964925197e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 15:28:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.win999win.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
1920x360_74.jpg
www.win999win.com/en/2024-07/
96 KB
97 KB
Image
General
Full URL
https://www.win999win.com/en/2024-07/1920x360_74.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
b9ed282711156d16da803cf78c07bf10218f08f9923767974776abdcd30bb83b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 15:28:23 GMT
Via
1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Mon, 15 Jul 2024 05:06:00 GMT
Server
PWS/8.3.1.0.8
Age
17606
ETag
"6694ae38-1808c"
X-Ws-Request-Id
66b24117_PSmgnyNY3aa36_45228-61292
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
X-Px
ht PSmgnyNY3mk42JFK
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
98444
Expires
Wed, 06 Aug 2025 10:34:57 GMT
modules.8da33a8f469c3b5ffcec.js
script.hotjar.com/
223 KB
56 KB
Script
General
Full URL
https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-121800.js?sv=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-87.jfk50.r.cloudfront.net
Software
/
Resource Hash
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 14:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 a1546fc751225809c39b89ba9e8d715c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
608717
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56385
last-modified
Tue, 30 Jul 2024 14:22:40 GMT
etag
"0728625a147ca79276a1790b9cf3175d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
8Ia1eRDTWH2K9YmzVNmxZkldFYxKp4gNpnJRuPPjHW3bNnmZk_ES2g==
js
www.googletagmanager.com/gtag/
280 KB
95 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XTJPZCJBEY&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
4e4257c28be1bea69dbc7928e5a444c658925152d1d0b2c234f1e39adc8be68d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 15:28:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97273
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 06 Aug 2024 15:28:23 GMT
/
asia.adform.net/Serving/TrackPoint/
Redirect Chain
  • https://asia.adform.net/Serving/TrackPoint/?pm=3095779&ADFPageName=Dafabet%20All%20Pages&ADFdivider=%7C&ord=125288451995&ADFtpmode=2&loc=https%3A%2F%2Fwww.win999win.com%2Fen&Set1=en-US%7Cen-US%7C16...
  • https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=3095779&ADFPageName=Dafabet%20All%20Pages&ADFdivider=%7C&ord=125288451995&ADFtpmode=2&loc=https%3A%2F%2Fwww.win999win.com%2Fen&Set1=en-US%7Cen-US...
845 B
1 KB
Script
General
Full URL
https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=3095779&ADFPageName=Dafabet%20All%20Pages&ADFdivider=%7C&ord=125288451995&ADFtpmode=2&loc=https%3A%2F%2Fwww.win999win.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24
Protocol
H2
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b487ed442d3933411660a12fc5d9e540f21dcf18581279792e01a7ad8ce07d2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 15:28:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
689
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 06 Aug 2024 15:28:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
text/html; charset=utf-8
location
https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=3095779&ADFPageName=Dafabet%20All%20Pages&ADFdivider=%7C&ord=125288451995&ADFtpmode=2&loc=https%3A%2F%2Fwww.win999win.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
1727308371340020
connect.facebook.net/signals/config/
66 KB
15 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1727308371340020?v=2.9.164&r=stable&domain=www.win999win.com&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
63623aa600fc95c0e928941b9d19bae98c6e7f040aa9b0cfbb7dca19ce747adb
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 06 Aug 2024 15:28:24 GMT
document-policy
force-load-at-top
x-fb-server-load
32
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=129, rtx=0, c=65, mss=1297, tbw=64378, tp=-1, tpl=-1, uplat=748, ullat=1
pragma
public
x-fb-debug
931mpYG9aTT097Q4Zkbn9mo58YPZPZPTZBacaTYoxh80pugJml8fvl+ZS3NOQ/v/XshF0jK9iWxI4iK/G1EOtg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
wwdafabet
adscool.net/pageview/
0
601 B
Script
General
Full URL
https://adscool.net/pageview/wwdafabet?usr=v1.3%3A13616358335%3A1722958103348%3A1722958103348&scr=1600x1200%7C1600x1200&scv=1600x1200%7C0&pgh=www.win999win.com&pgl=%2Fen&pgs=&pgr=
