win.dezaign.com Open in urlscan Pro
92.118.150.103  Public Scan

25 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5658201&time=1706486259502&url=https%3A%2F%2Fwin.dezaign.com%2F&tm=gtmv2 HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5658201&time=1706486259502&url=https%3A%2F%2Fwin.dezaign.com%2F&tm=gtmv2&cookiesTest=true HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5658201%26time%3D1706486259502%26url%3Dhttps%253A%252F%252Fwin.dezaign.com%252F%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5658201&time=1706486259502&url=https%3A%2F%2Fwin.dezaign.com%2F&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5658201&time=1706486259502&url=https%3A%2F%2Fwin.dezaign.com%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQKX5RUGX6DVTAAAAY1SgeEEzgI6KsRVdzEG5FiVVjSZRGX8Q4NxaKaDYf3k4Jbj3hqVXvE

Request Chain 134

• https://c.clarity.ms/c.gif HTTP 302
• https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A4432EBBBE744EE9BD1E0CE44A459036&RedC=c.clarity.ms&MXFR=12E0D74028106920157EC3542C106789 HTTP 302
• https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A4432EBBBE744EE9BD1E0CE44A459036&MUID=152F4271AA96695C2E6C5665AB8A689C

135 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
9 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response win.dezaign.com/	116 KB 20 KB	714ms 336ms	Document text/html	92.118.150.103 GREENFLOID-AS
General Check archive.org Show headers Download Go to Full URL https://win.dezaign.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 92.118.150.103 Gdansk, Poland, ASN204957 (GREENFLOID-AS, US), Reverse DNS wuore139318.vds Software nginx/1.24.0 / Resource Hash 8578452516f5ac74113eb03f94189897aa6badffef70c7554a801fbf0d41a2c1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Accept-Ranges bytes Connection keep-alive Content-Encoding gzip Content-Length 19826 Content-Type text/html; charset=UTF-8 Date Sun, 28 Jan 2024 23:57:37 GMT ETag "1d14d-607d02fdf0180-gzip" Last-Modified Mon, 16 Oct 2023 07:16:38 GMT Server nginx/1.24.0 Vary Accept-Encoding
GET H2	200	css fonts.googleapis.com/	10 KB 1 KB	169ms 62ms	Stylesheet text/css	2607:f8b0:4004:c08::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,800,900 Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b7d5d49109d172ae86b8a5cf8bb5f25d10a0d33dc2fcd1d2ade32de3c9263404 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 28 Jan 2024 23:57:37 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 28 Jan 2024 23:57:37 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 28 Jan 2024 23:57:37 GMT
GET H/1.1	200 OK	main.5f9a2405d62e6ed81dad.css win.dezaign.com/css/	593 KB 124 KB	168ms 166ms	Stylesheet text/css	92.118.150.103 GREENFLOID-AS
General Check archive.org Show headers Download Go to Full URL https://win.dezaign.com/css/main.5f9a2405d62e6ed81dad.css Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 92.118.150.103 Gdansk, Poland, ASN204957 (GREENFLOID-AS, US), Reverse DNS wuore139318.vds Software nginx/1.24.0 / Resource Hash 0d5acf1b09425844dba87262e2eff2c69a96db25fd12d0e1cfe33b256a13455d Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:37 GMT Content-Encoding gzip Last-Modified Mon, 16 Oct 2023 07:16:40 GMT Server nginx/1.24.0 ETag W/"652ce358-9443b" Transfer-Encoding chunked Content-Type text/css Connection keep-alive
GET H/1.1	200 OK	chartbeat.js Show response win.dezaign.com/js/	37 KB 16 KB	166ms 166ms	Script application/javascript	92.118.150.103 GREENFLOID-AS
General Check archive.org Show headers Download Go to Full URL https://win.dezaign.com/js/chartbeat.js Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 92.118.150.103 Gdansk, Poland, ASN204957 (GREENFLOID-AS, US), Reverse DNS wuore139318.vds Software nginx/1.24.0 / Resource Hash a15da35f400c210c7e6e1c85e871958af80072b39f3b5353b058e6a8a314822e Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:38 GMT Content-Encoding gzip Last-Modified Mon, 16 Oct 2023 07:16:40 GMT Server nginx/1.24.0 ETag W/"652ce358-92b8" Transfer-Encoding chunked Content-Type application/javascript; charset=utf-8 Connection keep-alive
GET H/1.1	200 OK	subscriptions.js Show response win.dezaign.com/js/	32 KB 11 KB	177ms 174ms	Script application/javascript	92.118.150.103 GREENFLOID-AS
General Check archive.org Show headers Download Go to Full URL https://win.dezaign.com/js/subscriptions.js Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 92.118.150.103 Gdansk, Poland, ASN204957 (GREENFLOID-AS, US), Reverse DNS wuore139318.vds Software nginx/1.24.0 / Resource Hash 93fdc01928e3c660262af2bd900bdaefff6849531f86ddb562c444d85191c020 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:38 GMT Content-Encoding gzip Last-Modified Mon, 16 Oct 2023 07:16:42 GMT Server nginx/1.24.0 ETag W/"652ce35a-7fd0" Transfer-Encoding chunked Content-Type application/javascript; charset=utf-8 Connection keep-alive
GET H/1.1	200 OK	gtm.js Show response win.dezaign.com/js/	238 KB 94 KB	177ms 176ms	Script application/javascript	92.118.150.103 GREENFLOID-AS
General Check archive.org Show headers Download Go to Full URL https://win.dezaign.com/js/gtm.js Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 92.118.150.103 Gdansk, Poland, ASN204957 (GREENFLOID-AS, US), Reverse DNS wuore139318.vds Software nginx/1.24.0 / Resource Hash 8decbb6644c769a63a15ca0f879d6f4bfbd1cb8dd04a2b07a96a0355fd2eb26e Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:38 GMT Content-Encoding gzip Last-Modified Mon, 16 Oct 2023 07:16:42 GMT Server nginx/1.24.0 ETag W/"652ce35a-3b622" Transfer-Encoding chunked Content-Type application/javascript; charset=utf-8 Connection keep-alive
GET H2	200	load Show response experience.tinypass.com/xbuilder/experience/	21 KB 7 KB	551ms 42ms	Script application/javascript	2606:4700::6812:dff8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://experience.tinypass.com/xbuilder/experience/load?aid=3UHressLnd Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ede7f82e922d4424d003f3e643ca7ec5fb3fb74c1fa3e31299591b0df74f65e Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma date Sun, 28 Jan 2024 23:57:38 GMT strict-transport-security max-age=86400; includeSubDomains content-encoding br cf-cache-status HIT last-modified Sun, 28 Jan 2024 23:05:56 GMT server cloudflare age 3102 vary Accept-Encoding, Origin content-type application/javascript; charset=UTF-8 cache-control public, max-age=1800 cf-ray 84cd2dcc5cf0335e-MIA alt-svc h3=":443"; ma=86400 x-request-id 8tf181aux0 expires Mon, 29 Jan 2024 00:27:38 GMT
GET H/1.1	200 OK	runtime.02eaebf9527e3a1476e9.js Show response win.dezaign.com/js/	2 KB 1 KB	481ms 160ms	Script application/javascript	92.118.150.103 GREENFLOID-AS
General Check archive.org Show headers Download Go to Full URL https://win.dezaign.com/js/runtime.02eaebf9527e3a1476e9.js Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 92.118.150.103 Gdansk, Poland, ASN204957 (GREENFLOID-AS, US), Reverse DNS wuore139318.vds Software nginx/1.24.0 / Resource Hash 78ab53aa2bc3f773125f66ce9db3a6dd798ee9c4b7c29efee91686323b6aaaf8 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:37 GMT Content-Encoding gzip Last-Modified Mon, 16 Oct 2023 07:16:42 GMT Server nginx/1.24.0 ETag W/"652ce35a-627" Transfer-Encoding chunked Content-Type application/javascript; charset=utf-8 Connection keep-alive
