Submitted URL: http://rivalwin.org/
Effective URL: https://rivalwin.org/
Submission: On June 09 via api from PL — Scanned from NL

Summary

This website contacted 25 IPs in 7 countries across 20 domains to perform 92 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is rivalwin.org.
TLS certificate: Issued by WE1 on June 6th 2024. Valid for: 3 months.
This is the only time rivalwin.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 188.114.96.3 13335 (CLOUDFLAR...)
2 151.101.129.55 54113 (FASTLY)
54 2606:4700:20:... 13335 (CLOUDFLAR...)
3 142.250.186.66 15169 (GOOGLE)
3 13.224.186.120 16509 (AMAZON-02)
1 18.244.18.85 16509 (AMAZON-02)
2 54.76.209.157 16509 (AMAZON-02)
1 2a04:4e42::485 54113 (FASTLY)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 51.38.120.206 16276 (OVH)
1 104.18.36.155 13335 (CLOUDFLAR...)
1 2602:803:c003... 26667 (RUBICONPR...)
3 5.135.209.97 16276 (OVH)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 35.186.253.211 15169 (GOOGLE)
1 178.250.1.8 44788 (ASN-CRITE...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 185.89.210.90 29990 (ASN-APPNEX)
1 52.49.185.64 16509 (AMAZON-02)
1 99.86.4.128 16509 (AMAZON-02)
1 18.245.52.164 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
1 2a02:2638:3::c 44788 (ASN-CRITE...)
92 25
Apex Domain
Subdomains
Transfer
54 prosettings.net
prosettings.net — Cisco Umbrella Rank: 689544
474 KB
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 356
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 731
aax.amazon-adsystem.com — Cisco Umbrella Rank: 487
81 KB
4 rivalwin.org
rivalwin.org
65 KB
3 smartadserver.com
prg-apac.smartadserver.com — Cisco Umbrella Rank: 9230
1002 B
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2492
mp.4dex.io — Cisco Umbrella Rank: 3429
24 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 236
175 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 748
60 KB
2 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 659
gum.criteo.com — Cisco Umbrella Rank: 499
191 B
2 presage.io
mweb-hb.presage.io — Cisco Umbrella Rank: 11608
294 B
2 anymind360.com
anymind360.com — Cisco Umbrella Rank: 17496
196 KB
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 1641
239 B
1 smaato.net
prebid.ad.smaato.net — Cisco Umbrella Rank: 8212
374 B
1 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 277
739 B
1 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 516
111 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 609
279 B
1 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 557
914 B
1 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 525
519 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 771
409 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 354
1 KB
1 fulla.bet
afl.fulla.bet
92 20
Domain Requested by
54 prosettings.net rivalwin.org
prosettings.net
4 rivalwin.org rivalwin.org
3 prg-apac.smartadserver.com anymind360.com
3 c.amazon-adsystem.com anymind360.com
c.amazon-adsystem.com
3 securepubads.g.doubleclick.net anymind360.com
securepubads.g.doubleclick.net
2 static.criteo.net anymind360.com
static.criteo.net
2 script.4dex.io anymind360.com
script.4dex.io
2 mweb-hb.presage.io anymind360.com
2 anymind360.com rivalwin.org
anymind360.com
1 gum.criteo.com static.criteo.net
1 cadmus.script.ac script.4dex.io
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 prebid.ad.smaato.net anymind360.com
1 ib.adnxs.com anymind360.com
1 hbopenbid.pubmatic.com anymind360.com
1 bidder.criteo.com anymind360.com
1 rtb.openx.net anymind360.com
1 mp.4dex.io anymind360.com
1 fastlane.rubiconproject.com anymind360.com
1 htlb.casalemedia.com anymind360.com
1 onetag-sys.com anymind360.com
1 cdn.jsdelivr.net anymind360.com
1 afl.fulla.bet rivalwin.org
92 24

This site contains links to these domains. Also see Links.

Domain
prosettings.net
cookiedatabase.org
www.twitch.tv
steamcommunity.com
amzn.to
cs.money
Subject Issuer Validity Valid
rivalwin.org
WE1
2024-06-06 -
2024-09-04
3 months crt.sh
anymind360.com
R3
2024-04-22 -
2024-07-21
3 months crt.sh
prosettings.net
E1
2024-04-23 -
2024-07-22
3 months crt.sh
*.g.doubleclick.net
WR2
2024-05-21 -
2024-08-13
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-12-30 -
2024-12-04
a year crt.sh
afl.fulla.bet
Amazon RSA 2048 M02
2024-05-07 -
2025-06-06
a year crt.sh
*.prod.cloud.ogury.io
R3
2024-06-05 -
2024-09-03
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-09-27 -
2024-10-28
a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3
2023-10-23 -
2024-10-22
a year crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2024-01-23 -
2025-01-29
a year crt.sh
casalemedia.com
E1
2024-04-19 -
2024-07-18
3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2024-03-04 -
2025-04-03
a year crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2024-01-17 -
2025-01-16
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-08-01 -
2024-07-31
a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-04-15 -
2024-07-10
3 months crt.sh
*.pubmatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-03-19 -
2025-04-19
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2024-02-14 -
2025-03-16
a year crt.sh
smaato.net
Sectigo ECC Domain Validation Secure Server CA
2023-08-25 -
2024-08-24
a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2024-01-21 -
2025-02-19
a year crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03
2024-03-29 -
2025-04-28
a year crt.sh
script.ac
E1
2024-04-25 -
2024-07-24
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-04-25 -
2024-07-19
3 months crt.sh

This page contains 3 frames:

Primary Page: https://rivalwin.org/
Frame ID: D1B20AE150DC383DEE55849D044914F5
Requests: 122 HTTP requests in this frame

Frame: https://afl.fulla.bet/4e10dbbad63980a3b5d75075643338b8/banners/upcomingMatches?brandToken=c7caf7a6-4fb7-41e0-a026-9cf8d93c2fdb&id=b2Q6cGxheWVyOjIwMjQ%3D&theme=light
Frame ID: C9970B2997D3C66933BBD2C419A44142
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=rivalwin.org
Frame ID: 839066E68F2824829003DC4FA61AE9AF
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

donk CS2 Settings, Crosshair & Config - ProSettings.net

Page URL History Show full URLs

  1. http://rivalwin.org/ HTTP 307
    https://rivalwin.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

92
Requests

98 %
HTTPS

33 %
IPv6

20
Domains

24
Subdomains

25
IPs

7
Countries

1080 kB
Transfer

3712 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rivalwin.org/ HTTP 307
    https://rivalwin.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

92 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
rivalwin.org/
Redirect Chain
  • http://rivalwin.org/
  • https://rivalwin.org/
492 KB
65 KB
Document
General
Full URL
https://rivalwin.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54d2d5c35c2ceb515903123961b1718300c6f4191faed397c7666c2ee91b27a0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89139ed0087f2bb0-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 09 Jun 2024 19:45:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U1uICBBTng%2F87YTlqWHXFymbSgtZTFcX%2BCoFp5H4dceqXTp4YYrti7KBFBw8RfQst1HV7iwKF3%2FoMvhxoX41au0eYvD6thVGuQjU09VqDVzwZGiYfyzBlxGT4g5Ozm0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

