www.dafabet.com Open in urlscan Pro
163.171.128.148 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://otnolatrnup.com/Redirect.eng?MediaSegmentId=69731&dcid=1_ctx_c651dac1-ffea-4198-a4ba-06211ee8ea71&vmId=00000000-...
Effective URL:
https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=...
Submission: On October 05 via manual (October 5th 2022, 3:53:26 pm UTC) from IN — Scanned from DE

Summary HTTP 177 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 62 IPs in 12 countries across 64 domains to perform 177 HTTP transactions. The main IP is 163.171.128.148, located in Germany and belongs to QUANTILNETWORKS, US. The main domain is www.dafabet.com. The Cisco Umbrella rank of the primary domain is 529716.
TLS certificate: Issued by Entrust Certification Authority - L1K on February 4th 2022. Valid for: a year.

This is the only time www.dafabet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700::68... 2606:4700::6813:d725	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a02:26f0:f70... 2a02:26f0:f700:5::216:59bb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 47	163.171.128.148 163.171.128.148	54994 (QUANTILNE...) (QUANTILNETWORKS)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
2	143.204.89.95 143.204.89.95	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
6	108.138.2.60 108.138.2.60	16509 (AMAZON-02) (AMAZON-02)
1	18.66.122.99 18.66.122.99	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:807::200e	15169 (GOOGLE) (GOOGLE)
1	108.138.17.83 108.138.17.83	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:225... 2600:9000:225e:9400:7:fa80:4c40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	37.157.6.236 37.157.6.236	198622 (ADFORM) (ADFORM)
1 3	35.241.57.45 35.241.57.45	15169 (GOOGLE) (GOOGLE)
1	54.228.20.5 54.228.20.5	16509 (AMAZON-02) (AMAZON-02)
2 4	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
2	104.225.98.130 104.225.98.130	36236 (NETACTUATE) (NETACTUATE)
1	18.66.112.6 18.66.112.6	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.113 18.66.147.113	16509 (AMAZON-02) (AMAZON-02)
1	34.251.196.147 34.251.196.147	16509 (AMAZON-02) (AMAZON-02)
13	2607:f740:e61... 2607:f740:e619::1	63911 (NETACTUAT...) (NETACTUATE-AS-AP NetActuate)
1 2	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
1 3	185.84.60.20 185.84.60.20	198622 (ADFORM) (ADFORM)
2	34.149.119.194 34.149.119.194	15169 (GOOGLE) (GOOGLE)
1	52.79.118.14 52.79.118.14	16509 (AMAZON-02) (AMAZON-02)
1 14	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
1 2	52.28.226.85 52.28.226.85	16509 (AMAZON-02) (AMAZON-02)
1	96.16.132.239 96.16.132.239	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	18.193.156.183 18.193.156.183	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.113 185.86.139.113	201081 (SMARTADSE...) (SMARTADSERVER)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	2.18.79.136 2.18.79.136	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	3.126.140.73 3.126.140.73	16509 (AMAZON-02) (AMAZON-02)
1 2	188.132.147.227 188.132.147.227	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
7 8	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
4 4	142.250.180.226 142.250.180.226	15169 (GOOGLE) (GOOGLE)
2 2	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	52.57.150.20 52.57.150.20	16509 (AMAZON-02) (AMAZON-02)
4 4	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::21	60068 (CDN77 ^_^) (CDN77 ^_^)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 3	34.251.218.252 34.251.218.252	16509 (AMAZON-02) (AMAZON-02)
2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	34.248.125.130 34.248.125.130	16509 (AMAZON-02) (AMAZON-02)
1	52.218.112.51 52.218.112.51	16509 (AMAZON-02) (AMAZON-02)
3 3	141.94.171.215 141.94.171.215	16276 (OVH) (OVH)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	193.135.9.133 193.135.9.133	48314 (IP-PROJECTS) (IP-PROJECTS)
1	54.170.82.49 54.170.82.49	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	13.227.219.43 13.227.219.43	16509 (AMAZON-02) (AMAZON-02)
2 3	18.210.31.151 18.210.31.151	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.51.135.205 52.51.135.205	16509 (AMAZON-02) (AMAZON-02)
1 1	34.250.137.124 34.250.137.124	16509 (AMAZON-02) (AMAZON-02)
2 2	18.157.93.190 18.157.93.190	16509 (AMAZON-02) (AMAZON-02)
1	69.169.85.6 69.169.85.6	29838 (AMC) (AMC)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	104.96.128.226 104.96.128.226	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	136.243.148.229 136.243.148.229	24940 (HETZNER-AS) (HETZNER-AS)
1	2600:9000:223... 2600:9000:223f:c600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	3.71.169.66 3.71.169.66	16509 (AMAZON-02) (AMAZON-02)
2	2.21.20.212 2.21.20.212	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
25	52.78.8.111 52.78.8.111	16509 (AMAZON-02) (AMAZON-02)
2	163.171.147.15 163.171.147.15	54994 (QUANTILNE...) (QUANTILNETWORKS)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	2.21.20.209 2.21.20.209	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2.18.79.132 2.18.79.132	() ()
2	110.50.230.131 110.50.230.131	() ()
177	62

1 2606:4700::6813:d725 (United States)

ASN13335 (CLOUDFLARENET, US)

otnolatrnup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f700:5::216:59bb (Vienna, Austria) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

banners.dfbanners.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 163.171.128.148 (Germany) 2 redirects

ASN54994 (QUANTILNETWORKS, US)

www.dafabet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.89.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-95.fra50.r.cloudfront.net

cdn.appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.138.2.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-2-60.fra56.r.cloudfront.net

dk0tzorg7uge9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-99.fra60.r.cloudfront.net

d313lzv9559yp9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-83.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:225e:9400:7:fa80:4c40:93a1 (United States)

ASN16509 (AMAZON-02, US)

e2e82a2c-05fe-4ad9-be2f-be3874730cd4.snippet.antillephone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.236 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.241.57.45 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 45.57.241.35.bc.googleusercontent.com

radar.cedexis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.228.20.5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-20-5.eu-west-1.compute.amazonaws.com

sc.adelement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.211.84 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.225.98.130 (Amsterdam, Netherlands)

ASN36236 (NETACTUATE, US)
PTR: 130.98.225.104.ptr.anycast.net

i2-ujyonscijobgxceyyclhlbliwkymiz.init.cedexis-radar.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i1-j5-20-123-1-20200-1535695922-s.init.cedexis-radar.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-6.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-113.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.196.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-196-147.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f740:e619::1 (United States)

ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US)

rpt.cedexis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.234 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.84.60.20 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

asia.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
asia.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.119.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.119.149.34.bc.googleusercontent.com

col.0wp0usgn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.79.118.14 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-79-118-14.ap-northeast-2.compute.amazonaws.com

dafabetcomasia.asia.frosmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 37.157.3.30 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.226.85 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-226-85.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.132.239 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-132-239.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.193.156.183 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-156-183.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.113 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.79.136 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-136.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.140.73 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-140-73.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.132.147.227 (Turkey) 1 redirects

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
PTR: static-227-147-132-188.sadecehosting.net

ads4.admatic.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads3.admatic.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 77.243.60.138 (Aalborg, Denmark) 7 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
se.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.201 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.153 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.180.226 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.93 (Schopfheim, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.150.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.78.254.47 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::21 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.251.218.252 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-218-252.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.125.130 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-125-130.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.112.51 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.94.171.215 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.135.9.133 (Germany)

ASN48314 (IP-PROJECTS, DE)

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.170.82.49 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-82-49.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.219.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-43.ams54.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.210.31.151 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-31-151.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.135.205 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-135-205.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.137.124 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-137-124.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.157.93.190 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-93-190.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.169.85.6 (Cranford, United States)

ASN29838 (AMC, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.128.226 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-128-226.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.148.229 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.229.148.243.136.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:c600:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.169.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-169-66.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.20.212 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-212.deploy.static.akamaitechnologies.com

aka-als.dafabet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 52.78.8.111 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com

asia.frosmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 163.171.147.15 (United States)

ASN54994 (QUANTILNETWORKS, US)

cdnetworks-230.shadowsamurai.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.20.209 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-209.deploy.static.akamaitechnologies.com

aka-www.dffgames.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.79.132 (None, )

ASN- ()

aka-www.dafalive88.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 110.50.230.131 (None, )

ASN- ()

ori-www.dffgames.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	dafabet.com 2 redirects www.dafabet.com — Cisco Umbrella Rank: 529716 aka-als.dafabet.com	3 MB
26	frosmo.com dafabetcomasia.asia.frosmo.com asia.frosmo.com — Cisco Umbrella Rank: 775885	90 KB
19	adform.net 3 redirects s2.adform.net — Cisco Umbrella Rank: 5940 track.adform.net — Cisco Umbrella Rank: 3262 asia.adform.net — Cisco Umbrella Rank: 39253 c1.adform.net — Cisco Umbrella Rank: 989 dmp.adform.net — Cisco Umbrella Rank: 5409	41 KB
16	cedexis.com 1 redirects radar.cedexis.com — Cisco Umbrella Rank: 3567 rpt.cedexis.com — Cisco Umbrella Rank: 2527	26 KB
8	semasio.net 7 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1769 se.semasio.net — Cisco Umbrella Rank: 22498	5 KB
7	cloudfront.net dk0tzorg7uge9.cloudfront.net d313lzv9559yp9.cloudfront.net	594 KB
5	exelator.com 4 redirects loadm.exelator.com — Cisco Umbrella Rank: 2615 load77.exelator.com — Cisco Umbrella Rank: 4275 loada.exelator.com — Cisco Umbrella Rank: 26311	4 KB
5	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 707 ib.adnxs.com — Cisco Umbrella Rank: 334	5 KB
4	dffgames.com aka-www.dffgames.com ori-www.dffgames.com	21 KB
4	doubleclick.net 4 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 304	731 B
4	antillephone.com e2e82a2c-05fe-4ad9-be2f-be3874730cd4.snippet.antillephone.com	51 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 874 script.hotjar.com — Cisco Umbrella Rank: 1166 vars.hotjar.com — Cisco Umbrella Rank: 1268 in.hotjar.com — Cisco Umbrella Rank: 2355	94 KB
4	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2144 www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
3	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 3704	3 KB
3	onaudience.com 3 redirects pixel.onaudience.com — Cisco Umbrella Rank: 4592	1 KB
3	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 1102	805 B
2	dafalive88.com aka-www.dafalive88.com	3 KB
2	shadowsamurai.net cdnetworks-230.shadowsamurai.net	4 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 732	581 B
2	1dmp.io 1 redirects sync.1dmp.io — Cisco Umbrella Rank: 12004	805 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 9297	528 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1306	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 293	2 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 463	529 B
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 786	654 B
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2125	943 B
2	mathtag.com 2 redirects pixel.mathtag.com — Cisco Umbrella Rank: 1507	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 908	2 KB
2	admatic.com.tr 1 redirects ads4.admatic.com.tr — Cisco Umbrella Rank: 51382 ads3.admatic.com.tr — Cisco Umbrella Rank: 59428	689 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 430	1 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 432	489 B
2	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 6709	693 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 867	830 B
2	0wp0usgn.com col.0wp0usgn.com — Cisco Umbrella Rank: 509510	305 B
2	cedexis-radar.net i2-ujyonscijobgxceyyclhlbliwkymiz.init.cedexis-radar.net i1-j5-20-123-1-20200-1535695922-s.init.cedexis-radar.net	2 KB
2	appdynamics.com cdn.appdynamics.com — Cisco Umbrella Rank: 4974	52 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	869 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 1813	55 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 601	140 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 25750	49 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 1009	241 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1522	172 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 642	1 KB
1	ib-ibi.com global.ib-ibi.com — Cisco Umbrella Rank: 3524	72 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 791	488 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 27551	444 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 1016	225 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 757	338 B
1	adsafety.net cm.adsafety.net — Cisco Umbrella Rank: 17518	229 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 35566	406 B
1	openx.net eu-u.openx.net — Cisco Umbrella Rank: 2606	273 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 596	98 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 1457	344 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 1021	795 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 852	163 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 1067	214 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 3860	522 B
1	seadform.net asia.seadform.net — Cisco Umbrella Rank: 108343	343 B
1	adelement.com sc.adelement.com — Cisco Umbrella Rank: 300448	206 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 129	74 KB
1	dfbanners.com 1 redirects banners.dfbanners.com — Cisco Umbrella Rank: 449828	829 B
1	otnolatrnup.com otnolatrnup.com — Cisco Umbrella Rank: 35584	3 KB
0	qianxiajz.com Failed cdn-static.qianxiajz.com Failed
177	64

	Domain	Requested by
47	www.dafabet.com	2 redirects otnolatrnup.com www.dafabet.com cdn.appdynamics.com
25	asia.frosmo.com	dk0tzorg7uge9.cloudfront.net cdn.appdynamics.com
13	rpt.cedexis.com	cdn.appdynamics.com
11	c1.adform.net	1 redirects asia.adform.net c1.adform.net
6	dk0tzorg7uge9.cloudfront.net	www.dafabet.com
5	se.semasio.net	4 redirects c1.adform.net
4	cm.g.doubleclick.net	4 redirects
4	secure.adnxs.com	2 redirects c1.adform.net
4	e2e82a2c-05fe-4ad9-be2f-be3874730cd4.snippet.antillephone.com	www.dafabet.com
3	dmp.adform.net	c1.adform.net
3	a.audrte.com	2 redirects c1.adform.net
3	pixel.onaudience.com	3 redirects
3	sync.crwdcntrl.net	2 redirects c1.adform.net
3	uipglob.semasio.net	3 redirects
3	radar.cedexis.com	1 redirects radar.cedexis.com
2	ori-www.dffgames.com	radar.cedexis.com
2	aka-www.dafalive88.com	radar.cedexis.com
2	aka-www.dffgames.com	radar.cedexis.com
2	cdnetworks-230.shadowsamurai.net	radar.cedexis.com
2	aka-als.dafabet.com	radar.cedexis.com
2	pixel.tapad.com	2 redirects
2	sync.1dmp.io	1 redirects c1.adform.net
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	match.adsrvr.org	c1.adform.net
2	loada.exelator.com	2 redirects
2	tags.bluekai.com	c1.adform.net
2	loadm.exelator.com	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	pixel.mathtag.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	x.bidswitch.net	2 redirects
2	ups.analytics.yahoo.com	1 redirects c1.adform.net
2	ih.adscale.de	2 redirects
2	ad.360yield.com	1 redirects c1.adform.net
2	col.0wp0usgn.com	cdn.appdynamics.com
2	asia.adform.net	1 redirects
2	track.adform.net	1 redirects
2	www.google-analytics.com	www.dafabet.com cdn.appdynamics.com
2	region1.google-analytics.com	www.googletagmanager.com
2	cdn.appdynamics.com	www.dafabet.com cdn.appdynamics.com
1	fonts.googleapis.com	dk0tzorg7uge9.cloudfront.net
1	e1.emxdgt.com	c1.adform.net
1	eb2.3lift.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	id5-sync.com	c1.adform.net
1	global.ib-ibi.com	c1.adform.net
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	cm.adsafety.net	c1.adform.net
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	eu-u.openx.net	c1.adform.net
1	idsync.rlcdn.com	c1.adform.net
1	load77.exelator.com	c1.adform.net
1	ps.eyeota.net	c1.adform.net
1	ib.adnxs.com	1 redirects
1	ads3.admatic.com.tr	c1.adform.net
1	ads4.admatic.com.tr	1 redirects
1	ads.stickyadstv.com	c1.adform.net
1	rtb-csync.smartadserver.com	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	asia.seadform.net
1	i1-j5-20-123-1-20200-1535695922-s.init.cedexis-radar.net	cdn.appdynamics.com
1	dafabetcomasia.asia.frosmo.com	dk0tzorg7uge9.cloudfront.net
1	in.hotjar.com	cdn.appdynamics.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	i2-ujyonscijobgxceyyclhlbliwkymiz.init.cedexis-radar.net	cdn.appdynamics.com
1	sc.adelement.com
1	s2.adform.net	www.dafabet.com
1	static.hotjar.com	www.dafabet.com
1	d313lzv9559yp9.cloudfront.net	www.dafabet.com
1	www.googletagmanager.com	www.dafabet.com
1	banners.dfbanners.com	1 redirects
1	otnolatrnup.com
0	cdn-static.qianxiajz.com Failed
177	83

This site contains links to these domains. Also see Links.

Domain
account.dafabet.com
www.promomenang.com
dfgameplay.com
888df.com
dfnec.com
www.messenger.com
www.df-gamingconnector.com
www.dafaleague.com
dafabet-partnership.com
www.dafabetaffiliates.com
twitter.com
www.youtube.com
validator.antillephone.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.dafabet.com Entrust Certification Authority - L1K	`2022-02-04` - `2023-03-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.appdynamics.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-17` - `2023-07-22`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.snippet.antillephone.com Starfield Secure Certificate Authority - G2	`2022-04-02` - `2023-05-04`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
adelement.com Amazon	`2022-08-29` - `2023-09-26`	a year	crt.sh
*.init.cedexis-radar.net DigiCert TLS RSA SHA256 2020 CA1	`2022-04-11` - `2023-04-11`	a year	crt.sh
radar.cedexis.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-14` - `2023-06-14`	a year	crt.sh
col.0wp0usgn.com Entrust Certification Authority - L1K	`2022-03-22` - `2023-04-03`	a year	crt.sh
*.asia.frosmo.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-28` - `2023-04-03`	a year	crt.sh
*.seadform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-11-04`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2022-01-14` - `2023-01-13`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-14` - `2023-06-16`	a year	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2022-03-18` - `2023-03-18`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.adsafety.net R3	`2022-08-01` - `2022-10-30`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.userreport.com Amazon	`2022-01-19` - `2023-02-17`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.ib-ibi.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-01` - `2023-04-01`	a year	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
teads.tv R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
s.ad.smaato.net Amazon	`2022-08-22` - `2023-09-20`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2022-05-31` - `2023-06-04`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2022-05-18` - `2023-06-19`	a year	crt.sh
dafabet.com R3	`2022-08-05` - `2022-11-03`	3 months	crt.sh
support14c.cdnetworks.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-30` - `2022-12-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
dffgames.com R3	`2022-08-05` - `2022-11-03`	3 months	crt.sh
dafalive88.com R3	`2022-08-29` - `2022-11-27`	3 months	crt.sh
*.dffgames.com Entrust Certification Authority - L1K	`2021-10-26` - `2022-11-05`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
Frame ID: F0CD7E2259E1BCDE6795AF4B4C3A0B99
Requests: 119 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: 856C91468BD9A43F7FA51E490F2605A5
Requests: 1 HTTP requests in this frame

Frame: https://dafabetcomasia.asia.frosmo.com/frosmo.xdm.html?8.142.0
Frame ID: 4FAF7D6265A87EEDE74F719198139019
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042
Frame ID: D34B7EE50954FD9CFC2431A51C917FA4
Requests: 46 HTTP requests in this frame

Frame: https://aka-als.dafabet.com/test/d17.html?rnd=1-1-20200-1-20200-44612-3937572372-_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYAQA
Frame ID: 9C19F0FEF2AA57121BFFDE6CE3984BC5
Requests: 1 HTTP requests in this frame

Frame: https://aka-als.dafabet.com/test/d17.html?rnd=0-1-20200-1-20200-44612-3937572372-_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYAQA
Frame ID: CD625D8CBD98AC26691A17F0F23C115C
Requests: 1 HTTP requests in this frame

Frame: https://cdnetworks-230.shadowsamurai.net/test/d17.html?rnd=1-1-20200-1-20200-47800-3937572372-_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYAQA
Frame ID: F5FFA8E3200FFBBBB2966AC76A1B61C3
Requests: 1 HTTP requests in this frame

Frame: https://cdnetworks-230.shadowsamurai.net/test/d17.html?rnd=0-1-20200-1-20200-47800-3937572372-_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYAQA
Frame ID: 5CAC07F040083E480FC2850CEADA52BB
Requests: 1 HTTP requests in this frame

Frame: https://aka-www.dffgames.com/en/promotions/sureroute.html?rnd=1-1-20200-1-20200-42793-3937572372-_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYAQA
Frame ID: 20FFABE7D8C33443DB76386AF21962AA
Requests: 1 HTTP requests in this frame

Frame: https://aka-www.dffgames.com/en/promotions/sureroute.html?rnd=0-1-20200-1-20200-42793-3937572372-_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYAQA
Frame ID: 761B4FCDE8849956DB430C087AAEBCCC
Requests: 1 HTTP requests in this frame

Frame: https://aka-www.dafalive88.com/en/promotions/sureroute.html?rnd=1-1-20200-1-20200-44669-3937572372-_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYAQA
Frame ID: 78182566B668105C5DF8798DEDD9A3D6
Requests: 1 HTTP requests in this frame

Frame: https://aka-www.dafalive88.com/en/promotions/sureroute.html?rnd=0-1-20200-1-20200-44669-3937572372-_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYAQA
Frame ID: 4D983801DCEF1EAF92135FA58B5128A1
Requests: 1 HTTP requests in this frame

Frame: https://ori-www.dffgames.com/en/promotions/sureroute.html?rnd=1-1-20200-1-20200-42796-3937572372-_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYAQA
Frame ID: 7CDBCAC6492530233F7D69F34577C916
Requests: 1 HTTP requests in this frame

Frame: https://ori-www.dffgames.com/en/promotions/sureroute.html?rnd=0-1-20200-1-20200-42796-3937572372-_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYAQA
Frame ID: DADD5C61DA104394E881AFFC7271F851
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dafabet is The Most Secure Online Betting Company in Asia

Page URL History Show full URLs

https://otnolatrnup.com/Redirect.eng?MediaSegmentId=69731&dcid=1_ctx_c651dac1-ffea-4198-a4ba-06211ee... Page URL
https://banners.dfbanners.com/redirect.aspx?pid=61340&bid=7861&redirectURL=http://www.dafabet.com/ HTTP 301
http://www.dafabet.com/?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=6... HTTP 302
https://www.dafabet.com/?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=6... HTTP 302
https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium... Page URL

Detected technologies

AppDynamics (Analytics) Expand

Overall confidence: 100%
Detected patterns

adrum

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

<(?:iframe|img)[^>]+adnxs\.(?:net|com)
adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

177
Requests

85 %
HTTPS

13 %
IPv6

64
Domains

83
Subdomains

62
IPs

12
Countries

4135 kB
Transfer

6598 kB
Size

110
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://account.dafabet.com/en/cant-login?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E
Title: Can't login?

Search URL Search Domain Scan URL

URL: https://www.promomenang.com/sportsbook/app/en/#dafasports
Title: DAFA SPORTS APP

Search URL Search Domain Scan URL

URL: https://dfgameplay.com/gjdqub
Title: Add us on WhatsApp!