GET H/1.1	200 OK	head.1e3ef1246a5fd9876815.js Show response win.dezaign.com/js/	1010 B 919 B	480ms 159ms	Script application/javascript	92.118.150.103 GREENFLOID-AS
General Check archive.org Show headers Download Go to Full URL https://win.dezaign.com/js/head.1e3ef1246a5fd9876815.js Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 92.118.150.103 Gdansk, Poland, ASN204957 (GREENFLOID-AS, US), Reverse DNS wuore139318.vds Software nginx/1.24.0 / Resource Hash f2ee6e8a7bdd6786a06d2ca9d4acad36bde470abd2082468f3b700217a098ab5 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:37 GMT Content-Encoding gzip Last-Modified Mon, 16 Oct 2023 07:16:42 GMT Server nginx/1.24.0 ETag W/"652ce35a-3f2" Transfer-Encoding chunked Content-Type application/javascript; charset=utf-8 Connection keep-alive
GET H/1.1	200 OK	chartbeat_mab.js Show response win.dezaign.com/js/	23 KB 11 KB	164ms 164ms	Script application/javascript	92.118.150.103 GREENFLOID-AS
General Check archive.org Show headers Download Go to Full URL https://win.dezaign.com/js/chartbeat_mab.js Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 92.118.150.103 Gdansk, Poland, ASN204957 (GREENFLOID-AS, US), Reverse DNS wuore139318.vds Software nginx/1.24.0 / Resource Hash a1394ea8353199101cae4f881e45615f02c92f31bf6b7385762c09c22a26fc9f Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:38 GMT Content-Encoding gzip Last-Modified Mon, 16 Oct 2023 07:16:40 GMT Server nginx/1.24.0 ETag W/"652ce358-5cca" Transfer-Encoding chunked Content-Type application/javascript; charset=utf-8 Connection keep-alive
GET H/1.1	200 OK	gulfnews.com.js Show response win.dezaign.com/js/	14 KB 3 KB	171ms 169ms	Script application/javascript	92.118.150.103 GREENFLOID-AS
General Check archive.org Show headers Download Go to Full URL https://win.dezaign.com/js/gulfnews.com.js Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 92.118.150.103 Gdansk, Poland, ASN204957 (GREENFLOID-AS, US), Reverse DNS wuore139318.vds Software nginx/1.24.0 / Resource Hash a039d6c99529b2e84019becbdce94cb0a4be9aa97ff6012f187e74948479eb4d Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:38 GMT Content-Encoding gzip Last-Modified Mon, 16 Oct 2023 07:16:42 GMT Server nginx/1.24.0 ETag W/"652ce35a-3683" Transfer-Encoding chunked Content-Type application/javascript; charset=utf-8 Connection keep-alive
GET H/1.1	200 OK	gulfnews.js Show response win.dezaign.com/js/	538 B 653 B	493ms 165ms	Script application/javascript	92.118.150.103 GREENFLOID-AS
General Check archive.org Show headers Download Go to Full URL https://win.dezaign.com/js/gulfnews.js Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 92.118.150.103 Gdansk, Poland, ASN204957 (GREENFLOID-AS, US), Reverse DNS wuore139318.vds Software nginx/1.24.0 / Resource Hash 1155df78a9cfa3d49f9b14baf6bf92d3b834d2a7957a96f21b188d2f8e401e74 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:37 GMT Content-Encoding gzip Last-Modified Mon, 16 Oct 2023 07:16:42 GMT Server nginx/1.24.0 ETag W/"652ce35a-21a" Transfer-Encoding chunked Content-Type application/javascript; charset=utf-8 Connection keep-alive
GET H/1.1	200 OK	logo-gn-white.svg win.dezaign.com/images/	52 KB 25 KB	658ms 330ms	Image image/svg+xml	92.118.150.103 GREENFLOID-AS
General Check archive.org Show headers Download Go to Show image Full URL https://win.dezaign.com/images/logo-gn-white.svg Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 92.118.150.103 Gdansk, Poland, ASN204957 (GREENFLOID-AS, US), Reverse DNS wuore139318.vds Software nginx/1.24.0 / Resource Hash 57cae74c7d2f637cc5877f50514a75660447a58ad0d4e8f5c11d547771a3c45e Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:37 GMT Content-Encoding gzip Last-Modified Mon, 16 Oct 2023 07:16:38 GMT Server nginx/1.24.0 ETag W/"652ce356-d11f" Transfer-Encoding chunked Content-Type image/svg+xml Connection keep-alive
GET H/1.1	200 OK	logo-gn.svg win.dezaign.com/images/	52 KB 25 KB	659ms 331ms	Image image/svg+xml	92.118.150.103 GREENFLOID-AS
General Check archive.org Show headers Download Go to Show image Full URL https://win.dezaign.com/images/logo-gn.svg Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 92.118.150.103 Gdansk, Poland, ASN204957 (GREENFLOID-AS, US), Reverse DNS wuore139318.vds Software nginx/1.24.0 / Resource Hash 716b7d705bb8593b9bf09acb88e6796721d1d5b89dc26614f2cbe392a3932c3f Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:37 GMT Content-Encoding gzip Last-Modified Mon, 16 Oct 2023 07:16:38 GMT Server nginx/1.24.0 ETag W/"652ce356-d11f" Transfer-Encoding chunked Content-Type image/svg+xml Connection keep-alive
GET H/1.1	200 OK	Emirates-Draw-winner-Freilyn-Angob--new-1695193950878_18ab16eeab8_large.jpg win.dezaign.com/images/	37 KB 37 KB	169ms 165ms	Image image/jpeg	92.118.150.103 GREENFLOID-AS
General Check archive.org Show headers Download Go to Show image Full URL https://win.dezaign.com/images/Emirates-Draw-winner-Freilyn-Angob--new-1695193950878_18ab16eeab8_large.jpg Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 92.118.150.103 Gdansk, Poland, ASN204957 (GREENFLOID-AS, US), Reverse DNS wuore139318.vds Software nginx/1.24.0 / Resource Hash a9db2ac58c4e564374a37674aa3a3d314cb338af13da3d06195b41f57b5183bb Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:38 GMT Last-Modified Mon, 16 Oct 2023 07:16:40 GMT Server nginx/1.24.0 ETag "652ce358-928f" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 37519
GET H/1.1	200 OK	spacer.gif win.dezaign.com/images/	1 KB 1 KB	361ms 167ms	Image image/gif	92.118.150.103 GREENFLOID-AS
General Check archive.org Show headers Download Go to Show image Full URL https://win.dezaign.com/images/spacer.gif Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 92.118.150.103 Gdansk, Poland, ASN204957 (GREENFLOID-AS, US), Reverse DNS wuore139318.vds Software nginx/1.24.0 / Resource Hash 7e580636156f3d4ce67130710c0589cfd220fdb0609c971e65f9f8cb8126c2b0 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:38 GMT Last-Modified Mon, 16 Oct 2023 07:16:38 GMT Server nginx/1.24.0 ETag "652ce356-448" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 1096
GET H/1.1	200 OK	gn_round_logo.png win.dezaign.com/images/	6 KB 6 KB	165ms 165ms	Image image/png	92.118.150.103 GREENFLOID-AS
General Check archive.org Show headers Download Go to Show image Full URL https://win.dezaign.com/images/gn_round_logo.png Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 92.118.150.103 Gdansk, Poland, ASN204957 (GREENFLOID-AS, US), Reverse DNS wuore139318.vds Software nginx/1.24.0 / Resource Hash 833c8565d56388b239e283e568af8bdd9e369c4db9189220ba1d147b60f8a913 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:38 GMT Last-Modified Mon, 16 Oct 2023 07:16:38 GMT Server nginx/1.24.0 ETag "652ce356-164e" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 5710
GET H/1.1	200 OK	logo-gulfnews2x.png win.dezaign.com/images/	9 KB 9 KB	539ms 539ms	Image image/png	92.118.150.103 GREENFLOID-AS
