urlscan.io logo urlscan.io
SecurityTrails logo

stake.com Open in urlscan Pro
104.18.37.229  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sape.ngumaz.com/
Effective URL: https://stake.com/sports/baseball/?c=S7RCge7H&clickId=wit4s0v5pobh1vm2je7i9dd4
Submission: On July 13 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 29 HTTP transactions. The main IP is 104.18.37.229, located in and belongs to CLOUDFLARENET, US. The main domain is stake.com. The Cisco Umbrella rank of the primary domain is 77635.
TLS certificate: Issued by E1 on May 23rd 2024. Valid for: 3 months.
This is the only time stake.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 206.72.205.7 19318 (IS-AS-1)
1 172.253.63.132 15169 (GOOGLE)
1 142.251.163.132 15169 (GOOGLE)
2 12 139.45.197.238 9002 (RETN-AS)
2 139.45.195.8 9002 (RETN-AS)
1 2 3.162.125.117 16509 (AMAZON-02)
1 18.165.98.55 16509 (AMAZON-02)
6 104.18.37.229 13335 (CLOUDFLAR...)
1 104.16.80.73 13335 (CLOUDFLAR...)
2 104.17.2.184 13335 (CLOUDFLAR...)
29 11
1    206.72.205.7 (United States)

ASN19318 (IS-AS-1, US)
PTR: rkinfocom.host
sape.ngumaz.com
1    172.253.63.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f132.1e100.net
rahapekee.blogspot.com
1    142.251.163.132 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f132.1e100.net
blogger.googleusercontent.com
12    139.45.197.238 (United Kingdom)

ASN9002 (RETN-AS, GB)
whairtoa.com
2    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
2    3.162.125.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-125-117.iad61.r.cloudfront.net
track.afrsportsbetting.com
1    18.165.98.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-98-55.iad55.r.cloudfront.net
locooler-ageneral.com
6    104.18.37.229 (None, )

ASN13335 (CLOUDFLARENET, US)
stake.com
1    104.16.80.73 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    104.17.2.184 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
Apex Domain
Subdomains		 Transfer
12 whairtoa.com
whairtoa.com — Cisco Umbrella Rank: 755952
30 KB
6 stake.com
stake.com — Cisco Umbrella Rank: 77635
70 KB
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 4229
15 KB
2 afrsportsbetting.com
track.afrsportsbetting.com — Cisco Umbrella Rank: 792492
2 KB
2 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10220
996 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 950
7 KB
1 locooler-ageneral.com
locooler-ageneral.com — Cisco Umbrella Rank: 567371
663 B
1 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 10490
5 KB
1 blogspot.com
1.bp.blogspot.com Failed
rahapekee.blogspot.com
736 B
1 ngumaz.com
sape.ngumaz.com
534 B
29 10
Domain Requested by
12 whairtoa.com 2 redirects rahapekee.blogspot.com
whairtoa.com
6 stake.com stake.com
static.cloudflareinsights.com
2 challenges.cloudflare.com stake.com
challenges.cloudflare.com
2 track.afrsportsbetting.com 1 redirects
2 my.rtmark.net whairtoa.com
1 static.cloudflareinsights.com stake.com
1 locooler-ageneral.com
1 blogger.googleusercontent.com rahapekee.blogspot.com
1 rahapekee.blogspot.com sape.ngumaz.com
1 sape.ngumaz.com
0 1.bp.blogspot.com Failed sape.ngumaz.com
29 11

