www.dfvnvui.com Open in urlscan Pro
110.50.231.223 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.dfvnvui.com/
Effective URL:
https://www.dfvnvui.com/en
Submission: On March 16 via api (March 16th 2023, 3:33:11 am UTC) from US — Scanned from US

Summary HTTP 192 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 65 IPs in 10 countries across 71 domains to perform 192 HTTP transactions. The main IP is 110.50.231.223, located in Philippines and belongs to GAMEBUILDERS-AS-PH Gamebuilders Inc., PH. The main domain is www.dfvnvui.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on September 20th 2022. Valid for: a year.

This is the only time www.dfvnvui.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 46	110.50.231.223 110.50.231.223	18018 (GAMEBUILD...) (GAMEBUILDERS-AS-PH Gamebuilders Inc.)
1	2607:f8b0:400... 2607:f8b0:4006:816::2008	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80d::200e	15169 (GOOGLE) (GOOGLE)
2	108.138.128.2 108.138.128.2	16509 (AMAZON-02) (AMAZON-02)
6	99.84.38.65 99.84.38.65	16509 (AMAZON-02) (AMAZON-02)
1	18.67.76.97 18.67.76.97	16509 (AMAZON-02) (AMAZON-02)
1	108.138.106.124 108.138.106.124	16509 (AMAZON-02) (AMAZON-02)
1	185.167.164.47 185.167.164.47	198622 (ADFORM) (ADFORM)
1 3	45.54.49.5 45.54.49.5	63911 (NETACTUAT...) (NETACTUATE-AS-AP NetActuate)
1	104.225.10.225 104.225.10.225	36236 (NETACTUATE) (NETACTUATE)
3 3	52.73.170.4 52.73.170.4	14618 (AMAZON-AES) (AMAZON-AES)
4 4	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
1 2	68.67.161.182 68.67.161.182	29990 (ASN-APPNEX) (ASN-APPNEX)
2 4	68.67.160.24 68.67.160.24	29990 (ASN-APPNEX) (ASN-APPNEX)
1	52.79.118.14 52.79.118.14	16509 (AMAZON-02) (AMAZON-02)
23	45.54.49.1 45.54.49.1	63911 (NETACTUAT...) (NETACTUATE-AS-AP NetActuate)
1	18.164.96.46 18.164.96.46	16509 (AMAZON-02) (AMAZON-02)
1	46.51.204.8 46.51.204.8	16509 (AMAZON-02) (AMAZON-02)
1	18.164.96.52 18.164.96.52	16509 (AMAZON-02) (AMAZON-02)
1 2	37.157.6.245 37.157.6.245	198622 (ADFORM) (ADFORM)
1 2	185.84.60.21 185.84.60.21	198622 (ADFORM) (ADFORM)
18	52.78.8.111 52.78.8.111	16509 (AMAZON-02) (AMAZON-02)
3	34.149.119.194 34.149.119.194	15169 (GOOGLE) (GOOGLE)
1	104.225.10.227 104.225.10.227	36236 (NETACTUATE) (NETACTUATE)
1 16	185.167.164.49 185.167.164.49	198622 (ADFORM) (ADFORM)
1	185.84.60.20 185.84.60.20	198622 (ADFORM) (ADFORM)
2 3	52.73.4.138 52.73.4.138	14618 (AMAZON-AES) (AMAZON-AES)
1	23.78.208.213 23.78.208.213	16625 (AKAMAI-AS) (AKAMAI-AS)
2	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	18.196.192.213 18.196.192.213	16509 (AMAZON-02) (AMAZON-02)
1 1	199.187.193.177 199.187.193.177	47043 (SMARTADSE...) (SMARTADSERVER)
1 2	3.218.90.66 3.218.90.66	14618 (AMAZON-AES) (AMAZON-AES)
1	63.251.28.233 63.251.28.233	26558 (FREEWHEEL) (FREEWHEEL)
2 2	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
1	64.202.112.255 64.202.112.255	23352 (SERVERCEN...) (SERVERCENTRAL)
1 2	192.40.39.223 192.40.39.223	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	50.57.31.206 50.57.31.206	19994 (RACKSPACE) (RACKSPACE)
1 2	54.156.26.12 54.156.26.12	14618 (AMAZON-AES) (AMAZON-AES)
1	50.16.197.56 50.16.197.56	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1 1	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE)
1 2	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	3.221.107.188 3.221.107.188	14618 (AMAZON-AES) (AMAZON-AES)
2	173.223.57.84 173.223.57.84	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	52.213.180.231 52.213.180.231	16509 (AMAZON-02) (AMAZON-02)
1	52.218.25.147 52.218.25.147	16509 (AMAZON-02) (AMAZON-02)
2 2	141.94.171.216 141.94.171.216	16276 (OVH) (OVH)
3 4	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	18.209.139.125 18.209.139.125	14618 (AMAZON-AES) (AMAZON-AES)
1	162.248.18.37 162.248.18.37	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	13.225.214.99 13.225.214.99	16509 (AMAZON-02) (AMAZON-02)
2 3	52.0.191.77 52.0.191.77	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.214.202.88 3.214.202.88	14618 (AMAZON-AES) (AMAZON-AES)
1 1	13.225.214.84 13.225.214.84	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	104.126.113.17 104.126.113.17	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	34.236.110.233 34.236.110.233	14618 (AMAZON-AES) (AMAZON-AES)
1 1	64.58.232.176 64.58.232.176	13649 (ASN-VINS) (ASN-VINS)
1	64.58.232.177 64.58.232.177	13649 (ASN-VINS) (ASN-VINS)
3 4	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	23.52.164.7 23.52.164.7	16625 (AKAMAI-AS) (AKAMAI-AS)
1	87.242.89.90 87.242.89.90	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
2 2	52.85.61.67 52.85.61.67	16509 (AMAZON-02) (AMAZON-02)
1	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
3 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1	3.229.34.188 3.229.34.188	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
1 1	109.206.161.21 109.206.161.21	50245 (SERVEREL-AS) (SERVEREL-AS)
2	45.60.12.120 45.60.12.120	19551 (INCAPSULA) (INCAPSULA)
1	142.250.64.74 142.250.64.74	15169 (GOOGLE) (GOOGLE)
2	157.185.165.41 157.185.165.41	54994 (QUANTILNE...) (QUANTILNETWORKS)
2	152.199.0.130 152.199.0.130	15133 (EDGECAST) (EDGECAST)
2	157.185.177.205 157.185.177.205	() ()
2	104.126.118.200 104.126.118.200	() ()
2	104.126.118.234 104.126.118.234	() ()
4	8.45.176.226 8.45.176.226	() ()
4	64.185.181.238 64.185.181.238	() ()
2	207.46.231.89 207.46.231.89	() ()
4	157.185.155.6 157.185.155.6	() ()
1	2607:f740:e61... 2607:f740:e619::1	() ()
192	65

46 110.50.231.223 (Philippines) 2 redirects

ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH)

www.dfvnvui.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80d::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.128.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-2.jfk50.r.cloudfront.net

cdn.appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.84.38.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-38-65.ewr52.r.cloudfront.net

dk0tzorg7uge9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.76.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-76-97.iad89.r.cloudfront.net

d313lzv9559yp9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-124.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.167.164.47 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.54.49.5 (United States) 1 redirects

ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US)
PTR: 5.49.54.45.ptr.anycast.net

radar.cedexis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.225.10.225 (Ashburn, United States)

ASN36236 (NETACTUATE, US)
PTR: 225.10.225.104.ptr.anycast.net

i2-jmmzbaqojuycpecrzvecnytfoulodm.init.cedexis-radar.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.73.170.4 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-170-4.compute-1.amazonaws.com

sc.adelement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.40.194 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.161.182 (New York, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.160.24 (New York, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.79.118.14 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-79-118-14.ap-northeast-2.compute.amazonaws.com

dafabetcomasia.asia.frosmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 45.54.49.1 (United States)

ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US)
PTR: 1.49.54.45.ptr.anycast.net

rpt.cedexis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-46.jfk50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.51.204.8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-51-204-8.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-52.jfk50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.245 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.84.60.21 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

asia.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 52.78.8.111 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com

asia.frosmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.149.119.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.119.149.34.bc.googleusercontent.com

col.0wp0usgn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.225.10.227 (Ashburn, United States)

ASN36236 (NETACTUATE, US)
PTR: 227.10.225.104.ptr.anycast.net

i1-j5-20-123-1-20200-1843368282-s.init.cedexis-radar.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 185.167.164.49 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.84.60.20 (Denmark)

ASN198622 (ADFORM, DK)

asia.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.73.4.138 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-4-138.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.78.208.213 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-78-208-213.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.192.213 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-192-213.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.187.193.177 (Canada) 1 redirects

ASN47043 (SMARTADSERVER, CA)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.218.90.66 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.28.233 (United States)

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.255 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.40.39.223 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.57.31.206 (United States) 1 redirects

ASN19994 (RACKSPACE, US)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.156.26.12 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-26-12.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.16.197.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-197-56.compute-1.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.42.14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.221.107.188 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-107-188.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.223.57.84 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-57-84.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.180.231 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-180-231.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.25.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.94.171.216 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-10.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.33.220.150 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.209.139.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-139-125.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.214.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-99.ewr50.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.0.191.77 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-191-77.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.214.202.88 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-202-88.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.214.84 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-84.ewr50.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.126.113.17 (New York, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-126-113-17.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.236.110.233 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-110-233.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.58.232.176 (Austin, United States) 1 redirects

ASN13649 (ASN-VINS, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.58.232.177 (Austin, United States)

ASN13649 (ASN-VINS, US)
PTR: be31-199.crrt01.las04.flexential.net

ib.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.19.138.83 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.164.7 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-164-7.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.242.89.90 (Russian Federation)

ASN208677 (SBERCLOUD-AS, RU)

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.85.61.67 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-67.ewr53.r.cloudfront.net

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.229.34.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-34-188.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.22.214 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.161.21 (United States) 1 redirects

ASN50245 (SERVEREL-AS, US)
PTR: 109.206.161.21.serverel.net

sync.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.60.12.120 (United States)

ASN19551 (INCAPSULA, US)

inc-www.df-bet.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.64.74 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s30-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.185.165.41 (United States)

ASN54994 (QUANTILNETWORKS, US)

cdn-www.df-bet.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.199.0.130 (United States)

ASN15133 (EDGECAST, US)

edg-static.xhhlhh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.185.177.205 (None, )

ASN- ()

cdn-sports.nextbet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.126.118.200 (None, )

ASN- ()

aka-mcashier.dafanba.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.126.118.234 (None, )

ASN- ()

aka-www.dffgames.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 8.45.176.226 (None, )

ASN- ()

p30885.citm-test.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.185.181.238 (None, )

ASN- ()

cedexis.pc.cdn.bitgravity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.46.231.89 (None, )

ASN- ()

p20305.cedexis-test.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.185.155.6 (None, )

ASN- ()

cdnetworks.cedexis-test.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f740:e619::1 (None, )

ASN- ()

rpt.cedexis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	dfvnvui.com 2 redirects www.dfvnvui.com	3 MB
27	cedexis.com 1 redirects radar.cedexis.com — Cisco Umbrella Rank: 2797 rpt.cedexis.com — Cisco Umbrella Rank: 2007	29 KB
21	adform.net 3 redirects s2.adform.net — Cisco Umbrella Rank: 5785 track.adform.net — Cisco Umbrella Rank: 3946 asia.adform.net — Cisco Umbrella Rank: 68533 c1.adform.net — Cisco Umbrella Rank: 590 dmp.adform.net — Cisco Umbrella Rank: 3607	44 KB
19	frosmo.com dafabetcomasia.asia.frosmo.com asia.frosmo.com	90 KB
7	cloudfront.net dk0tzorg7uge9.cloudfront.net d313lzv9559yp9.cloudfront.net	596 KB
6	cedexis-test.com p20305.cedexis-test.com cdnetworks.cedexis-test.com	7 KB
6	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 214 secure.adnxs.com — Cisco Umbrella Rank: 381	6 KB
4	bitgravity.com cedexis.pc.cdn.bitgravity.com	3 KB
4	citm-test.com p30885.citm-test.com	7 KB
4	df-bet.org inc-www.df-bet.org cdn-www.df-bet.org
4	id5-sync.com 3 redirects id5-sync.com — Cisco Umbrella Rank: 408	5 KB
4	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 295	2 KB
4	doubleclick.net 4 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 210	955 B
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25	20 KB
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 414	1 KB
3	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 2544	2 KB
3	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 785	1 KB
3	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 675 ice.360yield.com — Cisco Umbrella Rank: 2137	1 KB
3	0wp0usgn.com col.0wp0usgn.com — Cisco Umbrella Rank: 672523	374 B
3	adelement.com 3 redirects sc.adelement.com — Cisco Umbrella Rank: 371891	857 B
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 607 script.hotjar.com — Cisco Umbrella Rank: 738 in.hotjar.com — Cisco Umbrella Rank: 1662	97 KB
2	dffgames.com aka-www.dffgames.com
2	dafanba.net aka-mcashier.dafanba.net	4 KB
2	nextbet.com cdn-sports.nextbet.com	4 KB
2	xhhlhh.com edg-static.xhhlhh.com	348 B
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 354	719 B
2	smaato.net 2 redirects s.ad.smaato.net — Cisco Umbrella Rank: 708	1 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 11767	630 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 729	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 201	2 KB
2	onaudience.com 2 redirects pixel.onaudience.com — Cisco Umbrella Rank: 2330	972 B
2	openx.net 1 redirects eu-u.openx.net — Cisco Umbrella Rank: 2280	500 B
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 536	807 B
2	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 333	893 B
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 347	815 B
2	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 1096	1 KB
2	semasio.net 1 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1182	906 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 524	2 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 285	1 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 271	490 B
2	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 3127	691 B
2	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 531 pixel.rubiconproject.com — Cisco Umbrella Rank: 317	1 KB
2	cedexis-radar.net i2-jmmzbaqojuycpecrzvecnytfoulodm.init.cedexis-radar.net i1-j5-20-123-1-20200-1843368282-s.init.cedexis-radar.net	2 KB
2	appdynamics.com cdn.appdynamics.com — Cisco Umbrella Rank: 3515	52 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	775 B
1	e-volution.ai 1 redirects sync.e-volution.ai — Cisco Umbrella Rank: 2943	464 B
1	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 1417	109 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 22824	49 B
1	taboola.com sync.taboola.com — Cisco Umbrella Rank: 934	230 B
1	1dmp.io sync.1dmp.io — Cisco Umbrella Rank: 15405	155 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1230	287 B
1	mookie1.com ib.mookie1.com — Cisco Umbrella Rank: 2737	421 B
1	ib-ibi.com 1 redirects global.ib-ibi.com — Cisco Umbrella Rank: 1868	499 B
1	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 975	627 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1444	456 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 472	651 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 19012	444 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 676	448 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 586	338 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 24222	407 B
1	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 684	634 B
1	exelator.com loadm.exelator.com — Cisco Umbrella Rank: 1422	324 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 756	287 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 617	639 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 582	668 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4551	525 B
1	seadform.net asia.seadform.net — Cisco Umbrella Rank: 173621	466 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2162	258 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	77 KB
0	emxdgt.com Failed e1.emxdgt.com Failed
192	71

	Domain	Requested by
46	www.dfvnvui.com	2 redirects www.dfvnvui.com cdn.appdynamics.com
24	rpt.cedexis.com	cdn.appdynamics.com
18	asia.frosmo.com	dk0tzorg7uge9.cloudfront.net cdn.appdynamics.com
12	c1.adform.net	1 redirects asia.adform.net c1.adform.net
6	dk0tzorg7uge9.cloudfront.net	www.dfvnvui.com
4	cdnetworks.cedexis-test.com	radar.cedexis.com cdnetworks.cedexis-test.com
4	cedexis.pc.cdn.bitgravity.com	radar.cedexis.com cedexis.pc.cdn.bitgravity.com
4	p30885.citm-test.com	radar.cedexis.com p30885.citm-test.com
4	id5-sync.com	3 redirects c1.adform.net
4	dmp.adform.net	c1.adform.net
4	match.adsrvr.org	3 redirects c1.adform.net
4	secure.adnxs.com	2 redirects c1.adform.net
4	cm.g.doubleclick.net	4 redirects
4	www.google-analytics.com	www.googletagmanager.com www.dfvnvui.com cdn.appdynamics.com
3	pixel.tapad.com	3 redirects
3	a.audrte.com	2 redirects c1.adform.net
3	sync.crwdcntrl.net	2 redirects c1.adform.net
3	col.0wp0usgn.com	cdn.appdynamics.com
3	sc.adelement.com	3 redirects
3	radar.cedexis.com	1 redirects radar.cedexis.com
2	p20305.cedexis-test.com
2	aka-www.dffgames.com	radar.cedexis.com
2	aka-mcashier.dafanba.net	radar.cedexis.com
2	cdn-sports.nextbet.com	radar.cedexis.com
2	edg-static.xhhlhh.com
2	cdn-www.df-bet.org	radar.cedexis.com
2	inc-www.df-bet.org	radar.cedexis.com
2	eb2.3lift.com	1 redirects c1.adform.net
2	s.ad.smaato.net	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	pixel.onaudience.com	2 redirects
2	eu-u.openx.net	1 redirects c1.adform.net
2	tags.bluekai.com	c1.adform.net
2	px.ads.linkedin.com	1 redirects c1.adform.net
2	idsync.rlcdn.com	2 redirects
2	ps.eyeota.net	1 redirects c1.adform.net
2	uipglob.semasio.net	1 redirects c1.adform.net
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	x.bidswitch.net	2 redirects
2	ups.analytics.yahoo.com	1 redirects c1.adform.net
2	ih.adscale.de	2 redirects
2	ad.360yield.com	1 redirects c1.adform.net
2	asia.adform.net	1 redirects
2	track.adform.net	1 redirects
2	ib.adnxs.com	1 redirects
2	cdn.appdynamics.com	www.dfvnvui.com cdn.appdynamics.com
1	fonts.googleapis.com	dk0tzorg7uge9.cloudfront.net
1	pixel.rubiconproject.com	c1.adform.net
1	sync.e-volution.ai	1 redirects
1	bpi.rtactivate.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	sync.taboola.com	c1.adform.net
1	sync.1dmp.io	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	ice.360yield.com	1 redirects
1	ib.mookie1.com	c1.adform.net
1	global.ib-ibi.com	1 redirects
1	pixel.mathtag.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	pippio.com	1 redirects
1	loadm.exelator.com	c1.adform.net
1	sync.outbrain.com	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	rtb-csync.smartadserver.com	1 redirects
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	asia.seadform.net
1	i1-j5-20-123-1-20200-1843368282-s.init.cedexis-radar.net	cdn.appdynamics.com
1	vc.hotjar.io	cdn.appdynamics.com
1	in.hotjar.com	cdn.appdynamics.com
1	script.hotjar.com	static.hotjar.com
1	dafabetcomasia.asia.frosmo.com	dk0tzorg7uge9.cloudfront.net
1	i2-jmmzbaqojuycpecrzvecnytfoulodm.init.cedexis-radar.net	cdn.appdynamics.com
1	s2.adform.net	www.dfvnvui.com
1	static.hotjar.com	www.dfvnvui.com
1	d313lzv9559yp9.cloudfront.net	www.dfvnvui.com
1	www.googletagmanager.com	www.dfvnvui.com
0	e1.emxdgt.com Failed	c1.adform.net
192	86

This site contains links to these domains. Also see Links.