Requested by
Host: adscool.net
URL: https://adscool.net/resources/content/wwdafabet.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 15:28:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
status
200 OK
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
c392dbd4-6e0c-4acb-bc93-db35666978f7
x-runtime
0.005738
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding,Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bukqk3bdGR0Gvm6EOJyJk7nFtCPFH9uIMLOnDkAOlpCHjwNvsPNX7sL6aS7KChzRbSVXpFP9vwSO%2Bp66fAd0lK7pZraUUK%2BcWdF2HIy%2BDwfs4fxpdQHKne7BVnQbOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
cf-ray
8af00e721fd67c6b-LAX
wmetrics
rtgsystemsync.com/
0
404 B
Ping
General
Full URL
https://rtgsystemsync.com/wmetrics?rtid=AEH-1722891893963441&fr=0&dr=&dl=https%3A%2F%2Fwww.win999win.com%2Fen
Requested by
Host: rtgsystemsync.com
URL: https://rtgsystemsync.com/tag/js?rtid=AEH-1722891893963441
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.191.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 15:28:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BoGpNltxJCvHZ%2FHJvv8XoPzF%2Bgt2nUNUxbrhzwH4B9n93XfuE%2F547auvQ6detyW%2BQwS6YcNByBvLbufRU3gdPuGO1oQLlcJ6pPJoFcYLw8ERHILHD4iHIM3QpBuHaQ3Gy1spzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8af00e723d3e310d-LAX
alt-svc
h3=":443"; ma=86400
content-length
0
impact.js
radar.cedexis.com/releases/1707728419/
7 KB
4 KB
Script
General
Full URL
https://radar.cedexis.com/releases/1707728419/impact.js
Requested by
Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.54.49.5 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
5.49.54.45.ptr.anycast.net
Software
nginx /
Resource Hash
70ba610e8b04346fcfaf7131529082ab2f9cec6954ce32552b1cac0a9e567aba

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 15:28:23 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Feb 2024 09:51:35 GMT
Server
nginx
ETag
W/"65c9ea27-1c28"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=1209600, public
Connection
keep-alive
Expires
Tue, 20 Aug 2024 15:28:23 GMT
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-XTJPZCJBEY&gtm=45je47v0h1v9126248990za200&_p=1722958100961&gcd=13l3l3l3l2&npa=0&dma=0&tag_exp=95250753&ul=en-us&sr=1600x1200&cid=1570167632.1722958103&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.win999win.com%2Fen&dt=Dafabet%20is%20The%20Most%20Secure%20Online%20Betting%20Company%20in%20Asia&sid=1722958103&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=5201
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XTJPZCJBEY&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.139 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f139.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 15:28:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.win999win.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1722958101283
rpt.cedexis.com/n1/0/1722958098542/0/0/0/0/1722958100071/1722958100071/1722958100071/1722958100071/1722958100071/0/1722958100077/1722958100846/1722958100876/1722958100905/1722958101899/172295810189...
16 B
276 B
XHR
General
Full URL
https://rpt.cedexis.com/n1/0/1722958098542/0/0/0/0/1722958100071/1722958100071/1722958100071/1722958100071/1722958100071/0/1722958100077/1722958100846/1722958100876/1722958100905/1722958101899/1722958101899/1722958101908/1722958102634/1722958102634/1722958102638/_CgJqMRAUGHwiBggBEOidASjuzOv6CjCXgsm1BjiXgsm1BkDA5ZKxAUoUCAEQ3wEYwXYgg4CAwAQoj4CAoARQhcKOB1oVCAEQ3wEY7oENIIKAgMAEKK2AgKAEYAFqE2J1dHRvbjEuaWFkLmh2LnByb2SCARUIARDfARiIgwMgioCAwAQohYCAoASIAaLru84PkAEAmAEA/0/1722958101283
Requested by
Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 15:28:24 GMT
Server
nginx
Content-Type
text/plain
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Keep-Alive
timeout=1
Content-Length
16
Brand%20Ambassador_EN.png
www.win999win.com/en/ambassadors/
133 KB
133 KB
Image
General
Full URL
https://www.win999win.com/en/ambassadors/Brand%20Ambassador_EN.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
3ba02d21c9b69018b9ff62768156c206f0a05255c368b2166adda35b7067dd62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 15:28:23 GMT
Via
1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Tue, 16 Jul 2024 07:48:36 GMT