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
shukri.mwikace.com
Sectigo RSA Domain Validation Secure Server CA		 2024-04-24 -
2025-04-24		 a year crt.sh
misc-sni.blogspot.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.googleusercontent.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
whairtoa.com
R3		 2024-05-31 -
2024-08-29		 3 months crt.sh
rtmark.net
R11		 2024-07-05 -
2024-10-03		 3 months crt.sh
track.afrsportsbetting.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
locooler-ageneral.com
Amazon RSA 2048 M02		 2024-06-19 -
2025-07-18		 a year crt.sh
stake.com
E1		 2024-05-23 -
2024-08-21		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-07-06 -
2024-10-04		 3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2023-08-18 -
2024-08-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://stake.com/sports/baseball/?c=S7RCge7H&clickId=wit4s0v5pobh1vm2je7i9dd4
Frame ID: 690690AFA8910850A0587FF357395931
Requests: 28 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/bdei5/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Frame ID: 79D3BE24808B95763663D276A7FBA3EE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. http://sape.ngumaz.com/ HTTP 307
    https://sape.ngumaz.com/ Page URL
  2. https://rahapekee.blogspot.com/ Page URL
  3. https://whairtoa.com/4/5186635 Page URL
  4. https://whairtoa.com/?z=5186635&syncedCookie=true&rhd=false HTTP 302
    https://whairtoa.com/4/6118780/?var=5186635&btz=America/Vancouver&bto=420&bar=x Page URL
  5. https://whairtoa.com/?z=6118780&syncedCookie=false&rhd=false HTTP 302
    https://track.afrsportsbetting.com/87da45d2-0f14-4353-a5b3-ca53def08a03?zoneid=6118780&device=desktop&browser=c... HTTP 307
    https://track.afrsportsbetting.com/87da45d2-0f14-4353-a5b3-ca53def08a03/2?zoneid=6118780&device=desktop&browser... Page URL
  6. https://locooler-ageneral.com/redirect?target=BASE64aHR0cHM6Ly9zdGFrZS5jb20vc3BvcnRzL2Jhc2ViYWxsLz9jPVM3Uk... Page URL
  7. https://stake.com/sports/baseball/?c=S7RCge7H&clickId=wit4s0v5pobh1vm2je7i9dd4 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

29
Requests

90 %
HTTPS

0 %
IPv6

10
Domains

11
Subdomains

11
IPs

3
Countries

128 kB
Transfer

270 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sape.ngumaz.com/ HTTP 307
    https://sape.ngumaz.com/ Page URL
  2. https://rahapekee.blogspot.com/ Page URL
  3. https://whairtoa.com/4/5186635 Page URL
  4. https://whairtoa.com/?z=5186635&syncedCookie=true&rhd=false HTTP 302
    https://whairtoa.com/4/6118780/?var=5186635&btz=America/Vancouver&bto=420&bar=x Page URL
  5. https://whairtoa.com/?z=6118780&syncedCookie=false&rhd=false HTTP 302
    https://track.afrsportsbetting.com/87da45d2-0f14-4353-a5b3-ca53def08a03?zoneid=6118780&device=desktop&browser=chrome&os=linux&country=CA&region=on&isp=bell%20canada&useragent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/126.0.0.0%20Safari/537.36&language=en&connectiontype=mobile&cost=0.000280&visitor_id=836131825306046815 HTTP 307
    https://track.afrsportsbetting.com/87da45d2-0f14-4353-a5b3-ca53def08a03/2?zoneid=6118780&device=desktop&browser=chrome&os=linux&country=CA&region=on&isp=bell%20canada&useragent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/126.0.0.0%20Safari/537.36&language=en&connectiontype=mobile&cost=0.000280&visitor_id=836131825306046815 Page URL
  6. https://locooler-ageneral.com/redirect?target=BASE64aHR0cHM6Ly9zdGFrZS5jb20vc3BvcnRzL2Jhc2ViYWxsLz9jPVM3UkNnZTdIJmNsaWNrSWQ9d2l0NHMwdjVwb2JoMXZtMmplN2k5ZGQ0&ts=1720912881368&hash=0xm5kHx_aH8O2jqJmLt4uyC9c5nzpMMe5cneFeAyhtA&rm=D Page URL
  7. https://stake.com/sports/baseball/?c=S7RCge7H&clickId=wit4s0v5pobh1vm2je7i9dd4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://sape.ngumaz.com/ HTTP 307
  • https://sape.ngumaz.com/
Request Chain 9
  • https://whairtoa.com/?z=5186635&syncedCookie=true&rhd=false HTTP 302
  • https://whairtoa.com/4/6118780/?var=5186635&btz=America/Vancouver&bto=420&bar=x
Request Chain 15
  • https://whairtoa.com/?z=6118780&syncedCookie=false&rhd=false HTTP 302
  • https://track.afrsportsbetting.com/87da45d2-0f14-4353-a5b3-ca53def08a03?zoneid=6118780&device=desktop&browser=chrome&os=linux&country=CA&region=on&isp=bell%20canada&useragent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/126.0.0.0%20Safari/537.36&language=en&connectiontype=mobile&cost=0.000280&visitor_id=836131825306046815 HTTP 307
  • https://track.afrsportsbetting.com/87da45d2-0f14-4353-a5b3-ca53def08a03/2?zoneid=6118780&device=desktop&browser=chrome&os=linux&country=CA&region=on&isp=bell%20canada&useragent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/126.0.0.0%20Safari/537.36&language=en&connectiontype=mobile&cost=0.000280&visitor_id=836131825306046815