Location
https://rivalwin.org/
Non-Authoritative-Reason
HttpsUpgrades
ats.js
anymind360.com/js/11502/
252 KB
45 KB
Script
General
Full URL
https://anymind360.com/js/11502/ats.js
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
534c29a0b1f1ee7ee6614431466cc9b6c0973b1819bbc6dcf0dd65574b25c487
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sun, 09 Jun 2024 09:36:26 GMT
date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
36523
x-guploader-uploadid
ABPtcPoO9-jg6xBAO_A9GFUjsh7syFbr__m8bSxbXpjPhX4UsT4Hr2IIvK9hzaDDcArnfftaSBY
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
45499
x-served-by
cache-tyo11961-TYO, cache-mad22077-MAD
last-modified
Thu, 06 Jun 2024 09:36:09 GMT
server
UploadServer
x-timer
S1717962309.419899,VS0,VE2
etag
"c171fc3172eda20b6411c104f85b9917"
vary
Accept-Encoding
x-goog-generation
1717666569550023
x-goog-hash
crc32c=Sw6QkA==, md5=wXH8MXLtogtkEcEE+FuZFw==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
max-age=1200
x-goog-stored-content-length
45499
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-cache-hits
110, 1
donk.png
prosettings.net/cdn-cgi/image/dpr=1%2Cf=auto%2Cfit=contain%2Cheight=240%2Cq=99%2Csharpen=1%2Cwidth=240/wp-content/uploads/
30 KB
30 KB
Image
General
Full URL
https://prosettings.net/cdn-cgi/image/dpr=1%2Cf=auto%2Cfit=contain%2Cheight=240%2Cq=99%2Csharpen=1%2Cwidth=240/wp-content/uploads/donk.png
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b3557f9a86771440bc0f25efbd3d87e98d018343816bb5f884a09c10205a030
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
30629
cf-resized
internal=ram/h q=0 n=0+71 c=0+0 v=2024.6.0 l=30629
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 28 Dec 2023 18:41:42 GMT
cf-bgj
imgq:99,h2pri
server
cloudflare
etag
"cf0yMbR63wtyCsskHa3xxssIrpe7tYc9WCZW03Emd_DQ:658dc166-287bd"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P0xMtZCr09T7TrM7X4h0z9d29QZjmWmoCKZsVJeW%2Ft6GiDB8%2BJc1GngxkT1lkCuMH668lVHInuimslGFai5yDayaXleGERV7Xcyid%2B5r6%2BjBhZ%2FLq0aM0iqjsPi%2FoYZThzajlj4A2WJ8beIoQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
89139ed1b864926b-FRA
footer.css
prosettings.net/wp-content/plugins/prosettings-customization/styles/build/templates/
23 KB
5 KB
Stylesheet
General
Full URL
https://prosettings.net/wp-content/plugins/prosettings-customization/styles/build/templates/footer.css?ver=1706033606
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
699cc82f0d0e1c4d493d62746712790993e0e57877af1160a720368d6992dd4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
213947
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Tue, 23 Jan 2024 18:13:26 GMT
server
cloudflare
etag
W/"65b001c6-4dec"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2BjynzZd3zfnLjo05xlr9U0jLdgf1X%2FcsIG8T3Vdqvl3zH9iyBAlpS4%2Bgs0cnv%2FZajUZcsLnW%2BkHw5BaqfLMYA9I1zUPuufrsvf7H%2BYY3Hoq0f5K7KVoB7YrQu3u5UPWxli%2FkWEINnvnTjvkFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed1982a926b-FRA
login.css
prosettings.net/wp-content/plugins/prosettings-customization/styles/build/blocks/
58 KB
12 KB
Stylesheet
General
Full URL
https://prosettings.net/wp-content/plugins/prosettings-customization/styles/build/blocks/login.css?ver=1714478410
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9c9cd154d215f3146131175546bdbd6cc83c320ae6184c3b147e5c7e9f147dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
213947
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Tue, 30 Apr 2024 12:00:10 GMT
server
cloudflare
etag
W/"6630dd4a-bdbd"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BJZbLBCpAYMKPAawISJqiQdO3CROvSjFt7sxFRDWhf7I3CjJ7pHTs5ngtHb9MgjvS7EXnJ0qUEqG7pTFAv5Oxe3qpkZ65Fjn6mRm0I%2FdUj2waeGyjFlYdqW8XQ9sW2qG6qF%2B6aMl9jDfvI%2BEZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed19834926b-FRA
comments.css
prosettings.net/wp-content/plugins/prosettings-customization/styles/build/blocks/
87 KB
15 KB
Stylesheet
General
Full URL
https://prosettings.net/wp-content/plugins/prosettings-customization/styles/build/blocks/comments.css?ver=1713890551
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fdc186142b863683d37a3ec1916ac1d57c048e762b85a867e30c485f99065d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
213947
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Tue, 23 Apr 2024 16:42:31 GMT
server
cloudflare
etag
W/"6627e4f7-13aee"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qNXs6iL1khQi1pR1lNbVl9PWCtLyV5iWJOAwGR7fWySIZyVdyGKCPoCDQY2DEClwQj23RcoeKhc%2FySi3szuR6Dswap2b3g%2FmX1nreQi8IzuE1n1CahbvzQxEtFtu01rOZLmFhCVier9IL57E3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed19836926b-FRA
glide.core.min.css
prosettings.net/wp-content/plugins/prosettings-customization/libs/glide/dist/css/
843 B
1004 B
Stylesheet
General
Full URL
https://prosettings.net/wp-content/plugins/prosettings-customization/libs/glide/dist/css/glide.core.min.css?ver=1693907715
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e6765981015a3543a5d5d9c1e2c9a06e05f7bd2a0610842adf426a11abcf928
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
214030
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 05 Sep 2023 09:55:15 GMT
server
cloudflare
etag
W/"64f6fb03-34b"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NoBhfTg0Cb4k3Y6QeRWe%2FAAtahSQlHzxGkLiaJ0%2FUtnflkZ%2FG1FaXvvwYJ6QuZJlDJoSFFq1DPTz6GS%2BU%2B9jNJ75az%2FXCecsPxz3qY9b%2FyH3sOkFTaRDe3Gx1PVZtYqsHDVtkEMn29W5kz6Ahw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed19830926b-FRA
single-player.css
prosettings.net/wp-content/plugins/prosettings-customization/styles/build/templates/
249 KB
39 KB
Stylesheet
General
Full URL
https://prosettings.net/wp-content/plugins/prosettings-customization/styles/build/templates/single-player.css?ver=1714467742
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96c7d1747502d1ed1003b1a33d38f15ca2d664f927d82d7a87c051591df531a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12840
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Thu, 30 May 2024 09:51:28 GMT
server
cloudflare
etag
W/"66584c20-34f79"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e6h8X3WHfkrpNFnE8xE6puDeSk0TBcYoIZWhUMKfdFe2ecLb3SJHO9NsTyxeAkmXvV08PLYU27d%2FJE7mb%2BiMwqkEXJe%2Bv%2FXkNBi9aH2KeH%2FGnBzu9zeWErqIo2q9qzhe6Sp6LJy4PXoTKUUxPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed19831926b-FRA
cookieblocker.min.css
prosettings.net/wp-content/plugins/complianz-gdpr-premium/assets/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://prosettings.net/wp-content/plugins/complianz-gdpr-premium/assets/css/cookieblocker.min.css?ver=1713260449
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d5f949fcf84560d013b596b51856d6bc487bedc510bc712e82458f00b2506e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12840
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 29 May 2024 08:55:40 GMT
server
cloudflare
etag
W/"6656ed8c-ade"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y0FShRBRpqDQ2R6GPnqqqmsWzHPLeE87rEwWhQ%2BWYx51k6Ajkbj7Ip57TfGo%2Bm01CnLl1VUKF9MVXRHg%2BEUMOc2efKIPGjX5VK2RzhpjDzAnTA%2FNYu3bpzd9bqUY769JzK32lwrOY7FQ9EELUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed1982c926b-FRA
style.css
prosettings.net/wp-content/plugins/relevanssi-live-ajax-search/assets/styles/
1 KB
1 KB
Stylesheet
General
Full URL
https://prosettings.net/wp-content/plugins/relevanssi-live-ajax-search/assets/styles/style.css?ver=2.4
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d801496faa4d884ebeb6a47db82a85a0c1bba204d52410bc35f05825ff97fdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
213947
cf-polished
origSize=1851
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Sat, 18 Nov 2023 14:25:05 GMT
server
cloudflare
etag
W/"6558c941-73b"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RnaCc3INiaykZjpriXb6MwGRAXAwk57Z7jbqlfVwU9Fl59JMsKbnROzzGEP1ZCLo%2F7Hx83gtExWNLoMd4F0KYFn%2BDeZeAi995fd0to72HSIbbeACFC%2BLD%2BgkqlhJZmKt3de%2FrOJ%2F%2FSf6%2BR%2BzWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed19832926b-FRA
index.js
prosettings.net/wp-content/plugins/complianz-gdpr-premium/pro/tcf-stub/build/
2 KB
1 KB
Script
General
Full URL
https://prosettings.net/wp-content/plugins/complianz-gdpr-premium/pro/tcf-stub/build/index.js?ver=1713260448
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ef33bfd78d40c2c5fc992a46cfc9ab7d9db7195f2a3de6093044c14031fc95b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
47347
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 29 May 2024 08:55:39 GMT
server
cloudflare
etag
W/"6656ed8b-6d3"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TAf4VXgrqwtXVPKmKGZKZHCRj8%2FkfEHCMz4xbqDIGrPOiNhjteYdEls3az0ayKqbWpcUVE3P27gRT5kdGXO8Zy0ltyBH0J3r1k%2FHCYiGMCz1LN0pQtuHljEmUlfByx3GwoThqJjJv58gsw8OXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed1b863926b-FRA
advertisement.js
prosettings.net/wp-content/plugins/advanced-ads/admin/assets/js/
37 B
395 B
Script
General
Full URL
https://prosettings.net/wp-content/plugins/advanced-ads/admin/assets/js/advertisement.js?ver=1.52.3
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b231d354bb4e9c0ef8577d83eb38d6ecfd27fff1c8a2c3b35ef41f10c54351
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
213947
cf-polished
origSize=39
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Tue, 14 May 2024 11:33:55 GMT
server
cloudflare
etag
W/"66434c23-27"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NfPl8Zi699InTwKmddtRxVHCttDffhgmpwAlJjehIxTVNCWRU9gvg6V97gNiR99yki3nB61RTDEbwXAXfwGtzP9Gz5CIN2nbe44t6%2F0d0rIaFDhd9WVoRztHwQUlMI3JowYEqz0qB21AI0oX1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed19838926b-FRA
jquery-3.7.1.min.js
prosettings.net/wp-content/plugins/prosettings-customization/libs/jquery/
85 KB
30 KB
Script
General
Full URL
https://prosettings.net/wp-content/plugins/prosettings-customization/libs/jquery/jquery-3.7.1.min.js?ver=1696694777
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
213946
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sat, 07 Oct 2023 16:06:17 GMT
server
cloudflare
etag
W/"652181f9-155ed"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VJU6CIc1x9PpuWr6aj%2BBRUP7dufzNCorhXqvegixYu4V1budpuPj2dqj6jUlEzBiCFvEm2F4nasxHAOE6KwxbHfXUmFWV1mP13lPoos57tVwh8bLhp0v0GJYSP%2FST1fauBvkfKi1f0SQgPY%2FCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed218e4926b-FRA
micromodal.min.js
prosettings.net/wp-content/plugins/prosettings-customization/libs/micromodaljs/
7 KB
3 KB
Script
General
Full URL
https://prosettings.net/wp-content/plugins/prosettings-customization/libs/micromodaljs/micromodal.min.js?ver=1693907715
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0b8090ad4a77331c63f9358715c0b7b538bdaa1f12d647f820b4780ebdda3ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
213946
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 05 Sep 2023 09:55:15 GMT
server
cloudflare
etag
W/"64f6fb03-1bbd"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fN9Z4ykFv1qOSi6%2BK%2FaiePfrzSc%2Fo%2FLFu5hjRKz3Re4tf1SndExwcOWREbiq6rV6qICM644T7g5ZfMob7aBcnKe7ta4aJu2LnAyW5Q28ZB0fWg%2F9%2BvNYtX1mA73ursfgY9thxkHAXVqL1%2BO7Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed2593a926b-FRA
login.js
prosettings.net/wp-content/plugins/prosettings-customization/scripts/build/modules/
11 KB
4 KB
Script
General
Full URL
https://prosettings.net/wp-content/plugins/prosettings-customization/scripts/build/modules/login.js?ver=1704538797
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9031c3e0f04ba10be7c241b72cb1a3a5e5df0f519784febb5c00e2fcf82327d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
166978
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Fri, 31 May 2024 12:02:27 GMT
server
cloudflare
etag
W/"6659bc53-2af4"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xCa%2FIe%2Babzwj%2F1b0Tceusr8lAS7N%2FtxZLAkOyxGU9dpIPLjtrRfOwID5Q%2FY%2F12uMFlJLo8g1GRIB%2BYip%2FN0dyChLmp7maWKya5%2FXKqokj7FZOuhVD0MImPh3Dzvay0%2BAU6wFYNWTpfH0xqtSEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed2594a926b-FRA
gtm.js
prosettings.net/wp-content/plugins/prosettings-customization/scripts/build/modules/
661 B
579 B
Script
General
Full URL
https://prosettings.net/wp-content/plugins/prosettings-customization/scripts/build/modules/gtm.js?ver=1711974550
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9049d19610881340e759211242842a170067e7c61f5c41e7e99b836023fb347d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
213946
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Mon, 01 Apr 2024 12:29:10 GMT
server
cloudflare
etag
W/"660aa896-295"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w294Hj5YdBz9krCLO%2BZPtFvIwpCy0s7clVIQ8alG4MKBegOQCC52btNfB9lr1XeW%2Fqq0xKBB%2FRQhauqrZG%2FdYXyd4%2FVPmeJSe33B7CLJHLpjqUiD1FvIh6IH3l9D%2BPHPfSdQCHpCZK28%2BZAeWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed2a9a7926b-FRA
comments.js
prosettings.net/wp-content/plugins/prosettings-customization/scripts/build/modules/
13 KB
4 KB
Script
General
Full URL
https://prosettings.net/wp-content/plugins/prosettings-customization/scripts/build/modules/comments.js?ver=1706772218
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82c25284c28a7c9f7f8f29ab1d93da5abad26c140447390d43f7342b1ff5b2a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
213946
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Thu, 01 Feb 2024 07:23:38 GMT
server
cloudflare
etag
W/"65bb46fa-32cd"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=68UxNpfIxuq5%2FOrOaiwxspw%2F0DO5msYuittxFfdaFDDrGM1jfEQ91DO3QAU1fQkRBTEJiGPg4SrXYGmT6CWn%2Bh7k0W6MBREf6qTaVlZ%2Bi6Wei1Rayy0YI5M8DI2Jjct4Fj2Quu6YZtPaRusVyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed2a9a9926b-FRA
link-expander.js
prosettings.net/wp-content/plugins/prosettings-customization/scripts/build/modules/
2 KB
1 KB
Script
General
Full URL
https://prosettings.net/wp-content/plugins/prosettings-customization/scripts/build/modules/link-expander.js?ver=1698250750
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
220f9e964f3afe737a8aa228ac3f41a47be7b89f6c1d752514e141bd9c6c95be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
213946
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 25 Oct 2023 16:19:10 GMT
server
cloudflare
etag
W/"65393ffe-957"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LrhYhCZVrbimPnQ0BYVkJY4%2BbZ43SccpxOI16%2FUJ6bvochzDwtl%2Ft8ka3RYW%2BlZDdXdglpGLpefw1%2BpNguGFc0GtBuNINbTdx9w2zqrga%2BdCBZeNOOAFsdnJngreCFSgHYjEznxT9FRXVU7XeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed2a9aa926b-FRA
main-nav.js
prosettings.net/wp-content/plugins/prosettings-customization/scripts/build/modules/
2 KB
1 KB
Script
General
Full URL
https://prosettings.net/wp-content/plugins/prosettings-customization/scripts/build/modules/main-nav.js?ver=1700294644
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da81ea8cd632af923a9abb1b933c4b9075c1255258f421632156f74bf5159901
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
213946
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Sat, 18 Nov 2023 08:04:04 GMT
server
cloudflare
etag
W/"65586ff4-908"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xYLGklUoymXWsUi4PM41i4LBAbUOPLWDpGbS01tJM2o29c%2Bu2ogAro7mWLevzPxFyq0TOThoJKKTMCkT3RXGJcTKO3dP4i80lnH1i83NWtSkuue5W%2Fc9REDLzO%2Bbm%2FwiJNx1cTKxWwoAKEP5Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed2a9ac926b-FRA
notifications.js
prosettings.net/wp-content/plugins/prosettings-customization/scripts/build/modules/
12 KB
5 KB
Script
General
Full URL
https://prosettings.net/wp-content/plugins/prosettings-customization/scripts/build/modules/notifications.js?ver=1715622548
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c56d71175647914a67312f4307a00ec66f72825d0416d0ca6f7d3a495e70184e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
213946
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Mon, 13 May 2024 17:49:08 GMT
server
cloudflare
etag
W/"66425294-312d"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j8VyiUR4%2Bf%2B2wgsp98drnsgt59DKsCZpg4oTQMXT%2BdlupdG6zCZTYMxeNmNueZImJIDInFele6Xv0ooP5kJuUqlPW1XcoC8CIZHw717Q%2Fxb8LSNvIGVWPrkxUksPp%2F%2FSSLS7bimjhWCHcA%2FvcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed2a9ad926b-FRA
toc.js
prosettings.net/wp-content/plugins/prosettings-customization/scripts/build/modules/
2 KB
1 KB
Script
General
Full URL
https://prosettings.net/wp-content/plugins/prosettings-customization/scripts/build/modules/toc.js?ver=1693907715
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
887bf388b47ac97bf1a80dd3080256849fad6c6ddf724c52002621e5a69caec5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
214030
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Tue, 05 Sep 2023 09:55:15 GMT
server
cloudflare
etag
W/"64f6fb03-9fe"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MVcX2p6f9KH1%2BMm%2BkrZoLM2vMeXb1Iy3ozK8HrqYCa1OtmNgyErgohxMknX%2F0NOhlCwr6%2F82T%2BFLgqWQfIVL45YBg%2FpCK7qTYbxKrD9MMP0eqQv8ter6psUcMCjRdN9gJZL5kugRFE0IiBsnHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed2a9ae926b-FRA
copy-config.js
prosettings.net/wp-content/plugins/prosettings-customization/scripts/build/modules/
10 KB
4 KB
Script
General
Full URL
https://prosettings.net/wp-content/plugins/prosettings-customization/scripts/build/modules/copy-config.js?ver=1714467742
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9daf3ae7e648ec9e4d3ebbe7b9cb975f53e38541e24db2e5a8c3b83d1121987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
214030
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Tue, 30 Apr 2024 09:02:22 GMT
server
cloudflare
etag