Search URL Search Domain Scan URL

URL: https://dfgameplay.com/gjdpp9
Title: DafaAsia

Search URL Search Domain Scan URL

URL: https://888df.com/app
Title: CASINO

Search URL Search Domain Scan URL

URL: https://www.promomenang.com/sportsbook/app/en/#dafaowsports
Title: DAFA OW APP

Search URL Search Domain Scan URL

URL: https://dfnec.com/dfc-ep
Title: DAFABET CONNECT

Search URL Search Domain Scan URL

URL: https://dfgameplay.com/gjdnjr
Title: DafaAsia

Search URL Search Domain Scan URL

URL: https://www.messenger.com/t/dfasiaservice
Title: Dafabet Support

Search URL Search Domain Scan URL

URL: https://www.df-gamingconnector.com/en/?utm_source=CRM&utm_campaign=DafaConnect&utm_medium=EPlb_MY
Title: Learn More

Search URL Search Domain Scan URL

URL: https://dfnec.com/mac

Search URL Search Domain Scan URL

URL: https://dfnec.com/win-downloader

Search URL Search Domain Scan URL

URL: https://dfnec.com/win-setup

Search URL Search Domain Scan URL

URL: https://www.dafaleague.com/dafamillion-cup-2022/en/
Title: JOIN NOW

Search URL Search Domain Scan URL

URL: https://dafabet-partnership.com/?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E

Search URL Search Domain Scan URL

URL: https://dafabet-partnership.com/#teams?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E

Search URL Search Domain Scan URL

URL: https://dafabet-partnership.com/#brand-ambassadors?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E

Search URL Search Domain Scan URL

URL: https://www.dafabetaffiliates.com/en
Title: Affiliates

Search URL Search Domain Scan URL

URL: https://twitter.com/dafabet
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TheDafabetChannel
Title: youtube

Search URL Search Domain Scan URL

URL: https://validator.antillephone.com/validate?domain=www.dafabet.com&seal_id=0b1688364b0200437bbbd88b009f7627487546cd13e6e341ad4f79591daf173a44a10318b8df2e5586bd0127d4a2dd6b&stamp=6b2f34bfc09aa5aa4eaaddf32fb40c12

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://otnolatrnup.com/Redirect.eng?MediaSegmentId=69731&dcid=1_ctx_c651dac1-ffea-4198-a4ba-06211ee8ea71&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=330&dst=False&v=HE7pZKkaWmNy1ALbNjQlLeRqQ9RRdZZnnIX2siTHLI-qZCm_jMMDKepQzfc0KN4kNEKx7B4NqFMaPvHpr0f4981xT84WkXsNGYaUI9GwzJAWlha9UeLGRxaclQxhLTTAu-SMGqZhVfoME-fZa7VyPdnrrJZm10P_Tcx8Ik0qwnpN7rEv2M4JtB7QLS5COTPH7-ZRUlUE_800RBcb6DeGPW1ERJ06fBByaZqajsMh1tkLjuRH-ItssLjVwo4gjYS8bffGlw4DuXhtmGVm-MNrIvRcVOrxFYxYsilp6Roy7tVdXWAFcn3bN7d-n83Rt1juf1eF0HaNV0D8m_ajBliEfDFpV7q6Xlmu1AJ3qu4gOI9i7d0aSBwTVzvJWmDcYaqAZaKPjyMbLL6tNT1O25lfhAhSnsyym6Uov9PRcAueuW9k297fhT93qs8kaVK2aQl8Yl88ejsUxcF4WFIszB-o65hMjRhh869g4QNVTaPZ7EIbEv0dUMTnryzs88fwJghqw0FT8Ckc6yyxXPrIiYQN31qkgaZ4l_Da3rJwojQMrLhW56OQnQZSm2_sQlhffHeuvbe4LUR5EItPE-rYkUQi0NrRC4jvuncxC-6kRuWHgKZQ_vBxJC72kt8yUPucUoKkwgn2rMPnVNC5XaOtsbnHqMNROg2bQy9q1ux9DvsT1fsPe_ztMrwbdyYzHvZixTDSCI3T2czKYXmXfqAKOxepYnDIGGWvtyOabVnD-CJ51PIMV-Z5RtCQHHKGQKlWU_BWJLsg3ZPl-UhwE0OAt0Mvy-BxFvK1rTkonFdgn55JQOCpW7ruzD0Ak3vGf5wMrYlEsyokHzIwOKcaw8jNZ-H5OfRvriTpFFZQ9YKRVeTr9hbjuijFAUcXnu37w-tjuEGLcMCdTRwSBTgSpn3f07No8QbOrY9GgeJ1Xbt-E6PTKlvs5mrBpadbtt6nsTCAqNEOd7o_iie-2EZWQ1h5ZqObkU5xoI81qJDuQF9ISImzTRs1&kw=online+storage%2cfree+storage%2ccloud+storage%2ccollaboration%2cbackup+file+sharing%2cshare+files%2cphoto+backup%2cphoto+sharing%2cftp+replacement%2ccross+platform%2cremote+access%2cmobile+access%2csend+large+files%2crecover+files%2cfile+versioning%2cundelete%2cwindows%2cpc%2cmac%2cos+x%2clinux%2ciphone&mw=1024&mh=768&res=1536x864&spt=0&kw=online+storage%2cfree+storage%2ccloud+storage%2ccollaboration%2cbackup+file+sharing%2cshare+files%2cphoto+backup%2cphoto+sharing%2cftp+replacement%2ccross+platform%2cremote+access%2cmobile+access%2csend+large+files%2crecover+files%2cfile+versioning%2cundelete%2cwindows%2cpc%2cmac%2cos+x%2clinux%2ciphone Page URL
https://banners.dfbanners.com/redirect.aspx?pid=61340&bid=7861&redirectURL=http://www.dafabet.com/ HTTP 301
http://www.dafabet.com/?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861 HTTP 302
https://www.dafabet.com/?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861 HTTP 302
https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://radar.cedexis.com/1/20200/radar.js HTTP 302
https://radar.cedexis.com/1621860284/radar.js

Request Chain 40

https://secure.adnxs.com/seg?add=8385691&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D8385691%26t%3D2

Request Chain 55

https://track.adform.net/Serving/TrackPoint/?pm=2281077&ADFPageName=Entry%20Page&ADFdivider=%7C&ord=433874787051&ADFtpmode=2&loc=https%3A%2F%2Fwww.dafabet.com%2Fen%3Fbtag%3D682208_59A4F99F6763406CBA8A4CE013D2D00E%26utm_source%3D682208%26utm_mediu&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2281077&ADFPageName=Entry%20Page&ADFdivider=%7C&ord=433874787051&ADFtpmode=2&loc=https%3A%2F%2Fwww.dafabet.com%2Fen%3Fbtag%3D682208_59A4F99F6763406CBA8A4CE013D2D00E%26utm_source%3D682208%26utm_mediu&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 56

https://asia.adform.net/Serving/TrackPoint/?pm=2449026&ADFdivider=%7C&ord=963187363208&ADFtpmode=2&loc=https%3A%2F%2Fwww.dafabet.com%2Fen%3Fbtag%3D682208_59A4F99F6763406CBA8A4CE013D2D00E%26utm_source%3D682208%26utm_mediu&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=2449026&ADFdivider=%7C&ord=963187363208&ADFtpmode=2&loc=https%3A%2F%2Fwww.dafabet.com%2Fen%3Fbtag%3D682208_59A4F99F6763406CBA8A4CE013D2D00E%26utm_source%3D682208%26utm_mediu&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 73

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=3076781218546761099&Expiration=1666194799 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=3076781218546761099&Expiration=1666194799

Request Chain 76

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=3076781218546761099&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=3076781218546761099&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=7ec2918f64a34f1d96736f667e5d2678 HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=96ec71891c91df28571e37495785c384c99be0b2bff64a12617154fc3270e167

Request Chain 78

https://ups.analytics.yahoo.com/ups/55944/sync?uid=3076781218546761099&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=3076781218546761099&_origin=1&verify=true

Request Chain 80

https://x.bidswitch.net/sync?dsp_id=70&user_id=3076781218546761099 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=3076781218546761099 HTTP 302
https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=4fbee8e6-d30b-40b9-8ecd-7b6881b0ca1f&dsp_uuid=&dsp_id= HTTP 302
https://ads3.admatic.com.tr/user?bsw_uuid=4fbee8e6-d30b-40b9-8ecd-7b6881b0ca1f&dsp_uuid=&dsp_id=

Request Chain 81

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=3076781218546761099&expiration=1666194799 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=3076781218546761099&expiration=1666194799&C=1

Request Chain 82

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=3076781218546761099&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=3076781218546761099&sInitiator=external HTTP 302
https://se.semasio.net/sync/1/16266044?sExtCookieId=3076781218546761099&gdpr=&gdpr_consent=&sInitiator=external HTTP 302
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F14876172%3FsExtCookieId%3D%5BMM_UUID%5D%26sInitiator%3Dinternal HTTP 302
https://se.semasio.net/sync/1/14876172?sExtCookieId=f918633d-a86f-4f00-9c85-e4883c2f7ff0&sInitiator=internal&gdpr=0&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=0&gdpr_consent= HTTP 302
https://se.semasio.net/sync/1/4354957?sExtCookieId=8005608530148409799&sInitiator=internal&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=RTA1Mzc0QTAyMUZGNTg2Mg&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEOZmNTYcjrNveES-UYFQkr4&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent=&google_cver=1 HTTP 302
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEOZmNTYcjrNveES-UYFQkr4&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr=0&gdpr_consent= HTTP 302
https://se.semasio.net/sync/1/647471?sExtCookieId=7151056978061097109&sInitiator=internal&gdpr=0&gdpr_consent=

Request Chain 84

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=3076781218546761099 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=3076781218546761099&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 86

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=3076781218546761099/gdpr=/gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=3076781218546761099/gdpr=/gdpr_consent=

Request Chain 89

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 90

https://pixel.onaudience.com/?mapped=3076781218546761099&partner=68 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=f41a31e826694fff/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=7827c0da2859786f4a60ea747f6788cd&gdpr=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

Request Chain 93

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MzA3Njc4MTIxODU0Njc2MTA5OQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=MzA3Njc4MTIxODU0Njc2MTA5OQ&google_tc= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPpHbWN67cZo9vyPY-73Lug&google_cver=1&google_ula=1641347,0

Request Chain 94

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=8005608530148409799&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=3076781218546761099

Request Chain 98

https://a.audrte.com/a?adform_uid=3076781218546761099 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=&google_gid=CAESEGpmQah4JcHBskD_lzSLpas&google_cver=1 HTTP 302
https://a.audrte.com/p

Request Chain 99

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=3076781218546761099&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=3076781218546761099&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=86593706732931174453126999055357705303&noredirect=1

Request Chain 100

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=3076781218546761099 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219333204295002508406

Request Chain 101

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7151056978061097109

Request Chain 103

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
https://c1.adform.net/serving/cookie/match?party=1066&cid=f918633d-a86f-4f00-9c85-e4883c2f7ff0

Request Chain 104

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=Cr4u6EDv1OG6HZ5

Request Chain 108

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=3775093706 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=krBufNQkrP8xMMS689AkGO

Request Chain 110

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=3076781218546761099 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=3076781218546761099&cs=1

Request Chain 112

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=3076781218546761099&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=3076781218546761099&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=049f4c76-2ea0-46ae-b46a-f25d097656e2

177 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Redirect.eng
otnolatrnup.com/ 244 B
3 KB 373ms
339ms Document
text/html 2606:4700::6813:d725
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otnolatrnup.com/Redirect.eng?MediaSegmentId=69731&dcid=1_ctx_c651dac1-ffea-4198-a4ba-06211ee8ea71&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=330&dst=False&v=HE7pZKkaWmNy1ALbNjQlLeRqQ9RRdZZnnIX2siTHLI-qZCm_jMMDKepQzfc0KN4kNEKx7B4NqFMaPvHpr0f4981xT84WkXsNGYaUI9GwzJAWlha9UeLGRxaclQxhLTTAu-SMGqZhVfoME-fZa7VyPdnrrJZm10P_Tcx8Ik0qwnpN7rEv2M4JtB7QLS5COTPH7-ZRUlUE_800RBcb6DeGPW1ERJ06fBByaZqajsMh1tkLjuRH-ItssLjVwo4gjYS8bffGlw4DuXhtmGVm-MNrIvRcVOrxFYxYsilp6Roy7tVdXWAFcn3bN7d-n83Rt1juf1eF0HaNV0D8m_ajBliEfDFpV7q6Xlmu1AJ3qu4gOI9i7d0aSBwTVzvJWmDcYaqAZaKPjyMbLL6tNT1O25lfhAhSnsyym6Uov9PRcAueuW9k297fhT93qs8kaVK2aQl8Yl88ejsUxcF4WFIszB-o65hMjRhh869g4QNVTaPZ7EIbEv0dUMTnryzs88fwJghqw0FT8Ckc6yyxXPrIiYQN31qkgaZ4l_Da3rJwojQMrLhW56OQnQZSm2_sQlhffHeuvbe4LUR5EItPE-rYkUQi0NrRC4jvuncxC-6kRuWHgKZQ_vBxJC72kt8yUPucUoKkwgn2rMPnVNC5XaOtsbnHqMNROg2bQy9q1ux9DvsT1fsPe_ztMrwbdyYzHvZixTDSCI3T2czKYXmXfqAKOxepYnDIGGWvtyOabVnD-CJ51PIMV-Z5RtCQHHKGQKlWU_BWJLsg3ZPl-UhwE0OAt0Mvy-BxFvK1rTkonFdgn55JQOCpW7ruzD0Ak3vGf5wMrYlEsyokHzIwOKcaw8jNZ-H5OfRvriTpFFZQ9YKRVeTr9hbjuijFAUcXnu37w-tjuEGLcMCdTRwSBTgSpn3f07No8QbOrY9GgeJ1Xbt-E6PTKlvs5mrBpadbtt6nsTCAqNEOd7o_iie-2EZWQ1h5ZqObkU5xoI81qJDuQF9ISImzTRs1&kw=online+storage%2cfree+storage%2ccloud+storage%2ccollaboration%2cbackup+file+sharing%2cshare+files%2cphoto+backup%2cphoto+sharing%2cftp+replacement%2ccross+platform%2cremote+access%2cmobile+access%2csend+large+files%2crecover+files%2cfile+versioning%2cundelete%2cwindows%2cpc%2cmac%2cos+x%2clinux%2ciphone&mw=1024&mh=768&res=1536x864&spt=0&kw=online+storage%2cfree+storage%2ccloud+storage%2ccollaboration%2cbackup+file+sharing%2cshare+files%2cphoto+backup%2cphoto+sharing%2cftp+replacement%2ccross+platform%2cremote+access%2cmobile+access%2csend+large+files%2crecover+files%2cfile+versioning%2cundelete%2cwindows%2cpc%2cmac%2cos+x%2clinux%2ciphone
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d725 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-transform
cf-cache-status: DYNAMIC
cf-ray: 755754418dde8fd0-FRA
content-length: 244
content-type: text/html; charset=utf-8
date: Wed, 05 Oct 2022 15:53:16 GMT
p3p: CP="CAO PSA OUR IND"
server: cloudflare

GET
H2

200

Primary Request en Show response
www.dafabet.com/
Redirect Chain

https://banners.dfbanners.com/redirect.aspx?pid=61340&bid=7861&redirectURL=http://www.dafabet.com/
http://www.dafabet.com/?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
https://www.dafabet.com/?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861

47 KB
13 KB

326ms
326ms

Document
text/html

163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861

Requested by

Host: otnolatrnup.com
URL: https://otnolatrnup.com/Redirect.eng?MediaSegmentId=69731&dcid=1_ctx_c651dac1-ffea-4198-a4ba-06211ee8ea71&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=330&dst=False&v=HE7pZKkaWmNy1ALbNjQlLeRqQ9RRdZZnnIX2siTHLI-qZCm_jMMDKepQzfc0KN4kNEKx7B4NqFMaPvHpr0f4981xT84WkXsNGYaUI9GwzJAWlha9UeLGRxaclQxhLTTAu-SMGqZhVfoME-fZa7VyPdnrrJZm10P_Tcx8Ik0qwnpN7rEv2M4JtB7QLS5COTPH7-ZRUlUE_800RBcb6DeGPW1ERJ06fBByaZqajsMh1tkLjuRH-ItssLjVwo4gjYS8bffGlw4DuXhtmGVm-MNrIvRcVOrxFYxYsilp6Roy7tVdXWAFcn3bN7d-n83Rt1juf1eF0HaNV0D8m_ajBliEfDFpV7q6Xlmu1AJ3qu4gOI9i7d0aSBwTVzvJWmDcYaqAZaKPjyMbLL6tNT1O25lfhAhSnsyym6Uov9PRcAueuW9k297fhT93qs8kaVK2aQl8Yl88ejsUxcF4WFIszB-o65hMjRhh869g4QNVTaPZ7EIbEv0dUMTnryzs88fwJghqw0FT8Ckc6yyxXPrIiYQN31qkgaZ4l_Da3rJwojQMrLhW56OQnQZSm2_sQlhffHeuvbe4LUR5EItPE-rYkUQi0NrRC4jvuncxC-6kRuWHgKZQ_vBxJC72kt8yUPucUoKkwgn2rMPnVNC5XaOtsbnHqMNROg2bQy9q1ux9DvsT1fsPe_ztMrwbdyYzHvZixTDSCI3T2czKYXmXfqAKOxepYnDIGGWvtyOabVnD-CJ51PIMV-Z5RtCQHHKGQKlWU_BWJLsg3ZPl-UhwE0OAt0Mvy-BxFvK1rTkonFdgn55JQOCpW7ruzD0Ak3vGf5wMrYlEsyokHzIwOKcaw8jNZ-H5OfRvriTpFFZQ9YKRVeTr9hbjuijFAUcXnu37w-tjuEGLcMCdTRwSBTgSpn3f07No8QbOrY9GgeJ1Xbt-E6PTKlvs5mrBpadbtt6nsTCAqNEOd7o_iie-2EZWQ1h5ZqObkU5xoI81qJDuQF9ISImzTRs1&kw=online+storage%2cfree+storage%2ccloud+storage%2ccollaboration%2cbackup+file+sharing%2cshare+files%2cphoto+backup%2cphoto+sharing%2cftp+replacement%2ccross+platform%2cremote+access%2cmobile+access%2csend+large+files%2crecover+files%2cfile+versioning%2cundelete%2cwindows%2cpc%2cmac%2cos+x%2clinux%2ciphone&mw=1024&mh=768&res=1536x864&spt=0&kw=online+storage%2cfree+storage%2ccloud+storage%2ccollaboration%2cbackup+file+sharing%2cshare+files%2cphoto+backup%2cphoto+sharing%2cftp+replacement%2ccross+platform%2cremote+access%2cmobile+access%2csend+large+files%2crecover+files%2cfile+versioning%2cundelete%2cwindows%2cpc%2cmac%2cos+x%2clinux%2ciphone

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

dbef72a26bf9fcd64b9b239afe42ff5849ab46ab2f90276c9e0f746edbf47735

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

Referer: https://otnolatrnup.com/Redirect.eng?MediaSegmentId=69731&dcid=1_ctx_c651dac1-ffea-4198-a4ba-06211ee8ea71&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=330&dst=False&v=HE7pZKkaWmNy1ALbNjQlLeRqQ9RRdZZnnIX2siTHLI-qZCm_jMMDKepQzfc0KN4kNEKx7B4NqFMaPvHpr0f4981xT84WkXsNGYaUI9GwzJAWlha9UeLGRxaclQxhLTTAu-SMGqZhVfoME-fZa7VyPdnrrJZm10P_Tcx8Ik0qwnpN7rEv2M4JtB7QLS5COTPH7-ZRUlUE_800RBcb6DeGPW1ERJ06fBByaZqajsMh1tkLjuRH-ItssLjVwo4gjYS8bffGlw4DuXhtmGVm-MNrIvRcVOrxFYxYsilp6Roy7tVdXWAFcn3bN7d-n83Rt1juf1eF0HaNV0D8m_ajBliEfDFpV7q6Xlmu1AJ3qu4gOI9i7d0aSBwTVzvJWmDcYaqAZaKPjyMbLL6tNT1O25lfhAhSnsyym6Uov9PRcAueuW9k297fhT93qs8kaVK2aQl8Yl88ejsUxcF4WFIszB-o65hMjRhh869g4QNVTaPZ7EIbEv0dUMTnryzs88fwJghqw0FT8Ckc6yyxXPrIiYQN31qkgaZ4l_Da3rJwojQMrLhW56OQnQZSm2_sQlhffHeuvbe4LUR5EItPE-rYkUQi0NrRC4jvuncxC-6kRuWHgKZQ_vBxJC72kt8yUPucUoKkwgn2rMPnVNC5XaOtsbnHqMNROg2bQy9q1ux9DvsT1fsPe_ztMrwbdyYzHvZixTDSCI3T2czKYXmXfqAKOxepYnDIGGWvtyOabVnD-CJ51PIMV-Z5RtCQHHKGQKlWU_BWJLsg3ZPl-UhwE0OAt0Mvy-BxFvK1rTkonFdgn55JQOCpW7ruzD0Ak3vGf5wMrYlEsyokHzIwOKcaw8jNZ-H5OfRvriTpFFZQ9YKRVeTr9hbjuijFAUcXnu37w-tjuEGLcMCdTRwSBTgSpn3f07No8QbOrY9GgeJ1Xbt-E6PTKlvs5mrBpadbtt6nsTCAqNEOd7o_iie-2EZWQ1h5ZqObkU5xoI81qJDuQF9ISImzTRs1&kw=online+storage%2cfree+storage%2ccloud+storage%2ccollaboration%2cbackup+file+sharing%2cshare+files%2cphoto+backup%2cphoto+sharing%2cftp+replacement%2ccross+platform%2cremote+access%2cmobile+access%2csend+large+files%2crecover+files%2cfile+versioning%2cundelete%2cwindows%2cpc%2cmac%2cos+x%2clinux%2ciphone&mw=1024&mh=768&res=1536x864&spt=0&kw=online+storage%2cfree+storage%2ccloud+storage%2ccollaboration%2cbackup+file+sharing%2cshare+files%2cphoto+backup%2cphoto+sharing%2cftp+replacement%2ccross+platform%2cremote+access%2cmobile+access%2csend+large+files%2crecover+files%2cfile+versioning%2cundelete%2cwindows%2cpc%2cmac%2cos+x%2clinux%2ciphone
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-language: en
content-type: text/html; charset=UTF-8
date: Wed, 05 Oct 2022 15:53:17 GMT
page-cache: Hit
server: PWS/8.3.1.0.8
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 PS-TPE-01qXz223:9 (W), 1.1 PS-FRA-01lai110:8 (W)
x-frame-options: deny
x-px: ms PS-FRA-01lai110FRA,ms PS-TPE-01qXz223TPE(origin)
x-ws-request-id: 633da86d_PSdgflkfFRA1je97_1821-57331

Redirect headers

cache-control: no-cache, no-store
content-length: 0
date: Wed, 05 Oct 2022 15:53:17 GMT
location: /en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
server: PWS/8.3.1.0.8
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.0 PS-TPE-01qXz223:9 (W), 1.1 PS-FRA-01lai110:8 (W)
x-px: ms PS-FRA-01lai110FRA,ms PS-TPE-01qXz223TPE(origin)
x-ws-request-id: 633da86c_PSdgflkfFRA1je97_1821-57276