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
sape.ngumaz.com/
Redirect Chain
  • http://sape.ngumaz.com/
  • https://sape.ngumaz.com/
355 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sape.ngumaz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.72.205.7 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
rkinfocom.host
Software
LiteSpeed /
Resource Hash
28b17756ab64edb5d20499a74e0afec58fdb37f3709a33069fb5f574c646c817

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
281
content-type
text/html
date
Sat, 13 Jul 2024 23:21:18 GMT
last-modified
Wed, 24 Apr 2024 21:28:26 GMT
server
LiteSpeed
vary
Accept-Encoding

Redirect headers

Location
https://sape.ngumaz.com/
Non-Authoritative-Reason
HttpsUpgrades
fsfss%2B%25281%2529.gif
1.bp.blogspot.com/-4MmEmATwoJU/YRCgO_yOnOI/AAAAAAAACQs/yRrK6HMrO9YkSfoL6od11hB592cFzCasgCPcBGAsYHg/w400-h134/ 		0
0
/
rahapekee.blogspot.com/ 		571 B
736 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rahapekee.blogspot.com/
Requested by
Host: sape.ngumaz.com
URL: https://sape.ngumaz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f132.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sape.ngumaz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
413
content-type
text/html; charset=UTF-8
date
Sat, 13 Jul 2024 23:21:19 GMT
etag
W/"5c3c90281fb3a700413f3e318bac2201baad4c21ecfe21c5605ef6e0032f394b"
expires
Sat, 13 Jul 2024 23:21:19 GMT
last-modified
Thu, 04 Jul 2024 05:32:45 GMT
server
GSE
x-content-type-options
nosniff
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
da.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgq7SH6Cwb2acO_PSYZYPCUP_UCriGcfadfBX7OtjnvudX2k-woY8ye7HcOtLRyB_fQ0qd5VTodQtoSkOGU7IUQmWf5arbRlc-8SojMHr8O3chczLwa_q7Eyou_xvYQ5HAS0bFquqfCY4w/s0/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgq7SH6Cwb2acO_PSYZYPCUP_UCriGcfadfBX7OtjnvudX2k-woY8ye7HcOtLRyB_fQ0qd5VTodQtoSkOGU7IUQmWf5arbRlc-8SojMHr8O3chczLwa_q7Eyou_xvYQ5HAS0bFquqfCY4w/s0/da.png
Requested by
Host: rahapekee.blogspot.com
URL: https://rahapekee.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f132.1e100.net
Software
fife /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rahapekee.blogspot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 23:21:19 GMT
x-content-type-options
nosniff
server
fife
etag
"v4ed"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="da.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4670
x-xss-protection
0
expires
Sun, 14 Jul 2024 23:21:19 GMT
5186635
whairtoa.com/4/ 		28 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://whairtoa.com/4/5186635
Requested by
Host: rahapekee.blogspot.com
URL: https://rahapekee.blogspot.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
082175463b38a5656b2ab110e4e4222876ec88ea6f37e5e62f7b7adc70e87864
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://rahapekee.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Sat, 13 Jul 2024 23:21:19 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