Server
PWS/8.3.1.0.8
Age
17605
ETag
"669625d4-21260"
X-Ws-Request-Id
66b24117_PSmgnyNY3aa36_45228-61304
Content-Type
image/png
Cache-Control
max-age=31536000, public
X-Px
ht PSmgnyNY3mk42JFK
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
135776
Expires
Wed, 06 Aug 2025 10:34:58 GMT
sprite.52a6941f046fba92b535d0fb9357a8bc.png
www.win999win.com/en/dafa/images/
206 KB
0
Image
General
Full URL
https://www.win999win.com/en/dafa/images/sprite.52a6941f046fba92b535d0fb9357a8bc.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
4865df327140a52e50f92d603b9a546fba023ae7bc05c28904f5ccaf77675e95

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 15:28:21 GMT
Via
1.1 PS-TPE-01qXz223:0 (W), 1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Last-Modified
Thu, 18 Jul 2024 07:11:52 GMT
Server
PWS/8.3.1.0.8
Age
17606
ETag
"6698c038-337ae"
X-Ws-Request-Id
66b24115_PSmgnyNY3aa36_45076-53916
Content-Type
image/png
Cache-Control
max-age=31536000, public
X-Px
ht PSmgnyNY3mk42JFK
Accept-Ranges
bytes
Content-Length
210862
Expires
Wed, 06 Aug 2025 10:34:55 GMT
playtech-footer.png
www.win999win.com/en/2022-07/
6 KB
6 KB
Image
General
Full URL
https://www.win999win.com/en/2022-07/playtech-footer.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
caed37875e80934c7f52564ca26b7846bd1f7bfa26f6eb74994556ee9777dbec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 15:28:23 GMT
Via
1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 20 Jul 2022 08:22:19 GMT
Server
PWS/8.3.1.0.8
Age
17605
ETag
"62d7bb3b-1709"
X-Ws-Request-Id
66b24117_PSmgnyNY3aa36_44209-63258
Content-Type
image/png
Cache-Control
max-age=31536000, public
X-Px
ht PSmgnyNY3mk42JFK
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5897
Expires
Wed, 06 Aug 2025 10:34:58 GMT
bitcoin_Footer%20160x41.png
www.win999win.com/en/2019-09/
2 KB
3 KB
Image
General
Full URL
https://www.win999win.com/en/2019-09/bitcoin_Footer%20160x41.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.170.144 New York, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
1fad8a0d38b8307c0781fbfd3222b43917c5c879bbcfb3d5e0b96d1b4416e5a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 06 Aug 2024 15:28:23 GMT
Via
1.1 PSxgHK5dz198:7 (W), 1.1 PSmgdfDEN1rj88:5 (W), 1.1 PSmgnyNY3mk42:10 (W)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Mon, 23 Sep 2019 09:48:31 GMT
Server
PWS/8.3.1.0.8
Age
17605
ETag
"5d8894ef-9ad"
X-Ws-Request-Id
66b24117_PSmgnyNY3aa36_44209-63259
Content-Type
image/png
Cache-Control
max-age=31536000, public
X-Px
ht PSmgnyNY3mk42JFK
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2477
Expires
Wed, 06 Aug 2025 10:34:58 GMT
frosmo.xdm.html
dafabetcomasia.asia.frosmo.com/ Frame 1519
0
0
Document
General
Full URL
https://dafabetcomasia.asia.frosmo.com/frosmo.xdm.html?24.51.0
Requested by
Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
52.79.118.14 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-79-118-14.ap-northeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://www.win999win.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-length
1104
content-type
text/html
date
Tue, 06 Aug 2024 15:28:24 GMT
etag
"5bea9576-450"
last-modified
Tue, 13 Nov 2018 09:12:22 GMT
server
nginx
vary
Accept-Encoding
1111248093529440
connect.facebook.net/signals/config/
34 KB
7 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1111248093529440?v=2.9.164&r=stable&domain=www.win999win.com&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C195%2C194%2C196%2C201%2C202%2C203%2C199%2C191%2C128%2C158%2C190%2C192%2C119%2C152%2C141%2C146%2C184%2C185%2C125%2C227%2C113%2C124%2C228%2C160%2C116%2C230%2C161%2C132%2C120%2C149%2C144
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
17a331c84343ad9448a8656a971fe33f4cde3dcee2400ad87e977fc624d4ed0c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 06 Aug 2024 15:28:24 GMT
document-policy
force-load-at-top
x-fb-server-load
34
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=121, rtx=0, c=26, mss=1232, tbw=8280, tp=17, tpl=0, uplat=623, ullat=0
pragma
public
x-fb-debug
HYGPFKxmidjbDNuddlfpPVtTHj1XXiDhV6bNkrDZ8UDOs5rCCN3PBJeaWXhX9/Ngz/pMhnFcE5ZwRcIrf6voQg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