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 212 KB
74 KB 51ms
28ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S5WHEF6PM5

Requested by

Host: www.dafabet.com
URL: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

940ee154023fa83aecb174cef1de0e223a4d2a32c6af2b707712f9b18c279f93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75679
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 05 Oct 2022 15:53:17 GMT

GET
H2 200 common.d20f3c22097d72bbb32a410c98db8d8e.css
www.dafabet.com/en/dafa/css/ 61 KB
12 KB 11ms
11ms Stylesheet
text/css 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dafabet.com/en/dafa/css/common.d20f3c22097d72bbb32a410c98db8d8e.css

Requested by

Host: www.dafabet.com
URL: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

d336569f8d455dd339fee08c626f83d3ed111b4af9da2775719ccb15003130c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:17 GMT
content-encoding: gzip
via: 1.1 PS-TPE-01qXz223:6 (W), 1.1 PS-SIN-01SF343:8 (W), 1.1 PShlamstdAMS1mi112:0 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 23 Sep 2022 08:52:30 GMT
server: PWS/8.3.1.0.8
age: 704269
etag: "632d73ce-f447"
x-ws-request-id: 633da86d_PSdgflkfFRA1je97_1821-57355
content-type: text/css
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
expires: Wed, 27 Sep 2023 12:15:28 GMT

GET
H2 200 home.c6a09c9e63a58235a28a912f0e4dc36b.css
www.dafabet.com/en/css/ 51 KB
10 KB 12ms
12ms Stylesheet
text/css 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dafabet.com/en/css/home.c6a09c9e63a58235a28a912f0e4dc36b.css

Requested by

Host: www.dafabet.com
URL: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

b438729663b634facf4fa01af39a684bf345e6da7574bcf48872999e8b189899

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:17 GMT
content-encoding: gzip
via: 1.1 PS-TPE-01qXz223:10 (W), 1.1 PS-SIN-01QM237:12 (W), 1.1 PShlamstdAMS1mi112:4 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 26 Aug 2022 08:10:31 GMT
server: PWS/8.3.1.0.8
age: 1414865
etag: "63087ff7-cbcf"
x-ws-request-id: 633da86d_PSdgflkfFRA1je97_1821-57356
content-type: text/css
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
expires: Tue, 19 Sep 2023 06:52:12 GMT

GET
H2 200 default_image.d20f3c22097d72bbb32a410c98db8d8e.png
www.dafabet.com/en/dafa/images/ 593 B
1 KB 30ms
27ms Image
image/png 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafabet.com/en/dafa/images/default_image.d20f3c22097d72bbb32a410c98db8d8e.png

Requested by

Host: www.dafabet.com
URL: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

180109f8f37c833e1f965c5662f54e73b3e1291117a3c7fa320dab4ae7727dcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:17 GMT
via: 1.1 PS-TPE-01qXz223:6 (W), 1.1 PS-SIN-01QM237:1 (W), 1.1 PSfgblPAR2ff185:3 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 23 Sep 2022 08:52:30 GMT
server: PWS/8.3.1.0.8
age: 704267
etag: "632d73ce-251"
x-ws-request-id: 633da86d_PSdgflkfFRA1je97_1821-57364
content-type: image/png
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
content-length: 593
expires: Wed, 27 Sep 2023 12:15:30 GMT

GET
H2 200 loader.gif
www.dafabet.com/en/images/ 25 KB
25 KB 30ms
27ms Image
image/gif 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafabet.com/en/images/loader.gif

Requested by

Host: www.dafabet.com
URL: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

1255cfe05d68366b2f1784987c772a817da92099f4922498a445f8768c52a710

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:17 GMT
via: 1.1 PS-TPE-01TU5222:2 (W), 1.1 PS-SIN-01YIq70:12 (W), 1.1 jp45:12 (W), 1.1 PShlamstdAMS1bm110:7 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 13 Jan 2022 09:46:31 GMT
server: PWS/8.3.1.0.8
age: 3564025
etag: "61dff4f7-6240"
x-ws-request-id: 633da86d_PSdgflkfFRA1je97_1821-57365
content-type: image/gif
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
content-length: 25152
expires: Fri, 25 Aug 2023 09:52:52 GMT

GET
H2 200 1920x100_en_2.jpg
www.dafabet.com/en/2022-06/ 115 KB
116 KB 20ms
17ms Image
image/jpeg 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafabet.com/en/2022-06/1920x100_en_2.jpg

Requested by

Host: www.dafabet.com
URL: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

c5a64280c25ebb9120f6faafffa98610b30b2fc38c6e80ce3499b71f96eff672

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:17 GMT
via: 1.1 dianxun232:2 (W), 1.1 jp41:0 (W), 1.1 PSdgflkfFRA1bc200:6 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 30 Jun 2022 08:45:53 GMT
server: PWS/8.3.1.0.8
age: 3564024
etag: "62bd62c1-1cde5"
x-ws-request-id: 633da86d_PSdgflkfFRA1je97_1821-57366
content-type: image/jpeg
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
content-length: 118245
expires: Fri, 25 Aug 2023 09:52:53 GMT

GET
H2 200 570x388-updated_0.jpg
www.dafabet.com/en/2020-11/ 74 KB
75 KB 21ms
18ms Image
image/jpeg 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafabet.com/en/2020-11/570x388-updated_0.jpg

Requested by

Host: www.dafabet.com
URL: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

a2e3b730e59a00b1195cd8e5bfe193efdf3bd17b9c1dbd77ee796dc5c8b68c36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:17 GMT
via: 1.1 PS-TPE-01qXz223:10 (W), 1.1 PS-SIN-01QM237:2 (W), 1.1 PSfgblPAR2rt183:1 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 09 Nov 2020 02:06:19 GMT
server: PWS/8.3.1.0.8
age: 3564025
etag: "5fa8a41b-128fa"
x-ws-request-id: 633da86d_PSdgflkfFRA1je97_1821-57367
content-type: image/jpeg
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
content-length: 76026
expires: Fri, 25 Aug 2023 09:52:52 GMT

GET
H2 200 slots-560x218.jpg
www.dafabet.com/en/2018-09/ 87 KB
88 KB 22ms
19ms Image
image/jpeg 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafabet.com/en/2018-09/slots-560x218.jpg

Requested by

Host: www.dafabet.com
URL: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

1af15a8dfe5dd8cb0597a2e42cc0490cb852627d522e4db0dcda73bc453f78cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:17 GMT
via: 1.1 PS-TPE-01TU5222:2 (W), 1.1 PS-SIN-01YIq70:12 (W), 1.1 jp45:12 (W), 1.1 PShlamstdAMS1bm110:7 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 10 Sep 2018 01:53:45 GMT
server: PWS/8.3.1.0.8
age: 3564025
etag: "5b95cea9-15d91"
x-ws-request-id: 633da86d_PSdgflkfFRA1je97_1821-57368
content-type: image/jpeg
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
content-length: 89489
expires: Fri, 25 Aug 2023 09:52:52 GMT

GET
H2 200 entrypage-sponsors-575x149_en_4.jpg
www.dafabet.com/en/2022-06/ 102 KB
102 KB 26ms
24ms Image
image/jpeg 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafabet.com/en/2022-06/entrypage-sponsors-575x149_en_4.jpg

Requested by

Host: www.dafabet.com
URL: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

6d28ca608efbf2f22b939334db609267e037dedd567ea0182345a261a0c09490

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:17 GMT
via: 1.1 PS-TPE-01qXz223:3 (W), 1.1 jp41:12 (W), 1.1 PShlamstdAMS1bm110:7 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 29 Jun 2022 07:07:13 GMT
server: PWS/8.3.1.0.8
age: 3564025
etag: "62bbfa21-19799"
x-ws-request-id: 633da86d_PSdgflkfFRA1je97_1821-57369
content-type: image/jpeg
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
content-length: 104345
expires: Fri, 25 Aug 2023 09:52:52 GMT

GET
H2 200 560x218-entry-page-8-19-21.jpg
www.dafabet.com/en/2021-08/ 124 KB
124 KB 26ms
24ms Image
image/jpeg 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafabet.com/en/2021-08/560x218-entry-page-8-19-21.jpg

Requested by

Host: www.dafabet.com
URL: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

affe144bc5730c89d09e953cd7162b1cbbc88210ae0be3bc482ed85bf1c34e76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:17 GMT
via: 1.1 PS-TPE-01qXz223:8 (W), 1.1 PS-SIN-01QM237:3 (W), 1.1 PShlamstdAMS1mi112:4 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 20 Aug 2021 03:24:24 GMT
server: PWS/8.3.1.0.8
age: 1414864
etag: "611f2068-1ef8f"
x-ws-request-id: 633da86d_PSdgflkfFRA1je97_1821-57370
content-type: image/jpeg
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
content-length: 126863
expires: Tue, 19 Sep 2023 06:52:13 GMT

GET
H2 200 560x149-en.jpg
www.dafabet.com/en/2022-03/ 44 KB
44 KB 27ms
25ms Image
image/jpeg 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafabet.com/en/2022-03/560x149-en.jpg

Requested by

Host: www.dafabet.com
URL: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

3193eb702468b0424d2cbe075bd86b5f4348598b308242477d627d496d9af751

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:17 GMT
via: 1.1 PS-KHH-01jfX32:2 (W), 1.1 PSxjpSin5wk160:10 (W), 1.1 jp41:6 (W), 1.1 PSdgflkfFRA1bc200:6 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 07 Mar 2022 08:22:45 GMT
server: PWS/8.3.1.0.8
age: 3564025
etag: "6225c0d5-afa9"
x-ws-request-id: 633da86d_PSdgflkfFRA1je97_1821-57371
content-type: image/jpeg
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
content-length: 44969
expires: Fri, 25 Aug 2023 09:52:52 GMT

GET
H2 200 es5.min.js Show response
www.dafabet.com/en/dafa/js/ 11 KB
3 KB 9ms
9ms Script
application/javascript 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dafabet.com/en/dafa/js/es5.min.js

Requested by

Host: www.dafabet.com
URL: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

ac3d45538ffdd87732763521ea21e1f9695551d5c8a1b506935fb9bbc5253bfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:17 GMT
content-encoding: gzip
via: 1.1 PS-TPE-01qXz223:1 (W), 1.1 jp41:0 (W), 1.1 PSdgflkfFRA1bc200:6 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 11 Aug 2022 09:02:06 GMT
server: PWS/8.3.1.0.8
age: 3564025
etag: "62f4c58e-2b85"
x-ws-request-id: 633da86d_PSdgflkfFRA1je97_1821-57358
content-type: application/javascript
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
expires: Fri, 25 Aug 2023 09:52:52 GMT

GET
H2 200 integration.js.php Show response
www.dafabet.com/jswrapper/ 35 KB
9 KB 277ms
274ms Script
application/javascript 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dafabet.com/jswrapper/integration.js.php?casino=dafa888&min=1

Requested by

Host: www.dafabet.com
URL: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 / Servlet/4.0

Resource Hash

e30241bbf27950b1d2f152b3c923f8dd2c339f33b7c95ccd35f22d380e48c3c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:18 GMT
content-encoding: gzip
via: 1.1 PS-TPE-01qXz223:9 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
server: PWS/8.3.1.0.8
x-powered-by: Servlet/4.0
x-cache-status: HIT
x-ws-request-id: 633da86d_PSdgflkfFRA1je97_1821-57359
content-language: en-US
content-type: application/javascript
cache-control: no-cache
x-px: ms PS-FRA-01lai110FRA,ms PS-TPE-01qXz223TPE(origin)
expires: Wed, 05 Oct 2022 16:08:18 GMT

GET
H2 200 manifest.c6a09c9e63a58235a28a912f0e4dc36b.bundle.js Show response
www.dafabet.com/en/js/ 1 KB
2 KB 15ms
11ms Script
application/javascript 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dafabet.com/en/js/manifest.c6a09c9e63a58235a28a912f0e4dc36b.bundle.js

Requested by

Host: www.dafabet.com
URL: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

7020265e6580be7d4926808444b4a1faaf8a093970c1d8272b1fad53ff13525c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:17 GMT
via: 1.1 PS-TPE-01TU5222:1 (W), 1.1 PS-SIN-01QM237:10 (W), 1.1 PShlamstdAMS1bm110:0 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 26 Aug 2022 08:10:31 GMT
server: PWS/8.3.1.0.8
age: 3010235
etag: "63087ff7-5a7"
x-ws-request-id: 633da86d_PSdgflkfFRA1je97_1821-57360
content-type: application/javascript
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
content-length: 1447
expires: Thu, 31 Aug 2023 19:42:42 GMT

GET
H2 200 vendor.c6a09c9e63a58235a28a912f0e4dc36b.bundle.js Show response
www.dafabet.com/en/js/ 115 KB
36 KB 32ms
28ms Script
application/javascript 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dafabet.com/en/js/vendor.c6a09c9e63a58235a28a912f0e4dc36b.bundle.js

Requested by

Host: www.dafabet.com
URL: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

480c21836bc1679e28926018ae85a66151dec35d060b1fd3da633985ab454f7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:17 GMT
content-encoding: gzip
via: 1.1 PS-TPE-01qXz223:8 (W), 1.1 jp38:10 (W), 1.1 PSdgflkfFRA1hb199:1 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 26 Aug 2022 08:10:31 GMT
server: PWS/8.3.1.0.8
age: 3010235
etag: "63087ff7-1cdf4"
x-ws-request-id: 633da86d_PSdgflkfFRA1je97_1821-57361
content-type: application/javascript
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
expires: Thu, 31 Aug 2023 19:42:42 GMT

GET
H2 200 common.d20f3c22097d72bbb32a410c98db8d8e.bundle.js Show response
www.dafabet.com/en/dafa/js/ 218 KB
64 KB 31ms
27ms Script
application/javascript 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dafabet.com/en/dafa/js/common.d20f3c22097d72bbb32a410c98db8d8e.bundle.js

Requested by

Host: www.dafabet.com
URL: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

fbedb87d98b72f7ae6ddc5cef8150e20e8036d9740061f6efd7e7ff740c5d295

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:17 GMT
content-encoding: gzip
via: 1.1 PS-TPE-01qXz223:1 (W), 1.1 PS-SIN-01Al842:3 (W), 1.1 PSdgflkfFRA1hb199:7 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 23 Sep 2022 08:52:30 GMT
server: PWS/8.3.1.0.8
age: 704261
etag: "632d73ce-3672a"
x-ws-request-id: 633da86d_PSdgflkfFRA1je97_1821-57362
content-type: application/javascript
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
expires: Wed, 27 Sep 2023 12:15:36 GMT

GET
H2 200 home.c6a09c9e63a58235a28a912f0e4dc36b.bundle.js Show response
www.dafabet.com/en/js/ 17 KB
5 KB 31ms
28ms Script
application/javascript 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dafabet.com/en/js/home.c6a09c9e63a58235a28a912f0e4dc36b.bundle.js

Requested by

Host: www.dafabet.com
URL: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

10cad1c56462629f4a5a41bfdf7bc4491c443cc5b00fa64aeb3858bfac5b8bb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:17 GMT
content-encoding: gzip
via: 1.1 PS-TPE-01qXz223:2 (W), 1.1 PS-SIN-01Al842:5 (W), 1.1 PSfgblPAR2rt183:8 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 26 Aug 2022 08:10:31 GMT
server: PWS/8.3.1.0.8
age: 3010235
etag: "63087ff7-4325"
x-ws-request-id: 633da86d_PSdgflkfFRA1je97_1821-57363
content-type: application/javascript
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
expires: Thu, 31 Aug 2023 19:42:42 GMT

GET
H2 200 adrum-4.5.10.2271.js Show response
cdn.appdynamics.com/adrum/ 89 KB
32 KB 63ms
9ms Script
application/javascript 143.204.89.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Requested by: Host: www.dafabet.com
URL: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-95.fra50.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 635dda68d7c55054da4da5d2dc654d40a92c598d80ff35af158da5990ba21a80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 17:25:11 GMT
content-encoding: gzip
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 1290486
x-cache: Hit from cloudfront
last-modified: Mon, 13 May 2019 18:43:34 GMT
server: nginx/1.16.1
etag: W/"5cd9bad6-1636f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: AJn4JtokpzJghIWq7UVWef7HsRnsM0mZYOcv6zRiOTYaSZjGeIfYLA==

GET
H2 200 default_image.c6a09c9e63a58235a28a912f0e4dc36b.png
www.dafabet.com/en/promotions/images/ 593 B
1 KB 27ms
25ms Image
image/png 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafabet.com/en/promotions/images/default_image.c6a09c9e63a58235a28a912f0e4dc36b.png

Requested by

Host: www.dafabet.com
URL: https://www.dafabet.com/en/css/home.c6a09c9e63a58235a28a912f0e4dc36b.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

180109f8f37c833e1f965c5662f54e73b3e1291117a3c7fa320dab4ae7727dcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en/css/home.c6a09c9e63a58235a28a912f0e4dc36b.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:17 GMT
via: 1.1 huadianxin31:3 (W), 1.1 PS-SIN-01Al842:10 (W), 1.1 PSdgflkfFRA1hb199:8 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 26 Aug 2022 08:10:31 GMT
server: PWS/8.3.1.0.8
age: 3052315
etag: "63087ff7-251"
x-ws-request-id: 633da86d_PSdgflkfFRA1je97_1821-57372
content-type: image/png
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
content-length: 593
expires: Thu, 31 Aug 2023 08:01:22 GMT

GET
H2 200 sprite.d20f3c22097d72bbb32a410c98db8d8e.png
www.dafabet.com/en/dafa/images/ 197 KB
198 KB 27ms
26ms Image
image/png 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafabet.com/en/dafa/images/sprite.d20f3c22097d72bbb32a410c98db8d8e.png

Requested by

Host: www.dafabet.com
URL: https://www.dafabet.com/en/dafa/css/common.d20f3c22097d72bbb32a410c98db8d8e.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

9be66a4eaec790c62e41c45124bc08ec2b4d24d06011ad8048e81d79b84759b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en/dafa/css/common.d20f3c22097d72bbb32a410c98db8d8e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:17 GMT
via: 1.1 PS-TPE-01TU5222:7 (W), 1.1 PS-SIN-01SF343:8 (W), 1.1 PShlamstdAMS1mi112:0 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 23 Sep 2022 08:52:30 GMT
server: PWS/8.3.1.0.8
age: 704257
etag: "632d73ce-31466"
x-ws-request-id: 633da86d_PSdgflkfFRA1je97_1821-57373
content-type: image/png
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
content-length: 201830
expires: Wed, 27 Sep 2023 12:15:40 GMT

GET
H2 200 new_indicator.d20f3c22097d72bbb32a410c98db8d8e.png
www.dafabet.com/en/dafa/images/ 128 B
562 B 13ms
13ms Image
image/png 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafabet.com/en/dafa/images/new_indicator.d20f3c22097d72bbb32a410c98db8d8e.png

Requested by

Host: www.dafabet.com
URL: https://www.dafabet.com/en/dafa/css/common.d20f3c22097d72bbb32a410c98db8d8e.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

bef431d8570694584ec233e7e9ebccde299f19c95393bc2e543dfd6243461389

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en/dafa/css/common.d20f3c22097d72bbb32a410c98db8d8e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:17 GMT
via: 1.1 PS-TPE-01qXz223:6 (W), 1.1 PS-SIN-01SF343:8 (W), 1.1 PShlamstdAMS1mi112:0 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 23 Sep 2022 08:52:30 GMT
server: PWS/8.3.1.0.8
age: 704254
etag: "632d73ce-80"
x-ws-request-id: 633da86d_PSdgflkfFRA1je97_1821-57375
content-type: image/png
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
content-length: 128
expires: Wed, 27 Sep 2023 12:15:43 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
347 B 42ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-S5WHEF6PM5&gtm=2oea30&_p=1349089885&cid=636931295.1664985198&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1664985198&sct=1&seg=0&dl=https%3A%2F%2Fwww.dafabet.com%2Fen%3Fbtag%3D682208_59A4F99F6763406CBA8A4CE013D2D00E%26utm_source%3D682208%26utm_medium%3D61340%26utm_campaign%3D7861&dt=Dafabet%20is%20The%20Most%20Secure%20Online%20Betting%20Company%20in%20Asia&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S5WHEF6PM5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 15:53:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dafabet.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 floating-banners Show response
www.dafabet.com/en/ajax/ 27 KB
4 KB 331ms
331ms XHR
application/json 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dafabet.com/en/ajax/floating-banners?path=%252F&btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861

Requested by

Host: www.dafabet.com
URL: https://www.dafabet.com/en/dafa/js/common.d20f3c22097d72bbb32a410c98db8d8e.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

e71bf0873d50c7912afd50cee599c73473f6bd1843af99df044e144e444d5528

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/javascript
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 05 Oct 2022 15:53:18 GMT
content-encoding: gzip
via: 1.1 PS-TPE-01qXz223:9 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
server: PWS/8.3.1.0.8
x-ws-request-id: 633da86e_PSdgflkfFRA1je97_1821-57386
content-type: application/json
content-language: en
cache-control: no-cache
x-px: ms PS-FRA-01lai110FRA,ms PS-TPE-01qXz223TPE(origin)

GET
H2 200 slider Show response
www.dafabet.com/en/ajax/ 9 KB
2 KB 861ms
861ms XHR
application/json 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dafabet.com/en/ajax/slider?nc=202295

Requested by

Host: www.dafabet.com
URL: https://www.dafabet.com/en/js/vendor.c6a09c9e63a58235a28a912f0e4dc36b.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

84c8b726ea9cdac299fe60e46c46f18753870a56a2b1502685510b7df0fd02e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 05 Oct 2022 15:53:19 GMT
content-encoding: gzip
via: 1.1 PS-TPE-01qXz223:9 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
server: PWS/8.3.1.0.8
x-ws-request-id: 633da86e_PSdgflkfFRA1je97_1821-57387
content-type: application/json
content-language: en
cache-control: no-cache
x-px: ms PS-FRA-01lai110FRA,ms PS-TPE-01qXz223TPE(origin)

GET
H2 200 dafabet_logo.png
www.dafabet.com/en/dafa/images/ 3 KB
4 KB 10ms
9ms Image
image/png 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafabet.com/en/dafa/images/dafabet_logo.png

Requested by

Host: www.dafabet.com
URL: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

0ea8ad9a1b5a3e3e0950b9dd614a5056250369587ff45165dacafd8d13e838e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:18 GMT
via: 1.1 PS-TPE-01qXz223:10 (W), 1.1 PS-SIN-01QM237:2 (W), 1.1 PSfgblPAR2rt183:1 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 17 Mar 2022 01:11:47 GMT
server: PWS/8.3.1.0.8
age: 3564025
etag: "62328ad3-d3d"
x-ws-request-id: 633da86e_PSdgflkfFRA1je97_1821-57388
content-type: image/png
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
content-length: 3389
expires: Fri, 25 Aug 2023 09:52:53 GMT

GET
H2 200 sprite.c6a09c9e63a58235a28a912f0e4dc36b.png
www.dafabet.com/en/images/ 113 KB
113 KB 10ms
10ms Image
image/png 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafabet.com/en/images/sprite.c6a09c9e63a58235a28a912f0e4dc36b.png