W/"6630b39e-26d6"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZJupfPbT8Zn8Z%2F6WwFfZ05mfKqQupni90X6vO6aucvjD9%2Fa27MFrMeCE6fPVoPmVEnGKSHnyI0cAUH2Zwy464EHCo0%2Bvoqrzmyuz2K8hozZ8zzYAIBUSmRKkuiPkmTawhgm0MJZazRGiwPGmAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed2a9b0926b-FRA
favorites.js
prosettings.net/wp-content/plugins/prosettings-customization/scripts/build/modules/
9 KB
4 KB
Script
General
Full URL
https://prosettings.net/wp-content/plugins/prosettings-customization/scripts/build/modules/favorites.js?ver=1703246603
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26245d3c89d3e6b63df2567799073f14920981e89c4c8a9fd237f76a6213a23c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
214030
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Fri, 22 Dec 2023 12:03:23 GMT
server
cloudflare
etag
W/"65857b0b-2568"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pR06lBTlIjlGE4DKq4ta%2Bdm9HcDrDoa2%2Bf5a0QgCO1RPXlPCFCw%2BW1qC%2Bq5kSxaVH9T5K9Qhb00ys2Dj%2FBV%2FvGAtQtjZZ6oOhpdGtCtuL1XAoHl6M0mS978RpW1foEEnIuhe%2Fgq5wS%2F6OZsymQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed2a9b1926b-FRA
read-more.js
prosettings.net/wp-content/plugins/prosettings-customization/scripts/build/modules/
1 KB
1 KB
Script
General
Full URL
https://prosettings.net/wp-content/plugins/prosettings-customization/scripts/build/modules/read-more.js?ver=1693907715
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59fc7dc7227a380a3c77978bb1b4cf7ae716dbe50bda8fdf0dfa70a82b2a32b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
214030
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Tue, 05 Sep 2023 09:55:15 GMT
server
cloudflare
etag
W/"64f6fb03-5fc"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pPbyyCF2whMQnjSb74%2BgKp7hfkCD%2B5Om%2BMohOHxpo8dGsy5Q%2FP8YCU14Q9%2BgNzEldafdwsymbOKGNmTsPVmgvB8mWwcz09kFw0lupgt9y2QhL6FPbFMUZNE9n7aaEoKoEOrKMedzzSSTe8fT2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed2a9b2926b-FRA
glide.min.js
prosettings.net/wp-content/plugins/prosettings-customization/libs/glide/dist/
27 KB
8 KB
Script
General
Full URL
https://prosettings.net/wp-content/plugins/prosettings-customization/libs/glide/dist/glide.min.js?ver=1693907715
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71782ea81be551a0e85b89c68ece186a6342da694b18950e97ae1b86db3fced5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
214030
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 05 Sep 2023 09:55:15 GMT
server
cloudflare
etag
W/"64f6fb03-6b83"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a4OCwavBs%2Bjybh8J6EhBsp5Pmqqx64knaTja86quHhzaVWiYGF%2BL5b1CjBFshdmmBNOwPRyMDglmlpaboXfRnvyT1q8TUBfZtB218PXiyjd0Wl%2FA5NXvM600BKVReoXQlzXivo9DVr%2Bnhvvw2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed2a9b3926b-FRA
gallery.js
prosettings.net/wp-content/plugins/prosettings-customization/scripts/build/modules/
698 B
678 B
Script
General
Full URL
https://prosettings.net/wp-content/plugins/prosettings-customization/scripts/build/modules/gallery.js?ver=1702546849
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b33c68bd1ac7f6ebb77be07a055bcfe101019aa33288d0e845749d7171b28c0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12839
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Fri, 31 May 2024 11:32:55 GMT
server
cloudflare
etag
W/"6659b567-2ba"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lXapkuWlTCaBdlpLoR8B3u9CI8gbtQodHMVaqzo4UiX7KV3nL%2FEzCt%2FKJguvfGIKcygXujTUIARBCI05P49d9%2FQ2YacYHAylRUhgJuSCqzz5ppnAlQfe78GWTqoaVFhc23GxgBq55YhyRh9Fkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed2a9b4926b-FRA
index.js
prosettings.net/wp-content/plugins/complianz-gdpr-premium/pro/tcf/build/
60 KB
17 KB
Script
General
Full URL
https://prosettings.net/wp-content/plugins/complianz-gdpr-premium/pro/tcf/build/index.js?ver=739ef8918ee6cff5c636
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86bf1ff2726cbd193ed0329c55d39cc56b93095a64be2e7d9448ff261fabe9e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12839
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 29 May 2024 08:55:39 GMT
server
cloudflare
etag
W/"6656ed8b-ef3b"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eZlhybepkuaNHu6cIjtBOYrRWwWrmnbjhL7NU2Rl%2FdEnpyDVP%2BN1DMaqTpDhhjhMd2jcwslX8AQEYafJtxJg52ObDdFDBgbiy9C4YFrd6aN2j9EbTYGwkGsH8Gs%2FgM0sKs5JzqpBXPRBCL%2BtZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed2a9b6926b-FRA
367.js
prosettings.net/wp-content/uploads/562/245/public/assets/js/
7 KB
3 KB
Script
General
Full URL
https://prosettings.net/wp-content/uploads/562/245/public/assets/js/367.js?ver=1.52.3
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98ff2f173784b131e58f376088dfd9f53aedfcbc9feb5a65d5f90d671f9b8e4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
213946
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Tue, 14 May 2024 11:36:51 GMT
server
cloudflare
etag
W/"66434cd3-1d9d"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ROZgE%2BL%2Fn5KK3%2BWGi%2FMFGlv%2BAurfqWVAa4PtcVRP62hRolOO56iquZ2BkNYyUwwjFOTrfnaa16z7k3eOLMr7rpESwsWIn7ZegaSiOzofMW3BzkFcwtGPmzTfAPf8O8jFA9GiFeViVqxcEghB4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed2a9b7926b-FRA
340.js
prosettings.net/wp-content/uploads/562/16/551/251/55/
1 KB
774 B
Script
General
Full URL
https://prosettings.net/wp-content/uploads/562/16/551/251/55/340.js?ver=2.26.1
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a095d43a6cb207c855ca0b8d70d314f6454e5358b1cf4cf2e9dae378e33e3c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
213946
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Fri, 03 May 2024 08:30:04 GMT
server
cloudflare
etag
W/"6634a08c-475"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MQT0lzxuCP2eLy87TU3cXib5a0C0vxt10Wg7X6LH%2BiF%2B%2FWbyuMqRrNT1IWCtK4qurwPBErW8EQceEXNAcXhElywh2MjDlkj95sm9kbAhLvlQ51%2BEPjoIYrfrKQzHLn0Zfz6czoVKhdMApuerrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed2a9b8926b-FRA
instantpage-5.2.0.min.js
prosettings.net/wp-content/plugins/prosettings-customization/libs/
3 KB
2 KB
Script
General
Full URL
https://prosettings.net/wp-content/plugins/prosettings-customization/libs/instantpage-5.2.0.min.js?ver=1713093244
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b3644ac5b264c8d3d09222feeea6aa208432f4e46900037dd60bc9834b3c250
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
213945
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sun, 14 Apr 2024 11:14:04 GMT
server
cloudflare
etag
W/"661bba7c-beb"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CHChz9yQwT%2FMfqkM1q5MOADlykY%2Fm6Vq6ZP5Lm5fLvwP6VSKYKfeeijer1lHu1Ghb%2B4Or7bWTvvi4Z7TW3K5Zw%2FRD25JF1nZZvtowVexv%2F9oV0oVkl%2FtzXEWXeHIdhuff94iRAtIzGsGbYn%2FaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed2a9ba926b-FRA
prosettings-logo.png
prosettings.net/cdn-cgi/image/dpr=1%2Cf=auto%2Cfit=cover%2Cheight=72%2Cq=85%2Cwidth=400/wp-content/uploads/
6 KB
6 KB
Image
General
Full URL
https://prosettings.net/cdn-cgi/image/dpr=1%2Cf=auto%2Cfit=cover%2Cheight=72%2Cq=85%2Cwidth=400/wp-content/uploads/prosettings-logo.png
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd3b514aa07cc15c540b676778e641ac64c687eb2fa16cd8c66274443822ba74
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
5902
cf-resized
internal=ram/e q=0 n=0+0 c=0+0 v=2024.6.0 l=5902
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 23 Jun 2023 08:31:30 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfU1RhvkTGO4ukG4oLgK9hccpbq1oGYebkZy-F2HsCDQ:64955862-39e4"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZlEpBXxwFnRgN53VMxyZvsRxPDR5Jl6hl2X0FoGyCSVuwgJRvamU411ygCVAQVx8fI0wUV4CAPloMKKDPNtrzsi8gTIp8R44x8bZFPb2Q1blDDs5YOg4p%2FDe7%2FyWJMkSKGMuyriHUdJZryMR9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
89139ed1b85d926b-FRA
prosetting_logo_white_cropped.png
prosettings.net/cdn-cgi/image/dpr=1%2Cf=auto%2Cfit=cover%2Cheight=72%2Cq=85%2Cwidth=400/wp-content/uploads/
6 KB
7 KB
Image
General
Full URL
https://prosettings.net/cdn-cgi/image/dpr=1%2Cf=auto%2Cfit=cover%2Cheight=72%2Cq=85%2Cwidth=400/wp-content/uploads/prosetting_logo_white_cropped.png
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3738842defda0147ff6f602708c7e6c39c1ec87e63131a3da6976599c470e8e3
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
6344
cf-resized
internal=ram/e q=0 n=0+0 c=0+0 v=2024.6.0 l=6344
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 04 Dec 2023 18:02:06 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfpBic6NS0MVWoc8kvfaTjLoaOq1oGYebkZy-F2HsCDQ:656e141e-5482"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HbwwA993YtGScJbbkfXReZoVmj0HrOPoovBWdCqMCpazyMf%2Bo5YbuVTyJLrcPWv3ik2oMNwNEz97RSbPjl0ugTCENyD05gCbPtOEAJBbxnlM%2FUNibN6uda3NecKb3gO8Z0GOk9aKm2SSZfmQSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
89139ed1b85f926b-FRA
fulla-v2.js
prosettings.net/wp-content/plugins/prosettings-customization/scripts/build/modules/
2 KB
1 KB
Script
General
Full URL
https://prosettings.net/wp-content/plugins/prosettings-customization/scripts/build/modules/fulla-v2.js?ver=1707230421
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
446af72a884d345776077649c1df02647f5b36a8fadf0980c319b1af52260d37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
214030
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Tue, 06 Feb 2024 14:40:21 GMT
server
cloudflare
etag
W/"65c244d5-6ab"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2qAVWyDN%2BmVBdSELUAI4xcnwVJ45EQvt1YM0TEBUbzkX0OjvhQYdTZh%2FBlpc5gjDIV9wH3QuIP%2BqzW%2BAMWa6rCXiLPnsyP01uHJH%2FUv%2FPvSjLSRB%2B5gR8DmDIs6iDA%2FQOoM51KT7hnhMZkorFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed1b86d926b-FRA
wpdiscuz-combo.min.js
prosettings.net/wp-content/plugins/wpdiscuz/assets/js/
308 KB
70 KB
Script
General
Full URL
https://prosettings.net/wp-content/plugins/wpdiscuz/assets/js/wpdiscuz-combo.min.js?ver=7.6.19
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f80cb385462593136103054b2dab28ba0d491bad246af2f450a73012a88e9c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
213941
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 08 May 2024 10:04:36 GMT
server
cloudflare
etag
W/"663b4e34-4ce40"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1M3A8YGhp68x6PmOUyaFhWUGoDGR%2FDUiRshx7b%2B%2BUau%2BEKqEwRU1ACqCnwOkH%2FJD8oaFh45FVZaXZhYrOBMDFLjriHorOp4S9SZmmaxp%2FXtod%2FrLNPjknG7VNdt7awfGt6e4Smp7Lh6hOXmLzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed2a9bb926b-FRA
223.js
prosettings.net/wp-content/uploads/562/16/assets/js/
8 KB
3 KB
Script
General
Full URL
https://prosettings.net/wp-content/uploads/562/16/assets/js/223.js?ver=2.26.1
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2014aa913e41fec261461722b2883e2167fedb739050cec9f4beafab3ddb7ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
213941
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Fri, 03 May 2024 08:30:04 GMT
server
cloudflare
etag
W/"6634a08c-1ee6"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GbQ7OQSFvGVUhcLMHWdQkcJDviQ50LwqePGsOph82XKg8G5nXHrpIatFvHmRxOsBGVtkIJBOtvRUDu32HFKpRVWMUG0rwvcG0ZL1XjS%2BxQzg%2F%2FJm7nXNW33P7TibLg5gSVN2k%2FzfgNfELJXerQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed2a9bd926b-FRA
script.min.js
prosettings.net/wp-content/plugins/relevanssi-live-ajax-search/assets/javascript/dist/
9 KB
3 KB
Script
General
Full URL
https://prosettings.net/wp-content/plugins/relevanssi-live-ajax-search/assets/javascript/dist/script.min.js?ver=2.4
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b74edfeeb1f567b51353626e95e93b630856f86ba3c323efbd4563db59bc5e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
213941
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sat, 18 Nov 2023 14:25:05 GMT
server
cloudflare
etag
W/"6558c941-23e6"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iFOc7BeiKzTSG1ZkrINjNfq8pdnUEp22hhuqbpaPWQJhr1YqhZ%2F7oNx%2BSVkDo%2BP2C2hcc1X2X3C55TKg8rE9HacIOGF2T%2BTNH3FUPNN8X0dsAO7SpWFFOmOkFlo8ImnHpjYu93e0zbpP8X1Qog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed2a9be926b-FRA
74.js
prosettings.net/wp-content/uploads/562/16/assets/js/
73 KB
24 KB
Script
General
Full URL
https://prosettings.net/wp-content/uploads/562/16/assets/js/74.js?ver=2.26.1
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1199ccd72754b9510ae2ecaf33d86a39c56e1029780a3faaeefb819bc1f9539
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
213941
cf-polished
origSize=75196
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Fri, 03 May 2024 08:30:04 GMT
server
cloudflare
etag
W/"6634a08c-125bc"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TvHM0oszJmE3kdQFiqGcc4SL8oFx3BXS%2F9AopPqYlNmJoAeD06vQvXro7Fe2TanZajlvTyf%2F9OPROAzlMCN%2BUtex2VUQNvKCo9xud52pgMXnbZCbybPH5q7Fb%2FPbOGJtVYasOcYYNWLbrvDaQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed2a9c1926b-FRA
662.js
prosettings.net/wp-content/uploads/562/29/public/assets/js/418/
10 KB
3 KB
Script
General
Full URL
https://prosettings.net/wp-content/uploads/562/29/public/assets/js/418/662.js?ver=2.7.1
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
622d4e2da39f5ea961864441f76065bb203bb9053bc3f03c256f42fc5ab1b57b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
213941
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Fri, 03 May 2024 08:30:04 GMT
server
cloudflare
etag
W/"6634a08c-27cf"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fqC5v%2F1o0haPCOx2oUbl83fLN0bnOShYqZZq5QevzpaBLk6IzQ5ONDR54rbJHo2eTyB5ZQ%2FRsrWL%2FV8Ift2ow1A0sIK4ls7cWeSuISGkW2kMviTu%2FkB9ri6Rks9AIpwJ7QVOkd5Sd32vnAoR%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed2a9c2926b-FRA
877.js
prosettings.net/wp-content/uploads/562/29/public/assets/js/418/
4 KB
2 KB
Script
General
Full URL
https://prosettings.net/wp-content/uploads/562/29/public/assets/js/418/877.js?ver=2.7.1
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d21c7279b04d1496f0feb5c422668b80f9ca352e3690efba9a787a32b81f406
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
213941
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Fri, 03 May 2024 08:30:04 GMT
server
cloudflare
etag
W/"6634a08c-1063"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m7%2FmeI18zfPo4NhdzX%2F0GKh2K8ubx2YxIyBEhIeZEwAxPhKz2hHUIsW7fcFsz0sCecQ76PiMcZGAGf5X1jhbR9zLGl4OjUTrQpnGHd5Q8ff5eBZM0sr4d3lSYScd7zWJxZQ3Xv6dzt1ajZf%2B6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed2c9f2926b-FRA
complianz.min.js
prosettings.net/wp-content/plugins/complianz-gdpr-premium/cookiebanner/js/
39 KB
11 KB
Script
General
Full URL
https://prosettings.net/wp-content/plugins/complianz-gdpr-premium/cookiebanner/js/complianz.min.js?ver=1713260448
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e48afa0ca2fdaed77ef3d14202f805ab16829b42e321b71635d538f9e9efa4e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12839
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 29 May 2024 08:55:39 GMT
server
cloudflare
etag
W/"6656ed8b-9dee"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JIV7dV9TaB2hfvd7PkP3zc5Gd%2BA%2Fh2%2BkkWsr93n%2B03C%2FB0ywx0aKCJfAlVAha9UNi3jN6RmZLvZhpDT6z%2FEfrXEWFIUpngrbQ1f%2FfLK%2BZp%2BIlU0eEgcWz8kDT4YfaVImVb9glXLmSp40rvYb1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed2c9f4926b-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/
95 KB
30 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/11502/ats.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
fda55d59471da4e2dad0ff8e4ead2a42c53c9c59614f4868752c938b54797157
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30703
x-xss-protection
0
server
cafe
etag
12 / 19883 / m202406040101 / config-hash: 14353985682650205947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 09 Jun 2024 19:45:09 GMT
prebid_2024_6_6_9_35_48.js
anymind360.com/js/11502/
472 KB
151 KB
Script
General
Full URL
https://anymind360.com/js/11502/prebid_2024_6_6_9_35_48.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/11502/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.55 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8a9598514e77189ce592ce72efb148ed6991885996af5186a43cd10c04f52dde
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 06 Jun 2024 09:36:10 GMT
date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
209328
x-guploader-uploadid
ABPtcPrq0bPyNTTaLm0bGaHn0-Va7RBOt-Kbw_kTWmKpqI0VtMcjeHSHniVzbDgahA9POuD_AaI5i0Jvng
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
153758
x-served-by
cache-tyo11950-TYO, cache-mad22077-MAD
last-modified
Thu, 06 Jun 2024 09:36:09 GMT
server
UploadServer
x-timer
S1717962310.554770,VS0,VE2
etag
"e688e69db9704ffb0c29d33cbd60f513"
vary
Accept-Encoding
x-goog-generation
1717666569584119
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=QuTQdg==, md5=5ojmnblwT/sMKdM8vWD1Ew==
access-control-expose-headers
Content-Type
cache-control
max-age=31536000, public
x-goog-stored-content-length
153758
accept-ranges
bytes
x-cache-hits
38, 0
apstag.js
c.amazon-adsystem.com/aax2/
305 KB
76 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/11502/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-120.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
38ddbe47a6c50552223935c9c5553c3cb17292cfc08b33d4d2c40c45baf2174c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:04:07 GMT
content-encoding
gzip
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront), 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
last-modified
Tue, 28 May 2024 21:30:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
age
2463
x-amz-server-side-encryption
AES256
etag
W/"7e37c61c24c4f874b286570f1eebc0ea"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
bSay2U9iAvLMOBAtLcl7F0tai0JGtJeJ6Qw7Ld0VK4JktzmfPpT_5w==
truncated
/
739 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd111e2e24e23e10fe9c14df1bb6b0db3fb42f730a3d28856302d6bbac261d3a