General Check archive.org Show headers Download Go to Show image Full URL https://win.dezaign.com/images/logo-gulfnews2x.png Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 92.118.150.103 Gdansk, Poland, ASN204957 (GREENFLOID-AS, US), Reverse DNS wuore139318.vds Software nginx/1.24.0 / Resource Hash 686839e082f4692d9586ebe1acd41b9c7d36206fe4dd2ae7d0347c293c43918b Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:38 GMT Last-Modified Mon, 16 Oct 2023 07:16:38 GMT Server nginx/1.24.0 ETag "652ce356-23d9" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 9177
GET H/1.1	200 OK	site-large.png win.dezaign.com/images/	196 KB 197 KB	161ms 160ms	Image image/png	92.118.150.103 GREENFLOID-AS
General Check archive.org Show headers Download Go to Show image Full URL https://win.dezaign.com/images/site-large.png Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 92.118.150.103 Gdansk, Poland, ASN204957 (GREENFLOID-AS, US), Reverse DNS wuore139318.vds Software nginx/1.24.0 / Resource Hash 959e6d494766b9ef9097ece204c50ee2387af989764363ce5f146df402fe5838 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:38 GMT Last-Modified Mon, 16 Oct 2023 07:16:38 GMT Server nginx/1.24.0 ETag "652ce356-31192" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 201106
GET H/1.1	200 OK	image_stamp.png win.dezaign.com/images/	153 KB 153 KB	267ms 266ms	Image image/png	92.118.150.103 GREENFLOID-AS
General Check archive.org Show headers Download Go to Show image Full URL https://win.dezaign.com/images/image_stamp.png Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 92.118.150.103 Gdansk, Poland, ASN204957 (GREENFLOID-AS, US), Reverse DNS wuore139318.vds Software nginx/1.24.0 / Resource Hash 371b4fa41c8a65a833456047f46e0d465fe18c00027ee353f09eb5fc1cc6d1eb Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:39 GMT Last-Modified Mon, 16 Oct 2023 07:16:38 GMT Server nginx/1.24.0 ETag "652ce356-2631b" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 156443
GET H/1.1	200 OK	logo-gn_1.svg win.dezaign.com/images/	94 KB 39 KB	267ms 266ms	Image image/svg+xml	92.118.150.103 GREENFLOID-AS
General Check archive.org Show headers Download Go to Show image Full URL https://win.dezaign.com/images/logo-gn_1.svg Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 92.118.150.103 Gdansk, Poland, ASN204957 (GREENFLOID-AS, US), Reverse DNS wuore139318.vds Software nginx/1.24.0 / Resource Hash 57df9fd780823219a0bb2d0013fc3824edbc420214c2c06616b139958a68242b Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:39 GMT Content-Encoding gzip Last-Modified Mon, 16 Oct 2023 07:16:38 GMT Server nginx/1.24.0 ETag W/"652ce356-17673" Transfer-Encoding chunked Content-Type image/svg+xml Connection keep-alive
GET H/1.1	200 OK	api.js Show response win.dezaign.com/js/	1 KB 1 KB	173ms 169ms	Script application/javascript	92.118.150.103 GREENFLOID-AS
General Check archive.org Show headers Download Go to Full URL https://win.dezaign.com/js/api.js Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 92.118.150.103 Gdansk, Poland, ASN204957 (GREENFLOID-AS, US), Reverse DNS wuore139318.vds Software nginx/1.24.0 / Resource Hash b8943640f0ed8d0fe781bd76775d0a7f91122434699dd202f0aa07b69809a1c1 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:38 GMT Content-Encoding gzip Last-Modified Mon, 16 Oct 2023 07:16:40 GMT Server nginx/1.24.0 ETag W/"652ce358-481" Transfer-Encoding chunked Content-Type application/javascript; charset=utf-8 Connection keep-alive
GET H/1.1	200 OK	gpt.js Show response win.dezaign.com/js/	89 KB 34 KB	331ms 327ms	Script application/javascript	92.118.150.103 GREENFLOID-AS
General Check archive.org Show headers Download Go to Full URL https://win.dezaign.com/js/gpt.js Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 92.118.150.103 Gdansk, Poland, ASN204957 (GREENFLOID-AS, US), Reverse DNS wuore139318.vds Software nginx/1.24.0 / Resource Hash 803b1bc83335973556bb09c4a824b7801f0b2ed7165cdc3fba90a0cb3a48f935 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:38 GMT Content-Encoding gzip Last-Modified Mon, 16 Oct 2023 07:16:42 GMT Server nginx/1.24.0 ETag W/"652ce35a-163bf" Transfer-Encoding chunked Content-Type application/javascript; charset=utf-8 Connection keep-alive
GET H/1.1	200 OK	prebid7.26.0.js Show response win.dezaign.com/js/	241 KB 90 KB	326ms 322ms	Script application/javascript	92.118.150.103 GREENFLOID-AS
General Check archive.org Show headers Download Go to Full URL https://win.dezaign.com/js/prebid7.26.0.js Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 92.118.150.103 Gdansk, Poland, ASN204957 (GREENFLOID-AS, US), Reverse DNS wuore139318.vds Software nginx/1.24.0 / Resource Hash 8391cb73d4295f09d2c13b9d4509fc2bb30387d8a1bd30185c3e23c185ae750a Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:38 GMT Content-Encoding gzip Last-Modified Mon, 16 Oct 2023 07:16:42 GMT Server nginx/1.24.0 ETag W/"652ce35a-3c3bf" Transfer-Encoding chunked Content-Type application/javascript; charset=utf-8 Connection keep-alive
GET H/1.1	200 OK	vendors.c24cb0867537b0a8c71d.js Show response win.dezaign.com/js/	1 MB 487 KB	168ms 167ms	Script application/javascript	92.118.150.103 GREENFLOID-AS
General Check archive.org Show headers Download Go to Full URL https://win.dezaign.com/js/vendors.c24cb0867537b0a8c71d.js Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 92.118.150.103 Gdansk, Poland, ASN204957 (GREENFLOID-AS, US), Reverse DNS wuore139318.vds Software nginx/1.24.0 / Resource Hash 98a0104bd57fa36966f3cee45f314945c71ab8514f86ed4e704f217eacbf7936 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:38 GMT Content-Encoding gzip Last-Modified Mon, 16 Oct 2023 07:16:46 GMT Server nginx/1.24.0 ETag W/"652ce35e-169000" Transfer-Encoding chunked Content-Type application/javascript; charset=utf-8 Connection keep-alive
GET H/1.1	200 OK	main.158859ff9788180b8a96.js Show response win.dezaign.com/js/	228 KB 61 KB	179ms 179ms	Script application/javascript	92.118.150.103 GREENFLOID-AS
General Check archive.org Show headers Download Go to Full URL https://win.dezaign.com/js/main.158859ff9788180b8a96.js Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 92.118.150.103 Gdansk, Poland, ASN204957 (GREENFLOID-AS, US), Reverse DNS wuore139318.vds Software nginx/1.24.0 / Resource Hash b37ebe621d2358768d61bc52214dc590787fe648a297506496801a49f779762d Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:38 GMT Content-Encoding gzip Last-Modified Mon, 16 Oct 2023 07:16:42 GMT Server nginx/1.24.0 ETag W/"652ce35a-39119" Transfer-Encoding chunked Content-Type application/javascript; charset=utf-8 Connection keep-alive
GET H/1.1	200 OK	_Incapsula_Resource Show response win.dezaign.com/	145 KB 146 KB	537ms 537ms	Script text/plain	92.118.150.103 GREENFLOID-AS
General Check archive.org Show headers Download Go to Full URL https://win.dezaign.com/_Incapsula_Resource Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 92.118.150.103 Gdansk, Poland, ASN204957 (GREENFLOID-AS, US), Reverse DNS wuore139318.vds Software nginx/1.24.0 / Resource Hash 17b1218ecdffc811b44d34f0595d589be1e742d5d5cc6d9f34cead2469a29093 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:39 GMT Last-Modified Mon, 16 Oct 2023 07:16:38 GMT Server nginx/1.24.0 Connection keep-alive Accept-Ranges bytes ETag "245c6-607d02fdf0180" Content-Length 148934