Requested by

Host: www.dafabet.com
URL: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

0f47272de3875f1531038d1dd74318d65615e4a01403492d95d4de9d218ac06b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:18 GMT
via: 1.1 PS-TPE-01qXz223:2 (W), 1.1 PS-SIN-01QM237:8 (W), 1.1 PSfgblPAR2rt183:8 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 26 Aug 2022 08:10:31 GMT
server: PWS/8.3.1.0.8
age: 3010236
etag: "63087ff7-1c211"
x-ws-request-id: 633da86e_PSdgflkfFRA1je97_1821-57389
content-type: image/png
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
content-length: 115217
expires: Thu, 31 Aug 2023 19:42:42 GMT

GET
H2 200 playtech-footer.png
www.dafabet.com/en/2022-07/ 6 KB
6 KB 11ms
10ms Image
image/png 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafabet.com/en/2022-07/playtech-footer.png

Requested by

Host: www.dafabet.com
URL: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

caed37875e80934c7f52564ca26b7846bd1f7bfa26f6eb74994556ee9777dbec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:18 GMT
via: 1.1 dianxun232:2 (W), 1.1 jp38:8 (W), 1.1 PSdgflkfFRA1bc200:6 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 20 Jul 2022 08:22:19 GMT
server: PWS/8.3.1.0.8
age: 3564024
etag: "62d7bb3b-1709"
x-ws-request-id: 633da86e_PSdgflkfFRA1je97_1821-57390
content-type: image/png
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
content-length: 5897
expires: Fri, 25 Aug 2023 09:52:54 GMT

GET
H2 200 bitcoin_Footer%20160x41.png
www.dafabet.com/en/2019-09/ 2 KB
3 KB 10ms
10ms Image
image/png 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafabet.com/en/2019-09/bitcoin_Footer%20160x41.png

Requested by

Host: www.dafabet.com
URL: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

1fad8a0d38b8307c0781fbfd3222b43917c5c879bbcfb3d5e0b96d1b4416e5a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:18 GMT
via: 1.1 PS-TPE-01qXz223:8 (W), 1.1 PS-SIN-01QM237:3 (W), 1.1 PShlamstdAMS1mi112:4 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 23 Sep 2019 09:48:31 GMT
server: PWS/8.3.1.0.8
age: 1414865
etag: "5d8894ef-9ad"
x-ws-request-id: 633da86e_PSdgflkfFRA1je97_1821-57391
content-type: image/png
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
content-length: 2477
expires: Tue, 19 Sep 2023 06:52:13 GMT

GET
H2 200 announcements Show response
www.dafabet.com/en/ajax/v2/ 24 B
641 B 864ms
863ms XHR
application/json 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dafabet.com/en/ajax/v2/announcements?nocache=1664985198259

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

ea1bd05db50c7890dd053edf77ee864749a4d8d726a063c80c606a88d095cabd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
X-Requested-With: XMLHttpRequest
ADRUM: isAjax:true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 05 Oct 2022 15:53:19 GMT
content-encoding: gzip
adrum_5: e%3A48
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 PS-TPE-01qXz223:9 (W), 1.1 PS-FRA-01lai110:8 (W)
adrum_1: n%3Acustomer1_49a8be7d-1247-453d-8b9d-eefa04fc150a
adrum_2: i%3A8801
x-px: ms PS-FRA-01lai110FRA,ms PS-TPE-01qXz223TPE(origin)
adrum_4: h%3Ae
server: PWS/8.3.1.0.8
adrum_0: g%3A3a8f3bd8-e649-45c0-9704-5d5d7687af9d7539
x-ws-request-id: 633da86e_PSdgflkfFRA1je97_1821-57392
content-type: application/json
content-language: en
adrum_3: d%3A44
cache-control: no-cache

GET
H/1.1 200
OK frosmo.easy.js Show response
dk0tzorg7uge9.cloudfront.net/ 182 KB
52 KB 1012ms
961ms Script
application/javascript 108.138.2.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Requested by: Host: www.dafabet.com
URL: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.2.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-2-60.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256fa40e8381274fbf43527a33668422a4b263a521de18c5eca0c94ee140d4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 15:53:20 GMT
Content-Encoding: gzip
Via: 1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
Last-Modified: Mon, 12 Sep 2022 04:58:08 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1631768930/ctime:1662958499/gid:700/gname:developers/md5:dd77b40dfb63b756ca1d24f7017201da/mode:33188/mtime:1662958499/uid:1024/uname:martyn
X-Amz-Cf-Pop: FRA56-P6
ETag: "dd77b40dfb63b756ca1d24f7017201da"
X-Cache: RefreshHit from cloudfront
Content-Type: application/javascript
Cache-Control: public, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 52561
X-Amz-Cf-Id: bXno0ORq6ZSagMUg7J9UHgJJz5E1KJjrXelmguiYPNGKTP2CsPyK6A==

GET
H/1.1 200
OK 283cd6f3bdbf77c939ae868613cb575a.js Show response
dk0tzorg7uge9.cloudfront.net/sites/ 698 KB
133 KB 1064ms
1014ms Script
application/javascript 108.138.2.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk0tzorg7uge9.cloudfront.net/sites/283cd6f3bdbf77c939ae868613cb575a.js
Requested by: Host: www.dafabet.com
URL: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.2.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-2-60.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4de351502cea08bd7426870d9a30177319693e3ebf09d2ce1968133aeb573b0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 15:53:20 GMT
Content-Encoding: gzip
Via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
Last-Modified: Thu, 22 Sep 2022 08:48:03 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1663836482/ctime:1663836481/gid:501/gname:fcp/md5:64ed97d04b774815389c2025d8790ede/mode:33204/mtime:1663836350/uid:501/uname:fcp
X-Amz-Cf-Pop: FRA56-P6
ETag: "64ed97d04b774815389c2025d8790ede"
X-Cache: RefreshHit from cloudfront
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 135141
X-Amz-Cf-Id: 0W8wjgsITmVTPHflOGD2y2xXpjufbBpY3kyziTcGKWAD-bxKQ0YTJw==

GET
H2 200 68b6d5bdc9e20db6e1aa8b0d8ae420a1.js Show response
d313lzv9559yp9.cloudfront.net/ 176 KB
42 KB 54ms
9ms Script
application/x-javascript 18.66.122.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d313lzv9559yp9.cloudfront.net/68b6d5bdc9e20db6e1aa8b0d8ae420a1.js
Requested by: Host: www.dafabet.com
URL: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-99.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0cd609cb62d8ef9292ef7b48e19ce8091e68b553b308dd4ed5e21192280c721a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 01:28:32 GMT
content-encoding: gzip
via: 1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
last-modified: Wed, 04 Mar 2020 11:05:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 224687
etag: W/"f05cd165be398728c81754e4067c7c16"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
x-amz-meta-md5-hash: f05cd165be398728c81754e4067c7c16
x-amz-cf-id: z0G6np3Et_UyV3rDeCTPurmE6hUOwb9wGEL_brMagAw1Kr1Nh1umlQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 82ms
20ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.dafabet.com
URL: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Oct 2022 14:27:31 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5147
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 05 Oct 2022 16:27:31 GMT

GET
H2 200 hotjar-121800.js Show response
static.hotjar.com/c/ 172 KB
27 KB 82ms
11ms Script
application/javascript 108.138.17.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-121800.js?sv=5

Requested by

Host: www.dafabet.com
URL: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-83.fra56.r.cloudfront.net

Software

Resource Hash

5d1c068b7f6a31597ab2f27a473fe546f4eb8b40597fd812cc5e567132ff3a1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:52:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 93efd892a8e99dc59164afbee331cd56.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 23
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/206d2c031f4f153d72c1eaaa4de37cb3
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: zOZ4Myw61smRh5j9qidYw7H1I0dAcAgUl49XWZz_i4ZZdiibla8QtQ==

GET
H2 200 apg-seal.js Show response
e2e82a2c-05fe-4ad9-be2f-be3874730cd4.snippet.antillephone.com/ 3 KB
2 KB 174ms
72ms Script
text/javascript 2600:9000:225e:9400:7:fa80:4c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e2e82a2c-05fe-4ad9-be2f-be3874730cd4.snippet.antillephone.com/apg-seal.js

Requested by

Host: www.dafabet.com
URL: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:9400:7:fa80:4c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

157b83e72a795167a39a237b6c0cce690bf3394acc0672f065a4fe035a8426ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:18 GMT
content-encoding: gzip
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: FRA60-P4
x-powered-by: Express
etag: W/"ded-xco0lVXo/IRbxO3DJwz54vtJamg"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
cf-ray: 75575451ec939049-FRA
x-amz-cf-id: N9qvpkmaur0Xyc_BMqzaxCre3-ooSRZVPwBgqRqtAAND5g5eJ4FoJQ==

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 78 KB
30 KB 319ms
34ms Script
application/javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.dafabet.com
URL: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 45e0091e57ff659d0fe0711a43960d08bd5cf99b6f83e88eafa390fa6770192c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:18 GMT
content-encoding: gzip
last-modified: Wed, 05 Oct 2022 12:23:24 GMT
server: nginx
x-amz-request-id: tx00000fedea40d1a522bf8-00633d8e0b-32939b85-default
etag: W/"4cb8e818a3c8dda5fd80d6d9a55d958d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2

200

radar.js Show response
radar.cedexis.com/1621860284/
Redirect Chain

https://radar.cedexis.com/1/20200/radar.js
https://radar.cedexis.com/1621860284/radar.js

44 KB
19 KB

11ms
11ms

Script
application/javascript

35.241.57.45
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://radar.cedexis.com/1621860284/radar.js
Protocol: H2
Server: 35.241.57.45 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 45.57.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 38b126f92a3104c7d73e1cf2f448db9896d4f29ebf3a7b593b380e6cdd0ae378

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:18 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 24 May 2021 12:50:38 GMT
server: nginx
etag: W/"60aba11e-af61"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 19 Oct 2022 15:53:18 GMT

Redirect headers

date: Wed, 05 Oct 2022 15:53:18 GMT
via: 1.1 google
server: nginx
vary: User-Agent,DNT
content-type: text/html
location: /1621860284/radar.js
cache-control: max-age=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 154
expires: Wed, 05 Oct 2022 16:03:18 GMT

GET
H2 200 adrum-ext.5d7b2188022f1c8e1f74b468f022cb04.js Show response
cdn.appdynamics.com/ 50 KB
20 KB 8ms
8ms Script
application/javascript 143.204.89.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum-ext.5d7b2188022f1c8e1f74b468f022cb04.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-95.fra50.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: cf7cf39b9083ee5503540f737097dc4daf98b42efff20d25a93d0202c7f8e5d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 00:34:50 GMT
content-encoding: gzip
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 1091908
x-cache: Hit from cloudfront
last-modified: Mon, 13 May 2019 18:43:34 GMT
server: nginx/1.16.1
etag: W/"5cd9bad6-c7d7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WQrpgMBhMhPXLgBIBkqfNgiDorybDcCwsbaq4ZNpfcGz1wZDl55SxQ==

GET
H2 200 setRT_adelement_cookie.php
sc.adelement.com/ 43 B
206 B 114ms
32ms Image
image/gif 54.228.20.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sc.adelement.com/setRT_adelement_cookie.php?ae_rt=68b6d5bdc9e20db6e1aa8b0d8ae420a1&depth=0&language_code=en
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.20.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-20-5.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 05 Oct 2022 15:53:18 GMT
server: nginx/1.18.0 (Ubuntu)
content-length: 43
p3p: CP="NON CURa ADMa DEVa TAIa PSAa PSDa OUR DELa BUS UNI PUR COM NAV INT CNT PRE"

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=8385691&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D8385691%26t%3D2

43 B
1 KB

15ms
15ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D8385691%26t%3D2

Protocol

HTTP/1.1

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 15:53:18 GMT
AN-X-Request-Uuid: c2ad6bbb-c244-4d5d-968f-201f2adda6d5
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 81.95.5.42; 81.95.5.42; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 15:53:18 GMT
AN-X-Request-Uuid: b804be6b-9dee-4c51-9634-961420864e15
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D8385691%26t%3D2
Connection: keep-alive
X-Proxy-Origin: 81.95.5.42; 81.95.5.42; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
Ok providers.json Show response
i2-ujyonscijobgxceyyclhlbliwkymiz.init.cedexis-radar.net/i2/1/20200/j1/20/123/1664985198/0/0/ 3 KB
1 KB 77ms
15ms XHR
application/json 104.225.98.130
NETACTUATE

General

Check archive.org

Show headers Download Go to

Full URL: https://i2-ujyonscijobgxceyyclhlbliwkymiz.init.cedexis-radar.net/i2/1/20200/j1/20/123/1664985198/0/0/providers.json?imagesok=1&n=1&p=1&r=1&s=1&t=1
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.225.98.130 Amsterdam, Netherlands, ASN36236 (NETACTUATE, US),
Reverse DNS: 130.98.225.104.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: 68f400aa3ecf29f74a22962fb6db52642db1f53ca374c2752c38984d7cfeff3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 15:53:18 GMT
Content-Encoding: gzip
Server: nginx/1.10.3
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1

GET
H2 200 modules.cbd9768ba80ba0be5b17.js Show response
script.hotjar.com/ 254 KB
65 KB 39ms
9ms Script
application/javascript 18.66.112.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.cbd9768ba80ba0be5b17.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-121800.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-6.fra56.r.cloudfront.net

Software

Resource Hash

5b3c6e212cbb3b9f4f28b09cfdc53990e809792192d7d8639d3311f0551c2010

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 18:47:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 75972
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 66229
last-modified: Tue, 04 Oct 2022 18:46:48 GMT
etag: "483a48bedf96c50163b542fb95446039"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: kDNvGx66XdtRCOxXO3sPCWyEZeZIQlVYNdr_yJIlSD1oOzB6Cd4_xg==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 83ms
42ms XHR
text/plain 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1349089885&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dafabet.com%2Fen%3Fbtag%3D682208_59A4F99F6763406CBA8A4CE013D2D00E%26utm_source%3D682208%26utm_medium%3D61340%26utm_campaign%3D7861&ul=en-us&de=UTF-8&dt=Dafabet%20is%20The%20Most%20Secure%20Online%20Betting%20Company%20in%20Asia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=837352394&gjid=1227870886&cid=636931295.1664985198&tid=UA-89039619-1&_gid=664541008.1664985198&_r=1&_slc=1&z=1161585403

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dafabet.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 15:53:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dafabet.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-69edcc3187336f9b0a3fbb4c73be9fe6.html Show response
vars.hotjar.com/ Frame 856C 2 KB
1 KB 36ms
8ms Document
text/html 18.66.147.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-121800.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-113.fra60.r.cloudfront.net

Software

Resource Hash

867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.dafabet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 109510
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 09:28:08 GMT
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Tue, 04 Oct 2022 07:09:34 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-amz-cf-id: ePvfTj2dMwEAFAXnfnd_5n8N7tgjIoWpvIBFSccxf-ihO_whpf6BxQ==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H3 200 impact.js Show response
radar.cedexis.com/releases/1621860284/ 7 KB
3 KB 10ms
10ms Script
application/javascript 35.241.57.45
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://radar.cedexis.com/releases/1621860284/impact.js
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.241.57.45 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 45.57.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f7309b6ccc1a76da1e7a0709abb8a0bf549277dee6c21ae7a466e73426fe9667

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:18 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 24 May 2021 12:50:38 GMT
server: nginx
etag: W/"60aba11e-1c28"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 19 Oct 2022 15:53:18 GMT

GET
H2 200 6b2f34bfc09aa5aa4eaaddf32fb40c12-www.dafabet.com-0b1688364b0200437bbbd88b009f7627487546cd13e6e341ad4f79591daf173a44a10318b8df2e5586bd0127d4a2dd6b-c3BhY2VyLXNwcml0ZS5wbmc%3D
e2e82a2c-05fe-4ad9-be2f-be3874730cd4.snippet.antillephone.com/sealassets/ 95 B
494 B 77ms
76ms Image
image/png 2600:9000:225e:9400:7:fa80:4c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://e2e82a2c-05fe-4ad9-be2f-be3874730cd4.snippet.antillephone.com/sealassets/6b2f34bfc09aa5aa4eaaddf32fb40c12-www.dafabet.com-0b1688364b0200437bbbd88b009f7627487546cd13e6e341ad4f79591daf173a44a10318b8df2e5586bd0127d4a2dd6b-c3BhY2VyLXNwcml0ZS5wbmc%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:9400:7:fa80:4c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:18 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: FRA60-P4
x-powered-by: Express
etag: W/"5f-NEKpX+iQzkdps2suzGEbgBpUz7U"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=1200
cf-ray: 755754525c299b40-FRA
content-length: 95
x-amz-cf-id: PdxYN4eVe9uE_djThkBHSwAPvQjXhVcYYjWYV5uLrmgnkbpZCN1H3A==

GET
H2 200 6b2f34bfc09aa5aa4eaaddf32fb40c12-www.dafabet.com-0b1688364b0200437bbbd88b009f7627487546cd13e6e341ad4f79591daf173a44a10318b8df2e5586bd0127d4a2dd6b-c3ByaXRlLXNlYWwucG5n
e2e82a2c-05fe-4ad9-be2f-be3874730cd4.snippet.antillephone.com/sealassets/ 48 KB
49 KB 83ms
82ms Image
image/png 2600:9000:225e:9400:7:fa80:4c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225e:9400:7:fa80:4c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d614922fde9604f8899e47f3cc3d69bf952312b996f7cf1421163996710850fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:18 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: FRA60-P4
x-powered-by: Express
etag: W/"c0f5-y5nfd/SGXZwvKHU5pcpHTPdvfQk"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=1200
cf-ray: 755754526900906c-FRA
content-length: 49397
x-amz-cf-id: D1l8V4OfYqBKQ1Tx0F7LMLJL343731ShYgItF0pqtFIvcnMG75zMXw==

GET
H2 200 54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
e2e82a2c-05fe-4ad9-be2f-be3874730cd4.snippet.antillephone.com/ 68 B
449 B 8ms
8ms Image
image/png 2600:9000:225e:9400:7:fa80:4c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e2e82a2c-05fe-4ad9-be2f-be3874730cd4.snippet.antillephone.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:9400:7:fa80:4c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 03:10:05 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
last-modified: Tue, 15 Dec 2020 08:04:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 1168994
etag: "e679fbd466a2d656f194a5da4fa083cd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 68
x-amz-cf-id: 5NYMxfFWcJqjt_7Hi6llbazuaONUcfk5I7_mVjVLjXqmQCxLf9ugHg==

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/121800/ 147 B
322 B 100ms
34ms XHR
application/json 34.251.196.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/121800/visit-data?sv=5
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.196.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-196-147.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4b8e8b42acdad2f84c0d44c5dbc12b8327706d1f49551e1ec577b08d4cbaf263

Request headers

Referer: https://www.dafabet.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 05 Oct 2022 15:53:18 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H/1.1 200
Ok 1664985197949 Show response
rpt.cedexis.com/n1/0/1664985196127/0/0/0/0/1664985197480/1664985197480/1664985197480/1664985197480/1664985197480/0/1664985197481/1664985197806/1664985197807/1664985197910/1664985198249/166498519824... 16 B
283 B 61ms
14ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/n1/0/1664985196127/0/0/0/0/1664985197480/1664985197480/1664985197480/1664985197480/1664985197480/0/1664985197481/1664985197806/1664985197807/1664985197910/1664985198249/1664985198249/1664985198253/1664985198259/1664985198259/1664985198265/_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYAQA/0/1664985197949
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 15:53:18 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 dafaconnect-entrypage-760x520-en_7.jpg
www.dafabet.com/en/inline-images/ 89 KB
90 KB 13ms
12ms Image
image/jpeg 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafabet.com/en/inline-images/dafaconnect-entrypage-760x520-en_7.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

2e8a098381b827264e000864a9dadb6f2f112639112e690294101b9827cc007a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:18 GMT
via: 1.1 PS-TPE-01TU5222:2 (W), 1.1 jp45:12 (W), 1.1 PShlamstdAMS1bm110:7 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 27 May 2019 01:45:48 GMT
server: PWS/8.3.1.0.8
age: 3564025
etag: "5ceb414c-1653f"
x-ws-request-id: 633da86e_PSdgflkfFRA1je97_1821-57406
content-type: image/jpeg
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
content-length: 91455
expires: Fri, 25 Aug 2023 09:52:53 GMT

GET
H2 200 dafaconnect-download-for-mac-en_4.png
www.dafabet.com/en/ 4 KB
4 KB 11ms
10ms Image
image/png 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafabet.com/en/dafaconnect-download-for-mac-en_4.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

8edac40c8b00b17bb3021d109c1f70238f032a3c6ee113b3f71bbff01d997abc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:18 GMT
via: 1.1 dianxun232:2 (W), 1.1 jp38:8 (W), 1.1 PSdgflkfFRA1bc200:6 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 19 Oct 2017 05:56:06 GMT
server: PWS/8.3.1.0.8
age: 3564024
etag: "59e83e76-eee"
x-ws-request-id: 633da86e_PSdgflkfFRA1je97_1821-57407
content-type: image/png
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
content-length: 3822
expires: Fri, 25 Aug 2023 09:52:54 GMT

GET
H2 200 dafaconnect-downloader-en_2.png
www.dafabet.com/en/ 4 KB
4 KB 11ms
10ms Image
image/png 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafabet.com/en/dafaconnect-downloader-en_2.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

60dedf951a86ff78dd9fa60b57d3196220cdc882c754a728c54e0bc2d797304f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:18 GMT
via: 1.1 PS-TPE-01qXz223:10 (W), 1.1 PS-SIN-01QM237:1 (W), 1.1 PShlamstdAMS1bm110:7 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 19 Oct 2017 05:56:34 GMT
server: PWS/8.3.1.0.8
age: 3564025
etag: "59e83e92-f91"
x-ws-request-id: 633da86e_PSdgflkfFRA1je97_1821-57408
content-type: image/png
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
content-length: 3985
expires: Fri, 25 Aug 2023 09:52:53 GMT

GET
H2 200 dafaconnect-full-version-en_2.png
www.dafabet.com/en/ 4 KB
4 KB 11ms
11ms Image
image/png 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafabet.com/en/dafaconnect-full-version-en_2.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

e8b84ff67d7430778433aea5e69d575c694eae33ee3e487f42411078e3fd2242

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:18 GMT
via: 1.1 dianxun232:2 (W), 1.1 jp41:0 (W), 1.1 PSdgflkfFRA1bc200:6 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 19 Oct 2017 05:56:48 GMT
server: PWS/8.3.1.0.8
age: 3564024
etag: "59e83ea0-fd4"
x-ws-request-id: 633da86e_PSdgflkfFRA1je97_1821-57409
content-type: image/png
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
content-length: 4052
expires: Fri, 25 Aug 2023 09:52:54 GMT

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=2281077&ADFPageName=Entry%20Page&ADFdivider=%7C&ord=433874787051&ADFtpmode=2&loc=https%3A%2F%2Fwww.dafabet.com%2Fen%3Fbtag%3D682208_59A4F99F6763406CB...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2281077&ADFPageName=Entry%20Page&ADFdivider=%7C&ord=433874787051&ADFtpmode=2&loc=https%3A%2F%2Fwww.dafabet.com%2Fen%3Fbtag%3D682208_59A4F99F6763...