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
497 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65021d110e3faa4e795b2722e96030516835e2cee02a506392d8739456d54c9b

Request headers

Referer
Origin
https://rivalwin.org
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
432 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e8a30089752c13728299edbbc6e8ba2a08c754c2b01bbf54e652f819e6262a09

Request headers

Referer
Origin
https://rivalwin.org
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5eef8f31106b81956ed908490bcf8c73abe476aa58bb9041acdf70b0d42ebcae

Request headers

Referer
Origin
https://rivalwin.org
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
842 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1c305764beca3caf936a2d0a81835a1f4eee3dc49f1de4377774a447a2b3a89c

Request headers

Referer
Origin
https://rivalwin.org
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd1a1cfcf363711655356037dc0e936457d91fa3c5c7d639af1b392ac69a3f92

Request headers

Referer
Origin
https://rivalwin.org
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f5974840bc043f4d7a0716682f5ab54d92807bc92c0a474bcf6fbdc8fd2d4691

Request headers

Referer
Origin
https://rivalwin.org
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
259 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e14864923ccbc79185dabbd2f350c0accdc99e7c02658198607274e4bd7f4d6

Request headers

Referer
Origin
https://rivalwin.org
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
775 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
812fca50b28935c2cee3453098523d3eead8dcd06819aea275b8e23d8c21a743

Request headers

Referer
Origin
https://rivalwin.org
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8646ecebaef8f5819170cc5427c63695399f7fa3a2482d72b6868453a5035594

Request headers

Referer
Origin
https://rivalwin.org
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba8a52e5d9d3b0b016fd71e04e185c5a23e59dd2db44bb4aa7d7e27261b4fb07

Request headers

Referer
Origin
https://rivalwin.org
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0007a3144d6d277dd347d57e26007cda1333211643572a0c713bcf5f48de128e

Request headers

Referer
Origin
https://rivalwin.org
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
669 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35826269556953695e2f33f5dad283974590cc8a1c3213cde9159e9ee861d49e

Request headers

Referer
Origin
https://rivalwin.org
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
656 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58aff91c0127ffd7b966f00b19f581d48b962ae5838dedf88ad18c24cf55fb11

Request headers

Referer
Origin
https://rivalwin.org
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
babcfcba818689202436b86553c0c23f19c65e38eb29d1741b2fe865b39b2fcd

Request headers

Referer
Origin
https://rivalwin.org
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
297 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a2e735250aa89bdbbbf4965f5c82eaea830db06595990c428c3ef531d2891090

Request headers

Referer
Origin
https://rivalwin.org
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4a006a8992736ae8e6497f157161f079b43dd820b86aae4f36b521c29d4e2a6

Request headers

Referer
Origin
https://rivalwin.org
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
505 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d5026cf89332b421cb25a8afc0c5efa0e4e785344d80645d47a10e3fedd17ef5

Request headers

Referer
Origin
https://rivalwin.org
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
269 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
764f66e967214b4f2f74a1e2745699f58d78e19c3b8fcb1d90ae1ef77d76eff1

Request headers

Referer
Origin
https://rivalwin.org
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
321 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5599c3eb34000e3349784230e55ca4e89d1dcffcf0e5b931e90a9629f43f4e7f

Request headers

Referer
Origin
https://rivalwin.org
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
245 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b65d7eb979623e466ea3700d027051d0dda9a4eb3ffc2c20cf1c3fd6b1a551e6

Request headers

Referer
Origin
https://rivalwin.org
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
766 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41d7cc94102ed2313004b480a7f6729159372907b7e94ec49a6d2e23bd8be315

Request headers

Referer
Origin
https://rivalwin.org
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
311 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e56c88851aca16fff38526c8724a9002748f7a88a0dc01d3893a9fd255a48913

Request headers

Referer
Origin
https://rivalwin.org
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57d28f3168199a07d723d06c78f8ba198256841a640c79f3c8f01caa9030c0f9

Request headers

Referer
Origin
https://rivalwin.org
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
645 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f56ef30f1b2a257ac6370e4221878c897b4442ba8bb6c27c6136c318d813dce

Request headers

Referer
Origin
https://rivalwin.org
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
240 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56f807dbe954fd062253c736c5b8c728c0045f966b9120dcc0c2bc253324ca39

Request headers

Referer
Origin
https://rivalwin.org
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
358 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ede9af2058d8632d4143b4cfba861fc1416db57c666dc3624305ce9157f2559

Request headers

Referer
Origin
https://rivalwin.org
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
239 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32d0daa0c46606d1aa2cf0401321e78ebca5202bee481bd33180bad7bf29d345

Request headers

Referer
Origin
https://rivalwin.org
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
238 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3d27dd49f5a9fa00ad2420a0015f629cde25f32c6a71153b820f4c63d6f9e02

Request headers

Referer
Origin
https://rivalwin.org
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
221 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a271471183e23b9cd3e055ee993e7b228e2f18d53001a50712889e6481937ad

Request headers

Referer
Origin
https://rivalwin.org
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
708 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41c10383fc0dc6bd2592a3c7afde1376329616c9fd680dbf4677e033d85c8414