Domain
account.dfvnvui.com
www.promomenang.com
dfgameplay.com
888df.com
dfnec.com
www.messenger.com
www.df-gamingconnector.com
dafabet-partnership.com
www.dafabetaffiliates.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
*.dfvnvui.com Entrust Certification Authority - L1K	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.appdynamics.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-17` - `2023-07-22`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.init.cedexis-radar.net DigiCert TLS RSA SHA256 2020 CA1	`2022-04-11` - `2023-04-11`	a year	crt.sh
*.asia.frosmo.com R3	`2023-03-06` - `2023-06-04`	3 months	crt.sh
radar.cedexis.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-14` - `2023-06-14`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
col.0wp0usgn.com Entrust Certification Authority - L1K	`2022-03-22` - `2023-04-03`	a year	crt.sh
*.seadform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-11-09`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-19` - `2023-05-19`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-08` - `2023-06-10`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-02-26`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.userreport.com Amazon RSA 2048 M02	`2023-02-22` - `2024-01-18`	a year	crt.sh
teads.tv R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
sync.1dmp.io R3	`2023-01-31` - `2023-05-01`	3 months	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2022-05-31` - `2023-06-04`	a year	crt.sh
rtactivate.com Amazon RSA 2048 M01	`2023-03-14` - `2024-04-11`	a year	crt.sh
*.df-bet.org Entrust Certification Authority - L1K	`2022-05-03` - `2023-05-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.xhhlhh.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-22` - `2023-04-21`	a year	crt.sh
*.nextbet.com Entrust Certification Authority - L1K	`2022-07-26` - `2023-08-10`	a year	crt.sh
m4kpd7xg.com R3	`2023-02-01` - `2023-05-02`	3 months	crt.sh
dffgames.com R3	`2023-01-04` - `2023-04-04`	3 months	crt.sh
p48184.citm-test.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-11` - `2023-07-11`	a year	crt.sh
*.pc.cdn.bitgravity.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-02-13` - `2024-02-05`	a year	crt.sh
*.cedexis-test.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-09` - `2023-05-09`	a year	crt.sh
p36.cedexis-test.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-09` - `2023-05-09`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://www.dfvnvui.com/en
Frame ID: 6D0D09AE2AE07FF1E5F336CF0DC2B4CC
Requests: 128 HTTP requests in this frame

Frame: https://dafabetcomasia.asia.frosmo.com/frosmo.xdm.html?8.186.0
Frame ID: FDDB64FE6220C698776B647FB99FDE87
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462
Frame ID: 70F5D802AA6789A51F902402F10311A7
Requests: 47 HTTP requests in this frame

Frame: https://inc-www.df-bet.org/en/promotions/sureroute.html?rnd=1-1-20200-1-20200-71588-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA
Frame ID: 5124FC63A4754949784162B3996E6D03
Requests: 1 HTTP requests in this frame

Frame: https://inc-www.df-bet.org/en/promotions/sureroute.html?rnd=0-1-20200-1-20200-71588-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA
Frame ID: EC52C688B34D1CAFF12E4EB1904C3361
Requests: 1 HTTP requests in this frame

Frame: https://cdn-www.df-bet.org/en/promotions/sureroute.html?rnd=1-1-20200-1-20200-47753-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA
Frame ID: 6C78940F39DAD48FE5E18504BD004470
Requests: 1 HTTP requests in this frame

Frame: https://cdn-www.df-bet.org/en/promotions/sureroute.html?rnd=0-1-20200-1-20200-47753-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA
Frame ID: 3241BA18AA917F33BFDFB7321191B9E4
Requests: 1 HTTP requests in this frame

Frame: https://cdn-sports.nextbet.com/test/d17.html?rnd=1-1-20200-1-20200-47804-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA
Frame ID: E7FD3422D56AFBA6696B43CA17832E24
Requests: 1 HTTP requests in this frame

Frame: https://cdn-sports.nextbet.com/test/d17.html?rnd=0-1-20200-1-20200-47804-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA
Frame ID: 9B40F7BB56F3CEA9816009149C40107A
Requests: 1 HTTP requests in this frame

Frame: https://aka-mcashier.dafanba.net/sureroute.html?rnd=1-1-20200-1-20200-46920-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA
Frame ID: 05D76DDA65976248EE0A4545D68E31FC
Requests: 1 HTTP requests in this frame

Frame: https://aka-mcashier.dafanba.net/sureroute.html?rnd=0-1-20200-1-20200-46920-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA
Frame ID: DD8029CB7BB9D2A24D6E57E847AE6DAA
Requests: 1 HTTP requests in this frame

Frame: https://aka-www.dffgames.com/en/promotions/sureroute.html?rnd=1-1-20200-1-20200-42793-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA
Frame ID: 1719D8E3CBC128FEB171F415BC2E353F
Requests: 1 HTTP requests in this frame

Frame: https://aka-www.dffgames.com/en/promotions/sureroute.html?rnd=0-1-20200-1-20200-42793-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA
Frame ID: 2C24D2DE9B7002418189F484BAA643C4
Requests: 1 HTTP requests in this frame

Frame: https://p30885.citm-test.com/img/iuni4.html?rnd=-1-1-20200-0-0-30885-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA
Frame ID: 86AC8100886465F40CE9018CB7BF246D
Requests: 2 HTTP requests in this frame

Frame: https://cedexis.pc.cdn.bitgravity.com/img/35/iuni4.html?rnd=-1-1-20200-0-0-38635-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA
Frame ID: 3AE9BBDFE63E0FE54406E03F72561287
Requests: 2 HTTP requests in this frame

Frame: https://cdnetworks.cedexis-test.com/img/17653/iuni4.html?rnd=-1-1-20200-0-0-17653-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA
Frame ID: 914B7C3ECCD0D1F84F33BAE30B6CE8F4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dafabet is The Most Secure Online Betting Company in Asia

Page URL History Show full URLs

http://www.dfvnvui.com/ HTTP 301
https://www.dfvnvui.com/ HTTP 302
https://www.dfvnvui.com/en Page URL

Detected technologies

AppDynamics (Analytics) Expand

Overall confidence: 100%
Detected patterns

adrum

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

<(?:iframe|img)[^>]+adnxs\.(?:net|com)
adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

192
Requests

82 %
HTTPS

4 %
IPv6

71
Domains

86
Subdomains

65
IPs

10
Countries

4423 kB
Transfer

6432 kB
Size

103
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://account.dfvnvui.com/en/cant-login
Title: Can't login?

Search URL Search Domain Scan URL

URL: https://www.promomenang.com/sportsbook/app/en/#dafasports
Title: DAFA SPORTS APP

Search URL Search Domain Scan URL

URL: https://dfgameplay.com/gjdqub
Title: Add us on WhatsApp!

Search URL Search Domain Scan URL

URL: https://dfgameplay.com/gjdpp9
Title: DafaAsia

Search URL Search Domain Scan URL

URL: https://888df.com/app
Title: CASINO

Search URL Search Domain Scan URL

URL: https://www.promomenang.com/sportsbook/app/en/#dafaowsports
Title: DAFA OW APP

Search URL Search Domain Scan URL

URL: https://dfnec.com/dfc-ep
Title: DAFABET CONNECT

Search URL Search Domain Scan URL

URL: https://dfgameplay.com/gjdnjr
Title: DafaAsia

Search URL Search Domain Scan URL

URL: https://www.messenger.com/t/dfasiaservice
Title: Dafabet Support

Search URL Search Domain Scan URL

URL: https://www.df-gamingconnector.com/en/?utm_source=CRM&utm_campaign=DafaConnect&utm_medium=EPlb_MY
Title: Learn More

Search URL Search Domain Scan URL

URL: https://dfnec.com/mac

Search URL Search Domain Scan URL

URL: https://dfnec.com/win-downloader

Search URL Search Domain Scan URL

URL: https://dfnec.com/win-setup

Search URL Search Domain Scan URL

URL: https://dafabet-partnership.com/

Search URL Search Domain Scan URL

URL: https://dafabet-partnership.com/#teams

Search URL Search Domain Scan URL

URL: https://dafabet-partnership.com/#brand-ambassadors

Search URL Search Domain Scan URL

URL: https://www.dafabetaffiliates.com/en
Title: Affiliates

Search URL Search Domain Scan URL

URL: https://twitter.com/dafabet
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TheDafabetChannel
Title: youtube

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.dfvnvui.com/ HTTP 301
https://www.dfvnvui.com/ HTTP 302
https://www.dfvnvui.com/en Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://radar.cedexis.com/1/20200/radar.js HTTP 302
https://radar.cedexis.com/1621860284/radar.js

Request Chain 50

https://sc.adelement.com/setRT_adelement_cookie.php?ae_rt=68b6d5bdc9e20db6e1aa8b0d8ae420a1&depth=0&language_code=en HTTP 302
https://sc.adelement.com/setRT_adelement_cookie.php?ae_rt=68b6d5bdc9e20db6e1aa8b0d8ae420a1&depth=0&language_code=en&_aeset=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adl&google_cm&google_hm=b%27UllkTERSTzhaRmZKWkV6YnZqcWVnOWlB%27 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adl&google_cm=&google_hm=b%27UllkTERSTzhaRmZKWkV6YnZqcWVnOWlB%27&google_tc= HTTP 302
https://sc.adelement.com/cs?google_hm=2&google_gid=CAESEH4ultO1Zp00ecodUj7G35w&google_cver=1 HTTP 302
https://ib.adnxs.com/setuid?entity=389&code=RYdLDRO8ZFfJZEzbvjqeg9iA

Request Chain 51

https://secure.adnxs.com/seg?add=8385691&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D8385691%26t%3D2

Request Chain 58

https://track.adform.net/Serving/TrackPoint/?pm=2281077&ADFPageName=Entry%20Page&ADFdivider=%7C&ord=534730108643&ADFtpmode=2&loc=https%3A%2F%2Fwww.dfvnvui.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2281077&ADFPageName=Entry%20Page&ADFdivider=%7C&ord=534730108643&ADFtpmode=2&loc=https%3A%2F%2Fwww.dfvnvui.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 59

https://asia.adform.net/Serving/TrackPoint/?pm=2449026&ADFdivider=%7C&ord=283160797182&ADFtpmode=2&loc=https%3A%2F%2Fwww.dfvnvui.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=2449026&ADFdivider=%7C&ord=283160797182&ADFtpmode=2&loc=https%3A%2F%2Fwww.dfvnvui.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 84

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=877935439483742230&Expiration=1680147176 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=877935439483742230&Expiration=1680147176

Request Chain 87

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=877935439483742230&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=877935439483742230&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=a67716916cf04a76aa000294ad81d548 HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=4a5def23b244df5b4149d0fa60bbf89d3a22585a001e8f3ae0d76ac05a90aac2

Request Chain 88

https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=877935439483742230&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID HTTP 302
https://c1.adform.net/serving/cookie/match?party=10&cid=7777402719344923733

Request Chain 89

https://ups.analytics.yahoo.com/ups/55944/sync?uid=877935439483742230&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=877935439483742230&_origin=1&verify=true

Request Chain 91

https://x.bidswitch.net/sync?dsp_id=70&user_id=877935439483742230 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=877935439483742230 HTTP 302
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=a9bdeda3-9383-4240-8809-38e0394d3cbd&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 92

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=877935439483742230&expiration=1680147176 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=877935439483742230&expiration=1680147176&C=1

Request Chain 93

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=877935439483742230&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=877935439483742230&sInitiator=external

Request Chain 94

https://ps.eyeota.net/match?uid=877935439483742230&bid=9gdtmu1 HTTP 302
https://ps.eyeota.net/match/bounce/?uid=877935439483742230&bid=9gdtmu1

Request Chain 96

https://idsync.rlcdn.com/398366.gif?partner_uid=877935439483742230 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIdChkIARCUdRoSODc3OTM1NDM5NDgzNzQyMjMwEAAaDQjom8qgBhIFCOgHEABCAEoA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=9c899b04e2134a598ba3da6cd9acba0a7561df65e0bb71cf19384d297d6dfffa791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=9c899b04e2134a598ba3da6cd9acba0a7561df65e0bb71cf19384d297d6dfffa791426b5417dce21&rand=05473730 HTTP 302
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=9c899b04e2134a598ba3da6cd9acba0a7561df65e0bb71cf19384d297d6dfffa791426b5417dce21&rand=05473730&expected_cookie=b8a9d0d0-6837-4675-beec-34de61e02a42

Request Chain 97

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=877935439483742230/gdpr=/gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=877935439483742230/gdpr=/gdpr_consent=

Request Chain 99

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=877935439483742230 HTTP 302
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=877935439483742230

Request Chain 100

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 101

https://pixel.onaudience.com/?mapped=877935439483742230&partner=68 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=a37534b0e6191140/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

Request Chain 103

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=ODc3OTM1NDM5NDgzNzQyMjMw HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEO5P5Xv2z1M0hagDmu0LmMs&google_cver=1&google_ula=1641347,0

Request Chain 104

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=271775688729966696&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=877935439483742230

Request Chain 108

https://a.audrte.com/a?adform_uid=877935439483742230 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MmloRXc3ZTZzVk5TTHk3R1N2Rk5BeUxZdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/p

Request Chain 109

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=877935439483742230&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=877935439483742230&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=73676219288136771241986974410054195480&noredirect=1

Request Chain 110

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=877935439483742230 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=213180604457003146223

Request Chain 111

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7210981985242183832

Request Chain 113

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
https://c1.adform.net/serving/cookie/match?party=1066&cid=44f66412-8de9-4e00-a279-a9a2213576ae

Request Chain 114

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=QbJZZoVY1PCEml5

Request Chain 115

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=b5638da3-7a38-4911-8557-ad13f43d84a5

Request Chain 116

https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=877935439483742230 HTTP 302
https://ib.mookie1.com/image.sbmx?go=302927&pid=567&xid=877935439483742230

Request Chain 117

https://id5-sync.com/s/10/0.gif?puid=877935439483742230 HTTP 302
https://id5-sync.com/c/10/10/2/1.gif?puid=877935439483742230&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/10/2/1/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/10/2/1/2.gif?puid=271775688729966696&gdpr=0&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-7957scmDy72PtUFoAwPe4ahsReDla960f2q6n85nKA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F0%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/cq/10/124/0/3.gif?puid=a1feac6a-54e1-48f7-93f5-d0bb77956d99&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=

Request Chain 118

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=1156830848 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=LJa/0/inSkty6l7uZB/qyO

Request Chain 121

https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=877935439483742230 HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=877935439483742230&cookieCheck=1 HTTP 302
https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=9c20691f

Request Chain 122

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=877935439483742230&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=877935439483742230&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=99978970-edf1-4bd1-a2fa-134d2d452f9d%252Chttps%25253A%25252F%25252Fc1.adform.net%25252Fserving%25252Fcookie%25252Fmatch%25253Fparty%25253D2007%252526cid%25253D99978970-edf1-4bd1-a2fa-134d2d452f9d%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b5638da3-7a38-4911-8557-ad13f43d84a5&ttd_puid=99978970-edf1-4bd1-a2fa-134d2d452f9d%2Chttps%253A%252F%252Fc1.adform.net%252Fserving%252Fcookie%252Fmatch%253Fparty%253D2007%2526cid%253D99978970-edf1-4bd1-a2fa-134d2d452f9d%2C HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=99978970-edf1-4bd1-a2fa-134d2d452f9d

Request Chain 125

https://eb2.3lift.com/xuid?mid=7354&xuid=877935439483742230&dongle=AD20 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=877935439483742230&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=

Request Chain 126

https://sync.e-volution.ai/296800c6dbd7f8eb22cf034b9927d719.gif?puid=877935439483742230 HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

192 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request en Show response
www.dfvnvui.com/
Redirect Chain

http://www.dfvnvui.com/
https://www.dfvnvui.com/
https://www.dfvnvui.com/en

46 KB
46 KB

247ms
246ms

Document
text/html

110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dfvnvui.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

5d1f4f953c13145264dea1340ea9098685f43bb58114125a3cefaee1f8ec1d6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, private, must-revalidate
Connection: keep-alive
Content-Language: en
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Mar 2023 03:32:52 GMT
Page-Cache: Hit
Server: nginx/1.11.10
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
X-Frame-Options: deny

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Server: BigIP
location: /en

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
77 KB 55ms
27ms Script
application/javascript 2607:f8b0:4006:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S5WHEF6PM5

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3e500065c5a7f3d32c59133316d559e700a49db695b7d20f7c39184fac45f64e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 03:32:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78629
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 16 Mar 2023 03:32:52 GMT

GET
H/1.1 200
OK common.3a4914f4cc74cb5e65754bfee9020148.css
www.dfvnvui.com/en/dafa/css/ 61 KB
62 KB 402ms
205ms Stylesheet
text/css 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dfvnvui.com/en/dafa/css/common.3a4914f4cc74cb5e65754bfee9020148.css

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

ea65daab2589fc5508d82756f15f5ae85049acc4ba9d86998b35640bc67a67b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 27 Feb 2023 02:01:46 GMT
Server: nginx/1.11.10
ETag: "63fc0f0a-f54b"
X-Frame-Options: deny
Content-Type: text/css
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 62795
Expires: Fri, 15 Mar 2024 03:32:52 GMT

GET
H/1.1 200
OK home.2ab5b7617f761a338a5a4f232d84fee2.css
www.dfvnvui.com/en/css/ 51 KB
51 KB 625ms
217ms Stylesheet
text/css 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dfvnvui.com/en/css/home.2ab5b7617f761a338a5a4f232d84fee2.css

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

24890a9d62ac0402b8bb2ce26e35d7719f75118118dad671875889591f7e876f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 22 Feb 2023 04:45:01 GMT
Server: nginx/1.11.10
ETag: "63f59dcd-cbcf"
X-Frame-Options: deny
Content-Type: text/css
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 52175
Expires: Fri, 15 Mar 2024 03:32:52 GMT

GET
H/1.1 200
OK default_image.3a4914f4cc74cb5e65754bfee9020148.png
www.dfvnvui.com/en/dafa/images/ 593 B
1015 B 624ms
207ms Image
image/png 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfvnvui.com/en/dafa/images/default_image.3a4914f4cc74cb5e65754bfee9020148.png

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

180109f8f37c833e1f965c5662f54e73b3e1291117a3c7fa320dab4ae7727dcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 27 Feb 2023 02:01:46 GMT
Server: nginx/1.11.10
ETag: "63fc0f0a-251"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 593
Expires: Fri, 15 Mar 2024 03:32:52 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
246 B 46ms
18ms Ping
text/plain 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-S5WHEF6PM5&gtm=45je33d0h1&_p=201970202&cid=1382871543.1678937572&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678937572&sct=1&seg=0&dl=https%3A%2F%2Fwww.dfvnvui.com%2Fen&dt=Dafabet%20is%20The%20Most%20Secure%20Online%20Betting%20Company%20in%20Asia&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S5WHEF6PM5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80d::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 03:32:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dfvnvui.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK loader.gif
www.dfvnvui.com/en/images/ 25 KB
25 KB 629ms
207ms Image
image/gif 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfvnvui.com/en/images/loader.gif

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

1255cfe05d68366b2f1784987c772a817da92099f4922498a445f8768c52a710

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 22 Feb 2023 04:45:01 GMT
Server: nginx/1.11.10
ETag: "63f59dcd-6240"
X-Frame-Options: deny
Content-Type: image/gif
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25152
Expires: Fri, 15 Mar 2024 03:32:52 GMT

GET
H/1.1 200
OK 1920x100_en.jpg
www.dfvnvui.com/en/2023-03/ 145 KB
146 KB 629ms
207ms Image
image/jpeg 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfvnvui.com/en/2023-03/1920x100_en.jpg

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

ab3b05fe86ba843b9e70759d6e38a9b235ff9c2765cc42f7248c40f5f3c5210c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Fri, 10 Mar 2023 12:55:28 GMT
Server: nginx/1.11.10
ETag: "640b28c0-244d0"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 148688
Expires: Fri, 15 Mar 2024 03:32:52 GMT

GET
H/1.1 200
OK 570x388-updated_0.jpg
www.dfvnvui.com/en/2020-11/ 74 KB
75 KB 629ms
207ms Image
image/jpeg 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfvnvui.com/en/2020-11/570x388-updated_0.jpg

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

a2e3b730e59a00b1195cd8e5bfe193efdf3bd17b9c1dbd77ee796dc5c8b68c36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 09 Nov 2020 02:06:19 GMT
Server: nginx/1.11.10
ETag: "5fa8a41b-128fa"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 76026
Expires: Fri, 15 Mar 2024 03:32:52 GMT

GET
H/1.1 200
OK slots-560x218.jpg
www.dfvnvui.com/en/2018-09/ 87 KB
88 KB 320ms
218ms Image
image/jpeg 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfvnvui.com/en/2018-09/slots-560x218.jpg

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

1af15a8dfe5dd8cb0597a2e42cc0490cb852627d522e4db0dcda73bc453f78cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 10 Sep 2018 01:53:45 GMT
Server: nginx/1.11.10
ETag: "5b95cea9-15d91"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89489
Expires: Fri, 15 Mar 2024 03:32:53 GMT

GET
H/1.1 200
OK entrypage-sponsors-575x149_en.jpg
www.dfvnvui.com/en/2023-03/ 95 KB
95 KB 731ms
206ms Image
image/jpeg 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfvnvui.com/en/2023-03/entrypage-sponsors-575x149_en.jpg

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

708c6ded243b8dde1efd6e13f0c3a5e1513533d36c224e5f66a9eac657e8814c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Fri, 10 Mar 2023 12:12:52 GMT
Server: nginx/1.11.10
ETag: "640b1ec4-17b95"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 97173
Expires: Fri, 15 Mar 2024 03:32:53 GMT

GET
H/1.1 200
OK 560x218-entry-page-8-19-21.jpg
www.dfvnvui.com/en/2021-08/ 124 KB
124 KB 690ms
206ms Image
image/jpeg 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfvnvui.com/en/2021-08/560x218-entry-page-8-19-21.jpg

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

affe144bc5730c89d09e953cd7162b1cbbc88210ae0be3bc482ed85bf1c34e76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Fri, 20 Aug 2021 03:24:24 GMT
Server: nginx/1.11.10
ETag: "611f2068-1ef8f"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 126863
Expires: Fri, 15 Mar 2024 03:32:53 GMT

GET
H/1.1 200
OK 560x149-en.jpg
www.dfvnvui.com/en/2023-03/ 46 KB
46 KB 562ms
206ms Image
image/jpeg 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfvnvui.com/en/2023-03/560x149-en.jpg

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

312bd3fdcf4c5d83576e2f28f331c9d0c3caa71c3d06c11e46e462783ee76bf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Tue, 07 Mar 2023 03:56:02 GMT
Server: nginx/1.11.10
ETag: "6406b5d2-b607"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46599
Expires: Fri, 15 Mar 2024 03:32:53 GMT

GET
H/1.1 200
OK es5.min.js Show response
www.dfvnvui.com/en/dafa/js/ 11 KB
11 KB 417ms
216ms Script
application/javascript 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dfvnvui.com/en/dafa/js/es5.min.js

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

ac3d45538ffdd87732763521ea21e1f9695551d5c8a1b506935fb9bbc5253bfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 27 Feb 2023 02:01:46 GMT
Server: nginx/1.11.10
ETag: "63fc0f0a-2b85"
X-Frame-Options: deny
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11141
Expires: Fri, 15 Mar 2024 03:32:52 GMT

GET
H/1.1 200
OK integration.js.php Show response
www.dfvnvui.com/jswrapper/ 37 KB
37 KB 205ms
205ms Script
application/javascript 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dfvnvui.com/jswrapper/integration.js.php?casino=dafa888&min=1

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 / Servlet/4.0

Resource Hash

ad81c752ea734a513d13af9778fd7d65135dc6c2d0b5b4a067cf2545bb9b9100

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx/1.11.10
X-Powered-By: Servlet/4.0
X-Cache-Status: HIT
Transfer-Encoding: chunked
X-Frame-Options: deny
Content-Language: en-US
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Expires: Thu, 16 Mar 2023 03:47:52 GMT

GET
H/1.1 200
OK manifest.2ab5b7617f761a338a5a4f232d84fee2.bundle.js Show response
www.dfvnvui.com/en/js/ 1 KB
2 KB 207ms
205ms Script
application/javascript 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dfvnvui.com/en/js/manifest.2ab5b7617f761a338a5a4f232d84fee2.bundle.js