GET H2	200	load Show response experience.tinypass.com/xbuilder/experience/	21 KB 6 KB	553ms 45ms	Script application/javascript	2606:4700::6812:dff8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://experience.tinypass.com/xbuilder/experience/load?aid=3UHressLnd Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ede7f82e922d4424d003f3e643ca7ec5fb3fb74c1fa3e31299591b0df74f65e Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma date Sun, 28 Jan 2024 23:57:38 GMT strict-transport-security max-age=86400; includeSubDomains content-encoding br cf-cache-status HIT last-modified Sun, 28 Jan 2024 23:05:56 GMT server cloudflare age 3102 vary Accept-Encoding, Origin content-type application/javascript; charset=UTF-8 cache-control public, max-age=1800 cf-ray 84cd2dcc5cf3335e-MIA alt-svc h3=":443"; ma=86400 x-request-id 8tf181aux0 expires Mon, 29 Jan 2024 00:27:38 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	286 KB 98 KB	560ms 66ms	Script application/javascript	2607:f8b0:4004:c08::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-P27FG92 Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash f68230e52076711943ee5116e1a0350d51b590d5b2660c0dc9db4b445d799a5a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 28 Jan 2024 23:57:38 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100284 x-xss-protection 0 last-modified Sun, 28 Jan 2024 21:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 28 Jan 2024 23:57:38 GMT
GET H2	200	subscriptions.js Show response static.chartbeat.com/js/	32 KB 11 KB	571ms 75ms	Script application/x-javascript	2600:9000:269f:d200:18:1fcd:353:c61 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.chartbeat.com/js/subscriptions.js Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:269f:d200:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash a1c9a21ede44774a26110c312c2c5398e074132f6e243011c15b4bfd660702ab Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 28 Jan 2024 11:04:27 GMT content-encoding gzip via 1.1 7ea5749a224369d9af20b6d6ce7dbd92.cloudfront.net (CloudFront) last-modified Thu, 02 Jun 2022 02:15:58 GMT server nginx x-amz-cf-pop YUL62-P1 age 46391 etag W/"62981d5e-81f0" vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript cache-control max-age=86400 cross-origin-resource-policy cross-origin x-amz-cf-id 3ckQXA8LgY3LCTRPHwlElPFwToKsorcn0-tIiciYK8Yh4fKe8IlmBw== expires Mon, 29 Jan 2024 11:04:27 GMT
GET H/1.1	200 OK	cx.cce.js Show response scdn.cxense.com/	23 KB 6 KB	435ms 68ms	Script application/x-javascript	2600:1408:5400:58f::268b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://scdn.cxense.com/cx.cce.js Requested by Host: win.dezaign.com URL: https://win.dezaign.com/js/gulfnews.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:1408:5400:58f::268b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 4b80e46450200d3fabd65323bf5a91b8d31e919438a8cd48b9f8e8bd8b23edac Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:38 GMT Content-Encoding gzip Last-Modified Fri, 01 Dec 2023 11:02:02 GMT Server AkamaiNetStorage Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 6055 Expires Mon, 29 Jan 2024 00:57:38 GMT
GET H/1.1	200 OK	sprite.min.svg win.dezaign.com/images/	54 KB 17 KB	161ms 161ms	Other image/svg+xml	92.118.150.103 GREENFLOID-AS
General Check archive.org Show headers Download Go to Full URL https://win.dezaign.com/images/sprite.min.svg Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 92.118.150.103 Gdansk, Poland, ASN204957 (GREENFLOID-AS, US), Reverse DNS wuore139318.vds Software nginx/1.24.0 / Resource Hash bce44ee13bd728bb3dc1dcdd7b04251574eb20bc8521180efe3e8baf26e4efab Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:39 GMT Content-Encoding gzip Last-Modified Mon, 16 Oct 2023 07:16:40 GMT Server nginx/1.24.0 ETag W/"652ce358-d876" Transfer-Encoding chunked Content-Type image/svg+xml Connection keep-alive
GET H/1.1	200 OK	gn-sprite.svg win.dezaign.com/images/	155 KB 62 KB	165ms 165ms	Other image/svg+xml	92.118.150.103 GREENFLOID-AS
General Check archive.org Show headers Download Go to Full URL https://win.dezaign.com/images/gn-sprite.svg Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 92.118.150.103 Gdansk, Poland, ASN204957 (GREENFLOID-AS, US), Reverse DNS wuore139318.vds Software nginx/1.24.0 / Resource Hash 6c10e15acd2c282cb291d931ccbc829f930400b0d412657a9557ca4f317629e6 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:39 GMT Content-Encoding gzip Last-Modified Mon, 16 Oct 2023 07:16:40 GMT Server nginx/1.24.0 ETag W/"652ce358-26c3e" Transfer-Encoding chunked Content-Type image/svg+xml Connection keep-alive
GET H/1.1	200 OK	logo-gn-white.svg win.dezaign.com/images/	52 KB 25 KB	365ms 332ms	Image image/svg+xml	92.118.150.103 GREENFLOID-AS
General Check archive.org Show headers Download Go to Show image Full URL https://win.dezaign.com/images/logo-gn-white.svg Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 92.118.150.103 Gdansk, Poland, ASN204957 (GREENFLOID-AS, US), Reverse DNS wuore139318.vds Software nginx/1.24.0 / Resource Hash 57cae74c7d2f637cc5877f50514a75660447a58ad0d4e8f5c11d547771a3c45e Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:38 GMT Content-Encoding gzip Last-Modified Mon, 16 Oct 2023 07:16:38 GMT Server nginx/1.24.0 ETag W/"652ce356-d11f" Transfer-Encoding chunked Content-Type image/svg+xml Connection keep-alive
GET H/1.1	200 OK	spacer.gif win.dezaign.com/images/	1 KB 1 KB	351ms 160ms	Image image/gif	92.118.150.103 GREENFLOID-AS
General Check archive.org Show headers Download Go to Show image Full URL https://win.dezaign.com/images/spacer.gif Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 92.118.150.103 Gdansk, Poland, ASN204957 (GREENFLOID-AS, US), Reverse DNS wuore139318.vds Software nginx/1.24.0 / Resource Hash 7e580636156f3d4ce67130710c0589cfd220fdb0609c971e65f9f8cb8126c2b0 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:38 GMT Last-Modified Mon, 16 Oct 2023 07:16:38 GMT Server nginx/1.24.0 ETag "652ce356-448" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 1096
GET H/1.1	200 OK	logo-gn.svg win.dezaign.com/images/	52 KB 25 KB	162ms 161ms	Image image/svg+xml	92.118.150.103 GREENFLOID-AS
General Check archive.org Show headers Download Go to Show image Full URL https://win.dezaign.com/images/logo-gn.svg Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 92.118.150.103 Gdansk, Poland, ASN204957 (GREENFLOID-AS, US), Reverse DNS wuore139318.vds Software nginx/1.24.0 / Resource Hash 716b7d705bb8593b9bf09acb88e6796721d1d5b89dc26614f2cbe392a3932c3f Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:39 GMT Content-Encoding gzip Last-Modified Mon, 16 Oct 2023 07:16:38 GMT Server nginx/1.24.0 ETag W/"652ce356-d11f" Transfer-Encoding chunked Content-Type image/svg+xml Connection keep-alive
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v26/	32 KB 33 KB	446ms 53ms	Font font/woff2	2607:f8b0:4004:c19::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,800,900 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://win.dezaign.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 27 Jan 2024 04:00:14 GMT x-content-type-options nosniff age 158244 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33092 x-xss-protection 0 last-modified Wed, 13 Sep 2023 22:51:58 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 26 Jan 2025 04:00:14 GMT