Request headers

Referer
Origin
https://rivalwin.org
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
inter-latin-700.woff2
rivalwin.org/wp-content/plugins/prosettings-customization/fonts/
0
0
Font
General
Full URL
https://rivalwin.org/wp-content/plugins/prosettings-customization/fonts/inter-latin-700.woff2
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Origin
https://rivalwin.org
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:10 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2BvjvnKBcV3H%2FRk%2F6Pnq8%2BO1AquZaSazxxv63SaS37ZNoUUo3CiVjHBGmETPvzhTP4C%2BaKD%2FCYcM8ff2Gwa0KjXmd3YGLfCcyIPaKuimceQxr%2B%2FhkIr1SMocYHLK2u8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
89139ed538012bb0-FRA
alt-svc
h3=":443"; ma=86400
inter-latin-500.woff2
rivalwin.org/wp-content/plugins/prosettings-customization/fonts/
0
0
Font
General
Full URL
https://rivalwin.org/wp-content/plugins/prosettings-customization/fonts/inter-latin-500.woff2
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Origin
https://rivalwin.org
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:10 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XTPu8qawcA6MHPqWMjAEDavbyC2m25ZLkgrGKV1hO%2FthkkaCUCTwfn9TzCgrCU3B30ifmDl1IPuIKamJueyI4LhhDJSnD1B39tEZtLkLy7axn%2Fy8T1CMsu076PG4fzY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
89139ed50fa72bb0-FRA
alt-svc
h3=":443"; ma=86400
ru.svg
prosettings.net/wp-content/plugins/prosettings-customization/assets/flags/rounded-rectangle/
865 B
800 B
Image
General
Full URL
https://prosettings.net/wp-content/plugins/prosettings-customization/assets/flags/rounded-rectangle/ru.svg
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2cba353244bfed4d2251d2cdc48ad3d2671b7404cb07d846741b8cbbd31eadb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
213823
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 05 Sep 2023 09:55:14 GMT
server
cloudflare
etag
W/"64f6fb02-361"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TXYGWBBMLowSOvS5mL%2B0wUnJ8sZAKQieZ19%2FJX9tViUrpQwn7UlU15CJrMNmY8A2GY265pUPSPvh4CFnbua2o%2F5p5%2BTJ7ao47KPoMY1qt6BEy7t0v8ZVfvex7kRZAouWgz5b4Z%2Fr6aIdhr7L8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed47c45926b-FRA
team-spirit.png
prosettings.net/cdn-cgi/image/dpr=1%2Cf=auto%2Cfit=cover%2Cheight=36%2Cq=85%2Cwidth=36/wp-content/uploads/
939 B
1 KB
Image
General
Full URL
https://prosettings.net/cdn-cgi/image/dpr=1%2Cf=auto%2Cfit=cover%2Cheight=36%2Cq=85%2Cwidth=36/wp-content/uploads/team-spirit.png
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e73015d2790cbf417fbe4e8a131c83f9f1ef87099343b6a4ed15b45f5bb85080
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
939
cf-resized
internal=ok/e q=0 n=64+0 c=1+7 v=2024.6.0 l=939
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 23 Jun 2023 08:49:32 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cftgdBekrdNxalPqGOMHL6xOicp1-kpbRb5sOzDvYRDQ:64955c9c-2a67"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yDUctFHqMPKmSyhB%2By7QfdFr85RFDx5Sa6yjRlHbQrF%2FStINmjc7eXh2oyIg1jcWuJfIiHN3zcraSAr86xKUYTyeRq%2BFWVmyQNdLX%2BoTRyL8sWoU3p27GajmOt4YQ3utjCGRLwb%2FT5YtyL5QkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
89139ed47c48926b-FRA
cs2-icon-black.svg
prosettings.net/wp-content/uploads/
3 KB
2 KB
Image
General
Full URL
https://prosettings.net/wp-content/uploads/cs2-icon-black.svg
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
562f7232fb7028b9225fbe75054962677487a604dbfd68ca7054a51417665a03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
214091
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 27 Sep 2023 20:03:22 GMT
server
cloudflare
etag
W/"65148a8a-d83"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Viuv9D9oQSzEGLV2bBU5%2FMnek2%2FOLL9LggWw4%2F8T4I1QEE7aVTg468%2FL4TmeH0Z%2FfD9tcz8dpFisWCbxEgJtHkN74UH5E9%2F6K3pzHcI%2BYVPe8INxNc98dE5ZwjcWlQU4%2FXnKcwcieh067EhloA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ed47c4a926b-FRA
logitech-g-pro-x-superlight-magenta.png
prosettings.net/cdn-cgi/image/dpr=1%2Cf=auto%2Cfit=cover%2Cheight=36%2Cq=85%2Cwidth=36/wp-content/uploads/
897 B
2 KB
Image
General
Full URL
https://prosettings.net/cdn-cgi/image/dpr=1%2Cf=auto%2Cfit=cover%2Cheight=36%2Cq=85%2Cwidth=36/wp-content/uploads/logitech-g-pro-x-superlight-magenta.png
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef4aacd50fba36f7445112f33b71fff649d042f9dd3605f663b877adb7fc03a9
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
897
cf-resized
internal=ok/e q=0 n=85+0 c=1+14 v=2024.6.0 l=897
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 23 Jun 2023 08:47:11 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cf48O42cg3IfRR1-wE9Psj7NEvp1-kpbRb5sOzDvYRDQ:64955c0f-1b249"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pj5x22zHdI2KabSjhL6hASq6gYX47kFm30ZFc%2BulcKcMCgHqm8XTDBINbg0FeoSA5cJpZYHILXfgSxP0KilsnHq5tX59GISiUP5QvR6vkloriyhrUM1GzwpimwFbBaaWYK%2F%2BGcOGCPzScXI%2FiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
89139ed47c4b926b-FRA
logitech.png
prosettings.net/cdn-cgi/image/dpr=1%2Cf=auto%2Cfit=cover%2Cheight=32%2Cq=85%2Cwidth=32/wp-content/uploads/
777 B
1 KB
Image
General
Full URL
https://prosettings.net/cdn-cgi/image/dpr=1%2Cf=auto%2Cfit=cover%2Cheight=32%2Cq=85%2Cwidth=32/wp-content/uploads/logitech.png
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fa0fae67d124070967ab9e360870382e50f4e347589e4f4cb46ddcd62b8ec6a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
777
cf-resized
internal=ram/e q=0 n=0+0 c=1+5 v=2024.6.0 l=777
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 23 Jun 2023 08:31:33 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfPH37r_F209YPFE_QGRhlJOq481eE49ZGI1T4Z0hEDQ:64955865-1af8"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gX1%2BydQfY300jMMvzWAkoFsoKjyCMmiUINDZaThz74PsPPgggJlLfbYmBGEETS4fvnAc8dD2kns%2BicGhtrzeDCQjMncBcO16uGO4RVuVIrBmGd0VHuZakBXRyrA799CzZpsbsT%2BH8Gq6oRveoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
89139ed47c4c926b-FRA
vertigo.jpeg
prosettings.net/cdn-cgi/image/dpr=1%2Cf=auto%2Cfit=cover%2Cheight=160%2Cwidth=909%2Csharpen=1/wp-content/plugins/prosettings-customization/assets/cs2-crosshair-images/
30 KB
30 KB
Image
General
Full URL
https://prosettings.net/cdn-cgi/image/dpr=1%2Cf=auto%2Cfit=cover%2Cheight=160%2Cwidth=909%2Csharpen=1/wp-content/plugins/prosettings-customization/assets/cs2-crosshair-images/vertigo.jpeg
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f339f1efa67ce9694a3aac25594b71491f7360b5dba58a44654fe4d13fe0c820
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
30755
cf-resized
internal=ram/e q=0 n=0+0 c=0+0 v=2024.6.0 l=30755
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 26 Apr 2024 08:06:22 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cftF2TgmjQNJwkopiVmjJ-k8x4Og9Dg4vkauFdG--1DQ:662b607e-78854"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UYIFaj5Y2%2Fvd6yGlFm%2Bc9kiUP2AoXoSMQfACEF5DcF1rvnH5t73Jp%2Fho%2BS4KU%2ByUtCbl3Ev7JoEFAafnU0ar2Amg73OEfNYkDy5h91IRRupPIdgWuv6VlhrhWNKOaOPKSykwr8KjXODDUnNNZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
89139ed47c4d926b-FRA
anubis.jpeg
prosettings.net/cdn-cgi/image/dpr=1%2Cf=auto%2Cfit=cover%2Cheight=160%2Cwidth=909%2Csharpen=1/wp-content/plugins/prosettings-customization/assets/cs2-crosshair-images/
24 KB
24 KB
Image
General
Full URL
https://prosettings.net/cdn-cgi/image/dpr=1%2Cf=auto%2Cfit=cover%2Cheight=160%2Cwidth=909%2Csharpen=1/wp-content/plugins/prosettings-customization/assets/cs2-crosshair-images/anubis.jpeg
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2700259ab77508b3e0dce42b862ac8b4803e9963087cfe84340a5e87866139a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:09 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
24554
cf-resized
internal=ram/e q=0 n=0+65 c=0+0 v=2024.6.0 l=24554
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 26 Apr 2024 08:06:22 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cf0zpeXToQY9KOtIJ5rV5uPYy2Og9Dg4vkauFdG--1DQ:662b607e-7d60c"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w3Sa1%2BkXKRwp2PoTxFmTztaFcI34OfwT6eqh8%2F%2BLAlsd73UMqcMBK2oBh3UsBuLqlV%2FGaGDD0YPVIHARJz9XHdNlV4m%2FZ5oFwVNtewkBJuK6ubeccz7ggLwOFE%2B1%2BFpU7VONLFTkWTNfJuJ9bA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
89139ed47c4e926b-FRA
upcomingMatches
afl.fulla.bet/4e10dbbad63980a3b5d75075643338b8/banners/ Frame C997
0
0
Document
General
Full URL
https://afl.fulla.bet/4e10dbbad63980a3b5d75075643338b8/banners/upcomingMatches?brandToken=c7caf7a6-4fb7-41e0-a026-9cf8d93c2fdb&id=b2Q6cGxheWVyOjIwMjQ%3D&theme=light
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://rivalwin.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
869
content-length
2439
content-type
text/html
date
Sun, 09 Jun 2024 19:30:42 GMT
etag
"05be497f049837a7840326deeda11804"
last-modified
Wed, 27 Dec 2023 12:06:34 GMT
server
AmazonS3
via
1.1 cbad29402e4e90baabe7151c3f1203b6.cloudfront.net (CloudFront)
x-amz-cf-id
fP2hIRkOpHLNTXTdcM__I5CPR4Lc-k0AlkbjLVSsIbR9tzLFkdjZOw==
x-amz-cf-pop
FRA56-P11
x-amz-id-2
oSDzrOTGYrOTyBzOn3aW8vf2RmDuSltY1BJb3Mz2h49a7HwrFJlM7kvHtuXK/l5ZaryfzdZgHGM=
x-amz-request-id
PJXWNFAFC3JR9C8S
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20bd929995c6952954ad84b84c4f1561edf00e53fe75ae9aa5c4005834d69c6e

Request headers

Referer
Origin
https://rivalwin.org
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99741964a7aa756950a3a0530064587cf2ca1f0678f262c92ea65e79562b98a1

Request headers

Referer
Origin
https://rivalwin.org
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
849 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
849bc09fbe87a763d9ef1ebc87b1aa17d282925287b2db614530f214e8627432

Request headers

Referer
Origin
https://rivalwin.org
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
clash-gg.png
prosettings.net/cdn-cgi/image/dpr=1%2Cf=auto%2Cfit=contain%2Cheight=60%2Cq=85%2Cwidth=140/wp-content/uploads/
2 KB
2 KB
Image
General
Full URL
https://prosettings.net/cdn-cgi/image/dpr=1%2Cf=auto%2Cfit=contain%2Cheight=60%2Cq=85%2Cwidth=140/wp-content/uploads/clash-gg.png
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dba915bebaad920c4bfff20a70bf9876e534dcf8d21942d4c629a871eabeac1
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:10 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
2006
cf-resized
internal=ok/e q=0 n=47+0 c=2+19 v=2024.6.0 l=2006
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 25 Mar 2024 16:19:41 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cf2gZq66-_q1o_tKt7WFDysuDVVU6GWQ_pB2RFhD74DQ:6601a41d-d409"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6pbAt2fSAQMG3lPMgTgu57fSDaqgz5KfUpAYXlvjdclkQxuddO495cQm5cJthaDHvcVOMjfLbyDOfjrJvooVxDSes8FStW%2F0m803olVsnl78zAi5P2kptAgnKcJ8IivQvIr3TlFz6KxcgnMsBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
89139ed6ff67926b-FRA
5-sapphire.webp
prosettings.net/cdn-cgi/image/dpr=1%2Cf=auto%2Cfit=contain%2Cheight=374%2Cq=85%2Cwidth=374/wp-content/uploads/
18 KB
19 KB
Image
General
Full URL
https://prosettings.net/cdn-cgi/image/dpr=1%2Cf=auto%2Cfit=contain%2Cheight=374%2Cq=85%2Cwidth=374/wp-content/uploads/5-sapphire.webp
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
240d15e260a85d96fe3a2a208763a8778eeebb84b05382fe7c003e391a9122fe
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:10 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
18593
cf-resized
internal=ok/e q=0 n=159+65 c=0+0 v=2024.6.0 l=18593
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 19 Mar 2024 16:55:52 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfuqe-6n9vbONuMbLNh19T-OvtiYkJofZaSLCOFzz_DQ:65f9c398-3776"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=clg8XogZPrR3jEKu2P9e3xioZ8PI9q3fGl7vGDFdOARi9QV7OKs51ZKWjOsv4WU2pQ4GFD%2BQfvLZMpsV3GGAq4pSTgl5KdMkiPISKFLONUFbcgrMzY20c3KeFiwguKROBDeWjSfQLTPfdu57YA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
89139ed6ff6c926b-FRA
aces.webp
prosettings.net/cdn-cgi/image/dpr=1%2Cf=auto%2Cfit=contain%2Cheight=374%2Cq=85%2Cwidth=374/wp-content/uploads/
19 KB
20 KB
Image
General
Full URL
https://prosettings.net/cdn-cgi/image/dpr=1%2Cf=auto%2Cfit=contain%2Cheight=374%2Cq=85%2Cwidth=374/wp-content/uploads/aces.webp
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
031d50dc4800980833a4e2e8b079b3e69cfe2d2e505834b4b3a96480c9a8b141
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:10 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
19850
cf-resized
internal=ok/e q=0 n=131+140 c=0+0 v=2024.6.0 l=19850
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 19 Mar 2024 17:16:33 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfyxThO2tM0-iK78gbgW-04i5liYkJofZaSLCOFzz_DQ:65f9c871-3c20"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nc3NBA20RuJk8EbnI8vHBUVFUU3SyFXfsfnAsuKj0PfHx3pbexo3gkBKP5ItLg8Z0WqcDvhDw5a8NhdyU1Fqe3lB8LQzDSelMZ55PzHy2JQaOm0EBO%2FcYHgT3ms0Dea4fHNeBMXmzQEewELVww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
89139ed6ff70926b-FRA
cyborg.webp
prosettings.net/cdn-cgi/image/dpr=1%2Cf=auto%2Cfit=contain%2Cheight=374%2Cq=85%2Cwidth=374/wp-content/uploads/
22 KB
23 KB
Image
General
Full URL
https://prosettings.net/cdn-cgi/image/dpr=1%2Cf=auto%2Cfit=contain%2Cheight=374%2Cq=85%2Cwidth=374/wp-content/uploads/cyborg.webp
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e087fe0895cd92f6c9319d7eabf0d415b18bd2ff68c41a4cd68269e7b72e13c0
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:10 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
22913
cf-resized
internal=ok/e q=0 n=64+86 c=0+0 v=2024.6.0 l=22913
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 19 Mar 2024 17:31:06 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfAxqbZF8PtqGqw3epuu2pVXWwiYkJofZaSLCOFzz_DQ:65f9cbda-466e"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JxYX%2BgbqwoR2qj0rueIC6X2WwABldsppEIZUID89sAGunH%2BkEbk8WDBEBHbRP187JES%2FbhckZZmwYaBu3dydo24GrmDiqfn6N9PKfmtIOzsLqP2zXeUslim4VgaNoohPGu0cMZbu4f513QOqTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
89139ed6ff74926b-FRA
neues-projekt-2024-04-01t132643.494.png
prosettings.net/cdn-cgi/image/dpr=1%2Cf=auto%2Cfit=contain%2Cheight=374%2Cq=85%2Cwidth=374/wp-content/uploads/
17 KB
18 KB
Image
General
Full URL
https://prosettings.net/cdn-cgi/image/dpr=1%2Cf=auto%2Cfit=contain%2Cheight=374%2Cq=85%2Cwidth=374/wp-content/uploads/neues-projekt-2024-04-01t132643.494.png
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e2598ffbdcf985944576a5f59bf3403d513d62cc38de6b1e8e75e5baa7915fe
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:10 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
17703
cf-resized
internal=ok/e q=0 n=56+228 c=0+0 v=2024.6.0 l=17703
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 01 Apr 2024 11:31:33 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfc8ceJy-NSGXTraK5vnbaeQnUiYkJofZaSLCOFzz_DQ:660a9b15-14a20"
expect-ct
max-age=86400, enforce
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cZ9WyMPhbBzoDpFsZBr53iYK7c7xcrRgHDuMP1RvtE1LjmjDsDlirSTMz91YNU17ZqTjB6dqmE62jA5yH%2F2bSN9dVpxiPMihfbrgtRvBIHocBvIZtKPJkwf3cPaST6W4WvFhi3gqjtd059x9MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
89139ed6ff77926b-FRA
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406040101/
463 KB
144 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406040101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
b1ff229d7cf6c2eb168c41b99ce4081f4ed5d4cbbfbd94a3450066f89c9d54b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 09:27:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
37074
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147735
x-xss-protection
0
server
cafe
etag
15837355652058665441
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 09 Jun 2025 09:27:16 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
60 B
69 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=rivalwin.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
04c9a567c91f1a5b88063a9f476130557cc445c9690ff7de83b0dacb074ad5f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45
x-xss-protection
0
expires
Sun, 09 Jun 2024 19:45:10 GMT
banner
prosettings.net/wp-json/complianz/v1/ Frame
0
0
Preflight
General
Full URL
https://prosettings.net/wp-json/complianz/v1/banner?lang=en&locale=en_US&token=lecbc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://rivalwin.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
access-control-allow-methods
OPTIONS, GET, POST, PUT, PATCH, DELETE
access-control-allow-origin
https://rivalwin.org
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
allow
GET
cf-cache-status
DYNAMIC
cf-edge-cache
cache,platform=wordpress
cf-ray
89139ed9abca91fb-FRA
content-encoding
gzip
content-type
application/json; charset=UTF-8
date
Sun, 09 Jun 2024 19:45:11 GMT
expect-ct
max-age=86400, enforce
link
<https://prosettings.net/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rrqMBxJSoTe3yA7kxNWSZjHV1dxr7F156yQk6LSFrKzbeC00odzDtFWRCkAFiA4sXjCoblpzlM30VqUmbaUQKJHQjxEM15myPbxrxV1dYo7HkyYjoknfjwrnIgB8W2hjC6aldAJ8sWhoRpdhrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-robots-tag
noindex
x-xss-protection
1; mode=block
additional-consent-providers.csv
prosettings.net/wp-content/uploads/complianz/cmp/vendorlist/
0
0