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

a344651e7d82d44fdc2226f57dfea79cae89296f3e12374bf42fe55645ba1205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 22 Feb 2023 04:45:01 GMT
Server: nginx/1.11.10
ETag: "63f59dcd-5a7"
X-Frame-Options: deny
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1447
Expires: Fri, 15 Mar 2024 03:32:52 GMT

GET
H/1.1 200
OK vendor.2ab5b7617f761a338a5a4f232d84fee2.bundle.js Show response
www.dfvnvui.com/en/js/ 105 KB
105 KB 205ms
205ms Script
application/javascript 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dfvnvui.com/en/js/vendor.2ab5b7617f761a338a5a4f232d84fee2.bundle.js

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

a694428ee039141c0154279f988d0389639419ae03c791e8fac540bb749eded1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 22 Feb 2023 04:45:01 GMT
Server: nginx/1.11.10
ETag: "63f59dcd-1a28a"
X-Frame-Options: deny
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 107146
Expires: Fri, 15 Mar 2024 03:32:53 GMT

GET
H/1.1 200
OK common.3a4914f4cc74cb5e65754bfee9020148.bundle.js Show response
www.dfvnvui.com/en/dafa/js/ 221 KB
222 KB 207ms
206ms Script
application/javascript 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dfvnvui.com/en/dafa/js/common.3a4914f4cc74cb5e65754bfee9020148.bundle.js

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

b579e84fabc2ea7873e4df808071c44d8db2b1185890861354768c6fc4433f32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 27 Feb 2023 02:01:46 GMT
Server: nginx/1.11.10
ETag: "63fc0f0a-3751e"
X-Frame-Options: deny
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 226590
Expires: Fri, 15 Mar 2024 03:32:53 GMT

GET
H/1.1 200
OK home.2ab5b7617f761a338a5a4f232d84fee2.bundle.js Show response
www.dfvnvui.com/en/js/ 17 KB
17 KB 206ms
205ms Script
application/javascript 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dfvnvui.com/en/js/home.2ab5b7617f761a338a5a4f232d84fee2.bundle.js

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

e806f43ef3519e43f6b525c64fc79310f4e4bb6a359c7bf58bcd7181aaa263da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 22 Feb 2023 04:45:01 GMT
Server: nginx/1.11.10
ETag: "63f59dcd-4325"
X-Frame-Options: deny
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17189
Expires: Fri, 15 Mar 2024 03:32:53 GMT

GET
H2 200 adrum-4.5.10.2271.js Show response
cdn.appdynamics.com/adrum/ 89 KB
32 KB 59ms
12ms Script
application/javascript 108.138.128.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Requested by: Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-2.jfk50.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 635dda68d7c55054da4da5d2dc654d40a92c598d80ff35af158da5990ba21a80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:33:19 GMT
content-encoding: gzip
via: 1.1 dd80355363eac92e0372107558e579a8.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P4
age: 2649573
x-cache: Hit from cloudfront
last-modified: Mon, 13 May 2019 18:43:34 GMT
server: nginx/1.16.1
etag: W/"5cd9bad6-1636f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _i5twyaQE-zlwWBSJnjNBnQ1rMcb0lQi40OP9wjSsKZPAGI6NOS9IA==

GET
H/1.1 200
OK default_image.2ab5b7617f761a338a5a4f232d84fee2.png
www.dfvnvui.com/en/promotions/images/ 593 B
1015 B 559ms
204ms Image
image/png 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfvnvui.com/en/promotions/images/default_image.2ab5b7617f761a338a5a4f232d84fee2.png

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en/css/home.2ab5b7617f761a338a5a4f232d84fee2.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

180109f8f37c833e1f965c5662f54e73b3e1291117a3c7fa320dab4ae7727dcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en/css/home.2ab5b7617f761a338a5a4f232d84fee2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 22 Feb 2023 04:45:01 GMT
Server: nginx/1.11.10
ETag: "63f59dcd-251"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 593
Expires: Fri, 15 Mar 2024 03:32:53 GMT

GET
H/1.1 200
OK sprite.3a4914f4cc74cb5e65754bfee9020148.png
www.dfvnvui.com/en/dafa/images/ 197 KB
198 KB 561ms
206ms Image
image/png 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfvnvui.com/en/dafa/images/sprite.3a4914f4cc74cb5e65754bfee9020148.png

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en/dafa/css/common.3a4914f4cc74cb5e65754bfee9020148.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

9be66a4eaec790c62e41c45124bc08ec2b4d24d06011ad8048e81d79b84759b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en/dafa/css/common.3a4914f4cc74cb5e65754bfee9020148.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 27 Feb 2023 02:01:46 GMT
Server: nginx/1.11.10
ETag: "63fc0f0a-31466"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 201830
Expires: Fri, 15 Mar 2024 03:32:53 GMT

GET
H/1.1 200
OK new_indicator.3a4914f4cc74cb5e65754bfee9020148.png
www.dfvnvui.com/en/dafa/images/ 128 B
549 B 322ms
247ms Image
image/png 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfvnvui.com/en/dafa/images/new_indicator.3a4914f4cc74cb5e65754bfee9020148.png

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en/dafa/css/common.3a4914f4cc74cb5e65754bfee9020148.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

bef431d8570694584ec233e7e9ebccde299f19c95393bc2e543dfd6243461389

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en/dafa/css/common.3a4914f4cc74cb5e65754bfee9020148.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 27 Feb 2023 02:01:46 GMT
Server: nginx/1.11.10
ETag: "63fc0f0a-80"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128
Expires: Fri, 15 Mar 2024 03:32:53 GMT

GET
H/1.1 200
OK floating-banners Show response
www.dfvnvui.com/en/ajax/ 27 KB
28 KB 259ms
258ms XHR
application/json 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dfvnvui.com/en/ajax/floating-banners?path=%252F

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en/dafa/js/common.3a4914f4cc74cb5e65754bfee9020148.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

84f7b1b8c914f64d6e5bf555a52c83e1255eaa8f0f51ba2bf5b387d05c821018

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

Accept: application/json, text/javascript
Referer: https://www.dfvnvui.com/en
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Thu, 16 Mar 2023 03:32:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx/1.11.10
Transfer-Encoding: chunked
X-Frame-Options: deny
Content-Language: en
Content-Type: application/json
Cache-Control: no-cache, no-store, private, must-revalidate
Connection: keep-alive

GET
H/1.1 200
OK dafabet_logo.png
www.dfvnvui.com/en/dafa/images/ 3 KB
4 KB 208ms
207ms Image
image/png 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfvnvui.com/en/dafa/images/dafabet_logo.png

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

0ea8ad9a1b5a3e3e0950b9dd614a5056250369587ff45165dacafd8d13e838e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 27 Feb 2023 02:01:46 GMT
Server: nginx/1.11.10
ETag: "63fc0f0a-d3d"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3389
Expires: Fri, 15 Mar 2024 03:32:53 GMT

GET
H/1.1 200
OK sprite.2ab5b7617f761a338a5a4f232d84fee2.png
www.dfvnvui.com/en/images/ 113 KB
113 KB 206ms
206ms Image
image/png 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfvnvui.com/en/images/sprite.2ab5b7617f761a338a5a4f232d84fee2.png

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

0f47272de3875f1531038d1dd74318d65615e4a01403492d95d4de9d218ac06b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 22 Feb 2023 04:45:01 GMT
Server: nginx/1.11.10
ETag: "63f59dcd-1c211"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 115217
Expires: Fri, 15 Mar 2024 03:32:53 GMT

GET
H/1.1 200
OK playtech-footer.png
www.dfvnvui.com/en/2022-07/ 6 KB
6 KB 206ms
206ms Image
image/png 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfvnvui.com/en/2022-07/playtech-footer.png

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

caed37875e80934c7f52564ca26b7846bd1f7bfa26f6eb74994556ee9777dbec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 20 Jul 2022 08:22:19 GMT
Server: nginx/1.11.10
ETag: "62d7bb3b-1709"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5897
Expires: Fri, 15 Mar 2024 03:32:54 GMT

GET
H/1.1 200
OK bitcoin_Footer%20160x41.png
www.dfvnvui.com/en/2019-09/ 2 KB
3 KB 206ms
205ms Image
image/png 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfvnvui.com/en/2019-09/bitcoin_Footer%20160x41.png

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

1fad8a0d38b8307c0781fbfd3222b43917c5c879bbcfb3d5e0b96d1b4416e5a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 23 Sep 2019 09:48:31 GMT
Server: nginx/1.11.10
ETag: "5d8894ef-9ad"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2477
Expires: Fri, 15 Mar 2024 03:32:54 GMT

GET
H/1.1 200
OK slider Show response
www.dfvnvui.com/en/ajax/ 8 KB
8 KB 389ms
249ms XHR
application/json 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dfvnvui.com/en/ajax/slider?nc=2023216

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en/js/vendor.2ab5b7617f761a338a5a4f232d84fee2.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

a6af5e91a53a711b4b83b1fdc5720e62a6839dd1a3b26fee08ef361f2637aaa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://www.dfvnvui.com/en
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Thu, 16 Mar 2023 03:32:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx/1.11.10
Transfer-Encoding: chunked
X-Frame-Options: deny
Content-Language: en
Content-Type: application/json
Cache-Control: no-cache, no-store, private, must-revalidate
Connection: keep-alive

GET
H/1.1 200
OK dafaconnect-entrypage-760x520-en_7.jpg
www.dfvnvui.com/en/inline-images/ 89 KB
90 KB 209ms
208ms Image
image/jpeg 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfvnvui.com/en/inline-images/dafaconnect-entrypage-760x520-en_7.jpg

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

2e8a098381b827264e000864a9dadb6f2f112639112e690294101b9827cc007a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 27 May 2019 01:45:48 GMT
Server: nginx/1.11.10
ETag: "5ceb414c-1653f"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91455
Expires: Fri, 15 Mar 2024 03:32:54 GMT

GET
H/1.1 200
OK dafaconnect-download-for-mac-en_4.png
www.dfvnvui.com/en/ 4 KB
4 KB 252ms
205ms Image
image/png 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfvnvui.com/en/dafaconnect-download-for-mac-en_4.png

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

8edac40c8b00b17bb3021d109c1f70238f032a3c6ee113b3f71bbff01d997abc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 19 Oct 2017 05:56:06 GMT
Server: nginx/1.11.10
ETag: "59e83e76-eee"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3822
Expires: Fri, 15 Mar 2024 03:32:54 GMT

GET
H/1.1 200
OK dafaconnect-downloader-en_2.png
www.dfvnvui.com/en/ 4 KB
4 KB 332ms
205ms Image
image/png 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfvnvui.com/en/dafaconnect-downloader-en_2.png

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

60dedf951a86ff78dd9fa60b57d3196220cdc882c754a728c54e0bc2d797304f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 19 Oct 2017 05:56:34 GMT
Server: nginx/1.11.10
ETag: "59e83e92-f91"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3985
Expires: Fri, 15 Mar 2024 03:32:54 GMT

GET
H/1.1 200
OK dafaconnect-full-version-en_2.png
www.dfvnvui.com/en/ 4 KB
4 KB 300ms
205ms Image
image/png 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfvnvui.com/en/dafaconnect-full-version-en_2.png

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

e8b84ff67d7430778433aea5e69d575c694eae33ee3e487f42411078e3fd2242

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 19 Oct 2017 05:56:48 GMT
Server: nginx/1.11.10
ETag: "59e83ea0-fd4"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4052
Expires: Fri, 15 Mar 2024 03:32:54 GMT

GET
H/1.1 200
OK free-golden-chip-1920x360-1_5_0.jpg
www.dfvnvui.com/en/2020-08/ 82 KB
83 KB 207ms
205ms Image
image/jpeg 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfvnvui.com/en/2020-08/free-golden-chip-1920x360-1_5_0.jpg

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

184c758595bfec8652472791a960c50f607bb6f4ea018673ead40d008d042e10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 27 Aug 2020 03:19:22 GMT
Server: nginx/1.11.10
ETag: "5f47263a-149f3"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 84467
Expires: Fri, 15 Mar 2024 03:32:54 GMT

GET
H/1.1 200
OK 1920x360-bournemouth.jpg
www.dfvnvui.com/en/2022-08/ 422 KB
422 KB 208ms
207ms Image
image/jpeg 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfvnvui.com/en/2022-08/1920x360-bournemouth.jpg

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

cafad2ac162dd57a18f1a90630dd3eb94e1fdf1cf4734c7c7a641663d6ac8ece

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 08 Aug 2022 05:02:44 GMT
Server: nginx/1.11.10
ETag: "62f098f4-6975e"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 431966
Expires: Fri, 15 Mar 2024 03:32:54 GMT

GET
H/1.1 200
OK 1920x360_149.jpg
www.dfvnvui.com/en/2023-01/ 500 KB
501 KB 284ms
207ms Image
image/jpeg 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfvnvui.com/en/2023-01/1920x360_149.jpg

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

4f634503777976171ddeac2a8cf1750f7f72f4fb810bbc3d5d4ec955a38b5645

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 30 Jan 2023 04:06:48 GMT
Server: nginx/1.11.10
ETag: "63d74258-7d10d"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 512269
Expires: Fri, 15 Mar 2024 03:32:54 GMT

GET
H/1.1 200
OK FIRST%20DEPOSIT%20BONUS%20Main%20Banner%20%282%29_1.jpg
www.dfvnvui.com/en/2019-05/ 95 KB
96 KB 377ms
206ms Image
image/jpeg 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfvnvui.com/en/2019-05/FIRST%20DEPOSIT%20BONUS%20Main%20Banner%20%282%29_1.jpg

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

c3e0f6e3c4e3bc238575ec1d0155e180564d6358503607c8cc38b6c02ae90656

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Tue, 28 May 2019 01:16:22 GMT
Server: nginx/1.11.10
ETag: "5cec8be6-17ca4"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 97444
Expires: Fri, 15 Mar 2024 03:32:54 GMT

GET
H/1.1 200
OK Gaming-1_1.jpg
www.dfvnvui.com/en/2018-12/ 96 KB
97 KB 422ms
207ms Image
image/jpeg 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfvnvui.com/en/2018-12/Gaming-1_1.jpg

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

53779d63f5dbe4c59e410a4976a35cd9ed9f2934fbd813d0bef9b2519cc67ced

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 10 Dec 2018 05:32:56 GMT
Server: nginx/1.11.10
ETag: "5c0dfa88-1812b"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 98603
Expires: Fri, 15 Mar 2024 03:32:54 GMT

GET
H/1.1 200
OK LD-PT-exclusive-table-goa-casino-1920x360%20%281%29.jpg
www.dfvnvui.com/en/2021-01/ 131 KB
132 KB 362ms
207ms Image
image/jpeg 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfvnvui.com/en/2021-01/LD-PT-exclusive-table-goa-casino-1920x360%20%281%29.jpg

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

b792028e63eaa2170cb76231a6503ba10210d2b4df1701feac9b6cda68b21d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 04 Jan 2021 09:31:09 GMT
Server: nginx/1.11.10
ETag: "5ff2e05d-20d0a"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 134410
Expires: Fri, 15 Mar 2024 03:32:54 GMT

GET
H/1.1 200
OK header.jpg
www.dfvnvui.com/en/2019-01/ 110 KB
110 KB 536ms
206ms Image
image/jpeg 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfvnvui.com/en/2019-01/header.jpg

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

b3d67ffe32b1906e239eace11cb8f59b5484d6eb15c7354ddcbdb70474ad5527

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Fri, 11 Jan 2019 00:12:30 GMT
Server: nginx/1.11.10
ETag: "5c37df6e-1b783"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 112515
Expires: Fri, 15 Mar 2024 03:32:54 GMT

GET
H/1.1 200
OK sprite.2ab5b7617f761a338a5a4f232d84fee2.png
www.dfvnvui.com/en/promotions/images/ 113 KB
113 KB 327ms
204ms Image
image/png 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfvnvui.com/en/promotions/images/sprite.2ab5b7617f761a338a5a4f232d84fee2.png

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en/css/home.2ab5b7617f761a338a5a4f232d84fee2.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

0f47272de3875f1531038d1dd74318d65615e4a01403492d95d4de9d218ac06b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en/css/home.2ab5b7617f761a338a5a4f232d84fee2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 22 Feb 2023 04:45:01 GMT
Server: nginx/1.11.10
ETag: "63f59dcd-1c211"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 115217
Expires: Fri, 15 Mar 2024 03:32:54 GMT

GET
H/1.1 200
OK announcements Show response
www.dfvnvui.com/en/ajax/v2/ 24 B
835 B 246ms
246ms XHR
application/json 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dfvnvui.com/en/ajax/v2/announcements?nocache=1678937574960

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

ea1bd05db50c7890dd053edf77ee864749a4d8d726a063c80c606a88d095cabd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://www.dfvnvui.com/en
X-Requested-With: XMLHttpRequest
ADRUM: isAjax:true
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

ADRUM_4: h%3Ae
Date: Thu, 16 Mar 2023 03:32:55 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
ADRUM_5: e%3A49
Server: nginx/1.11.10
ADRUM_0: g%3A13837a09-aeae-4831-a940-ed4763cfef3313265
Transfer-Encoding: chunked
X-Frame-Options: deny
Content-Language: en
Content-Type: application/json
ADRUM_1: n%3Acustomer1_49a8be7d-1247-453d-8b9d-eefa04fc150a
ADRUM_2: i%3A8801
ADRUM_3: d%3A39
Cache-Control: no-cache, no-store, private, must-revalidate
Connection: keep-alive

GET
H/1.1 200
OK frosmo.easy.js Show response
dk0tzorg7uge9.cloudfront.net/ 185 KB
53 KB 63ms
10ms Script
application/javascript 99.84.38.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Requested by: Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.38.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-38-65.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 01c29d94c2f2fe46614f063be02ce23565df9f468ed488bf8c562cc68566b819

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:41 GMT
Content-Encoding: gzip
Via: 1.1 b2cb5873eebaf86981435722128eab72.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: EWR52-C4
Age: 26
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 53068
Last-Modified: Tue, 14 Mar 2023 06:31:31 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1631768930/ctime:1678720586/gid:700/gname:developers/md5:44cc21d0ee6efc244455532a1c6a29bb/mode:33188/mtime:1678720586/uid:1024/uname:martyn
ETag: "44cc21d0ee6efc244455532a1c6a29bb"
Content-Type: application/javascript
Cache-Control: public, max-age=86400
Accept-Ranges: bytes
X-Amz-Cf-Id: GN1UiOQiTAdb2qYJOlhuOhM6QwX0ji3VjHSyL99WIlmKCoTuPU48CQ==

GET
H/1.1 200
OK 283cd6f3bdbf77c939ae868613cb575a.js Show response
dk0tzorg7uge9.cloudfront.net/sites/ 702 KB
134 KB 64ms
11ms Script
application/javascript 99.84.38.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk0tzorg7uge9.cloudfront.net/sites/283cd6f3bdbf77c939ae868613cb575a.js
Requested by: Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.38.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-38-65.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a17f8e959159242b6971fc5529d7a8abb4e38d866c938918b1ef4152c99307c8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:43 GMT
Content-Encoding: gzip
Via: 1.1 8f8a44665236c177df56aa58b84d84de.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: EWR52-C4
Age: 13
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 136466
Last-Modified: Thu, 02 Mar 2023 11:44:03 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1677757442/ctime:1677757441/gid:501/gname:fcp/md5:f69c9d2857cbf69383613a3b016681c5/mode:33204/mtime:1677757232/uid:501/uname:fcp
ETag: "f69c9d2857cbf69383613a3b016681c5"
Content-Type: application/javascript; charset=utf-8
Accept-Ranges: bytes
X-Amz-Cf-Id: Mi07X13T0oQpH2f4JcQZlUeKcJ8H_b-xv9kC6FevfuycvtgBmyHpeg==

GET
H2 200 68b6d5bdc9e20db6e1aa8b0d8ae420a1.js Show response
d313lzv9559yp9.cloudfront.net/ 176 KB
42 KB 64ms
15ms Script
application/x-javascript 18.67.76.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d313lzv9559yp9.cloudfront.net/68b6d5bdc9e20db6e1aa8b0d8ae420a1.js
Requested by: Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.76.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-76-97.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0cd609cb62d8ef9292ef7b48e19ce8091e68b553b308dd4ed5e21192280c721a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 16:06:49 GMT
content-encoding: gzip
via: 1.1 0dc81f450c72d91e34b5a0b41d441f28.cloudfront.net (CloudFront)
last-modified: Wed, 04 Mar 2020 11:05:00 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-P2
age: 41167
etag: W/"f05cd165be398728c81754e4067c7c16"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
x-amz-meta-md5-hash: f05cd165be398728c81754e4067c7c16
x-amz-cf-id: z4qm7I4m0yGFDygaOnxEm74cteadzrLG81WF_jWJStp8HyoRC1fjoA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 13711ms
13711ms Script
text/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 16 Mar 2023 02:57:25 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2143
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 16 Mar 2023 04:57:25 GMT

GET
H2 200 hotjar-121800.js Show response
static.hotjar.com/c/ 178 KB
29 KB 167ms
96ms Script
application/javascript 108.138.106.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-121800.js?sv=5

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-124.jfk50.r.cloudfront.net

Software

Resource Hash

3010c9b652936f83d876678eb50ba96fdb65b78878b59a32662535e8281b76f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 03:32:55 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 264f765d2ad734b490f4728d6de8ce04.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
etag: W/a7a7eec2fe5b59b93491d903ffac905a
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: eBxXwAKRwWf3oUiP_1mLjCv-7QWBKVrxS9AcHY3z0SUpmbbkfb8hlg==