e676a5cdb44fdd60f901fa2220ce304c
sftouch
whairtoa.com/ 		2 B
602 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://whairtoa.com/sftouch?userId=008098f7a3e04376e774865a6d885b01&z=5186635&p_rid=aaa28d89-4781-40cf-a300-450bf863be87&p_src=sf&branchId=0&rb=qi_7HJ_Di5Lb0Xm6asT46O_sXf_6APVkiyUrHLaB9TWCVKClp6qse402kYYj72s7JYCgA2QBavjC4GXC1leUiZIZVu64OyiVbPjZcGt6_IgWkjvbDTFyGmRfdTgL6XG0jAxF7w9GjWZE2QeZcEftE-BRG3o9NUHwrLOkTmKmoYUD1LcTMjLErTmpOWQCYh87e9yOBStunP8VTLT9GaNVpVMehSZkDa8NZ_IXqnAho1Y-Uo7z0LbyAGrAePLGx8Pv0cJBCvEZkHjigKwyJciwxw41U4Yhm_e83WpbAOeqxgqijfBlGCKP1HOaKaO_EdeCLwuWTu8TyhI=
Requested by
Host: whairtoa.com
URL: https://whairtoa.com/4/5186635
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://whairtoa.com/4/5186635
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 23:21:19 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-length
2
x-trace-id
cea1c3dca05f7b7ed39984db32684d32
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://whairtoa.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires
Tue, 11 Jan 1994 10:00:00 GMT
add
whairtoa.com/log/ 		12 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://whairtoa.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=aaa28d89-4781-40cf-a300-450bf863be87
Requested by
Host: whairtoa.com
URL: https://whairtoa.com/4/5186635
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://whairtoa.com/4/5186635
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 13 Jul 2024 23:21:19 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://whairtoa.com
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
content-length
12
img.gif
my.rtmark.net/ 		43 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=008098f7a3e04376e774865a6d885b01&z=5186635&p_rid=aaa28d89-4781-40cf-a300-450bf863be87&p_src=sf
Requested by
Host: whairtoa.com
URL: https://whairtoa.com/4/5186635
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://whairtoa.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 23:21:20 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
favicon.ico
whairtoa.com/ 		0
150 B 		Other
General
Check archive.org
Download Go to
Full URL
https://whairtoa.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://whairtoa.com/4/5186635
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sat, 13 Jul 2024 23:21:20 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
server
nginx
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
whairtoa.com/4/6118780/
Redirect Chain
  • https://whairtoa.com/?z=5186635&syncedCookie=true&rhd=false
  • https://whairtoa.com/4/6118780/?var=5186635&btz=America/Vancouver&bto=420&bar=x
28 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://whairtoa.com/4/6118780/?var=5186635&btz=America/Vancouver&bto=420&bar=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://whairtoa.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Sat, 13 Jul 2024 23:21:20 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
dfed33ef5b7b4c0150adb5879e587172