270 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1727308371340020&ev=PageView&dl=https%3A%2F%2Fwww.win999win.com%2Fen&rl=&if=false&ts=1722958104293&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722958104290.475295637564949024&ler=empty&cdl=API_unavailable&it=1722958103333&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=119, rtx=0, c=10, mss=1297, tbw=2818, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 06 Aug 2024 15:28:24 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
3 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1727308371340020&ev=PageView&dl=https%3A%2F%2Fwww.win999win.com%2Fen&rl=&if=false&ts=1722958104293&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722958104290.475295637564949024&ler=empty&cdl=API_unavailable&it=1722958103333&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Tue, 06 Aug 2024 15:28:24 GMT
document-policy
force-load-at-top
x-fb-server-load
47
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7400048710762987077", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=119, rtx=0, c=10, mss=1297, tbw=3132, tp=-1, tpl=-1, uplat=103, ullat=0
pragma
no-cache
x-fb-debug
FVZ4CavZrl6pKtb5VfK54i3EUwZxcM3N9hN38+uBoGUQOvSpDvzDFt1O9PG1qcfH3IHRJ9aQV+4HiO+Lc0fxzg==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7400048710762987077"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixels
c1.adform.net/imatch/ Frame B138
0
0
Document
General
Full URL
https://c1.adform.net/imatch/pixels?bt=0&uid=439906683004740082&agencyId=8910&advertiserId=2170253&src=tp&rnd=105875
Requested by
Host: asia.adform.net
URL: https://asia.adform.net/Serving/TrackPoint/?pm=3095779&ADFPageName=Dafabet%20All%20Pages&ADFdivider=%7C&ord=125288451995&ADFtpmode=2&loc=https%3A%2F%2Fwww.win999win.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.53 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 06 Aug 2024 15:28:24 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
/
asia.seadform.net/serving/cookie/sync/
35 B
466 B
Image
General
Full URL
https://asia.seadform.net/serving/cookie/sync/?uid=439906683004740082&stamp=FB8fxtoEmcgDvP-67D9Y4w2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 15:28:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
1232172684609899
connect.facebook.net/signals/config/
25 KB
4 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1232172684609899?v=2.9.164&r=stable&domain=www.win999win.com&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C195%2C194%2C196%2C201%2C202%2C203%2C199%2C191%2C128%2C158%2C190%2C192%2C119%2C152%2C141%2C146%2C184%2C185%2C125%2C227%2C113%2C124%2C228%2C160%2C116%2C230%2C161%2C132%2C120%2C149%2C144%2C130%2C123
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
5b9227e39552179d38911c5f39bed2cd915f706ad9ef6ed6c6b5a060375c3915
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 06 Aug 2024 15:28:25 GMT
document-policy
force-load-at-top
x-fb-server-load
36
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=121, rtx=0, c=34, mss=1232, tbw=17480, tp=26, tpl=0, uplat=303, ullat=0
pragma
public
x-fb-debug
b1aKOsiFBYre//ObN2anF3SjwWsTq88/P6jjBTs5FJ23dhqNuWDKNF3lq64OIbVXpbpVZUEk7WnxPseLBFIQAA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
121 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1111248093529440&ev=PageView&dl=https%3A%2F%2Fwww.win999win.com%2Fen&rl=&if=false&ts=1722958105061&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722958104290.475295637564949024&ler=empty&cdl=API_unavailable&cs_est=true&it=1722958103333&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=124, rtx=0, c=10, mss=1297, tbw=6468, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 06 Aug 2024 15:28:25 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
849 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1111248093529440&ev=PageView&dl=https%3A%2F%2Fwww.win999win.com%2Fen&rl=&if=false&ts=1722958105061&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722958104290.475295637564949024&ler=empty&cdl=API_unavailable&cs_est=true&it=1722958103333&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Tue, 06 Aug 2024 15:28:25 GMT
document-policy
force-load-at-top
x-fb-server-load
40
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7400048714761437940", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=124, rtx=0, c=10, mss=1297, tbw=6633, tp=-1, tpl=-1, uplat=32, ullat=0
pragma