GET H/1.1	200 OK	GlosaText-Roman.woff2 win.dezaign.com/fonts/	40 KB 40 KB	210ms 164ms	Font font/woff2	92.118.150.103 GREENFLOID-AS
General Check archive.org Show headers Download Go to Full URL https://win.dezaign.com/fonts/GlosaText-Roman.woff2 Requested by Host: win.dezaign.com URL: https://win.dezaign.com/css/main.5f9a2405d62e6ed81dad.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 92.118.150.103 Gdansk, Poland, ASN204957 (GREENFLOID-AS, US), Reverse DNS wuore139318.vds Software nginx/1.24.0 / Resource Hash d73cdab3c93a237d7bdebd0b6d53821fbd93e969972b324891115b6d77c8baa7 Request headers Referer https://win.dezaign.com/css/main.5f9a2405d62e6ed81dad.css Origin https://win.dezaign.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:38 GMT Last-Modified Mon, 16 Oct 2023 07:16:40 GMT Server nginx/1.24.0 ETag "652ce358-a0d4" Content-Type font/woff2 Connection keep-alive Accept-Ranges bytes Content-Length 41172
GET H/1.1	200 OK	GlosaHeadline-Black.woff win.dezaign.com/fonts/	53 KB 54 KB	211ms 165ms	Font font/woff	92.118.150.103 GREENFLOID-AS
General Check archive.org Show headers Download Go to Full URL https://win.dezaign.com/fonts/GlosaHeadline-Black.woff Requested by Host: win.dezaign.com URL: https://win.dezaign.com/css/main.5f9a2405d62e6ed81dad.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 92.118.150.103 Gdansk, Poland, ASN204957 (GREENFLOID-AS, US), Reverse DNS wuore139318.vds Software nginx/1.24.0 / Resource Hash 18e891c2504bac96c38db786644317849fefb4286e8d5cab297c74df5fb407ec Request headers Referer https://win.dezaign.com/css/main.5f9a2405d62e6ed81dad.css Origin https://win.dezaign.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:38 GMT Last-Modified Mon, 16 Oct 2023 07:16:40 GMT Server nginx/1.24.0 ETag "652ce358-d568" Content-Type font/woff Connection keep-alive Accept-Ranges bytes Content-Length 54632
GET H/1.1	200 OK	GlosaText-Roman-Italic.woff2 win.dezaign.com/fonts/	43 KB 43 KB	226ms 164ms	Font font/woff2	92.118.150.103 GREENFLOID-AS
General Check archive.org Show headers Download Go to Full URL https://win.dezaign.com/fonts/GlosaText-Roman-Italic.woff2 Requested by Host: win.dezaign.com URL: https://win.dezaign.com/css/main.5f9a2405d62e6ed81dad.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 92.118.150.103 Gdansk, Poland, ASN204957 (GREENFLOID-AS, US), Reverse DNS wuore139318.vds Software nginx/1.24.0 / Resource Hash 201f5eb3c8d9d8aa9c02c2f3049bedd78201794e5810487c1d7cf0ca9586d24b Request headers Referer https://win.dezaign.com/css/main.5f9a2405d62e6ed81dad.css Origin https://win.dezaign.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:38 GMT Last-Modified Mon, 16 Oct 2023 07:16:40 GMT Server nginx/1.24.0 ETag "652ce358-ac88" Content-Type font/woff2 Connection keep-alive Accept-Ranges bytes Content-Length 44168
GET H2	404	recaptcha__en.js www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/	0 0	428ms 103ms	Script text/html	2607:f8b0:4004:c09::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/recaptcha__en.js Requested by Host: win.dezaign.com URL: https://win.dezaign.com/js/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://win.dezaign.com/ Origin https://win.dezaign.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 28 Jan 2024 23:57:38 GMT x-content-type-options nosniff server sffe content-type text/html; charset=UTF-8 access-control-allow-origin * cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1621 x-xss-protection 0
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/	420 KB 132 KB	212ms 53ms	Script text/javascript	2607:f8b0:4004:c1b::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310110101/pubads_impl.js Requested by Host: win.dezaign.com URL: https://win.dezaign.com/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ed217f84a2f42753409477460b63ce2ed71c6447b9ec89aa0abde7f42ae5bcf6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://win.dezaign.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Sun, 28 Jan 2024 20:29:28 GMT content-encoding br x-content-type-options nosniff age 12490 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 134786 x-xss-protection 0 server cafe etag 13749274744457858240 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Mon, 27 Jan 2025 20:29:28 GMT
GET H2	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	60 B 594 B	309ms 152ms	XHR application/json	2607:f8b0:4004:c1b::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=win.dezaign.com Requested by Host: win.dezaign.com URL: https://win.dezaign.com/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b89d291619835ed1c68a6ad9b6a6c9a2d780bfafc9c27e60f1a39da54aaf3afa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 28 Jan 2024 23:57:38 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 50 x-xss-protection 0 expires Sun, 28 Jan 2024 23:57:38 GMT
GET H2	200	tinypass.min.js Show response cdn.tinypass.com/api/	389 KB 115 KB	64ms 52ms	Script application/javascript	2606:4700::6812:dff8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.tinypass.com/api/tinypass.min.js Requested by Host: experience.tinypass.com URL: https://experience.tinypass.com/xbuilder/experience/load?aid=3UHressLnd Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8ed3938a52585c98590c73c804d958181a9275702489dfc8fbec80b3539295db Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 28 Jan 2024 23:57:38 GMT x-amz-version-id xg7GPLxq3fR54wllBIJiHIet_ZwURpBG content-encoding br cf-cache-status HIT strict-transport-security max-age=86400; includeSubDomains x-amz-request-id RKCN6T230PJ38H7F age 3498 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED alt-svc h3=":443"; ma=86400 x-amz-id-2 xsNJ8HzUZxgMYDMa8MIzB1QZgEFBPjcWdfa2JQ7XGmeUF/dilieQnnbgL22IHHSb+gM/dkM+2yY= last-modified Tue, 23 Jan 2024 16:05:01 GMT server cloudflare etag W/"14f06d4b2a8f9d9ad6295d2a87768c35" vary Accept-Encoding content-type application/javascript cache-control public, max-age=14400 cf-ray 84cd2dccddc1335e-MIA expires Mon, 29 Jan 2024 03:57:38 GMT
GET H/1.1	200 OK	cx.js Show response cdn.cxense.com/	112 KB 37 KB	191ms 70ms	Script application/x-javascript	2600:1408:5400:58f::268b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.cxense.com/cx.js Requested by Host: scdn.cxense.com URL: https://scdn.cxense.com/cx.cce.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:1408:5400:58f::268b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 4e337343893c619cdcd204af70347c93078b7226bfc80123ce646e54a76ab1c1 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:38 GMT Content-Encoding gzip Last-Modified Fri, 26 Jan 2024 13:48:01 GMT Server AkamaiNetStorage Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 37323 Expires Mon, 29 Jan 2024 00:57:38 GMT