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://whairtoa.com
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length
0
date
Sat, 13 Jul 2024 23:21:20 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://whairtoa.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location
https://whairtoa.com/4/6118780/?var=5186635&btz=America/Vancouver&bto=420&bar=x
pragma
no-cache
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
7de6beac6db5db7e284b7fe318666867
favicon.ico
whairtoa.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://whairtoa.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://whairtoa.com/afu.php?zoneid=5186635&var=5186635&rid=XXz4jyvWNyEJSqRKY8d18w%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sat, 13 Jul 2024 23:21:20 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
server
nginx
expires
Thu, 31 Dec 2037 23:55:55 GMT
sftouch
whairtoa.com/ 		2 B
602 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://whairtoa.com/sftouch?userId=008098f7a3e04376e774865a6d885b01&z=6118780&p_rid=bf5511b8-8552-4d1c-9894-e1bf8930cc94&p_src=sf&branchId=0&rb=7UQkWFl4-uHh8YcRkbcDbX8GxLTx7eHs5RjIaqtI_grHAU5jr4AXacjrHOWp8GF40cxIHwWGxQ8xpPX_32YHIe3MvxpUHW2EzxzsXya6fJ99yJwpRhoSyXBhozHe0nDmWkMEZE4p_8mZDffh5WgqihkeeACFoGpYIJ9fC-GFD5NTeMlf2YXq_InjDZAS0F69YdkQUslgRWnbmKjCTWxGB4wqMW4sossp2oGaJ3C_Dn7m8WlLbTHAL0yjrHX2DWWaIniKUCvojZQPCO9zBWvdT7oVShXHB6VvveUuOQ==
Requested by
Host: whairtoa.com
URL: https://whairtoa.com/4/6118780/?var=5186635&btz=America/Vancouver&bto=420&bar=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://whairtoa.com/4/6118780/?var=5186635&btz=America/Vancouver&bto=420&bar=x
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 23:21:20 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-length
2
x-trace-id
a2b00a4d4a59bbbb93ea54f497bf9adb
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://whairtoa.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires
Tue, 11 Jan 1994 10:00:00 GMT
img.gif
my.rtmark.net/ 		43 B
504 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=008098f7a3e04376e774865a6d885b01&z=6118780&p_rid=bf5511b8-8552-4d1c-9894-e1bf8930cc94&p_src=sf
Requested by
Host: whairtoa.com
URL: https://whairtoa.com/4/6118780/?var=5186635&btz=America/Vancouver&bto=420&bar=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://whairtoa.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 23:21:20 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
https://whairtoa.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
add
whairtoa.com/log/ 		12 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://whairtoa.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=bf5511b8-8552-4d1c-9894-e1bf8930cc94
Requested by
Host: whairtoa.com
URL: https://whairtoa.com/4/6118780/?var=5186635&btz=America/Vancouver&bto=420&bar=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://whairtoa.com/4/6118780/?var=5186635&btz=America/Vancouver&bto=420&bar=x
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 13 Jul 2024 23:21:20 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://whairtoa.com
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
content-length
12
favicon.ico
whairtoa.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://whairtoa.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://whairtoa.com/4/6118780/?var=5186635&btz=America/Vancouver&bto=420&bar=x
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sat, 13 Jul 2024 23:21:20 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
server
nginx
expires
Thu, 31 Dec 2037 23:55:55 GMT
2
track.afrsportsbetting.com/87da45d2-0f14-4353-a5b3-ca53def08a03/
Redirect Chain
  • https://whairtoa.com/?z=6118780&syncedCookie=false&rhd=false
  • https://track.afrsportsbetting.com/87da45d2-0f14-4353-a5b3-ca53def08a03?zoneid=6118780&device=desktop&browser=chrome&os=linux&country=CA&region=on&isp=bell%20canada&useragent=Mozilla/5.0%20(X11;%20...
  • https://track.afrsportsbetting.com/87da45d2-0f14-4353-a5b3-ca53def08a03/2?zoneid=6118780&device=desktop&browser=chrome&os=linux&country=CA&region=on&isp=bell%20canada&useragent=Mozilla/5.0%20(X11;%...
489 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://track.afrsportsbetting.com/87da45d2-0f14-4353-a5b3-ca53def08a03/2?zoneid=6118780&device=desktop&browser=chrome&os=linux&country=CA&region=on&isp=bell%20canada&useragent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/126.0.0.0%20Safari/537.36&language=en&connectiontype=mobile&cost=0.000280&visitor_id=836131825306046815
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.125.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-117.iad61.r.cloudfront.net
Software
nginx /
Resource Hash

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://whairtoa.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-type
text/html;charset=UTF-8
date
Sat, 13 Jul 2024 23:21:21 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
via
1.1 af08bb104c29fffb75d24691c869c256.cloudfront.net (CloudFront)
x-amz-cf-id
F-MM0L2dAeQngMHKOyKBe4PB_oFcklH45vckpadHglqdlKet44jwfg==
x-amz-cf-pop
IAD61-P3
x-cache
Miss from cloudfront