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 78 KB
30 KB 393ms
9ms Script
application/javascript 185.167.164.47
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.47 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 45d4d6fe0a9cae467c6d81caef5edd008c13b70ba403979f979fb86d400378c7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 03:32:55 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2022 10:23:25 GMT
server: nginx
x-amz-request-id: tx0000072b1ad3e9304cd74-006385e0d4-329373d4-default
etag: W/"83eb5fafaa212c785f7393188ff817aa"
x-cache-status: HIT, HIT, HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H/1.1

200
OK

radar.js Show response
radar.cedexis.com/1621860284/
Redirect Chain

https://radar.cedexis.com/1/20200/radar.js
https://radar.cedexis.com/1621860284/radar.js

44 KB
19 KB

12ms
12ms

Script
application/javascript

45.54.49.5
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://radar.cedexis.com/1621860284/radar.js
Protocol: HTTP/1.1
Server: 45.54.49.5 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS: 5.49.54.45.ptr.anycast.net
Software: nginx /
Resource Hash: 38b126f92a3104c7d73e1cf2f448db9896d4f29ebf3a7b593b380e6cdd0ae378

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:55 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 May 2021 12:50:36 GMT
Server: nginx
ETag: W/"60aba11c-af61"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1209600, public
Connection: keep-alive
Expires: Thu, 30 Mar 2023 03:32:55 GMT

Redirect headers

Date: Thu, 16 Mar 2023 03:32:55 GMT
Server: nginx
Vary: User-Agent,DNT
Content-Type: text/html
Location: /1621860284/radar.js
Cache-Control: max-age=600
Connection: keep-alive
Content-Length: 154
Expires: Thu, 16 Mar 2023 03:42:55 GMT

GET
H2 200 adrum-ext.5d7b2188022f1c8e1f74b468f022cb04.js Show response
cdn.appdynamics.com/ 50 KB
20 KB 6ms
5ms Script
application/javascript 108.138.128.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum-ext.5d7b2188022f1c8e1f74b468f022cb04.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-2.jfk50.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: cf7cf39b9083ee5503540f737097dc4daf98b42efff20d25a93d0202c7f8e5d3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 13:28:32 GMT
content-encoding: gzip
via: 1.1 dd80355363eac92e0372107558e579a8.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P4
age: 1173862
x-cache: Hit from cloudfront
last-modified: Mon, 13 May 2019 18:43:34 GMT
server: nginx/1.16.1
etag: W/"5cd9bad6-c7d7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XDuPOLTA9LLr3L6WY0kECCgEhBhMmirqMdh5YYW7W_6HrJ1_vTGIJg==

GET
H/1.1 200
Ok providers.json Show response
i2-jmmzbaqojuycpecrzvecnytfoulodm.init.cedexis-radar.net/i2/1/20200/j1/20/123/1678937575/0/0/ 3 KB
1 KB 66ms
17ms XHR
application/json 104.225.10.225
NETACTUATE

General

Check archive.org

Show headers Download Go to

Full URL: https://i2-jmmzbaqojuycpecrzvecnytfoulodm.init.cedexis-radar.net/i2/1/20200/j1/20/123/1678937575/0/0/providers.json?imagesok=1&n=1&p=1&r=1&s=1&t=1
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.225.10.225 Ashburn, United States, ASN36236 (NETACTUATE, US),
Reverse DNS: 225.10.225.104.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: cd1b12e3fe4bf056be7a2fc6d36990194ab835f339ca17b90330886891c4b466

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:55 GMT
Content-Encoding: gzip
Server: nginx/1.10.3
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://sc.adelement.com/setRT_adelement_cookie.php?ae_rt=68b6d5bdc9e20db6e1aa8b0d8ae420a1&depth=0&language_code=en
https://sc.adelement.com/setRT_adelement_cookie.php?ae_rt=68b6d5bdc9e20db6e1aa8b0d8ae420a1&depth=0&language_code=en&_aeset=1
https://cm.g.doubleclick.net/pixel?google_nid=adl&google_cm&google_hm=b%27UllkTERSTzhaRmZKWkV6YnZqcWVnOWlB%27
https://cm.g.doubleclick.net/pixel?google_nid=adl&google_cm=&google_hm=b%27UllkTERSTzhaRmZKWkV6YnZqcWVnOWlB%27&google_tc=
https://sc.adelement.com/cs?google_hm=2&google_gid=CAESEH4ultO1Zp00ecodUj7G35w&google_cver=1
https://ib.adnxs.com/setuid?entity=389&code=RYdLDRO8ZFfJZEzbvjqeg9iA

43 B
1 KB

21ms
8ms

Image
image/gif

68.67.161.182
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=389&code=RYdLDRO8ZFfJZEzbvjqeg9iA

Protocol

HTTP/1.1

Server

68.67.161.182 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Mar 2023 03:32:55 GMT
AN-X-Request-Uuid: 9c51f1d4-081c-41b8-8aab-591c78ba7d6a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 5.181.234.132; 5.181.234.132; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location: https://ib.adnxs.com/setuid?entity=389&code=RYdLDRO8ZFfJZEzbvjqeg9iA
date: Thu, 16 Mar 2023 03:32:55 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=8385691&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D8385691%26t%3D2

43 B
1 KB

87ms
87ms

Image
image/gif

68.67.160.24
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D8385691%26t%3D2

Protocol

HTTP/1.1

Server

68.67.160.24 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Mar 2023 03:32:55 GMT
AN-X-Request-Uuid: e4e38d72-3755-4f61-9fb4-30e21d5df50b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 5.181.234.132; 5.181.234.132; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Date: Thu, 16 Mar 2023 03:32:55 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 5.181.234.132; 5.181.234.132; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: b2828955-319b-4805-9700-f59d05f51db5
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D8385691%26t%3D2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 frosmo.xdm.html Show response
dafabetcomasia.asia.frosmo.com/ Frame FDDB 3 KB
1 KB 682ms
203ms Document
text/html 52.79.118.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dafabetcomasia.asia.frosmo.com/frosmo.xdm.html?8.186.0
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.79.118.14 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-79-118-14.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 6b65e3870f0c53a1563b29a83330581f3be5b5f809b3105f38390a561ded34a3

Request headers

Referer: https://www.dfvnvui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-length: 1104
content-type: text/html
date: Thu, 16 Mar 2023 03:32:55 GMT
etag: "5bea9576-450"
last-modified: Tue, 13 Nov 2018 09:12:22 GMT
server: nginx
vary: Accept-Encoding

GET
H/1.1 200
OK impact.js Show response
radar.cedexis.com/releases/1621860284/ 7 KB
4 KB 5ms
5ms Script
application/javascript 45.54.49.5
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://radar.cedexis.com/releases/1621860284/impact.js
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.54.49.5 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS: 5.49.54.45.ptr.anycast.net
Software: nginx /
Resource Hash: f7309b6ccc1a76da1e7a0709abb8a0bf549277dee6c21ae7a466e73426fe9667

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:55 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 May 2021 12:50:35 GMT
Server: nginx
ETag: W/"60aba11b-1c28"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1209600, public
Connection: keep-alive
Expires: Thu, 30 Mar 2023 03:32:55 GMT

GET
H/1.1 200
Ok 1678937573190 Show response
rpt.cedexis.com/n1/0/1678937570665/0/0/0/0/1678937571920/1678937571920/1678937571920/1678937571920/1678937571920/0/1678937571921/1678937572167/1678937572373/1678937572172/1678937573753/167893757375... 16 B
283 B 335ms
5ms XHR
text/plain 45.54.49.1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/n1/0/1678937570665/0/0/0/0/1678937571920/1678937571920/1678937571920/1678937571920/1678937571920/0/1678937571921/1678937572167/1678937572373/1678937572172/1678937573753/1678937573754/1678937573759/1678937574960/1678937574960/1678937574967/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA/0/1678937573190
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.54.49.1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS: 1.49.54.45.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:55 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 modules.b58f4dbb50ff88fc1f15.js Show response
script.hotjar.com/ 262 KB
68 KB 36ms
5ms Script
application/javascript 18.164.96.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.b58f4dbb50ff88fc1f15.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-121800.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-46.jfk50.r.cloudfront.net

Software

Resource Hash

833e9ac3fd9706f7c5db171919041e789fa53325a0a390e8600738ebcb524e3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 16:17:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 9750f5ee94b45ad0faba87b3fac2aad6.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 40548
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68544
last-modified: Wed, 15 Mar 2023 16:16:09 GMT
etag: "091dc0b7a90675e0aa9a621de17b6353"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: xYWKCxFkzkJ0SZEN0LkMij5u2UtnFoCa9k-IOhR8rfcqLeIVIHgr-Q==

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/121800/ 147 B
322 B 277ms
90ms XHR
application/json 46.51.204.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/121800/visit-data?sv=5
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 46.51.204.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-51-204-8.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ef6c1f3e60c738e0efe4050ab6cb05bd536d01e116a656270e2e93c25bc82ce3

Request headers

Referer: https://www.dfvnvui.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Thu, 16 Mar 2023 03:32:55 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 204 121800 Show response
vc.hotjar.io/sessions/ 0
258 B 113ms
68ms XHR
text/plain 18.164.96.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/121800?s=0.25&r=0.17647362947243406
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.96.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-96-52.jfk50.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 03:32:55 GMT
via: 1.1 9750f5ee94b45ad0faba87b3fac2aad6.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: JFK50-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: SA7sjms-jtuCOv09t8VFqxI7lI7kKeeMWMdvq_MDf4QcM84B0q2RCg==

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=2281077&ADFPageName=Entry%20Page&ADFdivider=%7C&ord=534730108643&ADFtpmode=2&loc=https%3A%2F%2Fwww.dfvnvui.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2281077&ADFPageName=Entry%20Page&ADFdivider=%7C&ord=534730108643&ADFtpmode=2&loc=https%3A%2F%2Fwww.dfvnvui.com%2Fen&Set1=en-US%7Cen-US%7C1600x12...

110 B
713 B

101ms
100ms

Script
text/javascript

37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2281077&ADFPageName=Entry%20Page&ADFdivider=%7C&ord=534730108643&ADFtpmode=2&loc=https%3A%2F%2Fwww.dfvnvui.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Server

37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

40de67281c077668bd49d1d8d3817452e66677e565bfe9a1e5477d83e53f802b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 03:32:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 184
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 16 Mar 2023 03:32:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2281077&ADFPageName=Entry%20Page&ADFdivider=%7C&ord=534730108643&ADFtpmode=2&loc=https%3A%2F%2Fwww.dfvnvui.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2

200

/ Show response
asia.adform.net/Serving/TrackPoint/
Redirect Chain

https://asia.adform.net/Serving/TrackPoint/?pm=2449026&ADFdivider=%7C&ord=283160797182&ADFtpmode=2&loc=https%3A%2F%2Fwww.dfvnvui.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24
https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=2449026&ADFdivider=%7C&ord=283160797182&ADFtpmode=2&loc=https%3A%2F%2Fwww.dfvnvui.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24

794 B
1 KB

189ms
189ms

Script
text/javascript

185.84.60.21
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=2449026&ADFdivider=%7C&ord=283160797182&ADFtpmode=2&loc=https%3A%2F%2Fwww.dfvnvui.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Server

185.84.60.21 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8e11dd56632ee0a30631894da5cf279e6b507aed47dc1202a2ce62a7aff7b0cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 03:32:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 671
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 16 Mar 2023 03:32:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=2449026&ADFdivider=%7C&ord=283160797182&ADFtpmode=2&loc=https%3A%2F%2Fwww.dfvnvui.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H/1.1 200
OK sprite.3a4914f4cc74cb5e65754bfee9020148.png
www.dfvnvui.com/en/dafa/images/ 197 KB
198 KB 207ms
206ms Image
image/png 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfvnvui.com/en/dafa/images/sprite.3a4914f4cc74cb5e65754bfee9020148.png

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en/dafa/js/common.3a4914f4cc74cb5e65754bfee9020148.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

9be66a4eaec790c62e41c45124bc08ec2b4d24d06011ad8048e81d79b84759b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:55 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 27 Feb 2023 02:01:46 GMT
Server: nginx/1.11.10
ETag: "63fc0f0a-31466"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 201830
Expires: Fri, 15 Mar 2024 03:32:55 GMT

GET
H/1.1 200
OK Floating_Banner_left_bg.png
www.dfvnvui.com/en/2018-09/ 1 KB
2 KB 209ms
207ms Image
image/png 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfvnvui.com/en/2018-09/Floating_Banner_left_bg.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

8736af2d295525a939c8c8dac5753efd917fbad619dd0a5d3e8c7ae31d5f58e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:55 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Fri, 07 Sep 2018 01:51:45 GMT
Server: nginx/1.11.10
ETag: "5b91d9b1-5cc"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1484
Expires: Fri, 15 Mar 2024 03:32:55 GMT

GET
H/1.1 200
OK Floating_Banner_right_bg_0.png
www.dfvnvui.com/en/2018-10/ 2 KB
2 KB 209ms
207ms Image
image/png 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfvnvui.com/en/2018-10/Floating_Banner_right_bg_0.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

a3aa896141cf840e5548d76aafcaf0d10db50ebb4fc2811858b5ad4da3146a59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:55 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 15 Oct 2018 02:14:47 GMT
Server: nginx/1.11.10
ETag: "5bc3f817-74e"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1870
Expires: Fri, 15 Mar 2024 03:32:55 GMT

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
174 B 655ms
203ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=visit&userId=&source=direct&device=desktop&sessionStart=20230316033255&cookieId=sok9ry.lfak2zzs&origin=dafabet_com_asia&ver=8.186.0-3.6&segments=&1603324
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 16 Mar 2023 03:32:56 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 eventsApi
asia.frosmo.com/ 43 B
123 B 619ms
205ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/eventsApi?method=customAction&name=userLoggedIn&value=false&title=&cookieId=sok9ry.lfak2zzs&origin=dafabet_com_asia&ver=8.186.0-3.6&0
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 03:32:56 GMT
server: openresty
x-robots-tag: none
content-length: 43
content-type: image/gif

POST
H2 200 eventsApi
asia.frosmo.com/ 43 B
123 B 619ms
206ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/eventsApi?method=customAction&name=chrome53&value=true&title=&cookieId=sok9ry.lfak2zzs&origin=dafabet_com_asia&ver=8.186.0-3.6&1
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 03:32:56 GMT
server: openresty
x-robots-tag: none
content-length: 43
content-type: image/gif

POST
H2 200 eventsApi
asia.frosmo.com/ 43 B
123 B 620ms
209ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/eventsApi?method=customAction&name=chrome&value=true&title=&cookieId=sok9ry.lfak2zzs&origin=dafabet_com_asia&ver=8.186.0-3.6&2
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 03:32:56 GMT
server: openresty
x-robots-tag: none
content-length: 43
content-type: image/gif

POST
H2 200 eventsApi
asia.frosmo.com/ 43 B
123 B 618ms
207ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/eventsApi?method=customAction&name=popupNrSpecificPlayers&value=1&title=&cookieId=sok9ry.lfak2zzs&origin=dafabet_com_asia&ver=8.186.0-3.6&3
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 03:32:56 GMT
server: openresty
x-robots-tag: none
content-length: 43
content-type: image/gif

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 206ms
203ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=showMessage&userId=&messageId=2236&revision=1&sessionStart=20230316033255&cookieId=sok9ry.lfak2zzs&origin=dafabet_com_asia&ver=8.186.0-3.6&segments=&16033247
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 16 Mar 2023 03:32:56 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 segmentApi
asia.frosmo.com/ 43 B
325 B 373ms
370ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/segmentApi?origin=dafabet_com_asia&cookieId=sok9ry.lfak2zzs&16033250
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
date: Thu, 16 Mar 2023 03:32:56 GMT
cache-control: no-cache, private
content-type: image/gif
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 location Show response
asia.frosmo.com/ 43 B
486 B 616ms
206ms XHR
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/location
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 03:32:56 GMT
x-real-ip: 5.181.234.132
x-longitude: -74.00000
x-isp: M247 Ltd
x-city: New York
content-length: 43
x-country-name: United States
server: openresty
x-country2: US
content-type: image/gif
access-control-allow-origin: *
x-region-code: NY
access-control-expose-headers: X-Country2,X-latitude,X-longitude,X-Region-Code,X-City,X-ISP,X-Real-IP
cache-control: no-cache, private
x-latitude: 40.71570
access-control-allow-headers: X-Country2,X-latitude,X-longitude,X-Region-Code,X-City,X-ISP,X-Real-IP
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 208ms
205ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=setUserSegment&userId=&segmentName=sgmt_1978&segmentValue=value1&sessionStart=20230316033255&cookieId=sok9ry.lfak2zzs&origin=dafabet_com_asia&ver=8.186.0-3.6&segments=1978&16033262
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 16 Mar 2023 03:32:56 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 374ms
372ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=setUserSegment&userId=&segmentName=sgmt_1548&segmentValue=value1&sessionStart=20230316033255&cookieId=sok9ry.lfak2zzs&origin=dafabet_com_asia&ver=8.186.0-3.6&segments=1978.1548&16033264
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 16 Mar 2023 03:32:56 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 375ms
373ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=setUserSegment&userId=&segmentName=sgmt_1563&segmentValue=value1&sessionStart=20230316033255&cookieId=sok9ry.lfak2zzs&origin=dafabet_com_asia&ver=8.186.0-3.6&segments=1978.1548.1563&16033266
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 16 Mar 2023 03:32:56 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 376ms
374ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=setUserSegment&userId=&segmentName=sgmt_1569&segmentValue=value1&sessionStart=20230316033255&cookieId=sok9ry.lfak2zzs&origin=dafabet_com_asia&ver=8.186.0-3.6&segments=1978.1548.1563.1569&16033269
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 16 Mar 2023 03:32:56 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 messageApi Show response
asia.frosmo.com/ 612 KB
86 KB 634ms
283ms XHR
application/json 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/messageApi?method=multifetch&origin=dafabet_com_asia&cookieId=sok9ry.lfak2zzs&positions=190.191.199.200.218.219.220.229.250.328.335.336.337.338.339.340.349.362.363.460.501.517.520.650.743.745.746.752.753.758.759.809.810.811.815.819.820.821.822.823.824.825.886.887.888.889.890.891.892.893.894.895.896.897.898.899.900.901.954.1199.1204.1476.1775.1780.1861.1862.1863.1896.2000.1999.1998.1997.923.903.881.761.760.756.755.754.751.750.749.748.747.744.742.741.735.734.733.732.731.730.729.728.727.726.725.724.723.722.721.720.719.718.717.716.715.714.713.712.711.710.709.708.707.706.705.704.690.676.651.649.400.247.244.222.221.189&states=%7B%22_device%22%3A%22desktop%22%2C%22loginStatus%22%3A%22unauthenticated%22%2C%22userLoggedIn%22%3A%22false%22%2C%22popupNrSpecificPlayers%22%3A%221%22%7D&ver=8.186.0-3.6&version=3.0&ts=1678937575902&targetGroups=&segments=1978.1548.1563.1569&source=direct&debug=false
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: 17992c27b58213ab4eb44620fde1b46a7946654c44c3a3164e7f9709037d6f58

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 03:32:56 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
x-robots-tag: none
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK Floating_Banner_left_bg.png
www.dfvnvui.com/en/2018-09/ 1 KB
2 KB 205ms
205ms Image
image/png 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfvnvui.com/en/2018-09/Floating_Banner_left_bg.png

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en/dafa/js/common.3a4914f4cc74cb5e65754bfee9020148.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

8736af2d295525a939c8c8dac5753efd917fbad619dd0a5d3e8c7ae31d5f58e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:56 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Fri, 07 Sep 2018 01:51:45 GMT
Server: nginx/1.11.10
ETag: "5b91d9b1-5cc"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1484
Expires: Fri, 15 Mar 2024 03:32:56 GMT

GET
H/1.1 200
OK Floating_Banner_right_bg_0.png
www.dfvnvui.com/en/2018-10/ 2 KB
2 KB 206ms
205ms Image
image/png 110.50.231.223
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dfvnvui.com/en/2018-10/Floating_Banner_right_bg_0.png

Requested by

Host: www.dfvnvui.com
URL: https://www.dfvnvui.com/en/js/vendor.2ab5b7617f761a338a5a4f232d84fee2.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.231.223 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

a3aa896141cf840e5548d76aafcaf0d10db50ebb4fc2811858b5ad4da3146a59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:56 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 15 Oct 2018 02:14:47 GMT
Server: nginx/1.11.10
ETag: "5bc3f817-74e"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1870
Expires: Fri, 15 Mar 2024 03:32:56 GMT

POST
H2 200 adrum Show response
col.0wp0usgn.com/eumcollector/beacons/browser/v1/EUM-AAB-AVW/ 0
288 B 245ms
211ms XHR
text/html 34.149.119.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://col.0wp0usgn.com/eumcollector/beacons/browser/v1/EUM-AAB-AVW/adrum

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum-ext.5d7b2188022f1c8e1f74b468f022cb04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.119.194 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

194.119.149.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dfvnvui.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type: text/plain

Response headers

appd-request-id: a87772091eda2f05
date: Thu, 16 Mar 2023 03:32:56 GMT
via: 1.1 google
pragma: no-cache
x-content-type-options: nosniff
vary: *
content-type: text/html
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
access-control-allow-headers: origin, content-type, accept
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H/1.1 200
Ok json Show response
i1-j5-20-123-1-20200-1843368282-s.init.cedexis-radar.net/i1/1678937576/1843368282/ 233 B
507 B 65ms
14ms XHR
application/json 104.225.10.227
NETACTUATE

General

Check archive.org

Show headers Download Go to

Full URL: https://i1-j5-20-123-1-20200-1843368282-s.init.cedexis-radar.net/i1/1678937576/1843368282/json?seed=i1-j5-20-123-1-20200-1843368282-s
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.225.10.227 Ashburn, United States, ASN36236 (NETACTUATE, US),
Reverse DNS: 227.10.225.104.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: eb0814eba7049a79688b0c1dae911920921aef081d487f0394fd4411cd196259

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:56 GMT
Server: nginx/1.10.3
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 233