no-cache
x-fb-debug
ut5gwmg2cLBZ84c+J+XY69eptC8qqiV8KNtqu/Wv4kFJHiv0Dnxh+Evui3vv9RSAZj5X+EpJdBOorPxiQfYadg==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7400048714761437940"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
optimizerApi
asia.frosmo.com/
43 B
173 B
Ping
General
Full URL
https://asia.frosmo.com/optimizerApi?event=visit&source=direct&device=desktop&sessionStart=20240806152825&cookieId=locldg.lzikrpnh&origin=dafabet_com_asia&ver=24.51.0-3.6&segments=&06152851
Requested by
Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Thu, 01 Jan 1970 00:00:01 GMT
date
Tue, 06 Aug 2024 15:28:25 GMT
cache-control
no-cache, private
server
openresty
content-length
43
content-type
image/gif
eventsApi
asia.frosmo.com/
43 B
123 B
Ping
General
Full URL
https://asia.frosmo.com/eventsApi?method=customAction&name=userLoggedIn&value=false&title=&cookieId=locldg.lzikrpnh&origin=dafabet_com_asia&ver=24.51.0-3.6&0
Requested by
Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software
openresty /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 15:28:25 GMT
server
openresty
x-robots-tag
none
content-length
43
content-type
image/gif
eventsApi
asia.frosmo.com/
43 B
123 B
Ping
General
Full URL
https://asia.frosmo.com/eventsApi?method=customAction&name=chrome53&value=true&title=&cookieId=locldg.lzikrpnh&origin=dafabet_com_asia&ver=24.51.0-3.6&1
Requested by
Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software
openresty /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 15:28:25 GMT
server
openresty
x-robots-tag
none
content-length
43
content-type
image/gif
eventsApi
asia.frosmo.com/
43 B
123 B
Ping
General
Full URL
https://asia.frosmo.com/eventsApi?method=customAction&name=chrome&value=true&title=&cookieId=locldg.lzikrpnh&origin=dafabet_com_asia&ver=24.51.0-3.6&2
Requested by
Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software
openresty /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 15:28:25 GMT
server
openresty
x-robots-tag
none
content-length
43
content-type
image/gif
eventsApi
asia.frosmo.com/
43 B
123 B
Ping
General
Full URL
https://asia.frosmo.com/eventsApi?method=customAction&name=popupNrSpecificPlayers&value=1&title=&cookieId=locldg.lzikrpnh&origin=dafabet_com_asia&ver=24.51.0-3.6&3
Requested by
Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software
openresty /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 15:28:25 GMT
server
openresty
x-robots-tag
none
content-length
43
content-type
image/gif
optimizerApi
asia.frosmo.com/
43 B
174 B
Ping
General
Full URL
https://asia.frosmo.com/optimizerApi?event=showMessage&messageId=2236&revision=1&sessionStart=20240806152825&cookieId=locldg.lzikrpnh&origin=dafabet_com_asia&ver=24.51.0-3.6&segments=&0615281022
Requested by
Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Thu, 01 Jan 1970 00:00:01 GMT
date
Tue, 06 Aug 2024 15:28:25 GMT
cache-control
no-cache, private
server
openresty
content-length
43
content-type
image/gif
location
asia.frosmo.com/
43 B
491 B
XHR
General
Full URL
https://asia.frosmo.com/location
Requested by
Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 15:28:25 GMT
x-real-ip
162.245.206.249
x-longitude
-118.41600
x-isp
i3D.net B.V
x-city
El Segundo
content-length
43
x-country-name
United States
server
openresty
x-country2
US
content-type
image/gif
access-control-allow-origin
*
x-region-code
CA
access-control-expose-headers
X-Country2,X-latitude,X-longitude,X-Region-Code,X-City,X-ISP,X-Real-IP
cache-control
no-cache, private
x-latitude
33.91920
access-control-allow-headers
X-Country2,X-latitude,X-longitude,X-Region-Code,X-City,X-ISP,X-Real-IP
expires
Thu, 01 Jan 1970 00:00:01 GMT
optimizerApi
asia.frosmo.com/
43 B
173 B
Ping
General
Full URL
https://asia.frosmo.com/optimizerApi?event=setUserSegment&segmentName=sgmt_1978&segmentValue=value1&sessionStart=20240806152825&cookieId=locldg.lzikrpnh&origin=dafabet_com_asia&ver=24.51.0-3.6&segments=1978&0615281183
Requested by
Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.win999win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Thu, 01 Jan 1970 00:00:01 GMT
date
Tue, 06 Aug 2024 15:28:25 GMT
cache-control
no-cache, private
server
openresty
content-length
43
content-type
image/gif
optimizerApi
asia.frosmo.com/
43 B
173 B
Ping