Redirect headers

accept-ch
sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-full-version-list,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-ua,sec-ch-ua-mobile,sec-ch-ua-platform
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
date
Sat, 13 Jul 2024 23:21:21 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://track.afrsportsbetting.com/87da45d2-0f14-4353-a5b3-ca53def08a03/2?zoneid=6118780&device=desktop&browser=chrome&os=linux&country=CA&region=on&isp=bell%20canada&useragent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/126.0.0.0%20Safari/537.36&language=en&connectiontype=mobile&cost=0.000280&visitor_id=836131825306046815
pragma
no-cache
server
nginx
via
1.1 af08bb104c29fffb75d24691c869c256.cloudfront.net (CloudFront)
x-amz-cf-id
INUoGaHUIaXLpys5O_zbisVrCOhJiagUKLoGWklnEWu78fWLFiZUPg==
x-amz-cf-pop
IAD61-P3
x-cache
Miss from cloudfront
favicon.ico
whairtoa.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://whairtoa.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://whairtoa.com/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sat, 13 Jul 2024 23:21:20 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
server
nginx
expires
Thu, 31 Dec 2037 23:55:55 GMT
redirect
locooler-ageneral.com/ 		336 B
663 B 		Document
General
Check archive.org
Download Go to
Full URL
https://locooler-ageneral.com/redirect?target=BASE64aHR0cHM6Ly9zdGFrZS5jb20vc3BvcnRzL2Jhc2ViYWxsLz9jPVM3UkNnZTdIJmNsaWNrSWQ9d2l0NHMwdjVwb2JoMXZtMmplN2k5ZGQ0&ts=1720912881368&hash=0xm5kHx_aH8O2jqJmLt4uyC9c5nzpMMe5cneFeAyhtA&rm=D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.98.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-98-55.iad55.r.cloudfront.net
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-type
text/html;charset=UTF-8
date
Sat, 13 Jul 2024 23:21:22 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
via
1.1 0af050b863ec46156a524df4e5d86692.cloudfront.net (CloudFront)
x-amz-cf-id
kS5FhsgGHYOGVdkgIff-NGcbuh5qR14TfvBci6-Cb39_tgsNwJ1C8w==
x-amz-cf-pop
IAD55-P4
x-cache
Miss from cloudfront
Primary Request /
stake.com/sports/baseball/ 		18 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://stake.com/sports/baseball/?c=S7RCge7H&clickId=wit4s0v5pobh1vm2je7i9dd4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bba5aa9815ffa030102d6fefc7fbe0b4d07560f9d2ad95ea0d95f23ef5076dc8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
CWGp+CQhmYi4vcYaWp579HGXe2KgNH1n1URRmYHHLuBsGPbfEsFxayGW1CsaCsJwinM3d+c5u8ZMo+ND1HOpKn50eznxjbM0GXTJR8Q/aHXh7+mWgRIQu/eh5C8MyMVkYepwgQKYYvciVWZ88+8dCA==$Q5Z2ETbhsQ5VpQ65uRx2Qw==
cf-mitigated
challenge
cf-ray
8a2d024d39d236d8-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Sat, 13 Jul 2024 23:21:22 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=63072000; preload
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: stake.com
URL: https://stake.com/sports/baseball/?c=S7RCge7H&clickId=wit4s0v5pobh1vm2je7i9dd4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer
Origin
https://stake.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 23:21:23 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
server
cloudflare
etag
W/"2024.6.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8a2d024fafa9ac9a-YYZ
v1
stake.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 		90 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stake.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8a2d024d39d236d8
Requested by
Host: stake.com
URL: https://stake.com/sports/baseball/?c=S7RCge7H&clickId=wit4s0v5pobh1vm2je7i9dd4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4bd6416d6fd625918ad0984ec3c1d8ec27839bd24e27cc4b782d978d405c301
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

Referer
https://stake.com/sports/baseball/?c=S7RCge7H&clickId=wit4s0v5pobh1vm2je7i9dd4&__cf_chl_rt_tk=J6EXr6RjUKExI8U8.VZjVvLG7ypMgkrhi_SsGFYXpyg-1720912882-0.0.1.1-6271
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 23:21:23 GMT
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
br
strict-transport-security
max-age=63072000; preload
server
cloudflare
cf-ray
8a2d024fabb036d8-YYZ
content-type
application/javascript; charset=UTF-8
api.js
challenges.cloudflare.com/turnstile/v0/g/7a55c9ccbaaa/ 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/7a55c9ccbaaa/api.js?onload=Yidy0&render=explicit
Requested by
Host: stake.com
URL: https://stake.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8a2d024d39d236d8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.2.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de7d1e230009b19b7bbef1d1b1a7bea78e8ae39f428eb1bde0e84f0a2119fc8a