GET H2	200	sdk.js Show response api-esp.piano.io/public/sdk/v04/	43 KB 14 KB	110ms 43ms	Script application/javascript	2606:4700::6811:c376 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx Requested by Host: cdn.tinypass.com URL: https://cdn.tinypass.com/api/tinypass.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 28 Jan 2024 23:57:38 GMT strict-transport-security max-age=86400; includeSubDomains content-encoding br cf-cache-status HIT age 219408 x-cache-status HIT p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" alt-svc h3=":443"; ma=86400 last-modified Tue, 10 Oct 2023 08:51:13 GMT server cloudflare etag W/"1bbec-18b18c87a69" access-control-max-age 36000 vary Accept-Encoding access-control-allow-methods GET,PUT,POST,PATCH,DELETE,OPTIONS access-control-allow-origin api-esp.piano.io content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 access-control-allow-credentials true cf-ray 84cd2dce190a0a0e-MIA access-control-allow-headers Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token expires Mon, 27 Jan 2025 23:57:38 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	273 KB 90 KB	61ms 60ms	Script application/javascript	2607:f8b0:4004:c08::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-VQSYK48MVF Requested by Host: cdn.tinypass.com URL: https://cdn.tinypass.com/api/tinypass.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7df07e845ea294fbe72ca4d3adee3e5fd0ddf6d24ea97d136d7117cac13249da Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 28 Jan 2024 23:57:38 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 92416 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 28 Jan 2024 23:57:38 GMT
GET H/1.1	200 OK	cx.cce.js Show response cdn.cxense.com/	23 KB 6 KB	165ms 61ms	Script application/x-javascript	2600:1408:5400:58f::268b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.cxense.com/cx.cce.js Requested by Host: cdn.tinypass.com URL: https://cdn.tinypass.com/api/tinypass.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:1408:5400:58f::268b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 4b80e46450200d3fabd65323bf5a91b8d31e919438a8cd48b9f8e8bd8b23edac Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:38 GMT Content-Encoding gzip Last-Modified Fri, 01 Dec 2023 11:02:02 GMT Server AkamaiNetStorage Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 6055 Expires Mon, 29 Jan 2024 00:57:38 GMT
POST H2	200	execute Show response c2.piano.io/xbuilder/experience/	2 KB 2 KB	152ms 83ms	XHR application/json	2606:4700::6811:c376 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c2.piano.io/xbuilder/experience/execute?aid=3UHressLnd Requested by Host: cdn.tinypass.com URL: https://cdn.tinypass.com/api/tinypass.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af6f9fcfc59ac60cc3a26d3f273205f51d0aec1ca7592d26c27509129b56346b Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Accept application/json Referer https://win.dezaign.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sun, 28 Jan 2024 23:57:38 GMT strict-transport-security max-age=86400; includeSubDomains content-encoding br cf-cache-status DYNAMIC alt-svc h3=":443"; ma=86400 x-request-id 7jtt9cxexh pragma no-cache server cloudflare vary Accept-Encoding, Origin access-control-allow-methods POST, GET, OPTIONS content-type application/json; charset=UTF-8 access-control-allow-origin https://win.dezaign.com access-control-expose-headers Composer-Request-Control-Policy cache-control no-cache, no-store access-control-allow-credentials true cf-ray 84cd2dce38487418-MIA
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	43 KB 16 KB	498ms 62ms	Script application/javascript	2600:1402:8800::1728:cf21 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P27FG92 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1402:8800::1728:cf21 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 28 Jan 2024 23:57:39 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 23 Jan 2024 14:42:29 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=10891 accept-ranges bytes content-length 15732
GET H2	200	prod-global-852706.js Show response rtbcdn.andbeyond.media/	531 KB 31 KB	99ms 32ms	Script text/javascript	151.101.67.52 FASTLY
General Check archive.org Show headers Download Go to Full URL https://rtbcdn.andbeyond.media/prod-global-852706.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P27FG92 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.67.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash b74a3720db08ebc2ea77846fa2c1cad3d39e295952c595acee9bf8ccdd956d7a Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers x-amz-version-id .VoMhxFcPRZ0XAZDIoktsqDBMXIFrEUv content-encoding br via 1.1 varnish date Sun, 28 Jan 2024 23:57:39 GMT x-amz-request-id 4D7D9VJ1P7TNV2CM age 2 x-amz-server-side-encryption AES256 x-cache HIT content-length 30931 x-amz-id-2 0bKkJDHdKLv0zR2OuSmHf+usUjPyDBdUZz/pKYS/sE1aGDEXXC4PZ1V2psyBFy4kOE4h9/MBjF8= x-served-by cache-mia-kmia1760042-MIA last-modified Thu, 25 Jan 2024 16:58:41 GMT server AmazonS3 x-timer S1706486259.049498,VS0,VE5 etag "9d94d4fa78a8430c66a066d088325b2d" vary Accept-Encoding content-type text/javascript accept-ranges bytes x-cache-hits 1
GET H2	200	gulfnews_os_direct.js Show response www.foxpush.com/programmatic_video/	18 KB 6 KB	117ms 49ms	Script application/x-javascript	2606:4700:20::681a:55d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.foxpush.com/programmatic_video/gulfnews_os_direct.js Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:55d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79b47d37aa5cb306324f0828a1fa334b8474a17514252af5745dd450071695f5 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 28 Jan 2024 23:57:39 GMT x-amz-version-id efQgrT7z7ow_WAV45YV3qGU_qrFEDjM7 via 1.1 dcccf6c408219d8b851fcd12a0068cea.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop MIA3-C3 age 6996 x-amz-server-side-encryption AES256 content-encoding br x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Fri, 12 Jan 2024 11:58:02 GMT server cloudflare etag W/"ee67739fae8a59cad11dc5eda9919ac6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=op7EOfw7%2FYuIvetTI1WkRliBMXEd6ycCg95YBzhEKO0vhJIY5SQ0UgoUaZsvJS7Am1v4lShel76srmPn6%2Bxm2DoSVhpAxHrnjcM%2BRvAdLQi7tCGqrKVnxrxIqtf0PO%2BFPDGJUPthCZsDyQw3hg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=86400 cf-ray 84cd2dcf1d6d31e0-MIA x-amz-cf-id 4_Oah8e5MrAJrFFzNbwWrEvyyqZ56diTmp8v8A-r32KBGsuGE_gjzQ==
GET H3	200	destination Show response www.googletagmanager.com/gtag/	273 KB 90 KB	93ms 93ms	Script application/javascript	2607:f8b0:4004:c08::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=G-VQSYK48MVF&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P27FG92 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash dadb06a777b1ddd0814e8dd1bc6539fc82a3d8c210c64685de29bb54afe4f2c5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 28 Jan 2024 23:57:39 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 92323 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 28 Jan 2024 23:57:39 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	273 KB 90 KB	68ms 68ms	Script application/javascript	2607:f8b0:4004:c08::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-VQSYK48MVF&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P27FG92 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e27fdfb5fcb69549eb8dc66b83b1f10cca785889e2f7578930ba03d71d40a010 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 28 Jan 2024 23:57:39 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 92318 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 28 Jan 2024 23:57:39 GMT