110 B
590 B

19ms
19ms

Script
text/javascript

37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2281077&ADFPageName=Entry%20Page&ADFdivider=%7C&ord=433874787051&ADFtpmode=2&loc=https%3A%2F%2Fwww.dafabet.com%2Fen%3Fbtag%3D682208_59A4F99F6763406CBA8A4CE013D2D00E%26utm_source%3D682208%26utm_mediu&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

40de67281c077668bd49d1d8d3817452e66677e565bfe9a1e5477d83e53f802b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 15:53:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 184
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 05 Oct 2022 15:53:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2281077&ADFPageName=Entry%20Page&ADFdivider=%7C&ord=433874787051&ADFtpmode=2&loc=https%3A%2F%2Fwww.dafabet.com%2Fen%3Fbtag%3D682208_59A4F99F6763406CBA8A4CE013D2D00E%26utm_source%3D682208%26utm_mediu&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2

200

/ Show response
asia.adform.net/Serving/TrackPoint/
Redirect Chain

https://asia.adform.net/Serving/TrackPoint/?pm=2449026&ADFdivider=%7C&ord=963187363208&ADFtpmode=2&loc=https%3A%2F%2Fwww.dafabet.com%2Fen%3Fbtag%3D682208_59A4F99F6763406CBA8A4CE013D2D00E%26utm_sour...
https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=2449026&ADFdivider=%7C&ord=963187363208&ADFtpmode=2&loc=https%3A%2F%2Fwww.dafabet.com%2Fen%3Fbtag%3D682208_59A4F99F6763406CBA8A4CE013D2D00E%26utm...

838 B
1 KB

202ms
201ms

Script
text/javascript

185.84.60.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=2449026&ADFdivider=%7C&ord=963187363208&ADFtpmode=2&loc=https%3A%2F%2Fwww.dafabet.com%2Fen%3Fbtag%3D682208_59A4F99F6763406CBA8A4CE013D2D00E%26utm_source%3D682208%26utm_mediu&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Server

185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

bb649db6c8b87380ff8f631aa011ffbaf056ff81de0ffd1b238571787815dc9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 15:53:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 679
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 05 Oct 2022 15:53:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: text/html; charset=utf-8
location: https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=2449026&ADFdivider=%7C&ord=963187363208&ADFtpmode=2&loc=https%3A%2F%2Fwww.dafabet.com%2Fen%3Fbtag%3D682208_59A4F99F6763406CBA8A4CE013D2D00E%26utm_source%3D682208%26utm_mediu&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 200 1920X360-en_4.jpg
www.dafabet.com/en/2022-08/ 118 KB
119 KB 11ms
8ms Image
image/jpeg 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafabet.com/en/2022-08/1920X360-en_4.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

2f4114191beb08d281e8bb2e92e974d07d60272671bd88660d109345bf9a88ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:19 GMT
via: 1.1 PS-TPE-01TU5222:6 (W), 1.1 PS-SIN-01QM237:0 (W), 1.1 PShlamstdAMS1mi112:4 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 26 Aug 2022 05:06:45 GMT
server: PWS/8.3.1.0.8
age: 1414865
etag: "630854e5-1d9ba"
x-ws-request-id: 633da86f_PSdgflkfFRA1je97_1821-57430
content-type: image/jpeg
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
content-length: 121274
expires: Tue, 19 Sep 2023 06:52:14 GMT

GET
H2 200 free-golden-chip-1920x360-1_5_0.jpg
www.dafabet.com/en/2020-08/ 82 KB
83 KB 27ms
24ms Image
image/jpeg 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafabet.com/en/2020-08/free-golden-chip-1920x360-1_5_0.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

184c758595bfec8652472791a960c50f607bb6f4ea018673ead40d008d042e10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:19 GMT
via: 1.1 PS-TPE-01TU5222:2 (W), 1.1 PS-SIN-01YIq70:12 (W), 1.1 jp45:12 (W), 1.1 PShlamstdAMS1bm110:7 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 27 Aug 2020 03:19:22 GMT
server: PWS/8.3.1.0.8
age: 3564026
etag: "5f47263a-149f3"
x-ws-request-id: 633da86f_PSdgflkfFRA1je97_1821-57431
content-type: image/jpeg
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
content-length: 84467
expires: Fri, 25 Aug 2023 09:52:53 GMT

GET
H2 200 1920x360-bournemouth.jpg
www.dafabet.com/en/2022-08/ 422 KB
423 KB 25ms
22ms Image
image/jpeg 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafabet.com/en/2022-08/1920x360-bournemouth.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

cafad2ac162dd57a18f1a90630dd3eb94e1fdf1cf4734c7c7a641663d6ac8ece

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:19 GMT
via: 1.1 PS-TPE-01qXz223:4 (W), 1.1 jp41:7 (W), 1.1 PSdgflkfFRA1bc200:4 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 08 Aug 2022 05:02:44 GMT
server: PWS/8.3.1.0.8
age: 1414865
etag: "62f098f4-6975e"
x-ws-request-id: 633da86f_PSdgflkfFRA1je97_1821-57432
content-type: image/jpeg
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
content-length: 431966
expires: Tue, 19 Sep 2023 06:52:14 GMT

GET
H2 200 1920x360_15.jpg
www.dafabet.com/en/2022-08/ 500 KB
501 KB 22ms
19ms Image
image/jpeg 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafabet.com/en/2022-08/1920x360_15.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

4f634503777976171ddeac2a8cf1750f7f72f4fb810bbc3d5d4ec955a38b5645

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:19 GMT
via: 1.1 PS-TPE-01TU5222:1 (W), 1.1 jp45:6 (W), 1.1 PSfgblPAR2rt183:1 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 03 Aug 2022 02:30:58 GMT
server: PWS/8.3.1.0.8
age: 3564025
etag: "62e9dde2-7d10d"
x-ws-request-id: 633da86f_PSdgflkfFRA1je97_1821-57433
content-type: image/jpeg
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
content-length: 512269
expires: Fri, 25 Aug 2023 09:52:54 GMT

GET
H2 200 FIRST%20DEPOSIT%20BONUS%20Main%20Banner%20%282%29_1.jpg
www.dafabet.com/en/2019-05/ 95 KB
96 KB 27ms
24ms Image
image/jpeg 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafabet.com/en/2019-05/FIRST%20DEPOSIT%20BONUS%20Main%20Banner%20%282%29_1.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

c3e0f6e3c4e3bc238575ec1d0155e180564d6358503607c8cc38b6c02ae90656

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:19 GMT
via: 1.1 dianxun232:2 (W), 1.1 jp41:0 (W), 1.1 PSdgflkfFRA1bc200:6 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 28 May 2019 01:16:22 GMT
server: PWS/8.3.1.0.8
age: 3564025
etag: "5cec8be6-17ca4"
x-ws-request-id: 633da86f_PSdgflkfFRA1je97_1821-57434
content-type: image/jpeg
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
content-length: 97444
expires: Fri, 25 Aug 2023 09:52:54 GMT

GET
H2 200 Gaming-1_1.jpg
www.dafabet.com/en/2018-12/ 96 KB
97 KB 20ms
17ms Image
image/jpeg 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafabet.com/en/2018-12/Gaming-1_1.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

53779d63f5dbe4c59e410a4976a35cd9ed9f2934fbd813d0bef9b2519cc67ced

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:19 GMT
via: 1.1 PS-TPE-01TU5222:5 (W), 1.1 PS-SIN-01THw66:2 (W), 1.1 jp44:6 (W), 1.1 PSfgblPAR2rt183:1 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 10 Dec 2018 05:32:56 GMT
server: PWS/8.3.1.0.8
age: 3564025
etag: "5c0dfa88-1812b"
x-ws-request-id: 633da86f_PSdgflkfFRA1je97_1821-57435
content-type: image/jpeg
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
content-length: 98603
expires: Fri, 25 Aug 2023 09:52:54 GMT

GET
H2 200 LD-PT-exclusive-table-goa-casino-1920x360%20%281%29.jpg
www.dafabet.com/en/2021-01/ 131 KB
132 KB 20ms
17ms Image
image/jpeg 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafabet.com/en/2021-01/LD-PT-exclusive-table-goa-casino-1920x360%20%281%29.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

b792028e63eaa2170cb76231a6503ba10210d2b4df1701feac9b6cda68b21d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:19 GMT
via: 1.1 PS-TPE-01qXz223:8 (W), 1.1 PS-SIN-01QM237:3 (W), 1.1 PShlamstdAMS1mi112:4 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 04 Jan 2021 09:31:09 GMT
server: PWS/8.3.1.0.8
age: 1414864
etag: "5ff2e05d-20d0a"
x-ws-request-id: 633da86f_PSdgflkfFRA1je97_1821-57436
content-type: image/jpeg
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
content-length: 134410
expires: Tue, 19 Sep 2023 06:52:15 GMT

GET
H2 200 header.jpg
www.dafabet.com/en/2019-01/ 110 KB
110 KB 21ms
18ms Image
image/jpeg 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafabet.com/en/2019-01/header.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

b3d67ffe32b1906e239eace11cb8f59b5484d6eb15c7354ddcbdb70474ad5527

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:19 GMT
via: 1.1 PS-TPE-01qXz223:10 (W), 1.1 PS-SIN-01QM237:2 (W), 1.1 PSfgblPAR2rt183:1 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 11 Jan 2019 00:12:30 GMT
server: PWS/8.3.1.0.8
age: 3564025
etag: "5c37df6e-1b783"
x-ws-request-id: 633da86f_PSdgflkfFRA1je97_1821-57437
content-type: image/jpeg
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
content-length: 112515
expires: Fri, 25 Aug 2023 09:52:54 GMT

GET
H2 200 sprite.c6a09c9e63a58235a28a912f0e4dc36b.png
www.dafabet.com/en/promotions/images/ 113 KB
113 KB 21ms
19ms Image
image/png 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafabet.com/en/promotions/images/sprite.c6a09c9e63a58235a28a912f0e4dc36b.png

Requested by

Host: www.dafabet.com
URL: https://www.dafabet.com/en/css/home.c6a09c9e63a58235a28a912f0e4dc36b.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

0f47272de3875f1531038d1dd74318d65615e4a01403492d95d4de9d218ac06b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en/css/home.c6a09c9e63a58235a28a912f0e4dc36b.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:19 GMT
via: 1.1 PS-TPE-01TU5222:3 (W), 1.1 PS-SIN-01Al842:9 (W), 1.1 PShlamstdAMS1bm110:0 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 26 Aug 2022 08:10:31 GMT
server: PWS/8.3.1.0.8
age: 3052315
etag: "63087ff7-1c211"
x-ws-request-id: 633da86f_PSdgflkfFRA1je97_1821-57438
content-type: image/png
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
content-length: 115217
expires: Thu, 31 Aug 2023 08:01:24 GMT

POST
H2 200 adrum Show response
col.0wp0usgn.com/eumcollector/beacons/browser/v1/EUM-AAB-AVW/ 0
288 B 398ms
315ms XHR
text/html 34.149.119.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://col.0wp0usgn.com/eumcollector/beacons/browser/v1/EUM-AAB-AVW/adrum

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum-ext.5d7b2188022f1c8e1f74b468f022cb04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.119.194 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

194.119.149.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dafabet.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-type: text/plain

Response headers

appd-request-id: 280cfdc3cd571e26
date: Wed, 05 Oct 2022 15:53:19 GMT
via: 1.1 google
pragma: no-cache
x-content-type-options: nosniff
vary: *
content-type: text/html
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
access-control-allow-headers: origin, content-type, accept
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2 200 frosmo.xdm.html Show response
dafabetcomasia.asia.frosmo.com/ Frame 4FAF 3 KB
1 KB 957ms
261ms Document
text/html 52.79.118.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dafabetcomasia.asia.frosmo.com/frosmo.xdm.html?8.142.0
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.79.118.14 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-79-118-14.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 6b65e3870f0c53a1563b29a83330581f3be5b5f809b3105f38390a561ded34a3

Request headers

Referer: https://www.dafabet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-length: 1104
content-type: text/html
date: Wed, 05 Oct 2022 15:53:20 GMT
etag: "5bea9576-450"
last-modified: Tue, 13 Nov 2018 09:12:22 GMT
server: nginx
vary: Accept-Encoding

GET
H/1.1 200
Ok json Show response
i1-j5-20-123-1-20200-1535695922-s.init.cedexis-radar.net/i1/1664985199/1535695922/ 203 B
477 B 81ms
15ms XHR
application/json 104.225.98.130
NETACTUATE

General

Check archive.org

Show headers Download Go to

Full URL: https://i1-j5-20-123-1-20200-1535695922-s.init.cedexis-radar.net/i1/1664985199/1535695922/json?seed=i1-j5-20-123-1-20200-1535695922-s
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.225.98.130 Amsterdam, Netherlands, ASN36236 (NETACTUATE, US),
Reverse DNS: 130.98.225.104.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: 1fc0888bbaff652466a3fb0073d007f0e0d01ae82ec88d17f4ad66cc14a20f11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 15:53:19 GMT
Server: nginx/1.10.3
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 203

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame D34B 5 KB
2 KB 77ms
19ms Document
text/html 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042

Requested by

Host: asia.adform.net
URL: https://asia.adform.net/Serving/TrackPoint/?pm=2449026&ADFdivider=%7C&ord=963187363208&ADFtpmode=2&loc=https%3A%2F%2Fwww.dafabet.com%2Fen%3Fbtag%3D682208_59A4F99F6763406CBA8A4CE013D2D00E%26utm_source%3D682208%26utm_mediu&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e0364a77421f8dda0c21160a35c23e93c3bfdd4d7dd03ada1c735f66a8f57c14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dafabet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 05 Oct 2022 15:53:19 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
asia.seadform.net/serving/cookie/sync/ 35 B
343 B 621ms
187ms Image
image/gif 185.84.60.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://asia.seadform.net/serving/cookie/sync/?uid=3076781218546761099&stamp=Xsi0mc6br4wDvP-67D9Y4w2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 05 Oct 2022 15:53:20 GMT
cache-control: private
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"

POST
H/1.1 200
Ok _CgJqNRAUGHsiBggBEOidASiyuKPcBTDv0PaZBjjv0PaZBkCsicXRA0oPCAMQDRiXaCAAKIiBgKAEUABaCggAEAAYACAAKABgAWoTYnV0dG9uMi5hbXMuaHYucHJvZIIBEAgDEDUYs6IMIAAo7oOAoASIAdG-ldAC Show response
rpt.cedexis.com/r1/1/20200/ 16 B
283 B 43ms
15ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/r1/1/20200/_CgJqNRAUGHsiBggBEOidASiyuKPcBTDv0PaZBjjv0PaZBkCsicXRA0oPCAMQDRiXaCAAKIiBgKAEUABaCggAEAAYACAAKABgAWoTYnV0dG9uMi5hbXMuaHYucHJvZIIBEAgDEDUYs6IMIAAo7oOAoASIAdG-ldAC?rnd=zhtgpnpmbsupdfseipstrujblruyzjhx
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Referer: https://www.dafabet.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 05 Oct 2022 15:53:19 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 plf
c1.adform.net/imatch/ Frame D34B 0
261 B 20ms
19ms Image
text/plain 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame D34B
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=3076781218546761099&Expiration=1666194799
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=3076781218546761099&Expiration=1666194799

43 B
425 B

10ms
10ms

Image
image/gif

52.28.226.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=3076781218546761099&Expiration=1666194799
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042
Protocol: H2
Server: 52.28.226.85 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-226-85.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 05 Oct 2022 15:53:19 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=3076781218546761099&Expiration=1666194799
date: Wed, 05 Oct 2022 15:53:19 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame D34B 0
522 B 44ms
21ms Image
text/plain 96.16.132.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=4879&ext_id=3076781218546761099

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-132-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 15:53:19 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Tue, 04 Oct 2022 15:53:19 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame D34B 0
214 B 48ms
11ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=3076781218546761099
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame D34B
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=3076781218546761099&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=3076781218546761099&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=7ec2918f64a34f1d9...
https://c1.adform.net/serving/cookie/match?party=9&uid=96ec71891c91df28571e37495785c384c99be0b2bff64a12617154fc3270e167

35 B
468 B

18ms
18ms

Image
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=96ec71891c91df28571e37495785c384c99be0b2bff64a12617154fc3270e167

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042

Protocol

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 15:53:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=96ec71891c91df28571e37495785c384c99be0b2bff64a12617154fc3270e167
date: Wed, 05 Oct 2022 15:53:19 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame D34B 43 B
163 B 112ms
23ms Image
image/gif 185.86.139.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=3076781218546761099&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:18 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55944/ Frame D34B
Redirect Chain

https://ups.analytics.yahoo.com/ups/55944/sync?uid=3076781218546761099&_origin=1
https://ups.analytics.yahoo.com/ups/55944/sync?uid=3076781218546761099&_origin=1&verify=true

0
121 B

13ms
12ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=3076781218546761099&_origin=1&verify=true

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:19 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55944/sync?uid=3076781218546761099&_origin=1&verify=true
date: Wed, 05 Oct 2022 15:53:19 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame D34B 43 B
795 B 157ms
35ms Image
image/gif 2.18.79.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=3076781218546761099
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.79.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-79-136.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 15:53:19 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1664985199695010-346
Expires: Wed, 05 Oct 2022 15:53:19 GMT

GET
H2

200

user
ads3.admatic.com.tr/ Frame D34B
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=3076781218546761099
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=3076781218546761099
https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=4fbee8e6-d30b-40b9-8ecd-7b6881b0ca1f&dsp_uuid=&dsp_id=
https://ads3.admatic.com.tr/user?bsw_uuid=4fbee8e6-d30b-40b9-8ecd-7b6881b0ca1f&dsp_uuid=&dsp_id=

35 B
185 B

90ms
42ms

Image
image/gif

188.132.147.227
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads3.admatic.com.tr/user?bsw_uuid=4fbee8e6-d30b-40b9-8ecd-7b6881b0ca1f&dsp_uuid=&dsp_id=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042
Protocol: H2
Server: 188.132.147.227 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS: static-227-147-132-188.sadecehosting.net
Software: AdMatic / AdMatic
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:19 GMT
server: AdMatic
x-powered-by: AdMatic
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
content-type: image/gif
cache-control: no-cache
timing-allow-origin: *
content-length: 35

Redirect headers

date: Wed, 05 Oct 2022 15:53:19 GMT
x-powered-by: AdMatic
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/html; charset=utf-8
location: https://ads3.admatic.com.tr/user?bsw_uuid=4fbee8e6-d30b-40b9-8ecd-7b6881b0ca1f&dsp_uuid=&dsp_id=
access-control-allow-origin: https://c1.adform.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 221

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D34B
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=3076781218546761099&expiration=1666194799
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=3076781218546761099&expiration=1666194799&C=1

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=3076781218546761099&expiration=1666194799&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 15:53:19 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 15:53:19 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=111&external_user_id=3076781218546761099&expiration=1666194799&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

647471
se.semasio.net/sync/1/ Frame D34B
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=3076781218546761099&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=3076781218546761099&sInitiator=external
https://se.semasio.net/sync/1/16266044?sExtCookieId=3076781218546761099&gdpr=&gdpr_consent=&sInitiator=external
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F14876172%3FsExtCookieId%3D%5BMM_UUID%5D%26sInitiator%3Dinternal
https://se.semasio.net/sync/1/14876172?sExtCookieId=f918633d-a86f-4f00-9c85-e4883c2f7ff0&sInitiator=internal&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=0&gdpr_consent=
https://se.semasio.net/sync/1/4354957?sExtCookieId=8005608530148409799&sInitiator=internal&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=RTA1Mzc0QTAyMUZGNTg2Mg&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEOZmNTYcjrNveES-UYFQkr4&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent=&google_cver=1
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEOZmNTYcjrNveES-UYFQkr4&sInitiator=internal&google_cver=1&gdpr=0&gdpr_consent=
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr=0&gdpr_consent=
https://se.semasio.net/sync/1/647471?sExtCookieId=7151056978061097109&sInitiator=internal&gdpr=0&gdpr_consent=

0
415 B

29ms
29ms

Image
text/plain

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://se.semasio.net/sync/1/647471?sExtCookieId=7151056978061097109&sInitiator=internal&gdpr=0&gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042
Protocol: HTTP/1.1
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 15:53:19 GMT
uip-status: Ok
frontend-id: 01
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Location: https://se.semasio.net/sync/1/647471?sExtCookieId=7151056978061097109&sInitiator=internal&gdpr=0&gdpr_consent=
Date: Wed, 05 Oct 2022 15:53:20 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame D34B 0
344 B 46ms
9ms Image
text/plain 52.57.150.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=3076781218546761099&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 15:53:19 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

pixel.gif
load77.exelator.com/ Frame D34B
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=3076781218546761099
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=3076781218546761099&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
332 B

70ms
21ms

Image
image/gif

2a02:6ea0:c700::21
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042
Protocol: H2
Server: 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-77-nzt: AdRmOLHnO0P/2tMBAA
x-accel-expires: @1665902229
date: Wed, 05 Oct 2022 15:53:19 GMT
x-77-pop: frankfurtDE
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
etag: "59f0c3fc-2b"
x-77-nzt-ray: rftHscbEuJA
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-77-cache: HIT
x-age: 119770
accept-ranges: bytes
content-length: 43

Redirect headers

date: Wed, 05 Oct 2022 15:53:19 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 451 398366.gif
idsync.rlcdn.com/ Frame D34B 0
98 B 65ms
17ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398366.gif?partner_uid=3076781218546761099
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:19 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

gdpr_consent=
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=3076781218546761099/gdpr=/ Frame D34B
Redirect Chain

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=3076781218546761099/gdpr=/gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=3076781218546761099/gdpr=/gdpr_consent=

49 B
278 B

31ms
31ms

Image
image/gif

34.251.218.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=3076781218546761099/gdpr=/gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042
Protocol: H2
Server: 34.251.218.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-218-252.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

expires: 0
pragma: no-cache
date: Wed, 05 Oct 2022 15:53:19 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.23.47
content-length: 49
x-consent: absent

Redirect headers

pragma: no-cache
date: Wed, 05 Oct 2022 15:53:19 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=3076781218546761099/gdpr=/gdpr_consent=
cache-control: no-cache
x-server: 10.45.30.233
content-length: 0
expires: 0

GET
H2 200 29729
tags.bluekai.com/site/ Frame D34B 62 B
227 B 191ms
155ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=3076781218546761099
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Wed, 05 Oct 2022 15:53:19 GMT
content-length: 62
content-type: image/gif

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame D34B 43 B
273 B 74ms
45ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3076781218546761099
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 15:53:19 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame D34B
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