vendor-list.json
prosettings.net/wp-content/uploads/complianz/cmp/vendorlist/
0
0

banner
prosettings.net/wp-json/complianz/v1/
102 B
443 B
XHR
General
Full URL
https://prosettings.net/wp-json/complianz/v1/banner?lang=en&locale=en_US&token=lecbc
Requested by
Host: prosettings.net
URL: https://prosettings.net/wp-content/plugins/complianz-gdpr-premium/cookiebanner/js/complianz.min.js?ver=1713260448
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbeede1a9532f2c6bf82d1212c9688767b9cad97f49feda625dc2a33f5505640
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/json

Response headers

cf-edge-cache
cache,platform=wordpress
date
Sun, 09 Jun 2024 19:45:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
cloudflare
expect-ct
max-age=86400, enforce
allow
GET
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://rivalwin.org
access-control-allow-methods
OPTIONS, GET, POST, PUT, PATCH, DELETE
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cf-apo-via
origin,qs
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m7lEgm5YP%2F0mz1PVLb0cVbIwpoFNZ12fr%2F3yNTydl4VXidpSMJXtC3ooQKRaT31w2l%2Fb1C3CAp%2F%2F9rrufxwO1bvdN%2FFPOnYlZwcfHz8P1GUvcDhvUsMi2jim8UWcaleiFrddP8Ou6nDYkXIJhA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
89139eddd95a91fb-FRA
link
<https://prosettings.net/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-robots-tag
noindex
s.js
rivalwin.org/cdn-cgi/zaraz/
0
0
Script
General
Full URL
https://rivalwin.org/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyZG9uayUyMENTMiUyMFNldHRpbmdzJTJDJTIwQ3Jvc3NoYWlyJTIwJTI2JTIwQ29uZmlnJTIwLSUyMFByb1NldHRpbmdzLm5ldCUyMiUyQyUyMnglMjIlM0EwLjQ3MjMwODIyMDIwOTclMkMlMjJ3JTIyJTNBMTYwMCUyQyUyMmglMjIlM0ExMjAwJTJDJTIyaiUyMiUzQTEyMDAlMkMlMjJlJTIyJTNBMTYwMCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnJpdmFsd2luLm9yZyUyRiUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJrJTIyJTNBMjQlMkMlMjJuJTIyJTNBJTIyVVRGLTglMjIlMkMlMjJvJTIyJTNBLTEyMCUyQyUyMnElMjIlM0ElNUIlNUQlN0Q=
Requested by
Host: rivalwin.org
URL: https://rivalwin.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:10 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=14CH%2FRcSmBUnLyha9C%2FfMzzls91e8ByDgoRUhlbmysoh51IXI1gXjH1xxgGMcYZesl036GtJ5QecEBx5Ai5mopyO5m%2Bp2Gs8Bsq7wVZIA%2FEU3f6VMzyDgl7V9hreQck%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
89139ed92ef02bb0-FRA
alt-svc
h3=":443"; ma=86400
header-bidding-request
mweb-hb.presage.io/api/ Frame
0
0
Preflight
General
Full URL
https://mweb-hb.presage.io/api/header-bidding-request
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.76.209.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-209-157.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://rivalwin.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin
https://rivalwin.org
Connection
keep-alive
Content-Length
4
Content-Type
application/json
Date
Sun, 09 Jun 2024 19:45:11 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
1 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/11502/prebid_2024_6_6_9_35_48.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6f4b0d0f79e526824e20ca87a32271618a2f8c92a6c7df6592b75a7f6489adbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 09 Jun 2024 19:45:11 GMT
x-content-type-options
nosniff
content-encoding
br
age
13461
x-jsd-version
1.0.2082
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
796
x-served-by
cache-fra-eddf8230103-FRA, cache-mad2200147-MAD
x-jsd-version-type
version
etag
W/"633-s0aPqbEkrNN+M5iRaLBEPTMMIWw"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
localstore.js
script.4dex.io/
1 KB
1 KB
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/11502/prebid_2024_6_6_9_35_48.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aec57ffa5c31e185202ddaa3b5b9d9872d4504f4546ab4eea1298baaf3c7cc7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 09 Jun 2024 19:45:10 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Tue, 28 May 2024 12:41:22 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1061966
ETag
W/"00a8e13a83b2bbab51af8e55f52be363"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b%2By5dGoFynHOwkaxemXyWwFmvvoHYHkUcCozFyTL7SxzXhzm2l9QCMYfevZ1Ffvjn0ZYMMbZaMbCpsvqMR5efJlvPcQhhgEk231iu6p4j0BYq6eNu5KwjaMB9UCI0zODjLhc3ClwjmTberdo"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
89139edb6889bb67-FRA
prebid-request
onetag-sys.com/
15 B
409 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/11502/prebid_2024_6_6_9_35_48.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://rivalwin.org
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
pbjs
htlb.casalemedia.com/openrtb/
36 B
519 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=1065769
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/11502/prebid_2024_6_6_9_35_48.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaaeb98f5e2355086ee4df2a1f30ffb1eacff0b7dcc54d060eb4837329b3b8aa

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 Jun 2024 19:45:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l1FOq62IxxsGLrarKgeZd8QkT20H6Dnvx1nSDo%2BESWSmGFAo4BMxMlV%2FJjVZHSJ%2F6JUmM5rrbuiXmQ1N5hIQdoYDkR6DY4cNaM7VrSrTMYskVEUU0EfqRoml7b5jOU%2BtgA8Q4jF1"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://rivalwin.org
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
89139ed9e8bf9078-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/
403 B
914 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17692&site_id=513662&zone_id=3425072&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!anymanager.io,A5107,1,,,&rf=https%3A%2F%2Frivalwin.org%2F&tg_i.domain=rivalwin.org&tg_i.page=https%3A%2F%2Frivalwin.org%2F&tg_i.pbadslot=%2F21821515287%2Fps_banner&tk_flint=pbjs_lite_v7.54.5&x_source.tid=c0367999-4e98-4fd1-a09f-d40ead6f5d06&l_pb_bid_id=871d6165d34d4c&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=c0367999-4e98-4fd1-a09f-d40ead6f5d06&rp_maxbids=1&p_gpid=%2F21821515287%2Fps_banner&slots=1&rand=0.17802591198917184
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/11502/prebid_2024_6_6_9_35_48.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
946294907869440db341be9a4f27712ca81ed28e8e516aa477df69cc7abc1573

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 Jun 2024 19:45:11 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://rivalwin.org
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
403
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg-apac.smartadserver.com/prebid/
0
334 B
XHR
General
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/11502/prebid_2024_6_6_9_35_48.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.97 , France, ASN16276 (OVH, FR),
Reverse DNS
ip97.ip-5-135-209.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 Jun 2024 19:45:09 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://rivalwin.org
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/
0
334 B
XHR
General
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/11502/prebid_2024_6_6_9_35_48.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.97 , France, ASN16276 (OVH, FR),
Reverse DNS
ip97.ip-5-135-209.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 Jun 2024 19:45:10 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://rivalwin.org
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg-apac.smartadserver.com/prebid/
0
334 B
XHR
General
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/11502/prebid_2024_6_6_9_35_48.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.97 , France, ASN16276 (OVH, FR),
Reverse DNS
ip97.ip-5-135-209.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 Jun 2024 19:45:09 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://rivalwin.org
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
prebid
mp.4dex.io/
0
331 B
XHR
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/11502/prebid_2024_6_6_9_35_48.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 Jun 2024 19:45:10 GMT
x-err
Parsing the Prebid Request. parseadrequest adrequest and manager domains do not match
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
x-warn
Parsing the Prebid Request. domain_invalid
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://rivalwin.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
89139eda7ba192ba-FRA
expires
0
prebidjs
rtb.openx.net/openrtbb/
53 B
279 B
XHR
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/11502/prebid_2024_6_6_9_35_48.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
28150ada43ea15ae42c823b5c507035bd21e878c7f0804db0059bda2975dc9f6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 09 Jun 2024 19:45:10 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
x-forwarded-for
185.17.184.1
content-type
text/plain
access-control-allow-origin
https://rivalwin.org
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
cdb
bidder.criteo.com/
0
191 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.5&cb=17173936936&lsavail=1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/11502/prebid_2024_6_6_9_35_48.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rivalwin.org
date
Sun, 09 Jun 2024 19:45:09 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
translator
hbopenbid.pubmatic.com/
0
111 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/11502/prebid_2024_6_6_9_35_48.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rivalwin.org
date
Sun, 09 Jun 2024 19:45:10 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/
53 B
739 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/11502/prebid_2024_6_6_9_35_48.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 Jun 2024 19:45:10 GMT
an-x-request-uuid
d02235f3-ce8c-4eb9-8b8f-6eee3d677124
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rivalwin.org
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.17.184.1; 185.17.184.1; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
53
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
header-bidding-request
mweb-hb.presage.io/api/
0
294 B
XHR
General
Full URL
https://mweb-hb.presage.io/api/header-bidding-request
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/11502/prebid_2024_6_6_9_35_48.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.76.209.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-209-157.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
https://rivalwin.org
Date
Sun, 09 Jun 2024 19:45:11 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/json
prebid
prebid.ad.smaato.net/oapi/
0
374 B
XHR
General
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/11502/prebid_2024_6_6_9_35_48.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.49.185.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-185-64.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 09 Jun 2024 19:45:11 GMT
server
SOMA
x-smt-message
Blocked IVT. Contact: support@smaato.com
x-smt-trace
https://tracing.smaato.net/api/traces/eefbc059172728f7c36d24e1191914b5?prettyPrint=true
access-control-allow-origin
https://rivalwin.org
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
content-length
0
x-smt-sessionid
a15ad8c9-98d5-8e87-dcf0-28a996cb9df9
db25e772-a50a-4abc-826c-f029cd5364e4
config.aps.amazon-adsystem.com/configs/
563 B
839 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/db25e772-a50a-4abc-826c-f029cd5364e4
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-128.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
58634eb2ea948cba097c821f1f5f62425ac42b51689c5a0977a05bd544fcf0f1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:12:27 GMT
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
1963
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
563
x-amz-cf-id
dhuNZWGgLDBQt4XwY12wpCu9uVDr8584nbGFLXTXQyTDDio4xUfzmg==
config
c.amazon-adsystem.com/cdn/prod/
0
308 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Frivalwin.org&pubid=db25e772-a50a-4abc-826c-f029cd5364e4
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-120.fra2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:14:40 GMT
via
1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
age
16229
x-cache
Hit from cloudfront
access-control-allow-origin
https://rivalwin.org
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
ovqk0BuCqKJRtRgyyY2gWB0DfdDz0MUY_JQ-HLZ_Cjq7SuObP_gzxw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-120.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:14:42 GMT
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding
gzip
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
16229
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
N_0IVjLkJNBq8XC_UzYJ1-7WLm5GY2c3PTNiWkJtcwI4cQo-8keebg==
bid
aax.amazon-adsystem.com/e/dtb/
58 B
390 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Frivalwin.org%2F&pid=yg5kDyDA50lUx&cb=0&ws=1600x1200&v=24.521.1732&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-8574471-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F21821515287%2Fps_banner%22%7D%5D&schain=1.0%2C1%21anymanager.io%2C11502%2C1%2C%2C%2C&pubid=db25e772-a50a-4abc-826c-f029cd5364e4&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D&_c=1
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.52.164 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-52-164.fra56.r.cloudfront.net
Software
Server /
Resource Hash
a1467c6ed682df808cf830c429ebaec42c32c2033369aa48446fb9e7f592769d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:10 GMT
via
1.1 e47c87f8fd9c4c08ac7559d0bcc2b4c2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P9
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://rivalwin.org
access-control-allow-credentials
true
timing-allow-origin
*
content-length
58
x-amz-cf-id
BbKSEKk-DtfqHbwgjQi93gkoaDfI83ZOSTT5J0murj0PetSBAMYHIw==
script.js
cadmus.script.ac/dahhc4ozyvjm6/
3 B
239 B
Script
General
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:11 GMT
last-modified
Mon, 01 Jan 2018 00:00:00 GMT
server
cloudflare
age
0
etag
W/"601055f6a0c6408859f97b5f0a84bdb88441a80e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=259200,stale-while-revalidate=86400,stale-if-error=259200
cf-ray
89139edc4b461942-FRA
content-length
3
adagio.js
script.4dex.io/a/latest/
70 KB
22 KB
Fetch
General
Full URL
https://script.4dex.io/a/latest/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
028c14d2a81be1c7def3f60cfaed1289bb432ff402eff119df28ab9224575691