POST H2	204	collect analytics.google.com/g/	0 246 B	426ms 60ms	Ping text/plain	2607:f8b0:4004:c09::64 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-VQSYK48MVF&gtm=45je41o0v889065839z879701319&_p=1706486258094&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=744998967.1706486259&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706486259&sct=1&seg=0&dl=https%3A%2F%2Fwin.dezaign.com%2F&dt=Emirates%20Draw%3A%20Filipina%20wins%20Dh25%2C000%20a%20month%20for%2025%20years%20in%20FAST5%20draw%20%7C%20Uae%20%E2%80%93%20Gulf%20News&en=article_view&_fv=1&_nsi=1&_ss=2&tfd=2171 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-VQSYK48MVF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::64 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 28 Jan 2024 23:57:39 GMT server Golfe2 content-type text/plain access-control-allow-origin https://win.dezaign.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 255 B	427ms 60ms	Ping text/plain	2607:f8b0:4004:c08::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VQSYK48MVF&cid=744998967.1706486259&gtm=45je41o0v889065839z879701319&aip=1&dma=0&gcd=11l1l1l1l1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-VQSYK48MVF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 28 Jan 2024 23:57:39 GMT server Golfe2 content-type text/plain access-control-allow-origin https://win.dezaign.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	projectagora.min.js Show response palibzh.tech/libs/	367 KB 103 KB	361ms 35ms	Script application/javascript	2606:4700:3033::6815:5ea5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://palibzh.tech/libs/projectagora.min.js Requested by Host: win.dezaign.com URL: https://win.dezaign.com/js/gulfnews.com.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:5ea5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c09919f06ceb799754bfe3810c1955cb270dc433e8eebe6c55ffac70db4b732f Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 28 Jan 2024 23:57:39 GMT content-encoding gzip cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id D6XCS9S1607TTMGM age 4444 x-amz-server-side-encryption AES256 x-amz-meta-version 3.20.0 alt-svc h3=":443"; ma=86400 content-length 104452 x-amz-id-2 Ii6tG2GqUPMawmYgDCLakF9aGL23CTG/EWGTRVVTocOeZeqlapV5pP828hRZ0HfY/cOwmv/KXz8= last-modified Mon, 22 Jan 2024 12:32:42 GMT server cloudflare etag "edf92d9be2cd081a45cfbe08e49a0092" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9VEJJsLB2gkl78giEKIBTg5FFJlm6x6QKVfpZDDj3GCFG8Ms4%2FbM64oUuKNn%2B%2FpJiuu4aER4DhkKMY2%2BajfDQMi%2Ba6s%2B1e6jZyxSrMwigIsLsA%2BzN8lekho%2FXlYblcTqu1yiA%2FulIKf%2BmgA%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 accept-ranges bytes cf-ray 84cd2dd159fc4962-MIA
GET H2	200	jquery-2.2.0.min.js Show response code.jquery.com/	84 KB 30 KB	230ms 31ms	Script application/javascript	2a04:4e42::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-2.2.0.min.js Requested by Host: api-esp.piano.io URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 28 Jan 2024 23:57:39 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 11684060 x-cache HIT, HIT content-length 29875 x-served-by cache-lga21967-LGA, cache-mia-kmia1760040-MIA last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1706486259.421919,VS0,VE0 etag W/"28feccc0-14e55" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 126, 13978
GET H2	200	/ Show response mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/	241 B 541 B	404ms 63ms	XHR application/json	2a04:4e42:200::714 FASTLY
General Check archive.org Show headers Download Go to Full URL https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=gulfnews.com&domain=gulfnews.com&path=%2Fuae%2Femirates-draw-filipina-wins-dh25000-a-month-for-25-years-in-fast5-draw-1.98226968 Requested by Host: win.dezaign.com URL: https://win.dezaign.com/js/chartbeat_mab.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:200::714 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 70e6f6b5db3df3d48953e838911ae76501166a31e1741263fbee5d737539b5e4 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers x-cache-hits 0 date Sun, 28 Jan 2024 23:57:39 GMT content-encoding gzip via 1.1 varnish (Varnish/6.0), 1.1 varnish age 0 x-cache MISS cross-origin-resource-policy cross-origin content-length 182 x-served-by cache-mia-kmia1760024-MIA x-timer S1706486259.418722,VS0,VE36 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding content-type application/json access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, max-age=0, s-maxage=0 accept-ranges bytes expires Fri, 26 Jan 2024 23:57:39 GMT
GET H2	403	win.dezaign.com.js csm.cxpublic.com/gulfnews/domain/	0 0	774ms 546ms	Script application/xml	23.7.183.17 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://csm.cxpublic.com/gulfnews/domain/win.dezaign.com.js Requested by Host: cdn.cxense.com URL: https://cdn.cxense.com/cx.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.7.183.17 Minneapolis, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-7-183-17.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers
GET H/1.1	200 OK	sp1.html Show response cdn.cxense.com/ Frame 6D0E	456 B 659 B	58ms 58ms	Document text/html	2600:1408:5400:58f::268b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.cxense.com/sp1.html Requested by Host: cdn.cxense.com URL: https://cdn.cxense.com/cx.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:1408:5400:58f::268b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 1643f549380aeab61b23502d9f260f7350d9c2bd34dbc3cb0af73644332b6ef5 Request headers Referer https://win.dezaign.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Accept-Ranges bytes Access-Control-Allow-Origin * Cache-Control max-age=864000 Connection keep-alive Content-Encoding gzip Content-Length 289 Content-Type text/html Date Sun, 28 Jan 2024 23:57:39 GMT Expires Wed, 07 Feb 2024 23:57:39 GMT Last-Modified Thu, 30 Nov 2023 11:55:50 GMT Server AkamaiNetStorage Vary Accept-Encoding
GET H/1.1	200 OK	player.js Show response player.aniview.com/script/6.1/	39 KB 14 KB	160ms 47ms	Script text/javascript	2600:1402:8800::1728:cd38 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://player.aniview.com/script/6.1/player.js Requested by Host: www.foxpush.com URL: https://www.foxpush.com/programmatic_video/gulfnews_os_direct.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:1402:8800::1728:cd38 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software UploadServer / Resource Hash 63d06182aa189f102b1790b003051b3ad7783a99c5a528b3c55ba14bd84a3af5 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:39 GMT Content-Encoding gzip X-GUploader-UploadID ABPtcPrng9DeBLhz0NKjWxLvRBtgQC8vjN0Zzbg64rL-88Q5c3c7EiwtcEm0i-JJDe-zYQ9csxc x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding gzip Connection keep-alive Alt-Svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 13581 Last-Modified Sun, 28 Jan 2024 08:10:28 GMT Server UploadServer ETag "dad85136fb059c40c338e011e2b6d326" Vary Accept-Encoding x-goog-generation 1706429428299418 Content-Type text/javascript; charset=UTF-8 Access-Control-Allow-Origin * x-goog-hash crc32c=/jO+GA==, md5=2thRNvsFnEDDOOAR4rbTJg== Access-Control-Expose-Headers Content-Type Cache-Control public, no-transform, max-age=900 x-goog-stored-content-length 13581 Accept-Ranges bytes Expires Mon, 29 Jan 2024 00:12:39 GMT