104ms
38ms

Image
image/gif

52.218.112.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042
Protocol: HTTP/1.1
Server: 52.218.112.51 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 15:53:20 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: ZBZJBNCTCE7HPZZ0
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: vHp1thgfkHJGNgF8tIRrl9xqjP9q0D3gbkOCJBxsJUqhfTVz9JGykSVK5GlRBOeF51kLTRW6DE8=

Redirect headers

X-Error-Reason: Missing UserId
Date: Wed, 05 Oct 2022 15:53:19 GMT
Server: akka-http/10.2.9
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 137

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame D34B
Redirect Chain

https://pixel.onaudience.com/?mapped=3076781218546761099&partner=68
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=f41a31e826694fff/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=7827c0da2859786f4a60ea747f6788cd&gdpr=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

70 B
264 B

74ms
33ms

Image
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042
Protocol: H2
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 05 Oct 2022 15:53:20 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length: 0

GET
H/1.1 200
OK /
cm.adsafety.net/ Frame D34B 43 B
229 B 37ms
7ms Image
image/gif 193.135.9.133
IP-PROJECTS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=3076781218546761099
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.135.9.133 , Germany, ASN48314 (IP-PROJECTS, DE),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 15:53:19 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame D34B 0
338 B 100ms
28ms Image
text/plain 54.170.82.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=3076781218546761099
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.82.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-82-49.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-served-by: beacon-n015-dub-prod.krxd.net
date: Wed, 05 Oct 2022 15:53:19 GMT
cache-control: private, no-cache, no-store
x-request-time: D=34 t=1664985199
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame D34B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MzA3Njc4MTIxODU0Njc2MTA5OQ
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=MzA3Njc4MTIxODU0Njc2MTA5OQ&google_tc=
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPpHbWN67cZo9vyPY-73Lug&google_cver=1&google_ula=1641347,0

35 B
468 B

19ms
19ms

Image
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPpHbWN67cZo9vyPY-73Lug&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042

Protocol

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 15:53:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 05 Oct 2022 15:53:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPpHbWN67cZo9vyPY-73Lug&google_cver=1&google_ula=1641347,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
secure.adnxs.com/ Frame D34B
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://c1.adform.net/serving/cookie/match?party=3&id=8005608530148409799&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=3076781218546761099

43 B
1000 B

14ms
14ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=3076781218546761099

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042

Protocol

HTTP/1.1

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 15:53:19 GMT
AN-X-Request-Uuid: 06597e70-b81a-4662-be46-86943adbe510
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.42; 81.95.5.42; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 Oct 2022 15:53:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://secure.adnxs.com/setuid?entity=91&code=3076781218546761099
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 plf
c1.adform.net/imatch/ Frame D34B 0
261 B 22ms
19ms Image
text/plain 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame D34B 0
225 B 53ms
13ms Image
text/html 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3076781218546761099
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 05 Oct 2022 15:53:18 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame D34B 43 B
444 B 113ms
24ms Image
image/gif 13.227.219.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-43.ams54.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 08:39:04 GMT
Via: 1.1 38f6d324a75dff585b0ce25920fd4bda.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.20.0
X-Amz-Cf-Pop: AMS54-C1
Age: 26055
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: t5fVa6MnLT2jJ3cjEH_OqFWhWCGA44Yppy17L9wpNMKQsVEzTuRRtQ==

GET
H/1.1

200

p
a.audrte.com/ Frame D34B
Redirect Chain

https://a.audrte.com/a?adform_uid=3076781218546761099
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=&google_gid=CAESEGpmQah4JcHBskD_lzSLpas&google_cver=1
https://a.audrte.com/p

68 B
424 B

97ms
97ms

Image
image/png

18.210.31.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042
Protocol: HTTP/1.1
Server: 18.210.31.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-31-151.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 15:53:20 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Wed, 05 Oct 2022 15:53:20 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame D34B
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=3076781218546761099&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=3076781218546761099&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=86593706732931174453126999055357705303&noredirect=1

35 B
468 B

18ms
18ms

Image
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=86593706732931174453126999055357705303&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042

Protocol

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 15:53:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

DCS: dcs-prod-irl1-1-v044-057fd01b2.edge-irl1.demdex.com 4 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: jTT3I8SfSv8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=86593706732931174453126999055357705303&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame D34B
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=3076781218546761099
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219333204295002508406

35 B
468 B

39ms
19ms

Image
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219333204295002508406

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042

Protocol

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 15:53:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 05 Oct 2022 15:53:19 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219333204295002508406
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame D34B
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7151056978061097109

35 B
477 B

77ms
19ms

Image
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7151056978061097109

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042

Protocol

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 15:53:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7151056978061097109
Date: Wed, 05 Oct 2022 15:53:19 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 33302
tags.bluekai.com/site/ Frame D34B 62 B
427 B 220ms
220ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=3076781218546761099
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Wed, 05 Oct 2022 15:53:20 GMT
content-length: 62
content-type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame D34B
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
https://c1.adform.net/serving/cookie/match?party=1066&cid=f918633d-a86f-4f00-9c85-e4883c2f7ff0

35 B
477 B

19ms
18ms

Image
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1066&cid=f918633d-a86f-4f00-9c85-e4883c2f7ff0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042

Protocol

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 15:53:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Date: Wed, 05 Oct 2022 15:53:19 GMT
Server: MT3 4525 e1952b7 master cdg-pixel-x34 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Location: https://c1.adform.net/serving/cookie/match?party=1066&cid=f918633d-a86f-4f00-9c85-e4883c2f7ff0
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Wed, 05 Oct 2022 15:53:18 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame D34B
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=Cr4u6EDv1OG6HZ5

35 B
468 B

23ms
22ms

Image
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=Cr4u6EDv1OG6HZ5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042

Protocol

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 15:53:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 15:53:19 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-09d402fd386b2a89c@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=Cr4u6EDv1OG6HZ5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame D34B 70 B
265 B 117ms
30ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 05 Oct 2022 15:53:20 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.0 200
OK image.sbmx
global.ib-ibi.com/ Frame D34B 0
72 B 375ms
87ms Image
text/plain 69.169.85.6
AMC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=3076781218546761099
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_256_CBC
Server: 69.169.85.6 Cranford, United States, ASN29838 (AMC, US),
Reverse DNS
Software: BigIP /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Connection: close
Content-Length: 0
Server: BigIP

GET
H/1.1 200 0.gif
id5-sync.com/s/10/ Frame D34B 43 B
1 KB 45ms
11ms Image
image/gif 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/10/0.gif?puid=3076781218546761099

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Wed, 05 Oct 2022 15:53:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame D34B
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=3775093706
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=krBufNQkrP8xMMS689AkGO

35 B
477 B

35ms
35ms

Image
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=krBufNQkrP8xMMS689AkGO

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042

Protocol

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 15:53:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 05 Oct 2022 15:53:20 GMT
via: 1.1 google
last-modified: Wed, 05 Oct 2022 15:53:20 GMT
server: Weborama Collect Frontend
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=krBufNQkrP8xMMS689AkGO
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame D34B 23 B
172 B 161ms
59ms Image
image/gif 104.96.128.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=3076781218546761099
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-128-226.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

expires: Wed, 05 Oct 2022 15:53:20 GMT
pragma: no-cache
date: Wed, 05 Oct 2022 15:53:20 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame D34B
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=3076781218546761099
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=3076781218546761099&cs=1

35 B
376 B

6ms
6ms

Image
image/gif

136.243.148.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=3076781218546761099&cs=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042
Protocol: H2
Server: 136.243.148.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.148.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 05 Oct 2022 15:53:20 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=3076781218546761099&cs=1
date: Wed, 05 Oct 2022 15:53:20 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2 204 /
s.ad.smaato.net/c/ Frame D34B 0
241 B 50ms
7ms Image
text/plain 2600:9000:223f:c600:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=3076781218546761099
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:c600:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:20 GMT
cache-control: no-cache, must-revalidate
via: 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: y0dkfyaNgafuHQ7-q_H1UowKf9nR-ERVJc8OHIXQksvR2qs8Aqj61Q==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame D34B
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=3076781218546761099&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=3076781218546761099&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
https://c1.adform.net/serving/cookie/match?party=2007&cid=049f4c76-2ea0-46ae-b46a-f25d097656e2

35 B
468 B

20ms
19ms

Image
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=049f4c76-2ea0-46ae-b46a-f25d097656e2

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042

Protocol

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 15:53:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=2007&cid=049f4c76-2ea0-46ae-b46a-f25d097656e2
date: Wed, 05 Oct 2022 15:53:20 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 3076781218546761099
match.contentexchange.me/adform/ Frame D34B 0
49 B 83ms
21ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/3076781218546761099?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:20 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 xuid
eb2.3lift.com/ Frame D34B 37 B
140 B 60ms
9ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7354&xuid=3076781218546761099&dongle=AD20
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:20 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 put
e1.emxdgt.com/ Frame D34B 0
55 B 78ms
8ms Image
text/html 3.71.169.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d52&uid=3076781218546761099
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.71.169.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-169-66.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:19 GMT
content-length: 0
content-type: text/html

GET
H2 200 plf
c1.adform.net/imatch/ Frame D34B 0
261 B 20ms
19ms Image
text/plain 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=3076781218546761099&agencyId=7390&advertiserId=2103558&src=tp&rnd=59042
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 sprite.d20f3c22097d72bbb32a410c98db8d8e.png
www.dafabet.com/en/dafa/images/ 197 KB
198 KB 14ms
9ms Image
image/png 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafabet.com/en/dafa/images/sprite.d20f3c22097d72bbb32a410c98db8d8e.png

Requested by

Host: www.dafabet.com
URL: https://www.dafabet.com/en/dafa/js/common.d20f3c22097d72bbb32a410c98db8d8e.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

9be66a4eaec790c62e41c45124bc08ec2b4d24d06011ad8048e81d79b84759b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:20 GMT
via: 1.1 PS-TPE-01TU5222:7 (W), 1.1 PS-SIN-01SF343:8 (W), 1.1 PShlamstdAMS1mi112:0 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 23 Sep 2022 08:52:30 GMT
server: PWS/8.3.1.0.8
age: 704260
etag: "632d73ce-31466"
x-ws-request-id: 633da870_PSdgflkfFRA1je97_1821-57469
content-type: image/png
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
content-length: 201830
expires: Wed, 27 Sep 2023 12:15:40 GMT

GET
H2 200 Floating_Banner_left_bg.png
www.dafabet.com/en/2018-09/ 1 KB
2 KB 14ms
11ms Image
image/png 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafabet.com/en/2018-09/Floating_Banner_left_bg.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

8736af2d295525a939c8c8dac5753efd917fbad619dd0a5d3e8c7ae31d5f58e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:20 GMT
via: 1.1 PS-TPE-01TU5222:7 (W), 1.1 PS-SIN-01xOB68:5 (W), 1.1 jp45:9 (W), 1.1 PSfgblPAR2rt183:1 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 07 Sep 2018 01:51:45 GMT
server: PWS/8.3.1.0.8
age: 3564025
etag: "5b91d9b1-5cc"
x-ws-request-id: 633da870_PSdgflkfFRA1je97_1821-57470
content-type: image/png
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
content-length: 1484
expires: Fri, 25 Aug 2023 09:52:55 GMT

GET
H2 200 Floating_Banner_right_bg_0.png
www.dafabet.com/en/2018-10/ 2 KB
2 KB 15ms
13ms Image
image/png 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafabet.com/en/2018-10/Floating_Banner_right_bg_0.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

a3aa896141cf840e5548d76aafcaf0d10db50ebb4fc2811858b5ad4da3146a59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:20 GMT
via: 1.1 PS-TPE-01qXz223:4 (W), 1.1 jp45:0 (W), 1.1 PSfgblPAR2rt183:9 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 Oct 2018 02:14:47 GMT
server: PWS/8.3.1.0.8
age: 445899
etag: "5bc3f817-74e"
x-ws-request-id: 633da870_PSdgflkfFRA1je97_1821-57471
content-type: image/png
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
content-length: 1870
expires: Sat, 30 Sep 2023 12:01:41 GMT

GET
H2 200 Floating_Banner_left_bg.png
www.dafabet.com/en/2018-09/ 1 KB
2 KB 11ms
9ms Image
image/png 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafabet.com/en/2018-09/Floating_Banner_left_bg.png

Requested by

Host: www.dafabet.com
URL: https://www.dafabet.com/en/js/vendor.c6a09c9e63a58235a28a912f0e4dc36b.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

8736af2d295525a939c8c8dac5753efd917fbad619dd0a5d3e8c7ae31d5f58e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:20 GMT
via: 1.1 PS-TPE-01TU5222:7 (W), 1.1 PS-SIN-01xOB68:5 (W), 1.1 jp45:9 (W), 1.1 PSfgblPAR2rt183:1 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 07 Sep 2018 01:51:45 GMT
server: PWS/8.3.1.0.8
age: 3564025
etag: "5b91d9b1-5cc"
x-ws-request-id: 633da870_PSdgflkfFRA1je97_1821-57472
content-type: image/png
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
content-length: 1484
expires: Fri, 25 Aug 2023 09:52:55 GMT

GET
H2 200 Floating_Banner_right_bg_0.png
www.dafabet.com/en/2018-10/ 2 KB
2 KB 11ms
10ms Image
image/png 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafabet.com/en/2018-10/Floating_Banner_right_bg_0.png

Requested by

Host: www.dafabet.com
URL: https://www.dafabet.com/en/dafa/js/common.d20f3c22097d72bbb32a410c98db8d8e.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

a3aa896141cf840e5548d76aafcaf0d10db50ebb4fc2811858b5ad4da3146a59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/en?btag=682208_59A4F99F6763406CBA8A4CE013D2D00E&utm_source=682208&utm_medium=61340&utm_campaign=7861
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:20 GMT
via: 1.1 PS-TPE-01qXz223:4 (W), 1.1 jp45:0 (W), 1.1 PSfgblPAR2rt183:9 (W), 1.1 PS-FRA-01lai110:8 (W)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 Oct 2018 02:14:47 GMT
server: PWS/8.3.1.0.8
age: 445899
etag: "5bc3f817-74e"
x-ws-request-id: 633da870_PSdgflkfFRA1je97_1821-57473
content-type: image/png
cache-control: max-age=31536000, public
x-px: ht PS-FRA-01lai110FRA
accept-ranges: bytes
content-length: 1870
expires: Sat, 30 Sep 2023 12:01:41 GMT

GET
H2 200 d17.html Show response
aka-als.dafabet.com/test/ Frame 9C19 8 KB
2 KB 576ms
323ms Document
text/html 2.21.20.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://aka-als.dafabet.com/test/d17.html?rnd=1-1-20200-1-20200-44612-3937572372-_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYAQA

Requested by

Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.20.212 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-20-212.deploy.static.akamaitechnologies.com

Software

Resource Hash

d770c011603098a3742f00afa951921b39a1daa27937c6a33a6f27e256556886

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer: https://www.dafabet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1557
content-type: text/html
date: Wed, 05 Oct 2022 15:53:21 GMT
expires: Wed, 05 Oct 2022 15:53:21 GMT
pragma: no-cache
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept-Encoding

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
174 B 732ms
226ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=visit&userId=&source=direct&device=desktop&sessionStart=20221005155320&cookieId=ctmzy3.l8vt75zj&origin=dafabet_com_asia&ver=8.142.0-3.6&segments=&0515532
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 05 Oct 2022 15:53:21 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 eventsApi
asia.frosmo.com/ 43 B
123 B 709ms
227ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/eventsApi?method=customAction&name=userLoggedIn&value=false&title=&cookieId=ctmzy3.l8vt75zj&origin=dafabet_com_asia&ver=8.142.0-3.6&0
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:21 GMT
server: openresty
x-robots-tag: none
content-length: 43
content-type: image/gif

POST
H2 200 eventsApi
asia.frosmo.com/ 43 B
123 B 708ms
227ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/eventsApi?method=customAction&name=chrome53&value=true&title=&cookieId=ctmzy3.l8vt75zj&origin=dafabet_com_asia&ver=8.142.0-3.6&1
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:21 GMT
server: openresty
x-robots-tag: none
content-length: 43
content-type: image/gif

POST
H2 200 eventsApi
asia.frosmo.com/ 43 B
123 B 707ms
228ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/eventsApi?method=customAction&name=chrome&value=true&title=&cookieId=ctmzy3.l8vt75zj&origin=dafabet_com_asia&ver=8.142.0-3.6&2
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:21 GMT
server: openresty
x-robots-tag: none
content-length: 43
content-type: image/gif

POST
H2 200 eventsApi
asia.frosmo.com/ 43 B
123 B 706ms
228ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/eventsApi?method=customAction&name=popupNrSpecificPlayers&value=1&title=&cookieId=ctmzy3.l8vt75zj&origin=dafabet_com_asia&ver=8.142.0-3.6&3
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:21 GMT
server: openresty
x-robots-tag: none
content-length: 43
content-type: image/gif

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 703ms
227ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=showMessage&userId=&messageId=2236&revision=1&sessionStart=20221005155320&cookieId=ctmzy3.l8vt75zj&origin=dafabet_com_asia&ver=8.142.0-3.6&segments=&05155331
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 05 Oct 2022 15:53:21 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 segmentApi
asia.frosmo.com/ 43 B
324 B 227ms
226ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/segmentApi?origin=dafabet_com_asia&cookieId=ctmzy3.l8vt75zj&05155333
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date: Wed, 05 Oct 2022 15:53:21 GMT
cache-control: no-cache, private
content-type: image/gif
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 location Show response
asia.frosmo.com/ 43 B
488 B 703ms
228ms XHR
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/location
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:21 GMT
x-real-ip: 81.95.5.42
x-longitude: 13.95000
x-isp: Core Back Bone
x-city: Bad Gottleuba
content-length: 43
x-country-name: Germany
server: openresty
x-country2: DE
content-type: image/gif
access-control-allow-origin: *
x-region-code: SN
access-control-expose-headers: X-Country2,X-latitude,X-longitude,X-Region-Code,X-City,X-ISP,X-Real-IP
cache-control: no-cache, private
x-latitude: 50.85830
access-control-allow-headers: X-Country2,X-latitude,X-longitude,X-Region-Code,X-City,X-ISP,X-Real-IP
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 227ms
227ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=setUserSegment&userId=&segmentName=sgmt_1973&segmentValue=value1&sessionStart=20221005155320&cookieId=ctmzy3.l8vt75zj&origin=dafabet_com_asia&ver=8.142.0-3.6&segments=1973&05155342
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 05 Oct 2022 15:53:21 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 345ms
345ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=setUserSegment&userId=&segmentName=sgmt_1985&segmentValue=value1&sessionStart=20221005155320&cookieId=ctmzy3.l8vt75zj&origin=dafabet_com_asia&ver=8.142.0-3.6&segments=1973.1985&05155344
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 05 Oct 2022 15:53:21 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 344ms
344ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=setUserSegment&userId=&segmentName=sgmt_1978&segmentValue=value1&sessionStart=20221005155320&cookieId=ctmzy3.l8vt75zj&origin=dafabet_com_asia&ver=8.142.0-3.6&segments=1973.1985.1978&05155345
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 05 Oct 2022 15:53:21 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 346ms
345ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=setUserSegment&userId=&segmentName=sgmt_1548&segmentValue=value1&sessionStart=20221005155320&cookieId=ctmzy3.l8vt75zj&origin=dafabet_com_asia&ver=8.142.0-3.6&segments=1973.1985.1978.1548&05155346
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 05 Oct 2022 15:53:21 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 347ms
346ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=setUserSegment&userId=&segmentName=sgmt_1563&segmentValue=value1&sessionStart=20221005155320&cookieId=ctmzy3.l8vt75zj&origin=dafabet_com_asia&ver=8.142.0-3.6&segments=1973.1985.1978.1548.1563&05155348
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 05 Oct 2022 15:53:21 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 347ms
347ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=setUserSegment&userId=&segmentName=sgmt_1565&segmentValue=value1&sessionStart=20221005155320&cookieId=ctmzy3.l8vt75zj&origin=dafabet_com_asia&ver=8.142.0-3.6&segments=1973.1985.1978.1548.1563.1565&05155349
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 05 Oct 2022 15:53:21 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 348ms
348ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=setUserSegment&userId=&segmentName=sgmt_1569&segmentValue=value1&sessionStart=20221005155320&cookieId=ctmzy3.l8vt75zj&origin=dafabet_com_asia&ver=8.142.0-3.6&segments=1973.1985.1978.1548.1563.1565.1569&05155350
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 05 Oct 2022 15:53:21 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 messageApi Show response
asia.frosmo.com/ 612 KB
85 KB 732ms
312ms XHR
application/json 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/messageApi?method=multifetch&origin=dafabet_com_asia&cookieId=ctmzy3.l8vt75zj&positions=190.191.199.200.218.219.220.229.250.328.335.336.337.338.339.340.349.362.363.460.501.517.520.650.743.745.746.752.753.758.759.809.810.811.815.819.820.821.822.823.824.825.886.887.888.889.890.891.892.893.894.895.896.897.898.899.900.901.927.1199.1476.1775.1801.1861.1862.1863.1896.2000.1999.1998.1997.923.903.881.761.760.756.755.754.751.750.749.748.747.744.742.741.735.734.733.732.731.730.729.728.727.726.725.724.723.722.721.720.719.718.717.716.715.714.713.712.711.710.709.708.707.706.705.704.690.676.651.649.400.247.244.222.221.189&states=%7B%22_device%22%3A%22desktop%22%2C%22loginStatus%22%3A%22unauthenticated%22%2C%22userLoggedIn%22%3A%22false%22%2C%22popupNrSpecificPlayers%22%3A%221%22%7D&ver=8.142.0-3.6&version=3.0&ts=1664985200724&targetGroups=&segments=1973.1985.1978.1548.1563.1565.1569&source=direct&debug=false
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: 2772d06a3d46e55de25c7d2c394f4304e2dbf6d3c36cccfa64e015e8118ea4f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:21 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
x-robots-tag: none
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYA... 16 B
283 B 38ms
13ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYAQA/1/20200/44612/1,16/0/873/0/0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 15:53:21 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 d17.html Show response
aka-als.dafabet.com/test/ Frame CD62 8 KB
2 KB 293ms
293ms Document
text/html 2.21.20.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://aka-als.dafabet.com/test/d17.html?rnd=0-1-20200-1-20200-44612-3937572372-_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYAQA

Requested by

Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.20.212 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-20-212.deploy.static.akamaitechnologies.com

Software

Resource Hash

d770c011603098a3742f00afa951921b39a1daa27937c6a33a6f27e256556886

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer: https://www.dafabet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1557
content-type: text/html
date: Wed, 05 Oct 2022 15:53:21 GMT
expires: Wed, 05 Oct 2022 15:53:21 GMT
pragma: no-cache
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept-Encoding

POST
H2 200 eventsApi
asia.frosmo.com/ 43 B
123 B 231ms
231ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/eventsApi?method=customAction&name=geolocationEurope&value=europe&title=&cookieId=ctmzy3.l8vt75zj&origin=dafabet_com_asia&ver=8.142.0-3.6&4
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:21 GMT
server: openresty
x-robots-tag: none
content-length: 43
content-type: image/gif