POST
H/1.1 200
Ok _CgJqNRAUGHsiBggBEOidASjaov7uBjDom8qgBjjom8qgBkCs-9uWBkoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMy5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCA Show response
rpt.cedexis.com/r1/1/20200/ 16 B
283 B 4ms
4ms XHR
text/plain 45.54.49.1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/r1/1/20200/_CgJqNRAUGHsiBggBEOidASjaov7uBjDom8qgBjjom8qgBkCs-9uWBkoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMy5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCA?rnd=pyxxpoulgpyethydkphhxdqdxzjyohkx
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.54.49.1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS: 1.49.54.45.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Referer: https://www.dfvnvui.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 16 Mar 2023 03:32:56 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame 70F5 5 KB
2 KB 28ms
5ms Document
text/html 185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462

Requested by

Host: asia.adform.net
URL: https://asia.adform.net/Serving/TrackPoint/?pm=2449026&ADFdivider=%7C&ord=283160797182&ADFtpmode=2&loc=https%3A%2F%2Fwww.dfvnvui.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

1af36cdc6db5fd88b942e647447917ee71450340d55accaed104f0cb0185bbbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dfvnvui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 16 Mar 2023 03:32:56 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
asia.seadform.net/serving/cookie/sync/ 35 B
466 B 1013ms
202ms Image
image/gif 185.84.60.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://asia.seadform.net/serving/cookie/sync/?uid=877935439483742230&stamp=v0BPYndIODsDvP-67D9Y4w2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 03:32:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: private

GET
H2 200 plf
c1.adform.net/imatch/ Frame 70F5 0
384 B 8ms
7ms Image
text/plain 185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 03:32:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 70F5
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=877935439483742230&Expiration=1680147176
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=877935439483742230&Expiration=1680147176

43 B
423 B

14ms
13ms

Image
image/gif

52.73.4.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=877935439483742230&Expiration=1680147176
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462
Protocol: H2
Server: 52.73.4.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-4-138.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Mar 2023 03:32:56 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=877935439483742230&Expiration=1680147176
date: Thu, 16 Mar 2023 03:32:56 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 70F5 0
525 B 150ms
94ms Image
text/plain 23.78.208.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=4879&ext_id=877935439483742230

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.78.208.213 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-78-208-213.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Mar 2023 03:32:56 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Wed, 15 Mar 2023 03:32:56 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 70F5 0
655 B 60ms
11ms Image
text/plain 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=877935439483742230
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: a414d61fde5a538d1bc5c621aec59518
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 70F5
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=877935439483742230&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=877935439483742230&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=a67716916cf04a76aa...
https://c1.adform.net/serving/cookie/match?party=9&uid=4a5def23b244df5b4149d0fa60bbf89d3a22585a001e8f3ae0d76ac05a90aac2

35 B
591 B

7ms
5ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=4a5def23b244df5b4149d0fa60bbf89d3a22585a001e8f3ae0d76ac05a90aac2

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 03:32:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=4a5def23b244df5b4149d0fa60bbf89d3a22585a001e8f3ae0d76ac05a90aac2
date: Thu, 16 Mar 2023 03:32:56 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 70F5
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=877935439483742230&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
https://c1.adform.net/serving/cookie/match?party=10&cid=7777402719344923733

35 B
591 B

11ms
6ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=10&cid=7777402719344923733

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 03:32:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=10&cid=7777402719344923733
pragma: no-cache
date: Thu, 16 Mar 2023 03:32:55 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55944/ Frame 70F5
Redirect Chain

https://ups.analytics.yahoo.com/ups/55944/sync?uid=877935439483742230&_origin=1
https://ups.analytics.yahoo.com/ups/55944/sync?uid=877935439483742230&_origin=1&verify=true

0
121 B

15ms
14ms

Image
text/plain

3.218.90.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=877935439483742230&_origin=1&verify=true

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462

Protocol

Server

3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-90-66.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 03:32:56 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55944/sync?uid=877935439483742230&_origin=1&verify=true
date: Thu, 16 Mar 2023 03:32:56 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame 70F5 43 B
639 B 49ms
4ms Image
image/gif 63.251.28.233
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=877935439483742230
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.251.28.233 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Mar 2023 03:32:56 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1678937576378021-179

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 70F5
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=877935439483742230
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=877935439483742230
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=a9bdeda3-9383-4240-8809-38e0394d3cbd&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

0
287 B

217ms
7ms

Image
text/plain

64.202.112.255
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=a9bdeda3-9383-4240-8809-38e0394d3cbd&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462
Protocol: HTTP/1.1
Server: 64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:56 GMT
Cache-Control: no-cache
X-TraceId: 0f75050f58143db5f72ee44af8f60d57
Content-Length: 0

Redirect headers

Location: //sync.outbrain.com/cookie-sync?p=bidswitch&uid=a9bdeda3-9383-4240-8809-38e0394d3cbd&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date: Thu, 16 Mar 2023 03:32:56 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 70F5
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=877935439483742230&expiration=1680147176
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=877935439483742230&expiration=1680147176&C=1

43 B
766 B

5ms
5ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=877935439483742230&expiration=1680147176&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Mar 2023 03:32:56 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 16 Mar 2023 03:32:56 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=111&external_user_id=877935439483742230&expiration=1680147176&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

info2
uipglob.semasio.net/adform/1/ Frame 70F5
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=877935439483742230&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=877935439483742230&sInitiator=external

42 B
254 B

727ms
726ms

Image
image/gif

50.57.31.206
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=877935439483742230&sInitiator=external
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462
Protocol: HTTP/1.1
Server: 50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
UIP-Response-Status: FallbackResponse
Date: Thu, 16 Mar 2023 03:32:57 GMT
Frontend-ID: 11
Content-Length: 42
Routing-Server-ID: -1
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Thu, 16 Mar 2023 03:32:56 GMT
Frontend-ID: 0
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location: /adform/1/info2?sType=sync&sExtCookieId=877935439483742230&sInitiator=external
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Content-Length: 0
Routing-Server-ID: -1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

/
ps.eyeota.net/match/bounce/ Frame 70F5
Redirect Chain

https://ps.eyeota.net/match?uid=877935439483742230&bid=9gdtmu1
https://ps.eyeota.net/match/bounce/?uid=877935439483742230&bid=9gdtmu1

70 B
440 B

14ms
12ms

Image
image/gif

54.156.26.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match/bounce/?uid=877935439483742230&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462
Protocol: HTTP/1.1
Server: 54.156.26.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-26-12.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/gif
Date: Thu, 16 Mar 2023 03:32:56 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /match/bounce/?uid=877935439483742230&bid=9gdtmu1
Date: Thu, 16 Mar 2023 03:32:56 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 204 /
loadm.exelator.com/load/ Frame 70F5 0
324 B 52ms
11ms Image
text/plain 50.16.197.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=877935439483742230
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.197.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-197-56.compute-1.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 03:32:56 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

db_sync
px.ads.linkedin.com/ Frame 70F5
Redirect Chain

https://idsync.rlcdn.com/398366.gif?partner_uid=877935439483742230
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIdChkIARCUdRoSODc3OTM1NDM5NDgzNzQyMjMwEAAaDQjom8qgBhIFCOgHEABCAEoA
https://pippio.com/api/sync?pid=5324&it=1&iv=9c899b04e2134a598ba3da6cd9acba0a7561df65e0bb71cf19384d297d6dfffa791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=9c899b04e2134a598ba3da6cd9acba0a7561df65e0bb71cf19384d297d6dfffa791426b5417dce21&rand=05473730
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=9c899b04e2134a598ba3da6cd9acba0a7561df65e0bb71cf19384d297d6dfffa791426b5417dce21&rand=05473730&expected_cookie=b8a9d0d0-6837-4675-beec-34de61e02a42

0
143 B

122ms
106ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=9c899b04e2134a598ba3da6cd9acba0a7561df65e0bb71cf19384d297d6dfffa791426b5417dce21&rand=05473730&expected_cookie=b8a9d0d0-6837-4675-beec-34de61e02a42
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 03:32:56 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: D9E56C36A35E4F70BA941AE97791A205 Ref B: EWR30EDGE0907 Ref C: 2023-03-16T03:32:57Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX2/B3ko2Gkd/5zs3GY5g==

Redirect headers

date: Thu, 16 Mar 2023 03:32:56 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: F0B881401860447F99C39A965BB55AE5 Ref B: EWR30EDGE0907 Ref C: 2023-03-16T03:32:57Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: /db_sync?pid=10339&puuid=9c899b04e2134a598ba3da6cd9acba0a7561df65e0bb71cf19384d297d6dfffa791426b5417dce21&rand=05473730&expected_cookie=b8a9d0d0-6837-4675-beec-34de61e02a42
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX2/B3iyhL9upTgj+wEHw==

GET
H2

200

gdpr_consent=
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=877935439483742230/gdpr=/ Frame 70F5
Redirect Chain

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=877935439483742230/gdpr=/gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=877935439483742230/gdpr=/gdpr_consent=

49 B
544 B

24ms
21ms

Image
image/gif

3.221.107.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=877935439483742230/gdpr=/gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462
Protocol: H2
Server: 3.221.107.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-107-188.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 03:32:56 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.38.217
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 16 Mar 2023 03:32:56 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=877935439483742230/gdpr=/gdpr_consent=
cache-control: no-cache
x-server: 10.40.43.222
content-length: 0
expires: 0

GET
H2 200 29729
tags.bluekai.com/site/ Frame 70F5 62 B
439 B 101ms
77ms Image
image/gif 173.223.57.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=877935439483742230
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.223.57.84 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-57-84.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 16 Mar 2023 03:32:56 GMT
content-length: 62
content-type: image/gif

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 70F5
Redirect Chain

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=877935439483742230
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=877935439483742230

43 B
180 B

27ms
26ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=877935439483742230
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 03:32:56 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=877935439483742230
date: Thu, 16 Mar 2023 03:32:56 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 70F5
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

347ms
96ms

Image
image/gif

52.218.25.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462
Protocol: HTTP/1.1
Server: 52.218.25.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:58 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: P47A708TW7SE95RM
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: lCxsnusUA8jCxceuqzq3bDyzYEZBojmvoGHWIWx4j8U+oazEjFdMaiitA3JrLBbfiYAOM08Igpc=

Redirect headers

X-Error-Reason: Missing UserId
Date: Thu, 16 Mar 2023 03:32:55 GMT
Server: akka-http/10.2.10
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 137

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 70F5
Redirect Chain

https://pixel.onaudience.com/?mapped=877935439483742230&partner=68
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=a37534b0e6191140/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

70 B
264 B

255ms
8ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462
Protocol: H2
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 16 Mar 2023 03:32:57 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 70F5 0
338 B 203ms
9ms Image
text/plain 18.209.139.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=877935439483742230
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.139.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-139-125.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-served-by: beacon-n009-ash-prod.krxd.net
date: Thu, 16 Mar 2023 03:32:56 GMT
cache-control: private, no-cache, no-store
x-request-time: D=31 t=1678937576
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 70F5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=ODc3OTM1NDM5NDgzNzQyMjMw
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEO5P5Xv2z1M0hagDmu0LmMs&google_cver=1&google_ula=1641347,0

35 B
600 B

6ms
5ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEO5P5Xv2z1M0hagDmu0LmMs&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 03:32:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 16 Mar 2023 03:32:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEO5P5Xv2z1M0hagDmu0LmMs&google_cver=1&google_ula=1641347,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
secure.adnxs.com/ Frame 70F5
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://c1.adform.net/serving/cookie/match?party=3&id=271775688729966696&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=877935439483742230

43 B
1 KB

5ms
5ms

Image
image/gif

68.67.160.24
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=877935439483742230

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462

Protocol

HTTP/1.1

Server

68.67.160.24 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Mar 2023 03:32:56 GMT
AN-X-Request-Uuid: 47b16ffa-cc47-4b75-ac6b-a296bc4a7578
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 5.181.234.132; 5.181.234.132; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Mar 2023 03:32:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://secure.adnxs.com/setuid?entity=91&code=877935439483742230
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 plf
c1.adform.net/imatch/ Frame 70F5 0
384 B 17ms
6ms Image
text/plain 185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 03:32:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 70F5 42 B
448 B 157ms
5ms Image
image/gif 162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=877935439483742230
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 16 Mar 2023 03:32:55 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame 70F5 43 B
444 B 121ms
5ms Image
image/gif 13.225.214.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.214.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-99.ewr50.r.cloudfront.net
Software: nginx/1.22.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 14:47:13 GMT
Via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.22.0
X-Amz-Cf-Pop: EWR50-C1
Age: 45943
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: kR-1Uy3sQa2fc60mAYbt6iP2ESlHBOTIjraj43H_JT4lOERZJcXhSQ==

GET
H/1.1

200

p
a.audrte.com/ Frame 70F5
Redirect Chain

https://a.audrte.com/a?adform_uid=877935439483742230
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MmloRXc3ZTZzVk5TTHk3R1N2Rk5BeUxZdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/p

68 B
424 B

11ms
10ms

Image
image/png

52.0.191.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462
Protocol: HTTP/1.1
Server: 52.0.191.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-191-77.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:56 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Thu, 16 Mar 2023 03:32:56 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 70F5
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=877935439483742230&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=877935439483742230&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirec...
https://c1.adform.net/serving/cookie/match?party=1007&cid=73676219288136771241986974410054195480&noredirect=1

35 B
591 B

6ms
5ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=73676219288136771241986974410054195480&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 03:32:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

DCS: dcs-prod-va6-1-v045-0bd0ada77.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: M3JKsE+STZE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=73676219288136771241986974410054195480&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 70F5
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=877935439483742230
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=213180604457003146223

35 B
591 B

46ms
5ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=213180604457003146223

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 03:32:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 16 Mar 2023 03:32:56 GMT
via: 1.1 5dccc983b54773fbbd262d2029a805d6.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: EWR50-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=213180604457003146223
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id: BDovhokvJxKHKsWUVX-gU5bxM3ZUy6MMKzNe8JOq-ZkQyXk_cLYecQ==
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 70F5
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7210981985242183832

35 B
591 B

35ms
16ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7210981985242183832

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 03:32:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7210981985242183832
Date: Thu, 16 Mar 2023 03:32:57 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 33302
tags.bluekai.com/site/ Frame 70F5 62 B
368 B 96ms
95ms Image
image/gif 173.223.57.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=877935439483742230
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.223.57.84 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-57-84.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 16 Mar 2023 03:32:56 GMT
content-length: 62
content-type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 70F5
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
https://c1.adform.net/serving/cookie/match?party=1066&cid=44f66412-8de9-4e00-a279-a9a2213576ae

35 B
591 B

7ms
6ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1066&cid=44f66412-8de9-4e00-a279-a9a2213576ae

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 03:32:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Date: Thu, 16 Mar 2023 03:32:56 GMT
Server: MT3 569 46451a0 master iad-pixel-x23 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Location: https://c1.adform.net/serving/cookie/match?party=1066&cid=44f66412-8de9-4e00-a279-a9a2213576ae
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Thu, 16 Mar 2023 03:32:55 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 70F5
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=QbJZZoVY1PCEml5

35 B
600 B

17ms
3ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=QbJZZoVY1PCEml5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 03:32:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Thu, 16 Mar 2023 03:32:56 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-770-gc22eae1#rel-ec2-master i-0231cb64a9a2a4c51@us-east-1b@dxedge-app-us-east-1-prod-asg
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=QbJZZoVY1PCEml5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 70F5
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=b5638da3-7a38-4911-8557-ad13f43d84a5

35 B
600 B

18ms
4ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=b5638da3-7a38-4911-8557-ad13f43d84a5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 03:32:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 16 Mar 2023 03:32:57 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=b5638da3-7a38-4911-8557-ad13f43d84a5
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 225

GET
H/1.1

200
OK

image.sbmx
ib.mookie1.com/ Frame 70F5
Redirect Chain

https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=877935439483742230
https://ib.mookie1.com/image.sbmx?go=302927&pid=567&xid=877935439483742230

0
421 B

327ms
69ms

Image
image/png

64.58.232.177
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.mookie1.com/image.sbmx?go=302927&pid=567&xid=877935439483742230
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462
Protocol: HTTP/1.1
Server: 64.58.232.177 Austin, United States, ASN13649 (ASN-VINS, US),
Reverse DNS: be31-199.crrt01.las04.flexential.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Mar 2023 03:32:56 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/png
Access-Control-Allow-Origin: *
p3p: CP="DSP COR ADM DEV PSA PSD OUR"
Cache-Control: no-cache
X-Server: LAS09
Content-Length: 0
Expires: -1

Redirect headers

Date: Thu, 16 Mar 2023 03:32:57 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Location: https://ib.mookie1.com:443/image.sbmx?go=302927&pid=567&xid=877935439483742230
Access-Control-Allow-Origin: *
p3p: CP="DSP COR ADM DEV PSA PSD OUR"
Cache-Control: private
X-Server: LAS08
Content-Length: 203

GET
H/1.1

200

3.gif
id5-sync.com/cq/10/124/0/ Frame 70F5
Redirect Chain

https://id5-sync.com/s/10/0.gif?puid=877935439483742230
https://id5-sync.com/c/10/10/2/1.gif?puid=877935439483742230&gdpr=0&gdpr_consent=&us_privacy=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/10/2/1/2.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/10/2/1/2.gif?puid=271775688729966696&gdpr=0&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-7957scmDy72PtUFoAwPe4ahsReDla960f2q6n85nKA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F0%2F3.gif%3Fpuid%3D%...
https://id5-sync.com/cq/10/124/0/3.gif?puid=a1feac6a-54e1-48f7-93f5-d0bb77956d99&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=

43 B
1 KB

85ms
85ms

Image
image/gif

162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/cq/10/124/0/3.gif?puid=a1feac6a-54e1-48f7-93f5-d0bb77956d99&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462

Protocol

HTTP/1.1

Server

162.19.138.83 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Thu, 16 Mar 2023 03:32:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

Redirect headers

location: https://id5-sync.com/cq/10/124/0/3.gif?puid=a1feac6a-54e1-48f7-93f5-d0bb77956d99&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
access-control-allow-origin: *
date: Thu, 16 Mar 2023 03:32:57 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 70F5
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=1156830848
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=LJa/0/inSkty6l7uZB/qyO

35 B
591 B

7ms
5ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=LJa/0/inSkty6l7uZB/qyO

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 03:32:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 16 Mar 2023 03:32:56 GMT
via: 1.1 google
last-modified: Thu, 16 Mar 2023 03:32:57 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=LJa/0/inSkty6l7uZB/qyO
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 70F5 23 B
287 B 97ms
21ms Image
image/gif 23.52.164.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=877935439483742230
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.164.7 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-164-7.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

expires: Thu, 16 Mar 2023 03:32:57 GMT
pragma: no-cache
date: Thu, 16 Mar 2023 03:32:57 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 pixel.gif
sync.1dmp.io/ Frame 70F5 12 B
155 B 635ms
120ms Image
text/html 87.242.89.90
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=877935439483742230
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 87.242.89.90 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: elb /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 03:32:57 GMT
last-modified: Mon, 30 Jan 2023 18:57:34 GMT
server: elb
accept-ranges: bytes
etag: "63d8131e-c"
content-length: 12
content-type: text/html

GET
H2

200

/
sync.taboola.com/sg/smaatortb-network/1/rtb-h/ Frame 70F5
Redirect Chain

https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=877935439483742230
https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=877935439483742230&cookieCheck=1
https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=9c20691f

0
230 B

18ms
4ms

Image
text/plain

141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=9c20691f
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462
Protocol: H2
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 03:32:57 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 2527

Redirect headers

date: Thu, 16 Mar 2023 03:32:57 GMT
via: 1.1 6a2d00c5c73022efc4bc2786f44b3cdc.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR53-P1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=9c20691f
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: NK71hLKaRPlqvHDF4ECvsSNO6oKRB_qZ23AnP9WIudB8DHJ47UL1OQ==

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 70F5
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=877935439483742230&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEV...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=877935439483742230&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7B...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=99978970-edf1-4bd1-a2fa-134d2d452f9d%252Chttps%25253A%25252F%25252Fc1.adform.net%25252Fserving%25252Fcookie%25252Fmatch%2...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b5638da3-7a38-4911-8557-ad13f43d84a5&ttd_puid=99978970-edf1-4bd1-a2fa-134d2d452f9d%2Chttps%253A%252F%252Fc1.adform.net%25...
https://c1.adform.net/serving/cookie/match?party=2007&cid=99978970-edf1-4bd1-a2fa-134d2d452f9d

35 B
591 B

6ms
5ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=99978970-edf1-4bd1-a2fa-134d2d452f9d

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 03:32:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

date: Thu, 16 Mar 2023 03:32:57 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://c1.adform.net/serving/cookie/match?party=2007&cid=99978970-edf1-4bd1-a2fa-134d2d452f9d
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 877935439483742230
match.contentexchange.me/adform/ Frame 70F5 0
49 B 578ms
97ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/877935439483742230?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 03:32:57 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 70F5 43 B
109 B 86ms
54ms Image
image/gif 3.229.34.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=16974&user_id=877935439483742230
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.34.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-34-188.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 03:32:57 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H2

200

xuid
eb2.3lift.com/ Frame 70F5
Redirect Chain

https://eb2.3lift.com/xuid?mid=7354&xuid=877935439483742230&dongle=AD20
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=877935439483742230&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

12ms
11ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=877935439483742230&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462
Protocol: H2
Server: 52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 16 Mar 2023 03:32:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7354&xuid=877935439483742230&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=
date: Thu, 16 Mar 2023 03:32:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

sync.php
pixel.rubiconproject.com/exchange/ Frame 70F5
Redirect Chain

https://sync.e-volution.ai/296800c6dbd7f8eb22cf034b9927d719.gif?puid=877935439483742230
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

42 B
734 B

47ms
11ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: a414d61fde5a538d1bc5c621aec59518
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Pragma: no-cache
Date: Thu, 16 Mar 2023 03:32:57 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET put
e1.emxdgt.com/ Frame 70F5 0
0