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 09 Jun 2024 19:45:11 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
12137
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 28 May 2024 12:41:17 GMT
Server
cloudflare
ETag
W/"3d48eafa2e42753c913bb8e839134264"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ygFIg4h63puSkbXgo6rmHyxiWVy2x8ImvokC%2Fkc%2BbavJGr9DBbQed%2BngHtJ5zlv%2B3fdF08Gzrx6mzbyMnugz3X0VCihCaAT5Tr9ZqJ5i550Y6xd1miKtmJnGnrDkjsP%2BeNTFEq1A6%2Fmh8iIH"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
89139edc989d71d7-FRA
favicon-32x32.png
prosettings.net/
1 KB
2 KB
Other
General
Full URL
https://prosettings.net/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0512c7cb761f6411a68d801186eccf3f95d24876d564eb314fb2c168288ef5e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
214082
cf-polished
origFmt=png, origSize=1788
content-disposition
inline; filename="favicon-32x32.webp"
content-length
1024
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
imgq:85,h2pri
last-modified
Fri, 23 Jun 2023 08:26:29 GMT
server
cloudflare
etag
"64955735-6fc"
expect-ct
max-age=86400, enforce
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E%2Fh04MqVrXNr4iCrOV80RVt%2B73PV2Du07yw3fR6QbptyZSJ8F2F8XOv533wty1MWaoQdasehBtRm9QXU23xbFRB16InRWnHG2UNhTKzaCQi3bYBJE3lYY6j2PXXnv0R7%2BxmPIkmsGA%2B0qblslA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
89139edcdf8f926b-FRA
banner-1-optin.css
prosettings.net/wp-content/uploads/complianz/css/
17 KB
4 KB
Stylesheet
General
Full URL
https://prosettings.net/wp-content/uploads/complianz/css/banner-1-optin.css?v=85
Requested by
Host: prosettings.net
URL: https://prosettings.net/wp-content/plugins/complianz-gdpr-premium/cookiebanner/js/complianz.min.js?ver=1713260448
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90e29e34f82a342265983429bd40b612c9d21e5745fc4534ed9853675373db2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12841
cf-polished
origSize=18055
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Sat, 01 Jun 2024 12:15:09 GMT
server
cloudflare
etag
W/"665b10cd-4687"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rb%2B%2F7%2BJa5PyYpM9cOpQuALRPosJhkGnb0X8mFjwbcZ4rPcziRceb2CreGsH9AJEXuZRsMSyIXyxu45ym50EhvuZ%2BimyIlDExdxbhopoagpb888%2BSUTWPnxJ21vtp6rvx8M7mMwhnYBj2g7ARLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
cf-ray
89139ee22e83926b-FRA
publishertag.prebid.js
static.criteo.net/js/ld/
94 KB
30 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/11502/prebid_2024_6_6_9_35_48.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
5958a1ef6f64cbf685737312938fd12cdb5b9465eac0d52a857aa205d1ba338e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 03 Jun 2024 10:49:47 GMT
server
nginx
etag
W/"665d9fcb-17664"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 10 Jun 2024 19:45:12 GMT
syncframe
gum.criteo.com/ Frame 8390
0
0
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=rivalwin.org
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://rivalwin.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 09 Jun 2024 19:45:12 GMT
server
Kestrel
server-processing-duration-in-ticks
367992
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publishertag.prebid.154.js
static.criteo.net/js/ld/
94 KB
30 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.154.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
5958a1ef6f64cbf685737312938fd12cdb5b9465eac0d52a857aa205d1ba338e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rivalwin.org/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 19:45:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 03 Jun 2024 10:49:47 GMT
server
nginx
etag
W/"665d9fcb-17664"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 10 Jun 2024 19:45:13 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
prosettings.net
URL
https://prosettings.net/wp-content/uploads/complianz/cmp/vendorlist/additional-consent-providers.csv
Domain
prosettings.net
URL
https://prosettings.net/wp-content/uploads/complianz/cmp/vendorlist/vendor-list.json

Verdicts & Comments Add Verdict or Comment

224 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| sas object| googletag object| adloox_pubint object| anymindTS function| startAnymindTS object| atspbjs object| apstag object| anymindTSApstag function| advanced_ads_ready object| advanced_ads_ready_queue function| _nslDOMReady function| __tcfapi boolean| advanced_ads_adblocker_test string| fulla_iframe_url object| prosett object| cmplz_tcf object| advads_options object| advanced_ads_pro_visitor_conditions object| advadsCfpQueue function| advadsCfpAd object| advadsGATracking object| zarazData object| zaraz function| advanced_ads_check_adblocker number| fetchState object| wpdiscuzAjaxObj object| wpdiscuzUCObj object| wpdiscuzEditorOptions object| advanced_ads_cookies object| advadsCfpInfo object| relevanssi_live_search_params object| advanced_ads_pro_ajax_object object| advanced_ads_responsive object| advadsTracking object| advadsTrackingGAEvents object| complianz boolean| _nslHasOpenedPopup object| _nslWebViewNoticeElement function| NSLPopup object| advads_admin_bar_items object| advads_passive_placements object| advads_has_ads object| advads_tracking_ads object| advads_tracking_urls object| advads_tracking_methods object| advads_tracking_parallel object| advads_tracking_linkbases object| advads_gatracking_uids object| advads_gatracking_allads boolean| advads_gatracking_anonym object| advads_gatracking_transmitpageqs function| _typeof function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _regeneratorRuntime function| asyncGeneratorStep function| _asyncToGenerator object| ggeac object| google_tag_data object| google_js_reporting_queue function| $ function| jQuery object| MicroModal boolean| isModalLogin object| options function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles string| valorantCrosshairCopyTarget string| DICTIONARY bigint| DICTIONARY_LENGTH object| SHARECODE_PATTERN function| Glide function| __uspapi object| advads function| get_unix_time_in_seconds function| d function| u function| f function| h function| m function| p number| wpdiscuzLoadRichEditor object| wpDiscuzEditor function| wpdMessagesOnInit function| onloadCallback function| wpcShareCommentFB function| Cookies function| Quill function| lity number| advanced_ads_resizetimeout number| advanced_ads_cookieexpires number| advanced_ads_browser_width undefined| cookieValue object| info function| advanced_ads_resize_window function| advanced_ads_save_width function| advads_resize_delay function| advanced_ads_get_browser_width object| advanced_ads_pro object| advads_pro_utils object| Advads_passive_cb_Conditions object| advanced_ads_group_refresh function| Advads_passive_cb_Placement function| Advads_passive_cb_Ad function| Advads_passive_cb_Group function| advads_postscribe object| AdvAdsTrackingUtils object| AdvAdsImpressionTracker object| AdvAdsClickTracker function| AdvAdsGATracker function| cmplz_create_element function| cmplz_add_event function| cmplz_is_hidden function| cmplz_html_decode function| cmplzLoadConsentAreaContent object| cmplz_banner object| cmplz_manage_consent_button undefined| cmplzResizeTimer object| cmplz_banner_container object| cmplz_waiting_inline_scripts object| cmplz_waiting_scripts object| cmplz_fired_scripts number| cmplz_placeholder_class_index boolean| cmplz_all_scripts_hook_fired boolean| cmplz_consent_stored_once object| cmplz_fired_category_events object| cmplz_fired_service_events object| cmplz_categories function| cmplz_run_script function| cmplz_maybe_run_waiting_scripts function| cmplz_set_blocked_content_container function| cmplz_insert_placeholder_text function| cmplz_set_blocked_content_container_aspect_ratio function| cmplz_has_blocked_scripts function| cmplz_enable_category function| cmplz_remove_placeholder function| cmplz_get_waiting_script function| cmplz_array_is_empty function| cmplz_is_waiting_script function| cmplz_run_after_all_scripts object| cmplz_fired_events function| cmplz_run_tm_event function| cmplz_fire_before_categories_consent function| cmplz_check_cookie_policy_id function| cmplz_do_not_track function| cmplz_get_services_on_page function| cmplz_is_bot function| cmplz_is_speedbot function| cmplz_exists_service_consent function| cmplz_set_service_consent function| cmplz_clear_all_service_consents function| cmplz_get_all_service_consents function| cmplz_get_cookie_path function| cmplz_get_cookie_domain function| cmplz_reload_browser_compatible undefined| cmplz_id_cookie undefined| cmplz_id_session undefined| cmplz_id object| cmplz_user_data function| cmplz_track_status_end function| cmplz_set_up_auto_dismiss function| cmplz_fire_categories_event function| cmplz_track_status function| cmplz_accepted_categories function| cmplz_sync_category_checkboxes function| cmplz_merge_object function| cmplz_clear_cookies function| cmplz_set_accepted_cookie_policy_id function| cmplz_integrations_init function| cmplz_integrations_revoke function| cmplz_set_integrations_cookies function| cmplz_get_url_parameter function| cmplz_maybe_auto_redirect function| cmplz_wp_set_consent undefined| cmplzCleanCookieInterval object| cmplz_cookie_data function| cmplz_start_clean function| cmplz_do_cleanup function| cmplz_setup_clean_interval function| cmplz_clear_storage function| cmplz_load_manage_consent_container function| cmplz_equals function| cmplzCopyAttributes object| cmplz_has_wp_video number| cmplz_times_checked function| cmplz_get_cookie function| cmplz_set_cookie function| cmplz_in_array function| cmplz_highest_accepted_category function| cmplz_accept_all function| cmplz_deny_all function| conditionally_show_banner function| show_cookie_banner function| cmplz_get_banner_status function| cmplz_set_banner_status function| cmplz_has_consent function| cmplz_is_service_denied function| cmplz_has_service_consent function| cmplz_set_consent function| nslRedirect object| atspbjsChunk object| _pbjsGlobals object| ADAGIO object| mnet object| Criteo object| _aps boolean| apstagLOADED object| apscustom object| advadsProCfp undefined| google_measure_js_timing object| apntag object| _ADAGIO string| wp_consent_type object| criteo_pubtag object| criteo_pubtag_prebid_154 object| Criteo_prebid_154 object| criteo_syncframe_state

9 Cookies

Domain/Path Name / Value
rivalwin.org/ Name: advanced_ads_page_impressions
Value: %7B%22expires%22%3A2033322311%2C%22data%22%3A1%7D
rivalwin.org/ Name: advanced_ads_visitor
Value: %7B%22browser_width%22%3A1600%7D
rivalwin.org/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.rubiconproject.com/ Name: khaos
Value: LX7YEJ44-20-9NRL
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpI5VMjTVs1KHMylPn9loes1z8yuimHAOIBGW4OgpMAZ49I6uFc1LmUrSjnR2hrcx5HVf3WfP62IDm05Xhm+qskM62wvE84cxG+xUA9sgf/4bKpUjWTmmg0
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: b66f6b6c-cb23-4ee2-b7d8-dda625c24b0c
.rivalwin.org/ Name: cto_bundle
Value: 8ylchl9vOXR5MlV1RlhFOE9QUEpBJTJGdTlNWWtJJTJGbFpHaXpZV1JKTDBuMWxzaXdjYkU0b1NhVG1wYmM3T0ZoS0Y5RHJGJTJCM2x3SURZS0xkJTJCaUZDJTJGUnZlV01VNU5VUEc5MVVwalclMkYwSktFQSUyQlloZ1l2QnZOTzZQUVAlMkZBR09qeFJPVFR6Y0xDRU0xZWVpbnglMkJQcVp4d3g3NG84WmclM0QlM0Q