POST
H2 200 eventsApi
asia.frosmo.com/ 43 B
123 B 227ms
227ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/eventsApi?method=customAction&name=geolocationPoland&value=Poland&title=&cookieId=ctmzy3.l8vt75zj&origin=dafabet_com_asia&ver=8.142.0-3.6&5
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 15:53:21 GMT
server: openresty
x-robots-tag: none
content-length: 43
content-type: image/gif

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 227ms
227ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=setUserSegment&userId=&segmentName=sgmt_1907&segmentValue=value1&sessionStart=20221005155320&cookieId=ctmzy3.l8vt75zj&origin=dafabet_com_asia&ver=8.142.0-3.6&segments=1973.1985.1978.1548.1563.1565.1569.1907&051553742
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 05 Oct 2022 15:53:21 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 227ms
226ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=setUserSegment&userId=&segmentName=sgmt_1810&segmentValue=value1&sessionStart=20221005155320&cookieId=ctmzy3.l8vt75zj&origin=dafabet_com_asia&ver=8.142.0-3.6&segments=1973.1985.1978.1548.1563.1565.1569.1907.1810&051553744
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 05 Oct 2022 15:53:21 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYA... 16 B
283 B 14ms
13ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYAQA/1/20200/44612/0,16/0/295/0/0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 15:53:21 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 d17.html Show response
cdnetworks-230.shadowsamurai.net/test/ Frame F5FF 9 KB
2 KB 373ms
299ms Document
text/html 163.171.147.15
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnetworks-230.shadowsamurai.net/test/d17.html?rnd=1-1-20200-1-20200-47800-3937572372-_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYAQA
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.147.15 , United States, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 0246d3b3e45ce8e0aa8e7c4260c1f3c28aac3067692ee685bcb58e8a20f031ba

Request headers

Referer: https://www.dafabet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: private, max-age=0, no-cache, no-store
content-encoding: gzip
content-type: text/html
date: Wed, 05 Oct 2022 15:53:21 GMT
etag: "6229af3a-2222"
last-modified: Thu, 10 Mar 2022 07:56:42 GMT
pragma: no-cache
server: PWS/8.3.1.0.8
timing-allow-origin: *
via: 1.1 dianxun231:4 (W), 1.1 PSygldLON2mb11:3 (W), 1.1 PS-VIE-01Lw182:12 (W)
x-px: ms PS-VIE-01Lw182VIE,ms PSygldLON2mb11LHR,ms dianxun231000(origin)
x-ws-request-id: 633da871_PS-VIE-01Lw182_1171-36310

GET
H2 200 icon
fonts.googleapis.com/ 569 B
869 B 40ms
17ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Oct 2022 15:53:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 15:53:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Oct 2022 15:53:21 GMT

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 227ms
227ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=showMessage&userId=&messageId=2214&revision=1&sessionStart=20221005155320&cookieId=ctmzy3.l8vt75zj&origin=dafabet_com_asia&ver=8.142.0-3.6&segments=1973.1985.1978.1548.1563.1565.1569.1907.1810&0515531316
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 05 Oct 2022 15:53:22 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 227ms
227ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=showMessage&userId=&messageId=3172&revision=1&sessionStart=20221005155320&cookieId=ctmzy3.l8vt75zj&origin=dafabet_com_asia&ver=8.142.0-3.6&segments=1973.1985.1978.1548.1563.1565.1569.1907.1810&0515531343
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 05 Oct 2022 15:53:22 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 227ms
227ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=showMessage&userId=&messageId=2195&revision=2&sessionStart=20221005155320&cookieId=ctmzy3.l8vt75zj&origin=dafabet_com_asia&ver=8.142.0-3.6&segments=1973.1985.1978.1548.1563.1565.1569.1907.1810&0515531345
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 05 Oct 2022 15:53:22 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 226ms
226ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=showMessage&userId=&messageId=4560&revision=8&sessionStart=20221005155320&cookieId=ctmzy3.l8vt75zj&origin=dafabet_com_asia&ver=8.142.0-3.6&segments=1973.1985.1978.1548.1563.1565.1569.1907.1810&0515531350
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 05 Oct 2022 15:53:22 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK arrow-down-triple-white.png
dk0tzorg7uge9.cloudfront.net/message_files/40/2061/193/ 511 B
1 KB 957ms
956ms Image
image/png 108.138.2.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dk0tzorg7uge9.cloudfront.net/message_files/40/2061/193/arrow-down-triple-white.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.2.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-2-60.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e32d0137b37137e902d7be5b6de744893db6fd2e2be566a66db6d1582418294a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 15:53:23 GMT
Via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
Last-Modified: Wed, 23 May 2018 08:56:23 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:505/gname:fcp-php/uname:fcp-php/gid:505/mode:33188/mtime:1527065782/atime:1527065782/md5:24706a99cc619b6439dadf6cc02cdd8a/ctime:1527065782
X-Amz-Cf-Pop: FRA56-P6
ETag: "24706a99cc619b6439dadf6cc02cdd8a"
X-Cache: RefreshHit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 511
X-Amz-Cf-Id: m84SyeRxpQmDyDtIWtGTbNQAn1GmpOeWf344TgiIcqKI1T6p6GHDiw==

GET
H/1.1 200
OK arrow-down-triple-yellow.png
dk0tzorg7uge9.cloudfront.net/message_files/40/2061/194/ 511 B
1 KB 945ms
944ms Image
image/png 108.138.2.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dk0tzorg7uge9.cloudfront.net/message_files/40/2061/194/arrow-down-triple-yellow.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.2.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-2-60.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d01e7f7bc38eeccd2397c1df224742f91cfbc6b59cfd8a4f0296eb9fd8e8de78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 15:53:23 GMT
Via: 1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
Last-Modified: Wed, 23 May 2018 08:56:57 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:505/gname:fcp-php/uname:fcp-php/gid:505/mode:33188/mtime:1527065816/atime:1527065816/md5:eeae68f9e6712f3e82800d34760a6640/ctime:1527065816
X-Amz-Cf-Pop: FRA56-P6
ETag: "eeae68f9e6712f3e82800d34760a6640"
X-Cache: RefreshHit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 511
X-Amz-Cf-Id: 2NX8Ocn6QifVCa_DZyXf_WkUehNK1_6sH-EDx15cU7C8gW3AJfxHwg==

GET
H/1.1 200
OK mdd-on.jpg
dk0tzorg7uge9.cloudfront.net/message_files/40/4716/533/ 191 KB
191 KB 964ms
950ms Image
image/jpeg 108.138.2.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dk0tzorg7uge9.cloudfront.net/message_files/40/4716/533/mdd-on.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.2.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-2-60.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 296f80730ee5d3a6ae96d1a4cafbdd77272091194fd0c0d5ac21d94654e68dcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 15:53:23 GMT
Via: 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
Last-Modified: Tue, 05 Oct 2021 12:48:04 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1633438083/ctime:1633438083/gid:505/gname:fcp-php/md5:9d0298037833ae35c02390736c85d776/mode:33188/mtime:1633438083/uid:505/uname:fcp-php
X-Amz-Cf-Pop: FRA56-P6
ETag: "9d0298037833ae35c02390736c85d776"
X-Cache: RefreshHit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 195409
X-Amz-Cf-Id: _r0CWFoxK1dhPoLHqSAS2rNrsWdtNZaNCh5tFBevzJmnMEbuKxIJvw==

GET
H/1.1 200
OK mdd-off.jpg
dk0tzorg7uge9.cloudfront.net/message_files/40/4716/534/ 173 KB
173 KB 967ms
953ms Image
image/jpeg 108.138.2.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dk0tzorg7uge9.cloudfront.net/message_files/40/4716/534/mdd-off.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.2.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-2-60.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31344945c1c2dc743640442fd4508719a4a3801e096e631a92cf737067a91e53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 15:53:23 GMT
Via: 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
Last-Modified: Tue, 05 Oct 2021 12:48:15 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1633438093/ctime:1633438093/gid:505/gname:fcp-php/md5:3e35b417207e32dd3fd707d34ff22f4e/mode:33188/mtime:1633438093/uid:505/uname:fcp-php
X-Amz-Cf-Pop: FRA56-P6
ETag: "3e35b417207e32dd3fd707d34ff22f4e"
X-Cache: RefreshHit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 176929
X-Amz-Cf-Id: aycn06t73ipwpnloWemYvtIl9FD9se3ypKrx2Wqc91NXlg7col465Q==

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 227ms
226ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=setUserSegment&userId=&segmentName=sgmt_1942&segmentValue=value1&sessionStart=20221005155320&cookieId=ctmzy3.l8vt75zj&origin=dafabet_com_asia&ver=8.142.0-3.6&segments=1973.1985.1978.1548.1563.1565.1569.1907.1810.1942&0515531368
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 05 Oct 2022 15:53:22 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYA... 16 B
283 B 13ms
13ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYAQA/1/20200/47800/1,16/0/374/0/0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 15:53:22 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 d17.html Show response
cdnetworks-230.shadowsamurai.net/test/ Frame 5CAC 9 KB
2 KB 246ms
246ms Document
text/html 163.171.147.15
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnetworks-230.shadowsamurai.net/test/d17.html?rnd=0-1-20200-1-20200-47800-3937572372-_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYAQA
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.147.15 , United States, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 0246d3b3e45ce8e0aa8e7c4260c1f3c28aac3067692ee685bcb58e8a20f031ba

Request headers

Referer: https://www.dafabet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: private, max-age=0, no-cache, no-store
content-encoding: gzip
content-type: text/html
date: Wed, 05 Oct 2022 15:53:22 GMT
etag: "6229b80b-2222"
last-modified: Thu, 10 Mar 2022 08:34:19 GMT
pragma: no-cache
server: PWS/8.3.1.0.8
timing-allow-origin: *
via: 1.1 dianxun231:4 (W), 1.1 PSygldLON2mb11:3 (W), 1.1 PS-VIE-01Lw182:12 (W)
x-px: ms PS-VIE-01Lw182VIE,ms PSygldLON2mb11LHR,ms dianxun231000(origin)
x-ws-request-id: 633da872_PS-VIE-01Lw182_1171-36320

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYA... 16 B
283 B 14ms
13ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYAQA/1/20200/47800/0,16/0/248/0/0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 15:53:22 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 sureroute.html Show response
aka-www.dffgames.com/en/promotions/ Frame 20FF 8 KB
2 KB 458ms
321ms Document
text/html 2.21.20.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://aka-www.dffgames.com/en/promotions/sureroute.html?rnd=1-1-20200-1-20200-42793-3937572372-_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYAQA

Requested by

Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.20.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-20-209.deploy.static.akamaitechnologies.com

Software

nginx/1.11.10 /

Resource Hash

0c222d1ddf1d0b5a9799949a3be0df062185e54e02d404e3d5c2381e422437df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer: https://www.dafabet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache
content-encoding: gzip
content-length: 1512
content-type: text/html
date: Wed, 05 Oct 2022 15:53:22 GMT
etag: "63087e9e-211b"
expires: Wed, 05 Oct 2022 15:53:22 GMT
last-modified: Fri, 26 Aug 2022 08:04:46 GMT
server: nginx/1.11.10
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept-Encoding

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYA... 16 B
283 B 13ms
13ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYAQA/1/20200/42793/1,16/0/461/0/0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 15:53:22 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 sureroute.html Show response
aka-www.dffgames.com/en/promotions/ Frame 761B 8 KB
2 KB 294ms
294ms Document
text/html 2.21.20.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://aka-www.dffgames.com/en/promotions/sureroute.html?rnd=0-1-20200-1-20200-42793-3937572372-_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYAQA

Requested by

Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.20.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-20-209.deploy.static.akamaitechnologies.com

Software

nginx/1.11.10 /

Resource Hash

0c222d1ddf1d0b5a9799949a3be0df062185e54e02d404e3d5c2381e422437df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer: https://www.dafabet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache
content-encoding: gzip
content-length: 1512
content-type: text/html
date: Wed, 05 Oct 2022 15:53:23 GMT
etag: "63087e9e-211b"
expires: Wed, 05 Oct 2022 15:53:23 GMT
last-modified: Fri, 26 Aug 2022 08:04:46 GMT
server: nginx/1.11.10
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept-Encoding

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 32ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-S5WHEF6PM5&gtm=2oea30&_p=1349089885&cid=636931295.1664985198&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=2&sid=1664985198&sct=1&seg=0&dl=https%3A%2F%2Fwww.dafabet.com%2Fen%3Fbtag%3D682208_59A4F99F6763406CBA8A4CE013D2D00E%26utm_source%3D682208%26utm_medium%3D61340%26utm_campaign%3D7861&dt=Dafabet%20is%20The%20Most%20Secure%20Online%20Betting%20Company%20in%20Asia&en=scroll&epn.percent_scrolled=90&_et=5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S5WHEF6PM5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 15:53:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dafabet.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYA... 16 B
283 B 14ms
13ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYAQA/1/20200/42793/0,16/0/296/0/0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 15:53:23 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 sureroute.html Show response
aka-www.dafalive88.com/en/promotions/ Frame 7818 8 KB
2 KB 781ms
342ms Document
text/html 2.18.79.132

General

Check archive.org

Show headers Download Go to

Full URL

https://aka-www.dafalive88.com/en/promotions/sureroute.html?rnd=1-1-20200-1-20200-44669-3937572372-_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYAQA

Requested by

Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.79.132 -, , ASN (),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

0c222d1ddf1d0b5a9799949a3be0df062185e54e02d404e3d5c2381e422437df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer: https://www.dafabet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache
content-encoding: gzip
content-length: 1512
content-type: text/html
date: Wed, 05 Oct 2022 15:53:23 GMT
etag: "63087e9e-211b"
expires: Wed, 05 Oct 2022 15:53:23 GMT
last-modified: Fri, 26 Aug 2022 08:04:46 GMT
server: nginx/1.11.10
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept-Encoding

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYA... 16 B
283 B 13ms
12ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYAQA/1/20200/44669/1,16/0/782/0/0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 15:53:23 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 sureroute.html Show response
aka-www.dafalive88.com/en/promotions/ Frame 4D98 8 KB
2 KB 288ms
288ms Document
text/html 2.18.79.132

General

Check archive.org

Show headers Download Go to

Full URL

https://aka-www.dafalive88.com/en/promotions/sureroute.html?rnd=0-1-20200-1-20200-44669-3937572372-_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYAQA

Requested by

Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.79.132 -, , ASN (),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

0c222d1ddf1d0b5a9799949a3be0df062185e54e02d404e3d5c2381e422437df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer: https://www.dafabet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache
content-encoding: gzip
content-length: 1512
content-type: text/html
date: Wed, 05 Oct 2022 15:53:24 GMT
etag: "63087e9e-211b"
expires: Wed, 05 Oct 2022 15:53:24 GMT
last-modified: Fri, 26 Aug 2022 08:04:46 GMT
server: nginx/1.11.10
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept-Encoding

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYA... 16 B
283 B 13ms
13ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYAQA/1/20200/44669/0,16/0/289/0/0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 15:53:24 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK sureroute.html Show response
ori-www.dffgames.com/en/promotions/ Frame 7CDB 8 KB
9 KB 1164ms
285ms Document
text/html 110.50.230.131

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-www.dffgames.com/en/promotions/sureroute.html?rnd=1-1-20200-1-20200-42796-3937572372-_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYAQA

Requested by

Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.131 -, , ASN (),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

0c222d1ddf1d0b5a9799949a3be0df062185e54e02d404e3d5c2381e422437df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dafabet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 8475
Content-Type: text/html
Date: Wed, 05 Oct 2022 15:53:25 GMT
ETag: "63087e9e-211b"
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Last-Modified: Fri, 26 Aug 2022 08:04:46 GMT
Server: nginx/1.11.10
Strict-Transport-Security: max-age=31536000; includeSubDomains

POST
H/1.1 200
Ok _CgJqNRAUGHsiBggBEOidASiyuKPcBTDv0PaZBjjv0PaZBkCsicXRA0oPCAMQDRiXaCAAKIiBgKAEUABaCggAEAAYACAAKABgAWoTYnV0dG9uMi5hbXMuaHYucHJvZIIBEAgDEDUYs6IMIAAo7oOAoASIAdG-ldAC Show response
rpt.cedexis.com/r1/1/20200/ 16 B
283 B 13ms
13ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/r1/1/20200/_CgJqNRAUGHsiBggBEOidASiyuKPcBTDv0PaZBjjv0PaZBkCsicXRA0oPCAMQDRiXaCAAKIiBgKAEUABaCggAEAAYACAAKABgAWoTYnV0dG9uMi5hbXMuaHYucHJvZIIBEAgDEDUYs6IMIAAo7oOAoASIAdG-ldAC?rnd=qlscufhrvkvhxpwjuptfggluaxvqpenm
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Referer: https://www.dafabet.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 05 Oct 2022 15:53:24 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

POST
H3 200 adrum Show response
col.0wp0usgn.com/eumcollector/beacons/browser/v1/EUM-AAB-AVW/ 0
17 B 305ms
296ms XHR
text/html 34.149.119.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://col.0wp0usgn.com/eumcollector/beacons/browser/v1/EUM-AAB-AVW/adrum

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum-ext.5d7b2188022f1c8e1f74b468f022cb04.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.119.194 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

194.119.149.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dafabet.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-type: text/plain

Response headers

appd-request-id: a88e0c749aecdfe5
date: Wed, 05 Oct 2022 15:53:24 GMT
via: 1.1 google
pragma: no-cache
x-content-type-options: nosniff
vary: *
content-type: text/html
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
access-control-allow-headers: origin, content-type, accept
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYA... 16 B
283 B 37ms
13ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYAQA/1/20200/42796/1,16/0/1164/0/0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 15:53:25 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK sureroute.html Show response
ori-www.dffgames.com/en/promotions/ Frame DADD 8 KB
9 KB 285ms
284ms Document
text/html 110.50.230.131

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-www.dffgames.com/en/promotions/sureroute.html?rnd=0-1-20200-1-20200-42796-3937572372-_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYAQA

Requested by

Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.131 -, , ASN (),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

0c222d1ddf1d0b5a9799949a3be0df062185e54e02d404e3d5c2381e422437df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dafabet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 8475
Content-Type: text/html
Date: Wed, 05 Oct 2022 15:53:25 GMT
ETag: "63087e9e-211b"
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Last-Modified: Fri, 26 Aug 2022 08:04:46 GMT
Server: nginx/1.11.10
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYA... 16 B
283 B 13ms
12ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYAQA/1/20200/42796/0,16/0/286/0/0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafabet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 15:53:25 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET r20.gif
cdn-static.qianxiajz.com/img/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn-static.qianxiajz.com
URL: https://cdn-static.qianxiajz.com/img/r20.gif?rnd=1-1-20200-1-20200-42689-3937572372-_CgJqMRAUGHsiBggBEOidASiUrMrVDjDu0PaZBjju0PaZBkCs-4uQCEoPCAMQNRjBdiAAKPODgKAEUNiMI1oQCAMQNRjswgEgACjug4CgBGABahNidXR0b24yLmFtcy5odi5wcm9kggEQCAMQNRizogwgACjug4CgBIgB0b6V0AKQAQCYAQA