GET
H2 200 plf
c1.adform.net/imatch/ Frame 70F5 0
384 B 12ms
7ms Image
text/plain 185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=877935439483742230&agencyId=7390&advertiserId=2103558&src=tp&rnd=483462
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 03:32:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 sureroute.html
inc-www.df-bet.org/en/promotions/ Frame 5124 0
0 579ms
482ms Document
text/html 45.60.12.120
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://inc-www.df-bet.org/en/promotions/sureroute.html?rnd=1-1-20200-1-20200-71588-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA

Requested by

Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.12.120 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

Referer: https://www.dfvnvui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Thu, 16 Mar 2023 03:32:57 GMT
etag: "63f59ca6-211b"
expires: Thu, 01 Jan 1970 00:00:01 GMT
last-modified: Wed, 22 Feb 2023 04:40:06 GMT
server: nginx/1.11.10
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-frame-options: deny
x-iinfo: 13-28451403-28298456 pNYN RT(1678937576504 32) q(0 0 0 0) r(5 5) U2

GET
H2 200 icon
fonts.googleapis.com/ 569 B
775 B 354ms
19ms Stylesheet
text/css 142.250.64.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f10.1e100.net

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Mar 2023 03:32:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Mar 2023 03:32:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Mar 2023 03:32:57 GMT

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 208ms
206ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=showMessage&userId=&messageId=2214&revision=1&sessionStart=20230316033255&cookieId=sok9ry.lfak2zzs&origin=dafabet_com_asia&ver=8.186.0-3.6&segments=1978.1548.1563.1569&1603321313
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 16 Mar 2023 03:32:57 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 208ms
204ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=showMessage&userId=&messageId=3172&revision=1&sessionStart=20230316033255&cookieId=sok9ry.lfak2zzs&origin=dafabet_com_asia&ver=8.186.0-3.6&segments=1978.1548.1563.1569&1603321354
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 16 Mar 2023 03:32:57 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 208ms
207ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=showMessage&userId=&messageId=2195&revision=2&sessionStart=20230316033255&cookieId=sok9ry.lfak2zzs&origin=dafabet_com_asia&ver=8.186.0-3.6&segments=1978.1548.1563.1569&1603321360
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 16 Mar 2023 03:32:57 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 217ms
203ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=showMessage&userId=&messageId=4560&revision=8&sessionStart=20230316033255&cookieId=sok9ry.lfak2zzs&origin=dafabet_com_asia&ver=8.186.0-3.6&segments=1978.1548.1563.1569&1603321369
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 16 Mar 2023 03:32:57 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK arrow-down-triple-white.png
dk0tzorg7uge9.cloudfront.net/message_files/40/2061/193/ 511 B
1 KB 27ms
19ms Image
image/png 99.84.38.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dk0tzorg7uge9.cloudfront.net/message_files/40/2061/193/arrow-down-triple-white.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.38.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-38-65.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e32d0137b37137e902d7be5b6de744893db6fd2e2be566a66db6d1582418294a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:57 GMT
Via: 1.1 8f8a44665236c177df56aa58b84d84de.cloudfront.net (CloudFront)
Last-Modified: Wed, 23 May 2018 08:56:23 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:505/gname:fcp-php/uname:fcp-php/gid:505/mode:33188/mtime:1527065782/atime:1527065782/md5:24706a99cc619b6439dadf6cc02cdd8a/ctime:1527065782
X-Amz-Cf-Pop: EWR52-C4
Age: 14
ETag: "24706a99cc619b6439dadf6cc02cdd8a"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 511
X-Amz-Cf-Id: aqHv0gbTUlPLT-AoPTWEc3exBYBQBf-FK3kNN8CHrdivTNPmtLgblg==

GET
H/1.1 200
OK arrow-down-triple-yellow.png
dk0tzorg7uge9.cloudfront.net/message_files/40/2061/194/ 511 B
1 KB 25ms
18ms Image
image/png 99.84.38.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dk0tzorg7uge9.cloudfront.net/message_files/40/2061/194/arrow-down-triple-yellow.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.38.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-38-65.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d01e7f7bc38eeccd2397c1df224742f91cfbc6b59cfd8a4f0296eb9fd8e8de78

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:57 GMT
Via: 1.1 b2cb5873eebaf86981435722128eab72.cloudfront.net (CloudFront)
Last-Modified: Wed, 23 May 2018 08:56:57 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:505/gname:fcp-php/uname:fcp-php/gid:505/mode:33188/mtime:1527065816/atime:1527065816/md5:eeae68f9e6712f3e82800d34760a6640/ctime:1527065816
X-Amz-Cf-Pop: EWR52-C4
Age: 14
ETag: "eeae68f9e6712f3e82800d34760a6640"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 511
X-Amz-Cf-Id: yJccZ75GnJ_RlbkpS5poe1T2AmaSbSGNCtfVCge1Zm_wrz-Wpz36Eg==

GET
H/1.1 200
OK mdd-on.jpg
dk0tzorg7uge9.cloudfront.net/message_files/40/4716/533/ 191 KB
191 KB 33ms
19ms Image
image/jpeg 99.84.38.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dk0tzorg7uge9.cloudfront.net/message_files/40/4716/533/mdd-on.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.38.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-38-65.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 296f80730ee5d3a6ae96d1a4cafbdd77272091194fd0c0d5ac21d94654e68dcf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:57 GMT
Via: 1.1 502d715ad2f775c7dae1f1c4bfbfc168.cloudfront.net (CloudFront)
Last-Modified: Tue, 05 Oct 2021 12:48:04 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1633438083/ctime:1633438083/gid:505/gname:fcp-php/md5:9d0298037833ae35c02390736c85d776/mode:33188/mtime:1633438083/uid:505/uname:fcp-php
X-Amz-Cf-Pop: EWR52-C4
Age: 14
ETag: "9d0298037833ae35c02390736c85d776"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 195409
X-Amz-Cf-Id: IM0hlPSva8TESwHGfLuDO1atcSd2dCYXY2QeKiKmvE1eH-I8tynDjA==

GET
H/1.1 200
OK mdd-off.jpg
dk0tzorg7uge9.cloudfront.net/message_files/40/4716/534/ 173 KB
173 KB 31ms
19ms Image
image/jpeg 99.84.38.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dk0tzorg7uge9.cloudfront.net/message_files/40/4716/534/mdd-off.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.38.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-38-65.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31344945c1c2dc743640442fd4508719a4a3801e096e631a92cf737067a91e53

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:57 GMT
Via: 1.1 9dc6533b1432a725b72f49ca8658a3c6.cloudfront.net (CloudFront)
Last-Modified: Tue, 05 Oct 2021 12:48:15 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1633438093/ctime:1633438093/gid:505/gname:fcp-php/md5:3e35b417207e32dd3fd707d34ff22f4e/mode:33188/mtime:1633438093/uid:505/uname:fcp-php
X-Amz-Cf-Pop: EWR52-C4
Age: 15
ETag: "3e35b417207e32dd3fd707d34ff22f4e"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 176929
X-Amz-Cf-Id: twSkTY0sEa9kMl_V2hAHSJT-F00EGKKG0i7qXB4p7mMZQtql_r2glg==

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 204ms
202ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=setUserSegment&userId=&segmentName=sgmt_1942&segmentValue=value1&sessionStart=20230316033255&cookieId=sok9ry.lfak2zzs&origin=dafabet_com_asia&ver=8.186.0-3.6&segments=1978.1548.1563.1569.1942&1603321394
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 16 Mar 2023 03:32:57 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
45 B 11312ms
11311ms Ping
text/plain 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-S5WHEF6PM5&gtm=45je33d0h1&_p=201970202&cid=1382871543.1678937572&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1678937572&sct=1&seg=0&dl=https%3A%2F%2Fwww.dfvnvui.com%2Fen&dt=Dafabet%20is%20The%20Most%20Secure%20Online%20Betting%20Company%20in%20Asia&en=scroll&epn.percent_scrolled=90&_et=23
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S5WHEF6PM5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80d::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 03:33:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dfvnvui.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAg... 16 B
283 B 5ms
4ms XHR
text/plain 45.54.49.1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA/1/20200/71588/1,16/0/732/0/0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.54.49.1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS: 1.49.54.45.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:57 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 sureroute.html
inc-www.df-bet.org/en/promotions/ Frame EC52 0
0 189ms
188ms Document
text/html 45.60.12.120
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://inc-www.df-bet.org/en/promotions/sureroute.html?rnd=0-1-20200-1-20200-71588-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA

Requested by

Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.12.120 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

Referer: https://www.dfvnvui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Thu, 16 Mar 2023 03:32:57 GMT
etag: "63f59ca6-211b"
expires: Thu, 01 Jan 1970 00:00:01 GMT
last-modified: Wed, 22 Feb 2023 04:40:06 GMT
server: nginx/1.11.10
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-frame-options: deny
x-iinfo: 13-28451403-28298456 pNYN RT(1678937576504 638) q(0 0 0 -1) r(2 2) U2

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAg... 16 B
283 B 6ms
5ms XHR
text/plain 45.54.49.1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA/1/20200/71588/0,16/0/315/0/0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.54.49.1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS: 1.49.54.45.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:58 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK sureroute.html
cdn-www.df-bet.org/en/promotions/ Frame 6C78 0
0 1436ms
205ms Document
text/html 157.185.165.41
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-www.df-bet.org/en/promotions/sureroute.html?rnd=1-1-20200-1-20200-47753-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA

Requested by

Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

157.185.165.41 , United States, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

Referer: https://www.dfvnvui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 16 Mar 2023 03:32:59 GMT
ETag: "63f59ca6-211b"
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Last-Modified: Wed, 22 Feb 2023 04:40:06 GMT
Server: PWS/8.3.1.0.8
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
Via: 1.1 PS-TPE-01TU5222:6 (W), 1.1 PS-YYZ-01fd1167:9 (W)
X-Frame-Options: deny
X-Px: ms PS-YYZ-01fd1167YYZ,ms PS-TPE-01TU5222TPE(origin)
X-Ws-Request-Id: 64128deb_PS-YYZ-01fd1167_30372-11691

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAg... 16 B
283 B 313ms
4ms XHR
text/plain 45.54.49.1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA/1/20200/47753/1,16/0/1450/0/0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.54.49.1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS: 1.49.54.45.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:59 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK sureroute.html
cdn-www.df-bet.org/en/promotions/ Frame 3241 0
0 204ms
204ms Document
text/html 157.185.165.41
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-www.df-bet.org/en/promotions/sureroute.html?rnd=0-1-20200-1-20200-47753-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA

Requested by

Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

157.185.165.41 , United States, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

Referer: https://www.dfvnvui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 16 Mar 2023 03:32:59 GMT
ETag: "63f59ca6-211b"
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Last-Modified: Wed, 22 Feb 2023 04:40:06 GMT
Server: PWS/8.3.1.0.8
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
Via: 1.1 PS-TPE-01TU5222:6 (W), 1.1 PS-YYZ-01fd1167:9 (W)
X-Frame-Options: deny
X-Px: ms PS-YYZ-01fd1167YYZ,ms PS-TPE-01TU5222TPE(origin)
X-Ws-Request-Id: 64128deb_PS-YYZ-01fd1167_30372-11718

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAg... 16 B
283 B 100ms
4ms XHR
text/plain 45.54.49.1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA/1/20200/47753/0,16/0/214/0/0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.54.49.1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS: 1.49.54.45.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:32:59 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 r20.gif
edg-static.xhhlhh.com/img/ 43 B
213 B 331ms
282ms Image
image/gif 152.199.0.130
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edg-static.xhhlhh.com/img/r20.gif?rnd=1-1-20200-1-20200-44021-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.0.130 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 03:32:59 GMT
last-modified: Thu, 27 Aug 2020 07:28:50 GMT
server: nginx/1.12.2
etag: "5f4760b2-2b"
content-type: image/gif
cache-control: max-age=2629743, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
ec-rule-version: v1.74

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA/1/20200/44021/1,2/0/282/0/0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.54.49.1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS: 1.49.54.45.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:33:00 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 r20.gif
edg-static.xhhlhh.com/img/ 43 B
135 B 655ms
655ms Image
image/gif 152.199.0.130
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edg-static.xhhlhh.com/img/r20.gif?rnd=0-1-20200-1-20200-44021-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.0.130 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 03:33:00 GMT
last-modified: Thu, 10 Mar 2022 08:34:18 GMT
server: nginx/1.12.2
etag: "6229b80a-2b"
content-type: image/gif
cache-control: max-age=2629743, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
ec-rule-version: v1.74

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAg... 16 B
283 B 8ms
7ms XHR
text/plain 45.54.49.1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA/1/20200/44021/0,2/0/654/0/0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.54.49.1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS: 1.49.54.45.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:33:00 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 d17.html Show response
cdn-sports.nextbet.com/test/ Frame E7FD 8 KB
2 KB 2073ms
354ms Document
text/html 157.185.177.205

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-sports.nextbet.com/test/d17.html?rnd=1-1-20200-1-20200-47804-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA

Requested by

Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

157.185.177.205 -, , ASN (),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

d770c011603098a3742f00afa951921b39a1daa27937c6a33a6f27e256556886

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dfvnvui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html
date: Thu, 16 Mar 2023 03:33:02 GMT
expires: 0
pragma: no-cache
server: PWS/8.3.1.0.8
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 huadianxin31:2 (W), 1.1 jp38:11 (W), 1.1 hx171:3 (W), 1.1 PSmgasbIAD1ak79:17 (W)
x-px: ms PSmgasbIAD1ak79IAD,ms hx171SJC,ms jp38SIN,ms huadianxin31KHH(origin)
x-ws-request-id: 64128dee_PSmgasbIAD1ak79_46471-28703

POST
H/1.1 200
Ok _CgJqNRAUGHsiBggBEOidASjaov7uBjDom8qgBjjom8qgBkCs-9uWBkoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMy5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCA Show response
rpt.cedexis.com/r1/1/20200/ 16 B
283 B 9ms
8ms XHR
text/plain 45.54.49.1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/r1/1/20200/_CgJqNRAUGHsiBggBEOidASjaov7uBjDom8qgBjjom8qgBkCs-9uWBkoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMy5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCA?rnd=sdxqixqcdpphzgeuiyvbogwtmvutwirm
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.54.49.1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS: 1.49.54.45.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Referer: https://www.dfvnvui.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 16 Mar 2023 03:33:01 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

POST
H2 200 adrum Show response
col.0wp0usgn.com/eumcollector/beacons/browser/v1/EUM-AAB-AVW/ 0
69 B 195ms
194ms XHR
text/html 34.149.119.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://col.0wp0usgn.com/eumcollector/beacons/browser/v1/EUM-AAB-AVW/adrum

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum-ext.5d7b2188022f1c8e1f74b468f022cb04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.119.194 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

194.119.149.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dfvnvui.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type: text/plain

Response headers

appd-request-id: 97e7e2d6b5fd204f
date: Thu, 16 Mar 2023 03:33:01 GMT
via: 1.1 google
pragma: no-cache
x-content-type-options: nosniff
vary: *
content-type: text/html
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
access-control-allow-headers: origin, content-type, accept
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAg... 16 B
283 B 65ms
3ms XHR
text/plain 45.54.49.1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA/1/20200/47804/1,16/0/2097/0/0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.54.49.1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS: 1.49.54.45.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:33:02 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 d17.html Show response
cdn-sports.nextbet.com/test/ Frame 9B40 8 KB
2 KB 386ms
325ms Document
text/html 157.185.177.205

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-sports.nextbet.com/test/d17.html?rnd=0-1-20200-1-20200-47804-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA

Requested by

Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

157.185.177.205 -, , ASN (),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

d770c011603098a3742f00afa951921b39a1daa27937c6a33a6f27e256556886

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dfvnvui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html
date: Thu, 16 Mar 2023 03:33:03 GMT
expires: 0
pragma: no-cache
server: PWS/8.3.1.0.8
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 huadianxin31:2 (W), 1.1 jp38:11 (W), 1.1 hx171:3 (W), 1.1 PSmgasbIAD1ak79:17 (W)
x-px: ms PSmgasbIAD1ak79IAD,ms hx171SJC,ms jp38SIN,ms huadianxin31KHH(origin)
x-ws-request-id: 64128dee_PSmgasbIAD1ak79_46471-28785

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAg... 16 B
283 B 12ms
7ms XHR
text/plain 45.54.49.1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA/1/20200/47804/0,16/0/408/0/0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.54.49.1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS: 1.49.54.45.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:33:03 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 sureroute.html Show response
aka-mcashier.dafanba.net/ Frame 05D7 8 KB
2 KB 683ms
480ms Document
text/html 104.126.118.200

General

Check archive.org

Show headers Download Go to

Full URL

https://aka-mcashier.dafanba.net/sureroute.html?rnd=1-1-20200-1-20200-46920-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA

Requested by

Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.118.200 -, , ASN (),

Reverse DNS

Software

nginx/1.19.6 /

Resource Hash

5bf62200787a40e4af3e5352641483265476ce7f29a1e602a9c68c3aadaa06b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer: https://www.dfvnvui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0
content-encoding: gzip
content-length: 1622
content-type: text/html
date: Thu, 16 Mar 2023 03:33:03 GMT
etag: W/"64074f45-211c"
expires: Thu, 16 Mar 2023 03:33:03 GMT
last-modified: Tue, 07 Mar 2023 14:50:45 GMT
server: nginx/1.19.6
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept-Encoding

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA/1/20200/46920/1,16/0/712/0/0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.54.49.1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS: 1.49.54.45.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:33:03 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 sureroute.html Show response
aka-mcashier.dafanba.net/ Frame DD80 8 KB
2 KB 353ms
350ms Document
text/html 104.126.118.200

General

Check archive.org

Show headers Download Go to

Full URL

https://aka-mcashier.dafanba.net/sureroute.html?rnd=0-1-20200-1-20200-46920-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA

Requested by

Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.118.200 -, , ASN (),

Reverse DNS

Software

nginx/1.19.6 /

Resource Hash

5bf62200787a40e4af3e5352641483265476ce7f29a1e602a9c68c3aadaa06b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer: https://www.dfvnvui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0
content-encoding: gzip
content-length: 1622
content-type: text/html
date: Thu, 16 Mar 2023 03:33:04 GMT
etag: W/"64074f45-211c"
expires: Thu, 16 Mar 2023 03:33:04 GMT
last-modified: Tue, 07 Mar 2023 14:50:45 GMT
server: nginx/1.19.6
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept-Encoding

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA/1/20200/46920/0,16/0/434/0/0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.54.49.1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS: 1.49.54.45.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:33:04 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 sureroute.html
aka-www.dffgames.com/en/promotions/ Frame 1719 0
0 640ms
494ms Document
text/html 104.126.118.234

General

Check archive.org

Show headers Download Go to

Full URL

https://aka-www.dffgames.com/en/promotions/sureroute.html?rnd=1-1-20200-1-20200-42793-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA

Requested by

Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.118.234 -, , ASN (),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	deny

Request headers

Referer: https://www.dfvnvui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache
content-encoding: gzip
content-length: 1512
content-type: text/html
date: Thu, 16 Mar 2023 03:33:05 GMT
etag: "63f59ca6-211b"
expires: Thu, 16 Mar 2023 03:33:05 GMT
last-modified: Wed, 22 Feb 2023 04:40:06 GMT
server: nginx/1.11.10
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept-Encoding
x-frame-options: deny

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA/1/20200/42793/1,16/0/656/0/0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.54.49.1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS: 1.49.54.45.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:33:05 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 sureroute.html
aka-www.dffgames.com/en/promotions/ Frame 2C24 0
0 377ms
376ms Document
text/html 104.126.118.234

General

Check archive.org

Show headers Download Go to

Full URL

https://aka-www.dffgames.com/en/promotions/sureroute.html?rnd=0-1-20200-1-20200-42793-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA

Requested by

Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.118.234 -, , ASN (),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	deny

Request headers

Referer: https://www.dfvnvui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache
content-encoding: gzip
content-length: 1512
content-type: text/html
date: Thu, 16 Mar 2023 03:33:05 GMT
etag: "63f59ca6-211b"
expires: Thu, 16 Mar 2023 03:33:05 GMT
last-modified: Wed, 22 Feb 2023 04:40:06 GMT
server: nginx/1.11.10
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept-Encoding
x-frame-options: deny

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAg... 16 B
283 B 6ms
4ms XHR
text/plain 45.54.49.1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA/1/20200/42793/0,16/0/401/0/0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.54.49.1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS: 1.49.54.45.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:33:05 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20.gif
p30885.citm-test.com/img/ 43 B
733 B 547ms
309ms Image
image/gif 8.45.176.226

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p30885.citm-test.com/img/r20.gif?rnd=1-1-20200-0-0-30885-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.45.176.226 -, , ASN (),
Reverse DNS
Software: Tengine /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 02:54:42 GMT
Via: cache1.l2us1[0,0,200-0,H], cache21.l2us1[1,0], cache21.l2us1[1,0], cache1.us15[0,0,200-0,H], cache8.us15[67,0]
Age: 1211903
X-Swift-CacheTime: 30412736
X-Cache: HIT TCP_MEM_HIT dirn:11:178006041
Connection: keep-alive
X-Swift-SaveTime: Wed, 15 Mar 2023 02:55:46 GMT
Content-Length: 43
Last-Modified: Wed, 07 Sep 2022 08:46:26 GMT
Server: Tengine
x-aliyun-server-ip: 8.45.176.226
ETag: "63185a62-2b"
Ali-Swift-Global-Savetime: 1677725682
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
Accept-Ranges: bytes
Timing-Allow-Origin: *
EagleId: 082db09c16789375859741303e

GET
H/1.1 200
OK iuni4.html Show response
p30885.citm-test.com/img/ Frame 86AC 2 KB
3 KB 122ms
102ms Document
text/html 8.45.176.226