Request headers

Referer
Origin
https://stake.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 23:21:23 GMT
content-encoding
br
last-modified
Wed, 10 Jul 2024 18:24:02 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8a2d0250c9143701-YYZ
alt-svc
h3=":443"; ma=86400
favicon.ico
stake.com/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stake.com/favicon.ico
Requested by
Host: stake.com
URL: https://stake.com/sports/baseball/?c=S7RCge7H&clickId=wit4s0v5pobh1vm2je7i9dd4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00c2fcdf6bedde0121691c988a3ee0a9ab5affef5ff1b79ae1ca21fe69163027
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://stake.com/sports/baseball/?c=S7RCge7H&clickId=wit4s0v5pobh1vm2je7i9dd4
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 23:21:23 GMT
strict-transport-security
max-age=63072000; preload
content-encoding
br
x-content-options
nosniff
cross-origin-embedder-policy
require-corp
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
cf-chl-out
8qRi5QlQvBYEMCmr6A0ViiRG6BMLiNi75LNJkAiWXbnunuSknmRTZ0RuZGUbdr9PzN/ZcaS8ypq1/5U3ZF19y0aRefWfBiZCUbdvKjkGz/PdLJ0y1U2XdljlooFAEWySH8NM+KwBD/I3rM1kfBPK9g==$JIyR7W4gxI6sCEBRd6e+zA==
referrer-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy
same-origin
cf-mitigated
challenge
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
origin-agent-cluster
?1
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
8a2d0250cca636d8-YYZ
expires
Thu, 01 Jan 1970 00:00:01 GMT
3a56909f-ac3b-4239-bc9b-6f45179b6444
https://stake.com/ 		13 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://stake.com/3a56909f-ac3b-4239-bc9b-6f45179b6444
Requested by
Host: stake.com
URL: https://stake.com/sports/baseball/?c=S7RCge7H&clickId=wit4s0v5pobh1vm2je7i9dd4
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

Referer
https://stake.com/sports/baseball/?c=S7RCge7H&clickId=wit4s0v5pobh1vm2je7i9dd4
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
13
Content-Type
text/javascript
802584a4df87da1
stake.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1273307824:1720908467:qxccu9Rdtbdo3gRe6ju5iWzRCs-vXLZdK941zW-KwG0/8a2d024d39d236d8/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stake.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1273307824:1720908467:qxccu9Rdtbdo3gRe6ju5iWzRCs-vXLZdK941zW-KwG0/8a2d024d39d236d8/802584a4df87da1
Requested by
Host: stake.com
URL: https://stake.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8a2d024d39d236d8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40dccef3c1d7cc9f7516326570668cad2cbf75618d4c7061b9a16bcc04684430
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

Referer
https://stake.com/sports/baseball/?c=S7RCge7H&clickId=wit4s0v5pobh1vm2je7i9dd4
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
CF-Challenge
802584a4df87da1
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-gen
434cn6GKIaq8/V33pOzkwi+woYA0nZkMOLUTwY7AsPIQs4vs6G/wwPgWkAZc/QN04u9WNVDxSg==$Vv8ir2OcmlfHtHK+
date
Sat, 13 Jul 2024 23:21:23 GMT
strict-transport-security
max-age=63072000; preload
content-encoding
br
server
cloudflare
cf-ray
8a2d02510ce536d8-YYZ
content-type
text/plain; charset=UTF-8
rum
stake.com/cdn-cgi/ 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stake.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://stake.com/sports/baseball/?c=S7RCge7H&clickId=wit4s0v5pobh1vm2je7i9dd4
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Sat, 13 Jul 2024 23:21:23 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://stake.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
8a2d02514d0a36d8-YYZ
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/bdei5/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Frame 79D3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/bdei5/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/7a55c9ccbaaa/api.js?onload=Yidy0&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.2.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8a2d02532e57ab75-YYZ
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jul 2024 23:21:23 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
b2fb6a13-0ea5-4ca5-830b-a0b80cd9b5b5
https://stake.com/ 		80 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://stake.com/b2fb6a13-0ea5-4ca5-830b-a0b80cd9b5b5
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3418640c1204265881221580b9d1554424f6ed49549d408da50c690ab29f400