Verdicts & Comments Add Verdict or Comment

227 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

110 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
otnolatrnup.com/	1969-12-31 23:59:59	Name: IKSR Value: {}
otnolatrnup.com/	1969-12-31 23:59:59	Name: INF_DFL8 Value: false
otnolatrnup.com/	1970-01-20 16:05:45	Name: IUID Value: 80b80cbc-3322-468c-89c4-8912a5371392
otnolatrnup.com/	1969-12-31 23:59:59	Name: ISSH Value: 666695
otnolatrnup.com/	1969-12-31 23:59:59	Name: VMI Value: bbe4fdc8-d4e4-44a1-b79c-4b772ff89522
otnolatrnup.com/	1970-01-20 16:05:45	Name: IPLH Value: #{"96161":[{"SId":"666695","D":"22/10/5T8:53:16"}]}
otnolatrnup.com/	1970-01-20 16:05:45	Name: IPLH_Q Value: #[96161]
otnolatrnup.com/	1970-01-20 16:05:45	Name: CHN Value: #~1~F~6~71664982000000)%5c%2f%22~984~c101~a%22India%22~b0~d0~e0~f23049~g62~h11933~i48754~j50937~k87189~l96161~m114571~n1~q~r~u~v~x~z~C~P~L~N_DT-1_OS-4_Br-1_PlM-1_OSV-10_ABR-false~R~T_isPr-false_IA-false_N-1~U0_POR-false_DD-%22c6a7de1e-6292-4fa9-a3d8-054352551a42%22_Tz-330_TzD-false_BrV-106_F-100000_A2-5021_Ca2-49116_Pl2-99674_Do-1_UPCO-false_Wi-1024_He-768~G0~H"2022-11-04T08:53:16.0165525-07:00~2
otnolatrnup.com/	1970-01-20 16:05:45	Name: MSSH Value: #{}
otnolatrnup.com/	1970-01-20 16:05:45	Name: MSRH Value: #{}
otnolatrnup.com/	1970-01-20 16:05:45	Name: ILP Value: null
otnolatrnup.com/	1970-01-20 16:05:45	Name: ILPLU Value: #1/1/0001 12:00:00 AM
otnolatrnup.com/	1970-01-20 16:05:45	Name: ILEALC Value: #1/1/0001 12:00:00 AM
otnolatrnup.com/	1970-01-20 06:29:59	Name: ILMPF Value: #False
otnolatrnup.com/	1970-01-20 16:05:45	Name: IPMPLU Value: #
otnolatrnup.com/	1970-01-20 16:05:45	Name: IPMUID Value: #
otnolatrnup.com/	1970-01-20 16:05:45	Name: BSWUID Value: #
otnolatrnup.com/	1970-01-20 16:05:45	Name: IBL Value: #[]
otnolatrnup.com/	1970-01-20 16:05:45	Name: IPLSH Value: #{}
otnolatrnup.com/	1970-01-20 16:05:45	Name: IPLSH_Q Value: #[]
otnolatrnup.com/	1970-01-20 16:05:45	Name: IZH Value: #{"23049":[{"SId":"666695","D":"22/10/5T8:53:16"}]}
otnolatrnup.com/	1970-01-20 16:05:45	Name: IZH_Q Value: #[23049]
otnolatrnup.com/	1970-01-20 16:05:45	Name: IMCH Value: #{}
otnolatrnup.com/	1970-01-20 16:05:45	Name: IMCH_Q Value: #[]
otnolatrnup.com/	1970-01-20 16:05:45	Name: IMH Value: #{"114571":[{"SId":"666695","D":"22/10/5T8:53:16"}]}
otnolatrnup.com/	1970-01-20 16:05:45	Name: IMH_Q Value: #[114571]
otnolatrnup.com/	1970-01-20 16:05:45	Name: ISH Value: #{}
otnolatrnup.com/	1970-01-20 16:05:45	Name: ISH_Q Value: #[]
otnolatrnup.com/	1970-01-20 16:05:45	Name: ISPH Value: #{"101":[{"SId":"666695","D":"22/10/5T8:53:16"}]}
otnolatrnup.com/	1970-01-20 16:05:45	Name: ISPH_Q Value: #[101]
otnolatrnup.com/	1970-01-20 16:05:45	Name: ICH Value: #{"48754":[{"SId":"666695","D":"22/10/5T8:53:16"}]}
otnolatrnup.com/	1970-01-20 16:05:45	Name: ICH_Q Value: #[48754]
.dfbanners.com/	1970-01-20 16:05:45	Name: NetRefer_CookieUniTrack_C Value: %5b%7b%22PID%22%3a61340%2c%22BID%22%3a7861%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664985196479)%5c%2f%22%2c%22CookieTag%22%3a%2278616134021%3a%3ab2%3a0a4%3a10a2C20221051553%22%7d%5d
.dfbanners.com/	1970-01-20 16:05:45	Name: NetReferSPS Value: %5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%22820785710%7c1%22%7d%5d
.dafabet.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6jnn9hdtkig5j5bjfs5vqebjfu
www.dafabet.com/	1970-01-20 07:13:33	Name: affiliates Value: btag%3D682208_59A4F99F6763406CBA8A4CE013D2D00E
.dafabet.com/	1970-01-20 15:15:42	Name: mhlanguage Value: en
.dafabet.com/	1970-01-20 16:05:45	Name: _ga_S5WHEF6PM5 Value: GS1.1.1664985198.1.0.1664985198.0.0.0
.dafabet.com/	1970-01-20 16:05:45	Name: _ga Value: GA1.2.636931295.1664985198
.dafabet.com/	1970-01-20 06:31:11	Name: _gid Value: GA1.2.664541008.1664985198
.dafabet.com/	1970-01-20 06:29:45	Name: _gat Value: 1
.adnxs.com/	1970-01-20 08:39:21	Name: uuid2 Value: 8005608530148409799
.dafabet.com/	1970-01-20 15:15:21	Name: _hjSessionUser_121800 Value: eyJpZCI6ImIzYjBiZjFhLWZhNzctNTIxNS1hMzkwLTY1NjJhYjE3M2VjOCIsImNyZWF0ZWQiOjE2NjQ5ODUxOTg0MjgsImV4aXN0aW5nIjpmYWxzZX0=
.dafabet.com/	1970-01-20 06:29:46	Name: _hjFirstSeen Value: 1
www.dafabet.com/	1970-01-20 06:29:45	Name: _hjIncludedInSessionSample Value: 0
.dafabet.com/	1970-01-20 06:29:46	Name: _hjSession_121800 Value: eyJpZCI6ImE3YWNlYjBlLTNlNDAtNDdkYS04YTA3LWMwNTFiOWNmYTc5YiIsImNyZWF0ZWQiOjE2NjQ5ODUxOTg0NTcsImluU2FtcGxlIjpmYWxzZX0=
www.dafabet.com/	1970-01-20 06:29:45	Name: _hjIncludedInPageviewSample Value: 1
.dafabet.com/	1970-01-20 06:29:46	Name: _hjAbsoluteSessionInProgress Value: 0
www.dafabet.com/	1970-01-20 07:13:33	Name: btagTracking Value: %7B%22btag%22%3A%22682208_59A4F99F6763406CBA8A4CE013D2D00E%22%7D
.adform.net/	1970-01-20 07:14:27	Name: C Value: 1
.adform.net/	1970-01-20 07:56:09	Name: uid Value: 3076781218546761099
www.dafabet.com/	1970-01-20 06:29:45	Name: ADRUM_BT Value: R%3A124%7Cg%3A4f7cc794-79e3-4bf0-8709-18398d3e527412860%7Cn%3Acustomer1_49a8be7d-1247-453d-8b9d-eefa04fc150a%7Ci%3A8622%7Ch%3Ae%7Ce%3A209
.adform.net/	1970-01-20 06:31:11	Name: CM Value: 1\|1
.adform.net/	1970-01-20 06:49:54	Name: CM14 Value: 1665071599_1664985199_1_Hu7u4e4e4R7u7u4REREeERERERHhEQ
.yahoo.com/	1970-01-20 15:15:42	Name: A3 Value: d=AQABBG-oPWMCEDb3amFGh0o1Ygb6SrhXqcEFEgEBAQH5PmNHYwAAAAAA_eMAAA&S=AQAAAqMr3-OTOORO4C-bfnHayHc
.adscale.de/	1970-01-20 15:12:01	Name: uu Value: 7ec2918f64a34f1d96736f667e5d2678
.adscale.de/	1970-01-20 15:12:01	Name: cct Value: 1664985199598
.yieldlab.net/	1970-01-20 15:15:21	Name: id Value: 190cb2b2-0f97-46a4-b8dc-8b3296b56789
.ih.adscale.de/	1970-01-20 15:12:01	Name: tu Value: 4#933347707#42~3076781218546761099~462495~0~0
.analytics.yahoo.com/	1970-01-20 15:15:21	Name: IDSYNC Value: 1760~27jr
.bidswitch.net/	1970-01-20 15:15:21	Name: tuuid Value: 4fbee8e6-d30b-40b9-8ecd-7b6881b0ca1f
.bidswitch.net/	1970-01-20 15:15:21	Name: c Value: 1664985199
.bidswitch.net/	1970-01-20 15:15:21	Name: tuuid_lu Value: 1664985199
.360yield.com/	1970-01-20 08:39:21	Name: tuuid Value: 5507c486-ad93-419a-bb8a-2303f003d356
.360yield.com/	1970-01-20 08:39:21	Name: tuuid_lu Value: 1664985199
.360yield.com/	1970-01-20 08:39:21	Name: um Value: !42,Mr-N3vLFBG7RvNFrNPiULU4zMRkAZl3UHqtHCx42PG0R,1666194799
.360yield.com/	1970-01-20 08:39:21	Name: umeh Value: !42,0,1727193199,-1
.eyeota.net/	1970-01-20 06:29:45	Name: SERVERID Value: 17074~DM
.casalemedia.com/	1970-01-20 15:15:21	Name: CMID Value: Yz2obwGIfyqC4k-1ffLCmQAA
.casalemedia.com/	1970-01-20 08:39:21	Name: CMPS Value: 2233
.casalemedia.com/	1970-01-20 08:39:21	Name: CMPRO Value: 2233
.ads.stickyadstv.com/	1970-01-20 07:56:09	Name: uid-bp-617 Value: 3076781218546761099
.ads.stickyadstv.com/	1970-01-20 07:12:57	Name: UID Value: 315beac8d34c9e5ec9aec24cfae41f
.ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 8c3eca2059e846bc747194854f18bd
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.onaudience.com/	1970-01-20 15:15:21	Name: cookie Value: f41a31e826694fff
.onaudience.com/	1970-01-20 06:31:11	Name: done_redirects104 Value: 1
.ads4.admatic.com.tr/	1969-12-31 23:59:59	Name: ARRAffinity Value: 4db27e2390b2e9c59e82acec8e34af18a6d02516cb068545e314a3c2c5df27b2
.adnxs.com/	1970-01-20 08:39:21	Name: anj Value: dTM7k!M4/YD>6NRF']wIg2E>7nW5YB!]td=8i_imf$9G=A^A/r#-9<B%Y_1.%[DbuJ$02h=4xo4Za1+TD._PlZ[C[-kX-G2KXE
.onaudience.com/	1970-01-20 06:31:11	Name: done_redirects161 Value: 1
.krxd.net/	1970-01-20 10:48:57	Name: _kuid_ Value: PHrkqVq5
.semasio.net/	1970-01-20 15:15:21	Name: SEUNCY Value: E05374A021FF5862
.ads3.admatic.com.tr/	1969-12-31 23:59:59	Name: ARRAffinity Value: 2e25d12d61a27898215929d22f53ea590a56c829be315653c07e15cae5cb3700
.doubleclick.net/	1970-01-20 15:51:21	Name: IDE Value: AHWqTUm4wVI5NW8W729jKcgFm4Y-VeEL_8c0JZSvWpUpr8Gkpmt_85ktSwSpFD0J-gs
.adfarm1.adition.com/	1970-01-20 08:39:21	Name: UserID1 Value: 7151056978061097109
.mathtag.com/	1970-01-20 15:55:40	Name: uuid Value: f918633d-a86f-4f00-9c85-e4883c2f7ff0
.agkn.com/	1970-01-20 15:15:21	Name: ab Value: 0001%3A9H7p2N0WhtnV7AsxRmOrPpOvuii7ycir
.w55c.net/	1970-01-20 15:59:59	Name: wfivefivec Value: Cr4u6EDv1OG6HZ5
.onaudience.com/	1970-01-20 06:31:11	Name: done_redirects147 Value: 1
.w55c.net/	1970-01-20 07:12:57	Name: matchadform Value: 5
.demdex.net/	1970-01-20 10:48:57	Name: demdex Value: 86593706732931174453126999055357705303
.id5-sync.com/	1970-01-20 06:29:45	Name: cf Value:
.id5-sync.com/	1970-01-20 06:29:45	Name: cip Value:
.id5-sync.com/	1970-01-20 06:29:45	Name: cnac Value:
.id5-sync.com/	1970-01-20 06:29:45	Name: car Value:
.id5-sync.com/	1970-01-20 06:29:45	Name: gdpr Value:
.id5-sync.com/	1970-01-20 06:29:45	Name: callback Value:
.dpm.demdex.net/	1970-01-20 10:48:57	Name: dpm Value: 86593706732931174453126999055357705303
.weborama.fr/	1970-01-20 15:55:40	Name: AFFICHE_W Value: GTRl5HnQ89cZ54
.seadform.net/	1970-01-20 07:56:12	Name: uid Value: 3076781218546761099
.1dmp.io/	1970-01-20 15:15:21	Name: uid Value: d596a860-44c5-11ed-acfd-901b0e8b2a6e
.tapad.com/	1970-01-20 07:56:09	Name: TapAd_TS Value: 1664985200112
.tapad.com/	1970-01-20 07:56:09	Name: TapAd_DID Value: 049f4c76-2ea0-46ae-b46a-f25d097656e2
.tapad.com/	1970-01-20 07:56:09	Name: TapAd_3WAY_SYNCS Value:
.audrte.com/	1970-01-20 06:51:21	Name: arcki2 Value: cm86PEXbdmrQle55x8Ommm-vw!20220908!1664985200173
.audrte.com/	1970-01-20 06:51:21	Name: arcki2_adform Value: 3076781218546761099!20220908!1664985200387
www.dafabet.com/	1970-01-20 15:15:21	Name: frosmo_quickContext Value: %7B%22VERSION%22%3A%221.1.0%22%2C%22UID%22%3A%22ctmzy3.l8vt75zj%22%2C%22origin%22%3A%22dafabet_com_asia%22%2C%22lastDisplayTime%22%3A%7B%222236%22%3A1664985201%7D%2C%22lastRevisionId%22%3A%7B%222236%22%3A1%7D%2C%22lastPageView%22%3A%7B%22time%22%3A1664985200647%7D%2C%22states%22%3A%7B%22session%22%3A%7B%7D%7D%7D
.audrte.com/	1970-01-20 06:51:21	Name: arcki2_ddp Value: CAESEGpmQah4JcHBskD_lzSLpas!20220908!1664985200734
.audrte.com/	1970-01-20 06:39:50	Name: arcki2_TTT Value: 1664985200735!cm86PEXbdmrQle55x8Ommm-vw!50#1466#1123#190#1025#219#1143#441#561#312#1609#1664#1194#1231#322#771#724#796#1461#880#226#132#1686#1187#1260#1667#918#1018#1834#1188#629#-1#1573#478#1455#1663#552#-1#875#146#1222#262#446#1230#625#685#43#873#-1#1441#1526#-1#370#929#-1#532#545#1558#502#464#757#1342#340#117#1071#1702#1597#1073#1309#1236#279#1005#231#689#1056#1235#306#1788#662#1244#294
.asia.frosmo.com/	1970-01-20 16:05:45	Name: id Value: rB8Qd2M9qHFK0R7A/EERAg==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/398366.gif?partner_uid=3076781218546761099 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.stickyadstv.com
ads3.admatic.com.tr
ads4.admatic.com.tr
aka-als.dafabet.com
aka-www.dafalive88.com
aka-www.dffgames.com
api.adrtx.net
asia.adform.net
asia.frosmo.com
asia.seadform.net
banners.dfbanners.com
beacon.krxd.net
c1.adform.net
cdn-static.qianxiajz.com
cdn.appdynamics.com
cdnetworks-230.shadowsamurai.net
cm.adsafety.net
cm.g.doubleclick.net
col.0wp0usgn.com
d313lzv9559yp9.cloudfront.net
dafabetcomasia.asia.frosmo.com
dk0tzorg7uge9.cloudfront.net
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
e2e82a2c-05fe-4ad9-be2f-be3874730cd4.snippet.antillephone.com
eb2.3lift.com
eu-u.openx.net
fonts.googleapis.com
global.ib-ibi.com
i1-j5-20-123-1-20200-1535695922-s.init.cedexis-radar.net
i2-ujyonscijobgxceyyclhlbliwkymiz.init.cedexis-radar.net
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
in.hotjar.com
load77.exelator.com
loada.exelator.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
ori-www.dffgames.com
otnolatrnup.com
pdw-adf.userreport.com
pixel.mathtag.com
pixel.onaudience.com
pixel.tapad.com
pm.w55c.net
ps.eyeota.net
radar.cedexis.com
redirect.frontend.weborama.fr
region1.google-analytics.com
rpt.cedexis.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
sc.adelement.com
script.hotjar.com
se.semasio.net
secure.adnxs.com
simage2.pubmatic.com
static.hotjar.com
sync.1dmp.io
sync.crwdcntrl.net
sync.teads.tv
tags.bluekai.com
token.rubiconproject.com
track.adform.net
uipglob.semasio.net
ups.analytics.yahoo.com
vars.hotjar.com
www.dafabet.com
www.google-analytics.com
www.googletagmanager.com
x.bidswitch.net
cdn-static.qianxiajz.com
104.225.98.130
104.96.128.226
108.138.17.83
108.138.2.60
110.50.230.131
13.227.219.43
136.243.148.229
141.94.171.215
142.250.180.226
143.204.89.95
162.19.138.116
163.171.128.148
163.171.147.15
18.156.0.31
18.157.93.190
18.193.156.183
18.210.31.151
18.66.112.6
18.66.122.99
18.66.147.113
185.64.189.110
185.80.39.216
185.84.60.20
185.86.139.113
185.89.210.153
185.89.211.84
188.132.147.227
193.135.9.133
2.18.233.201
2.18.79.132
2.18.79.136
2.21.20.209
2.21.20.212
2001:4860:4802:34::36
2600:9000:223f:c600:1b:5138:8a40:93a1
2600:9000:225e:9400:7:fa80:4c40:93a1
2606:4700::6813:d725
2607:f740:e619::1
2a00:1450:4001:809::2008
2a00:1450:4001:810::200a
2a00:1450:400d:807::200e
2a02:26f0:f700:5::216:59bb
2a02:6ea0:c700::21
3.126.140.73
3.71.169.66
34.149.119.194
34.248.125.130
34.250.137.124
34.251.196.147
34.251.218.252
35.190.24.218
35.227.248.159
35.241.57.45
35.244.159.8
35.244.174.68
35.71.131.137
37.157.2.234
37.157.3.30
37.157.6.236
46.19.11.36
52.218.112.51
52.28.226.85
52.51.135.205
52.57.150.20
52.78.8.111
52.79.118.14
54.170.82.49
54.228.20.5
54.78.254.47
69.169.85.6
69.173.144.139
69.192.160.219
76.223.111.18
77.243.60.138
85.114.159.93
96.16.132.239
0246d3b3e45ce8e0aa8e7c4260c1f3c28aac3067692ee685bcb58e8a20f031ba
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0c222d1ddf1d0b5a9799949a3be0df062185e54e02d404e3d5c2381e422437df
0cd609cb62d8ef9292ef7b48e19ce8091e68b553b308dd4ed5e21192280c721a
0ea8ad9a1b5a3e3e0950b9dd614a5056250369587ff45165dacafd8d13e838e4
0f47272de3875f1531038d1dd74318d65615e4a01403492d95d4de9d218ac06b
10cad1c56462629f4a5a41bfdf7bc4491c443cc5b00fa64aeb3858bfac5b8bb0
1255cfe05d68366b2f1784987c772a817da92099f4922498a445f8768c52a710
157b83e72a795167a39a237b6c0cce690bf3394acc0672f065a4fe035a8426ff
180109f8f37c833e1f965c5662f54e73b3e1291117a3c7fa320dab4ae7727dcd
184c758595bfec8652472791a960c50f607bb6f4ea018673ead40d008d042e10
1af15a8dfe5dd8cb0597a2e42cc0490cb852627d522e4db0dcda73bc453f78cd
1fad8a0d38b8307c0781fbfd3222b43917c5c879bbcfb3d5e0b96d1b4416e5a9
1fc0888bbaff652466a3fb0073d007f0e0d01ae82ec88d17f4ad66cc14a20f11
2772d06a3d46e55de25c7d2c394f4304e2dbf6d3c36cccfa64e015e8118ea4f5
296f80730ee5d3a6ae96d1a4cafbdd77272091194fd0c0d5ac21d94654e68dcf
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e8a098381b827264e000864a9dadb6f2f112639112e690294101b9827cc007a
2f4114191beb08d281e8bb2e92e974d07d60272671bd88660d109345bf9a88ed
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
31344945c1c2dc743640442fd4508719a4a3801e096e631a92cf737067a91e53
3193eb702468b0424d2cbe075bd86b5f4348598b308242477d627d496d9af751
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
38b126f92a3104c7d73e1cf2f448db9896d4f29ebf3a7b593b380e6cdd0ae378
40de67281c077668bd49d1d8d3817452e66677e565bfe9a1e5477d83e53f802b
45e0091e57ff659d0fe0711a43960d08bd5cf99b6f83e88eafa390fa6770192c
480c21836bc1679e28926018ae85a66151dec35d060b1fd3da633985ab454f7f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b8e8b42acdad2f84c0d44c5dbc12b8327706d1f49551e1ec577b08d4cbaf263
4de351502cea08bd7426870d9a30177319693e3ebf09d2ce1968133aeb573b0b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f634503777976171ddeac2a8cf1750f7f72f4fb810bbc3d5d4ec955a38b5645
53779d63f5dbe4c59e410a4976a35cd9ed9f2934fbd813d0bef9b2519cc67ced
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b3c6e212cbb3b9f4f28b09cfdc53990e809792192d7d8639d3311f0551c2010
5d1c068b7f6a31597ab2f27a473fe546f4eb8b40597fd812cc5e567132ff3a1b
60dedf951a86ff78dd9fa60b57d3196220cdc882c754a728c54e0bc2d797304f
635dda68d7c55054da4da5d2dc654d40a92c598d80ff35af158da5990ba21a80
68f400aa3ecf29f74a22962fb6db52642db1f53ca374c2752c38984d7cfeff3a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b65e3870f0c53a1563b29a83330581f3be5b5f809b3105f38390a561ded34a3
6d28ca608efbf2f22b939334db609267e037dedd567ea0182345a261a0c09490
7020265e6580be7d4926808444b4a1faaf8a093970c1d8272b1fad53ff13525c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84c8b726ea9cdac299fe60e46c46f18753870a56a2b1502685510b7df0fd02e2
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
8736af2d295525a939c8c8dac5753efd917fbad619dd0a5d3e8c7ae31d5f58e0
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8edac40c8b00b17bb3021d109c1f70238f032a3c6ee113b3f71bbff01d997abc
940ee154023fa83aecb174cef1de0e223a4d2a32c6af2b707712f9b18c279f93
9be66a4eaec790c62e41c45124bc08ec2b4d24d06011ad8048e81d79b84759b9
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a256fa40e8381274fbf43527a33668422a4b263a521de18c5eca0c94ee140d4d
a2e3b730e59a00b1195cd8e5bfe193efdf3bd17b9c1dbd77ee796dc5c8b68c36
a3aa896141cf840e5548d76aafcaf0d10db50ebb4fc2811858b5ad4da3146a59
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac3d45538ffdd87732763521ea21e1f9695551d5c8a1b506935fb9bbc5253bfc
affe144bc5730c89d09e953cd7162b1cbbc88210ae0be3bc482ed85bf1c34e76
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3d67ffe32b1906e239eace11cb8f59b5484d6eb15c7354ddcbdb70474ad5527
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b438729663b634facf4fa01af39a684bf345e6da7574bcf48872999e8b189899
b792028e63eaa2170cb76231a6503ba10210d2b4df1701feac9b6cda68b21d87
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb649db6c8b87380ff8f631aa011ffbaf056ff81de0ffd1b238571787815dc9f
bef431d8570694584ec233e7e9ebccde299f19c95393bc2e543dfd6243461389
c3e0f6e3c4e3bc238575ec1d0155e180564d6358503607c8cc38b6c02ae90656
c5a64280c25ebb9120f6faafffa98610b30b2fc38c6e80ce3499b71f96eff672
caed37875e80934c7f52564ca26b7846bd1f7bfa26f6eb74994556ee9777dbec
cafad2ac162dd57a18f1a90630dd3eb94e1fdf1cf4734c7c7a641663d6ac8ece
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7cf39b9083ee5503540f737097dc4daf98b42efff20d25a93d0202c7f8e5d3
d01e7f7bc38eeccd2397c1df224742f91cfbc6b59cfd8a4f0296eb9fd8e8de78
d336569f8d455dd339fee08c626f83d3ed111b4af9da2775719ccb15003130c2
d614922fde9604f8899e47f3cc3d69bf952312b996f7cf1421163996710850fa
d770c011603098a3742f00afa951921b39a1daa27937c6a33a6f27e256556886
dbef72a26bf9fcd64b9b239afe42ff5849ab46ab2f90276c9e0f746edbf47735
e0364a77421f8dda0c21160a35c23e93c3bfdd4d7dd03ada1c735f66a8f57c14
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e30241bbf27950b1d2f152b3c923f8dd2c339f33b7c95ccd35f22d380e48c3c7
e32d0137b37137e902d7be5b6de744893db6fd2e2be566a66db6d1582418294a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71bf0873d50c7912afd50cee599c73473f6bd1843af99df044e144e444d5528
e8b84ff67d7430778433aea5e69d575c694eae33ee3e487f42411078e3fd2242
ea1bd05db50c7890dd053edf77ee864749a4d8d726a063c80c606a88d095cabd
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f7309b6ccc1a76da1e7a0709abb8a0bf549277dee6c21ae7a466e73426fe9667
fbedb87d98b72f7ae6ddc5cef8150e20e8036d9740061f6efd7e7ff740c5d295

www.dafabet.com Open in urlscan Pro 163.171.128.148 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

177 Requests

85 %HTTPS

13 %IPv6

64 Domains

83 Subdomains

62 IPs

12 Countries

4135 kBTransfer

6598 kBSize

110 Cookies

21 Outgoing links

Page URL History

Redirected requests

177 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.dafabet.com Open in urlscan Pro
163.171.128.148 Public Scan

Screenshot
Live screenshot

Full Image

177
Requests

85 %
HTTPS

13 %
IPv6

64
Domains

83
Subdomains

62
IPs

12
Countries

4135 kB
Transfer

6598 kB
Size

110
Cookies

177 HTTP transactions
0 data transactions