General

Check archive.org

Show headers Download Go to

Full URL: https://p30885.citm-test.com/img/iuni4.html?rnd=-1-1-20200-0-0-30885-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.45.176.226 -, , ASN (),
Reverse DNS
Software: Tengine /
Resource Hash: 7c9c20f775ce6e3d0c192924333e53c82a84c4427899b26c434c8136871be70c

Request headers

Referer: https://www.dfvnvui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 1212742
Ali-Swift-Global-Savetime: 1677724844
Cache-Control: max-age=2629743, public
Connection: keep-alive
Content-Length: 2011
Content-Type: text/html
Date: Thu, 02 Mar 2023 02:40:44 GMT
ETag: "63185a85-7db"
EagleId: 082db09c16789375861861988e
Last-Modified: Wed, 07 Sep 2022 08:47:01 GMT
Server: Tengine
Timing-Allow-Origin: *
Via: cache39.l2us1[0,0,200-0,H], cache19.l2us1[1,0], cache4.us15[0,-1,200-0,H], cache8.us15[12,0]
X-Cache: HIT TCP_MEM_HIT dirn:11:280165512
X-Swift-CacheTime: 30410325
X-Swift-SaveTime: Wed, 15 Mar 2023 03:21:59 GMT
x-aliyun-server-ip: 8.45.176.226

GET
H/1.1 200
OK iuni4.html Show response
p30885.citm-test.com/img/ Frame 86AC 2 KB
3 KB 77ms
76ms XHR
text/html 8.45.176.226

General

Check archive.org

Show headers Download Go to

Full URL: https://p30885.citm-test.com/img/iuni4.html?rnd=-1-1-20200-0-0-30885-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA
Requested by: Host: p30885.citm-test.com
URL: https://p30885.citm-test.com/img/iuni4.html?rnd=-1-1-20200-0-0-30885-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.45.176.226 -, , ASN (),
Reverse DNS
Software: Tengine /
Resource Hash: 7c9c20f775ce6e3d0c192924333e53c82a84c4427899b26c434c8136871be70c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p30885.citm-test.com/img/iuni4.html?rnd=-1-1-20200-0-0-30885-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 02:40:44 GMT
Via: cache39.l2us1[0,0,200-0,H], cache19.l2us1[1,0], cache4.us15[0,0,200-0,H], cache8.us15[1,0]
Age: 1212742
X-Swift-CacheTime: 30410325
X-Cache: HIT TCP_MEM_HIT dirn:11:280165512
Connection: keep-alive
X-Swift-SaveTime: Wed, 15 Mar 2023 03:21:59 GMT
Content-Length: 2011
Last-Modified: Wed, 07 Sep 2022 08:47:01 GMT
Server: Tengine
x-aliyun-server-ip: 8.45.176.226
ETag: "63185a85-7db"
Ali-Swift-Global-Savetime: 1677724844
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
Accept-Ranges: bytes
Timing-Allow-Origin: *
EagleId: 082db09c16789375864772929e

GET
H/1.1 200
Ok 343 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAg... 16 B
283 B 20ms
16ms XHR
text/plain 45.54.49.1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA/0/0/30885/1,2/0/309/eagleid%3A082db09c16789375864772929e%40x-aliyun-server-ip%3A8.45.176.226%40via%3Acache39.l2us1%5B0%2C0%2C200-0%2CH%5D%2C%20cache19.l2us1%5B1%2C0%5D%2C%20cache4.us15%5B0%2C0%2C200-0%2CH%5D%2C%20cache8.us15%5B1%2C0%5D/0/14819/0/0/0/2/62/62/135/239/239/548/551/551/343
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.54.49.1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS: 1.49.54.45.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:33:06 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20.gif
p30885.citm-test.com/img/ 43 B
732 B 82ms
81ms Image
image/gif 8.45.176.226

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p30885.citm-test.com/img/r20.gif?rnd=0-1-20200-0-0-30885-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.45.176.226 -, , ASN (),
Reverse DNS
Software: Tengine /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 02:54:42 GMT
Via: cache1.l2us1[0,0,200-0,H], cache21.l2us1[1,0], cache21.l2us1[1,0], cache1.us15[0,0,200-0,H], cache8.us15[7,0]
Age: 1211904
X-Swift-CacheTime: 30412736
X-Cache: HIT TCP_MEM_HIT dirn:11:178006041
Connection: keep-alive
X-Swift-SaveTime: Wed, 15 Mar 2023 02:55:46 GMT
Content-Length: 43
Last-Modified: Wed, 07 Sep 2022 08:46:26 GMT
Server: Tengine
x-aliyun-server-ip: 8.45.176.226
ETag: "63185a62-2b"
Ali-Swift-Global-Savetime: 1677725682
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
Accept-Ranges: bytes
Timing-Allow-Origin: *
EagleId: 082db09c16789375865623213e

GET
H/1.1 200
Ok 343 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAg... 16 B
283 B 8ms
7ms XHR
text/plain 45.54.49.1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA/0/0/30885/0,2/0/80/eagleid%3A082db09c16789375864772929e%40x-aliyun-server-ip%3A8.45.176.226%40via%3Acache39.l2us1%5B0%2C0%2C200-0%2CH%5D%2C%20cache19.l2us1%5B1%2C0%5D%2C%20cache4.us15%5B0%2C0%2C200-0%2CH%5D%2C%20cache8.us15%5B1%2C0%5D/0/15808/0/0/0/0/0/0/0/0/4/85/86/86/343
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.54.49.1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS: 1.49.54.45.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:33:06 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 r20.gif
cedexis.pc.cdn.bitgravity.com/img/ 43 B
404 B 370ms
4ms Image
image/gif 64.185.181.238

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cedexis.pc.cdn.bitgravity.com/img/r20.gif?rnd=1-1-20200-0-0-38635-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.185.181.238 -, , ASN (),
Reverse DNS
Software: v/6.5.0/6.5.20/v9nyc1-www /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-version: cedexrd2g1Hupc01_v2
date: Fri, 10 Mar 2023 11:50:09 GMT
last-modified: Wed, 07 Sep 2022 08:46:26 GMT
server: v/6.5.0/6.5.20/v9nyc1-www
age: 526115
x-tata-request-id: 2bd306b8cb7e688912b8ed76331a1456, 2bd306b8cb7e688912b8ed76331a1456
etag: "63185a62-2b"
x-cache: HIT,v9nyc1
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2629743, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43

GET
H2 200 iuni4.html Show response
cedexis.pc.cdn.bitgravity.com/img/35/ Frame 3AE9 2 KB
1 KB 6ms
5ms Document
text/html 64.185.181.238

General

Check archive.org

Show headers Download Go to

Full URL: https://cedexis.pc.cdn.bitgravity.com/img/35/iuni4.html?rnd=-1-1-20200-0-0-38635-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.185.181.238 -, , ASN (),
Reverse DNS
Software: v/6.5.0/6.5.20/v9nyc1-www /
Resource Hash: 7c9c20f775ce6e3d0c192924333e53c82a84c4427899b26c434c8136871be70c

Request headers

Referer: https://www.dfvnvui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 488577
cache-control: max-age=2629743, public
content-encoding: gzip
content-length: 951
content-type: text/html
date: Fri, 10 Mar 2023 11:50:09 GMT
etag: W/"63185a85-7db"
last-modified: Wed, 07 Sep 2022 08:47:01 GMT
server: v/6.5.0/6.5.20/v9nyc1-www
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT,v9nyc1
x-tata-request-id: a7fa1edbaf544004016e2a76aefe626d a7fa1edbaf544004016e2a76aefe626d
x-version: cedexrd2g1Hupc01_v2

GET
H2 200 iuni4.html Show response
cedexis.pc.cdn.bitgravity.com/img/35/ Frame 3AE9 2 KB
1 KB 14ms
13ms XHR
text/html 64.185.181.238

General

Check archive.org

Show headers Download Go to

Full URL: https://cedexis.pc.cdn.bitgravity.com/img/35/iuni4.html?rnd=-1-1-20200-0-0-38635-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA
Requested by: Host: cedexis.pc.cdn.bitgravity.com
URL: https://cedexis.pc.cdn.bitgravity.com/img/35/iuni4.html?rnd=-1-1-20200-0-0-38635-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.185.181.238 -, , ASN (),
Reverse DNS
Software: v/6.5.0/6.5.20/v9nyc1-www /
Resource Hash: 7c9c20f775ce6e3d0c192924333e53c82a84c4427899b26c434c8136871be70c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cedexis.pc.cdn.bitgravity.com/img/35/iuni4.html?rnd=-1-1-20200-0-0-38635-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-version: cedexrd2g1Hupc01_v2
date: Fri, 10 Mar 2023 11:50:09 GMT
content-encoding: gzip
age: 488577
x-tata-request-id: 9df487459c6dafd218f787a23b62f272, 9df487459c6dafd218f787a23b62f272
x-cache: HIT,v9nyc1
content-length: 951
last-modified: Wed, 07 Sep 2022 08:47:01 GMT
server: v/6.5.0/6.5.20/v9nyc1-www
etag: W/"63185a85-7db"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=2629743, public
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAg... 16 B
283 B 6ms
6ms XHR
text/plain 45.54.49.1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA/0/0/38635/1,2/0/4/x-server%20header%20not%20found/0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.54.49.1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS: 1.49.54.45.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:33:07 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 r20.gif
cedexis.pc.cdn.bitgravity.com/img/ 43 B
405 B 9ms
2ms Image
image/gif 64.185.181.238

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cedexis.pc.cdn.bitgravity.com/img/r20.gif?rnd=0-1-20200-0-0-38635-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.185.181.238 -, , ASN (),
Reverse DNS
Software: v/6.5.0/6.5.20/v9nyc1-www /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-version: cedexrd2g1Hupc01_v2
date: Fri, 10 Mar 2023 11:50:09 GMT
last-modified: Wed, 07 Sep 2022 08:46:26 GMT
server: v/6.5.0/6.5.20/v9nyc1-www
age: 526115
x-tata-request-id: e37a9f53061b25755c706bb6f87d47d7, e37a9f53061b25755c706bb6f87d47d7
etag: "63185a62-2b"
x-cache: HIT,v9nyc1
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2629743, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAg... 16 B
283 B 8ms
4ms XHR
text/plain 45.54.49.1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA/0/0/38635/0,2/0/5/x-server%20header%20not%20found/0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.54.49.1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS: 1.49.54.45.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:33:07 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20.gif
p20305.cedexis-test.com/img/ 43 B
296 B 752ms
238ms Image
image/gif 207.46.231.89

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p20305.cedexis-test.com/img/r20.gif?rnd=1-1-20200-0-0-20305-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 207.46.231.89 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:33:07 GMT
Last-Modified: Mon, 23 May 2022 09:57:46 GMT
Server: nginx
ETag: "628b5a9a-2b"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 43

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA/0/0/20305/1,2/0/238/0/0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.54.49.1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS: 1.49.54.45.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:33:07 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20.gif
p20305.cedexis-test.com/img/ 43 B
296 B 239ms
238ms Image
image/gif 207.46.231.89

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p20305.cedexis-test.com/img/r20.gif?rnd=0-1-20200-0-0-20305-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 207.46.231.89 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:33:07 GMT
Last-Modified: Mon, 23 May 2022 09:57:46 GMT
Server: nginx
ETag: "628b5a9a-2b"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 43

POST
H3 200 adrum Show response
col.0wp0usgn.com/eumcollector/beacons/browser/v1/EUM-AAB-AVW/ 0
17 B 205ms
204ms XHR
text/html 34.149.119.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://col.0wp0usgn.com/eumcollector/beacons/browser/v1/EUM-AAB-AVW/adrum

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum-ext.5d7b2188022f1c8e1f74b468f022cb04.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.119.194 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

194.119.149.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dfvnvui.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type: text/plain

Response headers

appd-request-id: 1558e4ec5c409258
date: Thu, 16 Mar 2023 03:33:08 GMT
via: 1.1 google
pragma: no-cache
x-content-type-options: nosniff
vary: *
content-type: text/html
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
access-control-allow-headers: origin, content-type, accept
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAg... 16 B
283 B 4ms
3ms XHR
text/plain 45.54.49.1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA/0/0/20305/0,2/0/238/0/0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.54.49.1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS: 1.49.54.45.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:33:08 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20.gif
cdnetworks.cedexis-test.com/img/17653/ 43 B
548 B 587ms
7ms Image
image/gif 157.185.155.6

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnetworks.cedexis-test.com/img/17653/r20.gif?rnd=1-1-20200-0-0-17653-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.185.155.6 -, , ASN (),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:33:08 GMT
Via: 1.1 PSmglsjLAX2ay162:1 (W), 1.1 PSmgnyNY3mk42:18 (W)
Age: 48176
X-Px: ht PSmgnyNY3mk42JFK
Connection: keep-alive
Content-Length: 43
Ws-S2h-Acc-Level: 5
Last-Modified: Wed, 07 Sep 2022 08:46:26 GMT
Server: PWS/8.3.1.0.8
ETag: "63185a62-2b"
X-Ws-Request-Id: 64128df4_PSmgnyNY3mk42_29310-34338
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK iuni4.html Show response
cdnetworks.cedexis-test.com/img/17653/ Frame 914B 2 KB
2 KB 6ms
5ms Document
text/html 157.185.155.6

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnetworks.cedexis-test.com/img/17653/iuni4.html?rnd=-1-1-20200-0-0-17653-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.185.155.6 -, , ASN (),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 7c9c20f775ce6e3d0c192924333e53c82a84c4427899b26c434c8136871be70c

Request headers

Referer: https://www.dfvnvui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 47275
Cache-Control: max-age=2629743, public
Connection: keep-alive
Content-Length: 2011
Content-Type: text/html
Date: Thu, 16 Mar 2023 03:33:08 GMT
ETag: "63185a62-7db"
Last-Modified: Wed, 07 Sep 2022 08:46:26 GMT
Server: PWS/8.3.1.0.8
Timing-Allow-Origin: *
Via: 1.1 PS-DFW-01aXu27:0 (W), 1.1 PSmgnyNY3mk42:21 (W)
Ws-S2h-Acc-Level: 5
X-Px: ht PSmgnyNY3mk42JFK
X-Ws-Request-Id: 64128df4_PSmgnyNY3mk42_29310-34340

GET
H/1.1 200
OK iuni4.html Show response
cdnetworks.cedexis-test.com/img/17653/ Frame 914B 2 KB
2 KB 8ms
5ms XHR
text/html 157.185.155.6

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnetworks.cedexis-test.com/img/17653/iuni4.html?rnd=-1-1-20200-0-0-17653-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA
Requested by: Host: cdnetworks.cedexis-test.com
URL: https://cdnetworks.cedexis-test.com/img/17653/iuni4.html?rnd=-1-1-20200-0-0-17653-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.185.155.6 -, , ASN (),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 7c9c20f775ce6e3d0c192924333e53c82a84c4427899b26c434c8136871be70c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdnetworks.cedexis-test.com/img/17653/iuni4.html?rnd=-1-1-20200-0-0-17653-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:33:08 GMT
Via: 1.1 PS-DFW-01aXu27:0 (W), 1.1 PSmgnyNY3mk42:21 (W)
Age: 47275
X-Px: ht PSmgnyNY3mk42JFK
Connection: keep-alive
Content-Length: 2011
Ws-S2h-Acc-Level: 5
Last-Modified: Wed, 07 Sep 2022 08:46:26 GMT
Server: PWS/8.3.1.0.8
ETag: "63185a62-7db"
X-Ws-Request-Id: 64128df4_PSmgnyNY3mk42_29310-34342
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
93 B 18ms
17ms XHR
text/plain 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=201970202&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dfvnvui.com%2Fen&ul=en-us&de=UTF-8&dt=Dafabet%20is%20The%20Most%20Secure%20Online%20Betting%20Company%20in%20Asia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=909733245&gjid=1329121140&cid=1382871543.1678937572&tid=UA-89039619-1&_gid=1304845347.1678937589&_r=1&_slc=1&z=890930694

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dfvnvui.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Mar 2023 03:33:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dfvnvui.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAg... 16 B
283 B 4ms
4ms XHR
text/plain 45.54.49.1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA/0/0/17653/1,2/0/6/ht%20PSmgnyNY3mk42JFK/0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.54.49.1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS: 1.49.54.45.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:33:08 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK r20.gif
cdnetworks.cedexis-test.com/img/17653/ 43 B
548 B 6ms
5ms Image
image/gif 157.185.155.6

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnetworks.cedexis-test.com/img/17653/r20.gif?rnd=0-1-20200-0-0-17653-4016790749-_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.185.155.6 -, , ASN (),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:33:08 GMT
Via: 1.1 PSmglsjLAX2ay162:1 (W), 1.1 PSmgnyNY3mk42:18 (W)
Age: 48176
X-Px: ht PSmgnyNY3mk42JFK
Connection: keep-alive
Content-Length: 43
Ws-S2h-Acc-Level: 5
Last-Modified: Wed, 07 Sep 2022 08:46:26 GMT
Server: PWS/8.3.1.0.8
ETag: "63185a62-2b"
X-Ws-Request-Id: 64128df4_PSmgnyNY3mk42_29310-34345
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAg... 16 B
283 B 4ms
4ms XHR
text/plain 45.54.49.1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHsiBggBEOidASjdua37DjDnm8qgBjjnm8qgBkCs-4-ODEoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMS5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCJABAJgBAA/0/0/17653/0,2/0/5/ht%20PSmgnyNY3mk42JFK/0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.54.49.1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS: 1.49.54.45.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.dfvnvui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 16 Mar 2023 03:33:08 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/r1/1/20200/_CgJqNRAUGHsiBggBEOidASjaov7uBjDom8qgBjjom8qgBkCs-9uWBkoUCAEQ3wEYwXYggoCAwAQoiICAoARQj-mDBVoUCAEQ3wEY7W0gg4CAwAQokICAoARgAWoTYnV0dG9uMy5pYWQuaHYucHJvZIIBFAgBEN8BGLFGIIWAgMAEKKCAgKAEiAGF6qqnCA?rnd=mqyqnwlvzbrjbclxtfimtnbfovnbhqdp
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 -, , ASN (),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Referer: https://www.dfvnvui.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 16 Mar 2023 03:33:11 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: e1.emxdgt.com
URL: https://e1.emxdgt.com/put?d=d52&uid=877935439483742230