15 Console Messages

Source Level URL
Text
network error URL: https://rivalwin.org/wp-content/plugins/prosettings-customization/fonts/inter-latin-500.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://rivalwin.org/wp-content/plugins/prosettings-customization/fonts/inter-latin-700.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://rivalwin.org/
Message:
Access to fetch at 'https://prosettings.net/wp-content/uploads/complianz/cmp/vendorlist/additional-consent-providers.csv' from origin 'https://rivalwin.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://prosettings.net/wp-content/uploads/complianz/cmp/vendorlist/additional-consent-providers.csv
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://rivalwin.org/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyZG9uayUyMENTMiUyMFNldHRpbmdzJTJDJTIwQ3Jvc3NoYWlyJTIwJTI2JTIwQ29uZmlnJTIwLSUyMFByb1NldHRpbmdzLm5ldCUyMiUyQyUyMnglMjIlM0EwLjQ3MjMwODIyMDIwOTclMkMlMjJ3JTIyJTNBMTYwMCUyQyUyMmglMjIlM0ExMjAwJTJDJTIyaiUyMiUzQTEyMDAlMkMlMjJlJTIyJTNBMTYwMCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnJpdmFsd2luLm9yZyUyRiUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJrJTIyJTNBMjQlMkMlMjJuJTIyJTNBJTIyVVRGLTglMjIlMkMlMjJvJTIyJTNBLTEyMCUyQyUyMnElMjIlM0ElNUIlNUQlN0Q=
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://rivalwin.org/
Message:
Access to fetch at 'https://prosettings.net/wp-content/uploads/complianz/cmp/vendorlist/vendor-list.json' from origin 'https://rivalwin.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://prosettings.net/wp-content/uploads/complianz/cmp/vendorlist/vendor-list.json
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://rivalwin.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rivalwin.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://mweb-hb.presage.io/api/header-bidding-request
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
other warning URL: https://rivalwin.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rivalwin.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rivalwin.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rivalwin.org/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
afl.fulla.bet
anymind360.com
bidder.criteo.com
c.amazon-adsystem.com
cadmus.script.ac
cdn.jsdelivr.net
config.aps.amazon-adsystem.com
fastlane.rubiconproject.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
mp.4dex.io
mweb-hb.presage.io
onetag-sys.com
prebid.ad.smaato.net
prg-apac.smartadserver.com
prosettings.net
rivalwin.org
rtb.openx.net
script.4dex.io
securepubads.g.doubleclick.net
static.criteo.net
prosettings.net
104.18.36.155
13.224.186.120
142.250.186.66
151.101.129.55
178.250.1.8
18.244.18.85
18.245.52.164
185.64.189.112
185.89.210.90
188.114.96.3
2602:803:c003:200::21
2606:4700:20::681a:737
2606:4700:20::ac43:4bf1
2606:4700:4400::6812:22b2
2606:4700::6812:1691
2a02:2638:3::3
2a02:2638:3::c
2a04:4e42::485
35.186.253.211
5.135.209.97
51.38.120.206
52.49.185.64
54.76.209.157
99.86.4.128
0007a3144d6d277dd347d57e26007cda1333211643572a0c713bcf5f48de128e
028c14d2a81be1c7def3f60cfaed1289bb432ff402eff119df28ab9224575691
031d50dc4800980833a4e2e8b079b3e69cfe2d2e505834b4b3a96480c9a8b141
04c9a567c91f1a5b88063a9f476130557cc445c9690ff7de83b0dacb074ad5f6
0512c7cb761f6411a68d801186eccf3f95d24876d564eb314fb2c168288ef5e6
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0d5f949fcf84560d013b596b51856d6bc487bedc510bc712e82458f00b2506e5
0f56ef30f1b2a257ac6370e4221878c897b4442ba8bb6c27c6136c318d813dce
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
1c305764beca3caf936a2d0a81835a1f4eee3dc49f1de4377774a447a2b3a89c
1e14864923ccbc79185dabbd2f350c0accdc99e7c02658198607274e4bd7f4d6
1e2598ffbdcf985944576a5f59bf3403d513d62cc38de6b1e8e75e5baa7915fe
1f80cb385462593136103054b2dab28ba0d491bad246af2f450a73012a88e9c2
20bd929995c6952954ad84b84c4f1561edf00e53fe75ae9aa5c4005834d69c6e
220f9e964f3afe737a8aa228ac3f41a47be7b89f6c1d752514e141bd9c6c95be
240d15e260a85d96fe3a2a208763a8778eeebb84b05382fe7c003e391a9122fe
26245d3c89d3e6b63df2567799073f14920981e89c4c8a9fd237f76a6213a23c
28150ada43ea15ae42c823b5c507035bd21e878c7f0804db0059bda2975dc9f6
2fa0fae67d124070967ab9e360870382e50f4e347589e4f4cb46ddcd62b8ec6a
32d0daa0c46606d1aa2cf0401321e78ebca5202bee481bd33180bad7bf29d345
35826269556953695e2f33f5dad283974590cc8a1c3213cde9159e9ee861d49e
3738842defda0147ff6f602708c7e6c39c1ec87e63131a3da6976599c470e8e3
38ddbe47a6c50552223935c9c5553c3cb17292cfc08b33d4d2c40c45baf2174c
3a271471183e23b9cd3e055ee993e7b228e2f18d53001a50712889e6481937ad
3aec57ffa5c31e185202ddaa3b5b9d9872d4504f4546ab4eea1298baaf3c7cc7
3d21c7279b04d1496f0feb5c422668b80f9ca352e3690efba9a787a32b81f406
3fdc186142b863683d37a3ec1916ac1d57c048e762b85a867e30c485f99065d3
41c10383fc0dc6bd2592a3c7afde1376329616c9fd680dbf4677e033d85c8414
41d7cc94102ed2313004b480a7f6729159372907b7e94ec49a6d2e23bd8be315
446af72a884d345776077649c1df02647f5b36a8fadf0980c319b1af52260d37
4ef33bfd78d40c2c5fc992a46cfc9ab7d9db7195f2a3de6093044c14031fc95b
534c29a0b1f1ee7ee6614431466cc9b6c0973b1819bbc6dcf0dd65574b25c487
54d2d5c35c2ceb515903123961b1718300c6f4191faed397c7666c2ee91b27a0
5599c3eb34000e3349784230e55ca4e89d1dcffcf0e5b931e90a9629f43f4e7f
562f7232fb7028b9225fbe75054962677487a604dbfd68ca7054a51417665a03
56f807dbe954fd062253c736c5b8c728c0045f966b9120dcc0c2bc253324ca39
57d28f3168199a07d723d06c78f8ba198256841a640c79f3c8f01caa9030c0f9
58634eb2ea948cba097c821f1f5f62425ac42b51689c5a0977a05bd544fcf0f1
58aff91c0127ffd7b966f00b19f581d48b962ae5838dedf88ad18c24cf55fb11
5958a1ef6f64cbf685737312938fd12cdb5b9465eac0d52a857aa205d1ba338e
59fc7dc7227a380a3c77978bb1b4cf7ae716dbe50bda8fdf0dfa70a82b2a32b1
5a095d43a6cb207c855ca0b8d70d314f6454e5358b1cf4cf2e9dae378e33e3c3
5dba915bebaad920c4bfff20a70bf9876e534dcf8d21942d4c629a871eabeac1
5eef8f31106b81956ed908490bcf8c73abe476aa58bb9041acdf70b0d42ebcae
622d4e2da39f5ea961864441f76065bb203bb9053bc3f03c256f42fc5ab1b57b
65021d110e3faa4e795b2722e96030516835e2cee02a506392d8739456d54c9b
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
699cc82f0d0e1c4d493d62746712790993e0e57877af1160a720368d6992dd4b
6e6765981015a3543a5d5d9c1e2c9a06e05f7bd2a0610842adf426a11abcf928
6f4b0d0f79e526824e20ca87a32271618a2f8c92a6c7df6592b75a7f6489adbc
71782ea81be551a0e85b89c68ece186a6342da694b18950e97ae1b86db3fced5
764f66e967214b4f2f74a1e2745699f58d78e19c3b8fcb1d90ae1ef77d76eff1
7b74edfeeb1f567b51353626e95e93b630856f86ba3c323efbd4563db59bc5e1
812fca50b28935c2cee3453098523d3eead8dcd06819aea275b8e23d8c21a743
82c25284c28a7c9f7f8f29ab1d93da5abad26c140447390d43f7342b1ff5b2a6
849bc09fbe87a763d9ef1ebc87b1aa17d282925287b2db614530f214e8627432
8646ecebaef8f5819170cc5427c63695399f7fa3a2482d72b6868453a5035594
86bf1ff2726cbd193ed0329c55d39cc56b93095a64be2e7d9448ff261fabe9e3
887bf388b47ac97bf1a80dd3080256849fad6c6ddf724c52002621e5a69caec5
8a9598514e77189ce592ce72efb148ed6991885996af5186a43cd10c04f52dde
8b3644ac5b264c8d3d09222feeea6aa208432f4e46900037dd60bc9834b3c250
8d801496faa4d884ebeb6a47db82a85a0c1bba204d52410bc35f05825ff97fdb
9049d19610881340e759211242842a170067e7c61f5c41e7e99b836023fb347d
90e29e34f82a342265983429bd40b612c9d21e5745fc4534ed9853675373db2a
946294907869440db341be9a4f27712ca81ed28e8e516aa477df69cc7abc1573
96c7d1747502d1ed1003b1a33d38f15ca2d664f927d82d7a87c051591df531a5
98ff2f173784b131e58f376088dfd9f53aedfcbc9feb5a65d5f90d671f9b8e4f
99741964a7aa756950a3a0530064587cf2ca1f0678f262c92ea65e79562b98a1
9b3557f9a86771440bc0f25efbd3d87e98d018343816bb5f884a09c10205a030
9ede9af2058d8632d4143b4cfba861fc1416db57c666dc3624305ce9157f2559
a1199ccd72754b9510ae2ecaf33d86a39c56e1029780a3faaeefb819bc1f9539
a1467c6ed682df808cf830c429ebaec42c32c2033369aa48446fb9e7f592769d
a2e735250aa89bdbbbf4965f5c82eaea830db06595990c428c3ef531d2891090
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a7b231d354bb4e9c0ef8577d83eb38d6ecfd27fff1c8a2c3b35ef41f10c54351
aaaeb98f5e2355086ee4df2a1f30ffb1eacff0b7dcc54d060eb4837329b3b8aa
b1ff229d7cf6c2eb168c41b99ce4081f4ed5d4cbbfbd94a3450066f89c9d54b2
b33c68bd1ac7f6ebb77be07a055bcfe101019aa33288d0e845749d7171b28c0e
b3d27dd49f5a9fa00ad2420a0015f629cde25f32c6a71153b820f4c63d6f9e02
b65d7eb979623e466ea3700d027051d0dda9a4eb3ffc2c20cf1c3fd6b1a551e6
ba8a52e5d9d3b0b016fd71e04e185c5a23e59dd2db44bb4aa7d7e27261b4fb07
babcfcba818689202436b86553c0c23f19c65e38eb29d1741b2fe865b39b2fcd
c4a006a8992736ae8e6497f157161f079b43dd820b86aae4f36b521c29d4e2a6
c56d71175647914a67312f4307a00ec66f72825d0416d0ca6f7d3a495e70184e
d2014aa913e41fec261461722b2883e2167fedb739050cec9f4beafab3ddb7ab
d2700259ab77508b3e0dce42b862ac8b4803e9963087cfe84340a5e87866139a
d5026cf89332b421cb25a8afc0c5efa0e4e785344d80645d47a10e3fedd17ef5
d9031c3e0f04ba10be7c241b72cb1a3a5e5df0f519784febb5c00e2fcf82327d
da81ea8cd632af923a9abb1b933c4b9075c1255258f421632156f74bf5159901
e087fe0895cd92f6c9319d7eabf0d415b18bd2ff68c41a4cd68269e7b72e13c0
e0b8090ad4a77331c63f9358715c0b7b538bdaa1f12d647f820b4780ebdda3ed
e2cba353244bfed4d2251d2cdc48ad3d2671b7404cb07d846741b8cbbd31eadb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48afa0ca2fdaed77ef3d14202f805ab16829b42e321b71635d538f9e9efa4e2
e56c88851aca16fff38526c8724a9002748f7a88a0dc01d3893a9fd255a48913
e73015d2790cbf417fbe4e8a131c83f9f1ef87099343b6a4ed15b45f5bb85080
e8a30089752c13728299edbbc6e8ba2a08c754c2b01bbf54e652f819e6262a09
e9daf3ae7e648ec9e4d3ebbe7b9cb975f53e38541e24db2e5a8c3b83d1121987
ef4aacd50fba36f7445112f33b71fff649d042f9dd3605f663b877adb7fc03a9
f339f1efa67ce9694a3aac25594b71491f7360b5dba58a44654fe4d13fe0c820
f5974840bc043f4d7a0716682f5ab54d92807bc92c0a474bcf6fbdc8fd2d4691
f9c9cd154d215f3146131175546bdbd6cc83c320ae6184c3b147e5c7e9f147dc
fbeede1a9532f2c6bf82d1212c9688767b9cad97f49feda625dc2a33f5505640
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
fd111e2e24e23e10fe9c14df1bb6b0db3fb42f730a3d28856302d6bbac261d3a
fd1a1cfcf363711655356037dc0e936457d91fa3c5c7d639af1b392ac69a3f92
fd3b514aa07cc15c540b676778e641ac64c687eb2fa16cd8c66274443822ba74
fda55d59471da4e2dad0ff8e4ead2a42c53c9c59614f4868752c938b54797157