Request headers

Referer
https://stake.com/sports/baseball/?c=S7RCge7H&clickId=wit4s0v5pobh1vm2je7i9dd4
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
80
Content-Type
text/javascript
favicon.ico
stake.com/ 		15 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://stake.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ada167d0af6f46a8ceede4b238db3994190fb5524235b527632a84fbfb2238d0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://stake.com/sports/baseball/?c=S7RCge7H&clickId=wit4s0v5pobh1vm2je7i9dd4
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 23:21:23 GMT
strict-transport-security
max-age=63072000; preload
content-encoding
br
x-content-options
nosniff
cross-origin-embedder-policy
require-corp
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
cf-chl-out
e/8iF5f+juyLTatueX6fMHTYJXBfdwFYqp/ieaOqDU3WRrV5ZBAl5KxEvGTp/3y2KZF9n2XCDcvwm+4AyK9nQsRi9LyF7KFsrDps/HWRaUkWgLVl3u/7JkQHwZMO3TlYsh/yA8RWFlWiwRO0lZqvZg==$QwaktWNGI/293CAwnoVl8A==
referrer-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy
same-origin
cf-mitigated
challenge
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
origin-agent-cluster
?1
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
8a2d02530e9b36d8-YYZ
expires
Thu, 01 Jan 1970 00:00:01 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
1.bp.blogspot.com
URL
https://1.bp.blogspot.com/-4MmEmATwoJU/YRCgO_yOnOI/AAAAAAAACQs/yRrK6HMrO9YkSfoL6od11hB592cFzCasgCPcBGAsYHg/w400-h134/fsfss%2B%25281%2529.gif

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt function| JBytO3 function| gFgD3 function| mcFDK8 object| rKsN1 object| Qegrc3 function| Yidy0 function| NHjyJ1 function| yJxQG8 function| BcLub6 object| YFEB2 number| DjQQG4 object| angular object| __cfBeacon object| turnstile boolean| nDNF5 string| YuvyV3

7 Cookies

Domain/Path Name / Value
whairtoa.com/ Name: OAID
Value: 008098f7a3e04376e774865a6d885b01
whairtoa.com/ Name: oaidts
Value: 1720912879
my.rtmark.net/ Name: ID
Value: 008098f7a3e04376e774865a6d885b01
whairtoa.com/ Name: syncedCookie
Value: true
.track.afrsportsbetting.com/ Name: 87da45d2-0f14-4353-a5b3-ca53def08a03-v4
Value: WvNLY_y6Izw8P_0Ov2I3DButso-SJnKQL5-SzPyor6k
.track.afrsportsbetting.com/ Name: voluum-cid-v4
Value: %7B%22cid%22%3A%22wit4s0v5pobh1vm2je7i9dd4%22%2C%22caid%22%3A%2287da45d2-0f14-4353-a5b3-ca53def08a03%22%7D
.stake.com/ Name: __cf_bm
Value: 7X7zOBg8GuAAex8aSza_UQNaDEFQf5m9GfCV1o5XhKw-1720912882-1.0.1.1-7Ou8YWe8XM74nEsPuguwIumhFGspYKYcjpplds3gMPVVTDsVj7O82DeMNiFN1ESpYOUY8c5Yv1BucxFKf4uGWA

3 Console Messages

Source Level URL
Text
network error URL: https://stake.com/sports/baseball/?c=S7RCge7H&clickId=wit4s0v5pobh1vm2je7i9dd4
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://stake.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://stake.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()