Verdicts & Comments Add Verdict or Comment

215 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

103 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dfvnvui.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: m8uqm8fjv77khuod9v1d1ehvq3
.dfvnvui.com/	1970-01-20 19:08:14	Name: mhlanguage Value: en
.dfvnvui.com/	1970-01-20 19:58:17	Name: _ga Value: GA1.1.1382871543.1678937572
.dfvnvui.com/	1970-01-20 19:58:17	Name: _ga_S5WHEF6PM5 Value: GS1.1.1678937572.1.0.1678937572.0.0.0
.adnxs.com/	1970-01-20 12:31:53	Name: uuid2 Value: 271775688729966696
.adelement.com/	1970-01-20 19:07:53	Name: OAID Value: RYdLDRO8ZFfJZEzbvjqeg9iA
.adelement.com/	1970-01-20 19:07:53	Name: _ae_rt_tt Value: us-east-1
.adelement.com/	1970-01-20 19:07:53	Name: _ae_rt_te Value:
.adelement.com/	1970-01-20 19:07:53	Name: _ae_rt_dt Value:
.doubleclick.net/	1970-01-20 19:58:17	Name: IDE Value: AHWqTUmcLSYfnW95oM0LoTJgKbwx1nnr_tumq235aSGaShpXYQ7cEZ4xgPkA3f07QIg
.dfvnvui.com/	1970-01-20 19:07:53	Name: _hjSessionUser_121800 Value: eyJpZCI6IjlhNzVjNDczLTFjMTctNTg5OS04NGU1LWU0MTg4OTViMjE4YiIsImNyZWF0ZWQiOjE2Nzg5Mzc1NzUyOTMsImV4aXN0aW5nIjpmYWxzZX0=
.dfvnvui.com/	1970-01-20 10:22:19	Name: _hjFirstSeen Value: 1
.dfvnvui.com/	1970-01-20 10:22:17	Name: _hjIncludedInSessionSample_121800 Value: 0
.dfvnvui.com/	1970-01-20 10:22:19	Name: _hjSession_121800 Value: eyJpZCI6IjMyOTUzZjNkLTY2YjEtNDhmZC04MjBiLWQxOTczYjk3OTg4YiIsImNyZWF0ZWQiOjE2Nzg5Mzc1NzUzMDMsImluU2FtcGxlIjpmYWxzZX0=
www.dfvnvui.com/	1970-01-20 10:22:17	Name: _hjIncludedInPageviewSample Value: 1
.dfvnvui.com/	1970-01-20 10:22:19	Name: _hjAbsoluteSessionInProgress Value: 1
.adform.net/	1970-01-20 11:06:52	Name: C Value: 1
www.dfvnvui.com/	1970-01-20 19:07:53	Name: frosmo_quickContext Value: %7B%22VERSION%22%3A%221.1.0%22%2C%22UID%22%3A%22sok9ry.lfak2zzs%22%2C%22origin%22%3A%22dafabet_com_asia%22%2C%22lastDisplayTime%22%3A%7B%222236%22%3A1678937576%7D%2C%22lastRevisionId%22%3A%7B%222236%22%3A1%7D%2C%22lastPageView%22%3A%7B%22time%22%3A1678937575805%7D%2C%22states%22%3A%7B%22session%22%3A%7B%7D%7D%7D
.adform.net/	1970-01-20 11:48:41	Name: uid Value: 877935439483742230
.adform.net/	1970-01-20 10:23:43	Name: CM Value: 1\|1
.adform.net/	1970-01-20 10:42:27	Name: CM14 Value: 1679023976_1678937576_1_Hu7u4e4e4R7u7u4REREeERERERHhERA
.casalemedia.com/	1970-01-20 19:07:53	Name: CMID Value: ZBKN6L74d8LHMPw0d5HVfAAA
.casalemedia.com/	1970-01-20 12:31:53	Name: CMPS Value: 1333
.casalemedia.com/	1970-01-20 12:31:53	Name: CMPRO Value: 1333
.360yield.com/	1970-01-20 12:31:53	Name: tuuid Value: a1feac6a-54e1-48f7-93f5-d0bb77956d99
.360yield.com/	1970-01-20 12:31:53	Name: tuuid_lu Value: 1678937576
.ads.stickyadstv.com/	1970-01-20 11:48:41	Name: uid-bp-617 Value: 877935439483742230
.ads.stickyadstv.com/	1970-01-20 11:05:29	Name: UID Value: 63395b81529014a1d1b63ee6b8d7f9a4
.rubiconproject.com/	1970-01-20 19:07:53	Name: khaos Value: LFAK30ZQ-A-9WNA
.yahoo.com/	1970-01-20 19:08:15	Name: A3 Value: d=AQABBOiNEmQCEKWedqO3JBOK7oHEzOmuLJUFEgEBAQHfE2QcZAAAAAAA_eMAAA&S=AQAAAloEcxVhmTHweXL8PaMVZZg
.analytics.yahoo.com/	1970-01-20 19:07:53	Name: IDSYNC Value: 1760~2ajf
.bidswitch.net/	1970-01-20 19:07:53	Name: tuuid Value: a9bdeda3-9383-4240-8809-38e0394d3cbd
.bidswitch.net/	1970-01-20 19:07:53	Name: c Value: 1678937576
.bidswitch.net/	1970-01-20 19:07:53	Name: tuuid_lu Value: 1678937576
.eyeota.net/	1970-01-20 19:09:19	Name: mako_uid Value: 186e87a53f4-6490000010a4355
.eyeota.net/	1970-01-20 10:22:18	Name: SERVERID Value: 17237~DM
.crwdcntrl.net/	1970-01-20 16:51:04	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 16:51:04	Name: _cc_id Value: ccc6f0e186d8b33982f53d9b3c173ffa
.rlcdn.com/	1970-01-20 19:07:53	Name: rlas3 Value: ueR9kTsboyofwFCPDoV5gvq69cybDz3X1eZfhkaxkMM=
.semasio.net/	1970-01-20 19:07:53	Name: SEUNCY Value: BA67244E0F9BB06C
.smartadserver.com/	1970-01-20 19:53:58	Name: pid Value: 7777402719344923733
.smartadserver.com/	1970-01-20 19:53:58	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 19:09:19	Name: csync Value: 22:877935439483742230
.rlcdn.com/	1970-01-20 11:48:41	Name: pxrc Value: COibyqAGEgUI6AcQABIFCOhHEAA=
.bluekai.com/	1970-01-20 14:47:15	Name: bku Value: /Ux99miBWZuoj3Xc
.adnxs.com/	1970-01-20 12:31:53	Name: anj Value: dTM7k!M40]D>6NRF']wIg2E>?vnqcv!]ta]8i_j?:n1^_(xq!dE?_JDSQA8OBJN[]GO7<<@fkfWE^z9@tDc$[^]uRR1@=9:Teoz@_:s8L4hD6K`T^9G5I-CK4/bal!HxOJ(Ed5b>w-/6L=[Je
.asia.frosmo.com/	1970-01-20 19:58:17	Name: id Value: rB8Qd2QSjehWCkD+D9rMAg==
.pubmatic.com/	1970-01-20 11:05:29	Name: KRTBCOOKIE_391 Value: 22924-877935439483742230&KRTB&23263-877935439483742230
.pubmatic.com/	1970-01-20 11:05:29	Name: PugT Value: 1678937575
.krxd.net/	1970-01-20 14:41:29	Name: _kuid_ Value: Pb-_Tuzo
.openx.net/	1970-01-20 19:07:53	Name: i Value: acfe4bde-7331-494f-936f-13c9d1f5b373\|1678937576
.pippio.com/	1970-01-20 19:07:53	Name: did Value: mXHSGfLqVGFI7RUc
.pippio.com/	1970-01-20 19:07:53	Name: didts Value: 1678937576
.pippio.com/	1970-01-20 11:48:41	Name: nnls Value:
.pippio.com/	1970-01-20 11:48:41	Name: pxrc Value: COibyqAGEgYIgr0rEAA=
.agkn.com/	1970-01-20 19:07:53	Name: ab Value: 0001%3A56OqfKhnTTagBnB4TZUGpU%2F%2BJjTZO03P
.demdex.net/	1970-01-20 14:41:29	Name: demdex Value: 73676219288136771241986974410054195480
.dpm.demdex.net/	1970-01-20 14:41:29	Name: dpm Value: 73676219288136771241986974410054195480
.onaudience.com/	1970-01-20 19:07:53	Name: cookie Value: a37534b0e6191140
.onaudience.com/	1970-01-20 10:23:43	Name: done_redirects104 Value: 1
.adscale.de/	1970-01-20 19:04:33	Name: uu Value: a67716916cf04a76aa000294ad81d548
.adscale.de/	1970-01-20 19:04:33	Name: cct Value: 1678937576720
.audrte.com/	1970-01-20 10:43:53	Name: arcki2 Value: 2ihEw7e6sVNSLy7GSvFNAyLYw!20220908!1678937576748!ip#5.181.234.132
.audrte.com/	1970-01-20 10:43:53	Name: arcki2_adform Value: 877935439483742230!20220908!1678937576751
.mathtag.com/	1970-01-20 19:48:12	Name: uuid Value: 44f66412-8de9-4e00-a279-a9a2213576ae
.audrte.com/	1970-01-20 10:43:53	Name: arcki2_ddp2 Value: 2ihEw7e6sVNSLy7GSvFNAyLYw!20220908!1678937576797
.ih.adscale.de/	1970-01-20 19:04:33	Name: tu Value: 4#1625515362#42~877935439483742230~466371~0~0
.onaudience.com/	1970-01-20 10:23:43	Name: done_redirects147 Value: 1
.adsrvr.org/	1970-01-20 19:09:19	Name: TDID Value: b5638da3-7a38-4911-8557-ad13f43d84a5
.w55c.net/	1970-01-20 19:53:58	Name: wfivefivec Value: QbJZZoVY1PCEml5
.weborama.fr/	1970-01-20 19:48:12	Name: AFFICHE_W Value: 4s-hZcjLhFDi40
.adfarm1.adition.com/	1970-01-20 12:31:53	Name: UserID1 Value: 7210981985242183832
.id5-sync.com/	1970-01-20 10:22:17	Name: cf Value:
.id5-sync.com/	1970-01-20 10:22:17	Name: cip Value:
.id5-sync.com/	1970-01-20 10:22:17	Name: cnac Value:
.id5-sync.com/	1970-01-20 10:22:17	Name: car Value:
.id5-sync.com/	1970-01-20 10:22:17	Name: gdpr Value:
.id5-sync.com/	1970-01-20 10:22:17	Name: callback Value:
.linkedin.com/	1970-01-20 12:31:53	Name: li_sugr Value: b8a9d0d0-6837-4675-beec-34de61e02a42
.linkedin.com/	1970-01-20 19:07:53	Name: bcookie Value: "v=2&516ec8e9-fa63-44a5-8874-d39c63f32e14"
.linkedin.com/	1970-01-20 10:23:43	Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2833:u=1:x=1:i=1678937577:t=1679023977:v=2:sig=AQE7uc4z1iaFGgOAogkRrk-1k3Wc3Q_r"
.w55c.net/	1970-01-20 11:05:29	Name: matchadform Value: 5
.teads.tv/	1970-01-20 19:06:27	Name: tt_viewer Value: e46e0464-d8c0-425e-b98b-046a232a2636
global.ib-ibi.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: bgtjmbg1z0xdxkbjct0cdcgh
.3lift.com/	1970-01-20 12:31:53	Name: tluid Value: 780133470462216126663
.tapad.com/	1970-01-20 11:48:41	Name: TapAd_TS Value: 1678937577275
.tapad.com/	1970-01-20 11:48:41	Name: TapAd_DID Value: 99978970-edf1-4bd1-a2fa-134d2d452f9d
.seadform.net/	1970-01-20 11:48:37	Name: uid Value: 877935439483742230
.id5-sync.com/	1970-01-20 12:31:53	Name: id5 Value: 762ee437-be79-7d13-b6e5-7bc018dc0e87#1678937577145#2
.adsrvr.org/	1970-01-20 19:09:19	Name: TDCPM Value: CAESFAoFdGFwYWQSCwjkkrqvpfbSOxAFGAEgASgCMgsI5Iq93Lv20jsQBTgBWgV0YXBhZGAC
.tapad.com/	1970-01-20 11:48:41	Name: TapAd_3WAY_SYNCS Value: 1!1803
.360yield.com/	1970-01-20 12:31:53	Name: um Value: !42,ZCxiaSKgbDgL4l0FzgJKsl6Cx26Fw4Ex1jRax7V7f2Q,1680147176!79,gt9q4iyDOFivO0GdkXowlLL1eGAnkkeFKkX81Uy1TJI6BAgdchChwRnHyljitObFnzvu8ZscMDz7r7xH,1686713577
.360yield.com/	1970-01-20 12:31:53	Name: umeh Value: !42,0,1741145576,-1!79,0,1741145577,-1
.id5-sync.com/	1970-01-20 12:31:53	Name: 3pi Value: 2#1678937577371#229370251#271775688729966696\|10#1678937577264#-1933747374#877935439483742230\|124#1678937577487#-28955981
ib.mookie1.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: kf200ttraalqeuyif4duwexm
.df-bet.org/	1970-01-20 19:06:40	Name: visid_incap_2565515 Value: PvOXK3uYSjiTfXutDCWB0+iNEmQAAAAAQUIPAAAAAACf3TiVjy5WHT+v3iCfYkOC
.df-bet.org/	1969-12-31 23:59:59	Name: incap_ses_221_2565515 Value: a2iYWJLnAQeS4BrYFycRA+mNEmQAAAAA0rH/ZYvfRF+Akku3twgIPA==
.smaato.net/	1970-01-20 10:52:31	Name: SCM Value: 9c20691f
.smaato.net/	1970-01-20 10:37:24	Name: SCMt Value: 9c20691f
.smaato.net/	1970-01-20 10:37:24	Name: SCM1001213 Value: 9c20691f
.taboola.com/	1970-01-20 19:07:53	Name: t_gid Value: 17c4755b-8e6c-45a6-b2f3-6cccae29b4bd-tuctb0c1369
.e-volution.ai/	1970-01-20 10:42:27	Name: v_usr Value: e10845c7-4985-4603-a6bf-83cf5ce8172f
.rubiconproject.com/	1970-01-20 19:07:53	Name: audit Value: 1\|aJmG22oDaK/JrwXflwqUmZ/S+B3dhHQ5ZD1ovbsdNNpGXlzst0zOc50I0pTW/Kcjiw2ngiP5Tu4VbvvNSg8qXw7sohpZJOZzeMsTHdcAjhQTDynmU0/+aXa5snXs/cG/p5X1ekyDRl5+f25GAixWXg==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.stickyadstv.com
aka-mcashier.dafanba.net
aka-www.dffgames.com
api.adrtx.net
asia.adform.net
asia.frosmo.com
asia.seadform.net
beacon.krxd.net
bpi.rtactivate.com
c1.adform.net
cdn-sports.nextbet.com
cdn-www.df-bet.org
cdn.appdynamics.com
cdnetworks.cedexis-test.com
cedexis.pc.cdn.bitgravity.com
cm.g.doubleclick.net
col.0wp0usgn.com
d313lzv9559yp9.cloudfront.net
dafabetcomasia.asia.frosmo.com
dk0tzorg7uge9.cloudfront.net
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
edg-static.xhhlhh.com
eu-u.openx.net
fonts.googleapis.com
global.ib-ibi.com
i1-j5-20-123-1-20200-1843368282-s.init.cedexis-radar.net
i2-jmmzbaqojuycpecrzvecnytfoulodm.init.cedexis-radar.net
ib.adnxs.com
ib.mookie1.com
ice.360yield.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
in.hotjar.com
inc-www.df-bet.org
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
p20305.cedexis-test.com
p30885.citm-test.com
pdw-adf.userreport.com
pippio.com
pixel.mathtag.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
ps.eyeota.net
px.ads.linkedin.com
radar.cedexis.com
redirect.frontend.weborama.fr
rpt.cedexis.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
sc.adelement.com
script.hotjar.com
secure.adnxs.com
simage2.pubmatic.com
static.hotjar.com
sync.1dmp.io
sync.crwdcntrl.net
sync.e-volution.ai
sync.outbrain.com
sync.taboola.com
sync.teads.tv
tags.bluekai.com
token.rubiconproject.com
track.adform.net
uipglob.semasio.net
ups.analytics.yahoo.com
vc.hotjar.io
www.dfvnvui.com
www.google-analytics.com
www.googletagmanager.com
x.bidswitch.net
e1.emxdgt.com
104.126.113.17
104.126.118.200
104.126.118.234
104.225.10.225
104.225.10.227
107.178.254.65
108.138.106.124
108.138.128.2
109.206.161.21
110.50.231.223
13.107.42.14
13.225.214.84
13.225.214.99
141.226.224.48
141.94.171.216
142.250.64.74
142.251.40.194
152.199.0.130
157.185.155.6
157.185.165.41
157.185.177.205
162.19.138.83
162.248.18.37
173.223.57.84
18.164.96.46
18.164.96.52
18.196.192.213
18.209.139.125
18.67.76.97
185.167.164.47
185.167.164.49
185.84.60.20
185.84.60.21
192.40.39.223
199.187.193.177
207.46.231.89
23.52.164.7
23.78.208.213
2607:f740:e619::1
2607:f8b0:4006:80d::200e
2607:f8b0:4006:816::2008
3.214.202.88
3.218.90.66
3.221.107.188
3.229.34.188
3.33.220.150
34.111.113.62
34.149.119.194
34.236.110.233
35.190.24.218
35.190.60.146
35.211.178.172
35.244.159.8
37.157.6.245
45.54.49.1
45.54.49.5
45.60.12.120
46.19.11.36
46.51.204.8
50.16.197.56
50.57.31.206
52.0.191.77
52.213.180.231
52.218.25.147
52.223.22.214
52.73.170.4
52.73.4.138
52.78.8.111
52.79.118.14
52.85.61.67
54.156.26.12
63.251.28.233
64.185.181.238
64.202.112.255
64.58.232.176
64.58.232.177
68.67.160.24
68.67.161.182
8.43.72.98
8.45.176.226
85.114.159.93
87.242.89.90
99.84.38.65
01c29d94c2f2fe46614f063be02ce23565df9f468ed488bf8c562cc68566b819
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0cd609cb62d8ef9292ef7b48e19ce8091e68b553b308dd4ed5e21192280c721a
0ea8ad9a1b5a3e3e0950b9dd614a5056250369587ff45165dacafd8d13e838e4
0f47272de3875f1531038d1dd74318d65615e4a01403492d95d4de9d218ac06b
1255cfe05d68366b2f1784987c772a817da92099f4922498a445f8768c52a710
17992c27b58213ab4eb44620fde1b46a7946654c44c3a3164e7f9709037d6f58
180109f8f37c833e1f965c5662f54e73b3e1291117a3c7fa320dab4ae7727dcd
184c758595bfec8652472791a960c50f607bb6f4ea018673ead40d008d042e10
1af15a8dfe5dd8cb0597a2e42cc0490cb852627d522e4db0dcda73bc453f78cd
1af36cdc6db5fd88b942e647447917ee71450340d55accaed104f0cb0185bbbc
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1fad8a0d38b8307c0781fbfd3222b43917c5c879bbcfb3d5e0b96d1b4416e5a9
24890a9d62ac0402b8bb2ce26e35d7719f75118118dad671875889591f7e876f
296f80730ee5d3a6ae96d1a4cafbdd77272091194fd0c0d5ac21d94654e68dcf
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2e8a098381b827264e000864a9dadb6f2f112639112e690294101b9827cc007a
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3010c9b652936f83d876678eb50ba96fdb65b78878b59a32662535e8281b76f0
312bd3fdcf4c5d83576e2f28f331c9d0c3caa71c3d06c11e46e462783ee76bf9
31344945c1c2dc743640442fd4508719a4a3801e096e631a92cf737067a91e53
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
38b126f92a3104c7d73e1cf2f448db9896d4f29ebf3a7b593b380e6cdd0ae378
3e500065c5a7f3d32c59133316d559e700a49db695b7d20f7c39184fac45f64e
40de67281c077668bd49d1d8d3817452e66677e565bfe9a1e5477d83e53f802b
45d4d6fe0a9cae467c6d81caef5edd008c13b70ba403979f979fb86d400378c7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f634503777976171ddeac2a8cf1750f7f72f4fb810bbc3d5d4ec955a38b5645
53779d63f5dbe4c59e410a4976a35cd9ed9f2934fbd813d0bef9b2519cc67ced
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5bf62200787a40e4af3e5352641483265476ce7f29a1e602a9c68c3aadaa06b1
5d1f4f953c13145264dea1340ea9098685f43bb58114125a3cefaee1f8ec1d6a
60dedf951a86ff78dd9fa60b57d3196220cdc882c754a728c54e0bc2d797304f
635dda68d7c55054da4da5d2dc654d40a92c598d80ff35af158da5990ba21a80
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b65e3870f0c53a1563b29a83330581f3be5b5f809b3105f38390a561ded34a3
708c6ded243b8dde1efd6e13f0c3a5e1513533d36c224e5f66a9eac657e8814c
7c9c20f775ce6e3d0c192924333e53c82a84c4427899b26c434c8136871be70c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833e9ac3fd9706f7c5db171919041e789fa53325a0a390e8600738ebcb524e3f
84f7b1b8c914f64d6e5bf555a52c83e1255eaa8f0f51ba2bf5b387d05c821018
8736af2d295525a939c8c8dac5753efd917fbad619dd0a5d3e8c7ae31d5f58e0
8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e11dd56632ee0a30631894da5cf279e6b507aed47dc1202a2ce62a7aff7b0cb
8edac40c8b00b17bb3021d109c1f70238f032a3c6ee113b3f71bbff01d997abc
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9be66a4eaec790c62e41c45124bc08ec2b4d24d06011ad8048e81d79b84759b9
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a17f8e959159242b6971fc5529d7a8abb4e38d866c938918b1ef4152c99307c8
a2e3b730e59a00b1195cd8e5bfe193efdf3bd17b9c1dbd77ee796dc5c8b68c36
a344651e7d82d44fdc2226f57dfea79cae89296f3e12374bf42fe55645ba1205
a3aa896141cf840e5548d76aafcaf0d10db50ebb4fc2811858b5ad4da3146a59
a694428ee039141c0154279f988d0389639419ae03c791e8fac540bb749eded1
a6af5e91a53a711b4b83b1fdc5720e62a6839dd1a3b26fee08ef361f2637aaa1
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab3b05fe86ba843b9e70759d6e38a9b235ff9c2765cc42f7248c40f5f3c5210c
ac3d45538ffdd87732763521ea21e1f9695551d5c8a1b506935fb9bbc5253bfc
ad81c752ea734a513d13af9778fd7d65135dc6c2d0b5b4a067cf2545bb9b9100
affe144bc5730c89d09e953cd7162b1cbbc88210ae0be3bc482ed85bf1c34e76
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3d67ffe32b1906e239eace11cb8f59b5484d6eb15c7354ddcbdb70474ad5527
b579e84fabc2ea7873e4df808071c44d8db2b1185890861354768c6fc4433f32
b792028e63eaa2170cb76231a6503ba10210d2b4df1701feac9b6cda68b21d87
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bef431d8570694584ec233e7e9ebccde299f19c95393bc2e543dfd6243461389
c3e0f6e3c4e3bc238575ec1d0155e180564d6358503607c8cc38b6c02ae90656
caed37875e80934c7f52564ca26b7846bd1f7bfa26f6eb74994556ee9777dbec
cafad2ac162dd57a18f1a90630dd3eb94e1fdf1cf4734c7c7a641663d6ac8ece
cd1b12e3fe4bf056be7a2fc6d36990194ab835f339ca17b90330886891c4b466
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7cf39b9083ee5503540f737097dc4daf98b42efff20d25a93d0202c7f8e5d3
d01e7f7bc38eeccd2397c1df224742f91cfbc6b59cfd8a4f0296eb9fd8e8de78
d770c011603098a3742f00afa951921b39a1daa27937c6a33a6f27e256556886
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e32d0137b37137e902d7be5b6de744893db6fd2e2be566a66db6d1582418294a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e806f43ef3519e43f6b525c64fc79310f4e4bb6a359c7bf58bcd7181aaa263da
e8b84ff67d7430778433aea5e69d575c694eae33ee3e487f42411078e3fd2242
ea1bd05db50c7890dd053edf77ee864749a4d8d726a063c80c606a88d095cabd
ea65daab2589fc5508d82756f15f5ae85049acc4ba9d86998b35640bc67a67b7
eb0814eba7049a79688b0c1dae911920921aef081d487f0394fd4411cd196259
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6c1f3e60c738e0efe4050ab6cb05bd536d01e116a656270e2e93c25bc82ce3
f7309b6ccc1a76da1e7a0709abb8a0bf549277dee6c21ae7a466e73426fe9667

www.dfvnvui.com Open in urlscan Pro 110.50.231.223 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

192 Requests

82 %HTTPS

4 %IPv6

71 Domains

86 Subdomains

65 IPs

10 Countries

4423 kBTransfer

6432 kBSize

103 Cookies

19 Outgoing links

Page URL History

Redirected requests

192 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.dfvnvui.com Open in urlscan Pro
110.50.231.223 Public Scan

Screenshot
Live screenshot

Full Image

192
Requests

82 %
HTTPS

4 %
IPv6

71
Domains

86
Subdomains

65
IPs

10
Countries

4423 kB
Transfer

6432 kB
Size

103
Cookies

192 HTTP transactions
0 data transactions