GET H2	200	track track1.aniview.com/	0 143 B	175ms 56ms	Image text/plain	96.46.186.186 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://track1.aniview.com/track?pid=6311fe190051b3255674e7d5&cid=63ef55d1d4908bbd4d0b2906&cb=1706486259207&r=win.dezaign.com&stagid=63ef561cea214c48560d40d6&stplid=6322d12390f5a408b626fa85&d35=&d65=&e=playerLoaded Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.46.186.186 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 28 Jan 2024 23:57:39 GMT cache-control max-age=0, no-cache, no-store content-length 0
GET H/1.1	200 OK	domainping.php Show response prebid.andbeyond.media/	7 B 230 B	1245ms 281ms	XHR text/html	52.220.254.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prebid.andbeyond.media/domainping.php?domain=https://win.dezaign.com/&aff=852706 Requested by Host: rtbcdn.andbeyond.media URL: https://rtbcdn.andbeyond.media/prod-global-852706.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.220.254.74 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-220-254-74.ap-southeast-1.compute.amazonaws.com Software Apache/2.4.56 (Amazon Linux) OpenSSL/3.0.8 / Resource Hash c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Sun, 28 Jan 2024 23:57:40 GMT Server Apache/2.4.56 (Amazon Linux) OpenSSL/3.0.8 Connection keep-alive Content-Length 7 Content-Type text/html; charset=UTF-8
GET		dubai-min.json dmu-api.gulfnews.com/gn-feeds/data/weather/	0 0
GET		cricket.json dmu-api.gulfnews.com/v2/gn-feeds/data/	0 0
GET H2	200	prayertimings Show response dmu-api.gulfnews.com/prayer-times/manage/public/api/	6 KB 1 KB	255ms 74ms	XHR application/json	3.161.213.29 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dmu-api.gulfnews.com/prayer-times/manage/public/api/prayertimings?country=united_arab_emirates&city=dubai&month=1 Requested by Host: win.dezaign.com URL: https://win.dezaign.com/js/vendors.c24cb0867537b0a8c71d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.161.213.29 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-161-213-29.yul62.r.cloudfront.net Software Apache/2.4.18 (Ubuntu) / Resource Hash 8be47ce44d99c311fe92752c5f07248237ef21b8f079940e9cb3e4b714a55c90 Request headers Accept */* Referer https://win.dezaign.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 28 Jan 2024 23:11:52 GMT content-encoding gzip via 1.1 82411d437ee2d2355a407b78473e6156.cloudfront.net (CloudFront) server Apache/2.4.18 (Ubuntu) x-amz-cf-pop YUL62-P1 age 2746 vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin * x-cache Hit from cloudfront cache-control no-cache access-control-allow-headers Content-Type, Accept, Authorization, X-Requested-With, Cache-Control x-amz-cf-id XPtluw6j-cwUaRaSliui3iza9IGhn3foGSVuLWFc1lvY_8MaG8dCtg==
GET H2	200	prayertimings Show response dmu-api.gulfnews.com/prayer-times/manage/public/api/	6 KB 1 KB	257ms 76ms	XHR application/json	3.161.213.29 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dmu-api.gulfnews.com/prayer-times/manage/public/api/prayertimings?country=united_arab_emirates&city=dubai&month=1 Requested by Host: win.dezaign.com URL: https://win.dezaign.com/js/vendors.c24cb0867537b0a8c71d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.161.213.29 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-161-213-29.yul62.r.cloudfront.net Software Apache/2.4.18 (Ubuntu) / Resource Hash 8be47ce44d99c311fe92752c5f07248237ef21b8f079940e9cb3e4b714a55c90 Request headers Accept */* Referer https://win.dezaign.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 28 Jan 2024 23:11:52 GMT content-encoding gzip via 1.1 82411d437ee2d2355a407b78473e6156.cloudfront.net (CloudFront) server Apache/2.4.18 (Ubuntu) x-amz-cf-pop YUL62-P1 age 2746 vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin * x-cache Hit from cloudfront cache-control no-cache access-control-allow-headers Content-Type, Accept, Authorization, X-Requested-With, Cache-Control x-amz-cf-id 2SxmpmlBHf2vuJhZ2r08LUFRckCZ6ESum9zJ2RP9_Zu5BRFIrnaRSA==
GET DATA	200 OK	truncated /	204 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 19563b96d1d8fcc4429035bb5f464eb701b5433ee571bef69e5087628a719b30 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	chartbeat.js Show response static.chartbeat.com/js/	38 KB 15 KB	81ms 81ms	Script application/x-javascript	2600:9000:269f:d200:18:1fcd:353:c61 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.chartbeat.com/js/chartbeat.js Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:269f:d200:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 28 Jan 2024 17:35:20 GMT content-encoding gzip via 1.1 7ea5749a224369d9af20b6d6ce7dbd92.cloudfront.net (CloudFront) last-modified Thu, 21 Dec 2023 01:03:21 GMT server nginx x-amz-cf-pop YUL62-P1 age 22939 etag W/"65838ed9-9630" vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript cache-control max-age=86400 cross-origin-resource-policy cross-origin x-amz-cf-id VMH4kYQmYMvctsn3tL38yP3Ge1MXGmO1HG6PhSRjvns85TXdGxQpZQ== expires Mon, 29 Jan 2024 17:35:20 GMT
GET H2	200	segment Show response api.cxense.com/profile/user/	62 B 571 B	164ms 51ms	Script text/javascript	86.109.7.56 PACKET
General Check archive.org Show headers Download Go to Full URL https://api.cxense.com/profile/user/segment?callback=cXJsonpCB1&persisted=5572ce959ef66fed2c65205e96b8218176e9b464&json=%7B%22identities%22%3A%5B%7B%22id%22%3A%22lry5uwdrpxd2c2wi%22%2C%22type%22%3A%22cx%22%7D%5D%7D Requested by Host: cdn.cxense.com URL: https://cdn.cxense.com/cx.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 86.109.7.56 Ashburn, United States, ASN54825 (PACKET, US), Reverse DNS Software Jetty(9.4.28.v20200408) / Resource Hash ca11b298f778bc9674f60d265c6b71dfcc42723d64cef1ecb6c7056c3088c6e6 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 28 Jan 2024 23:57:39 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff server Jetty(9.4.28.v20200408) content-type text/javascript;charset=utf-8 p3p policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" cache-control no-store, no-cache, must-revalidate content-length 62 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	21 KB 7 KB	96ms 38ms	Script application/javascript	2606:4700::6812:82ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P27FG92 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4be1addf4ee8c28eff431ef8bfbc475913c1234f6315c50047bc1eda86de71f3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 28 Jan 2024 23:57:39 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 dulN1EiikhiO8GlkrdtHlg== age 52256 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 6838 x-ms-lease-status unlocked last-modified Thu, 25 Jan 2024 20:55:19 GMT server cloudflare etag 0x8DC1DE7F0BAF2A8 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 9ff1c125-801e-000e-6504-501033000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 84cd2dd22d52dae1-MIA
GET H2	200	ping ping.chartbeat.net/	43 B 202 B	164ms 54ms	Image image/gif	44.219.183.154 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ping.chartbeat.net/ping?h=gulfnews.com&p=%2Fuae%2Femirates-draw-filipina-wins-dh25000-a-month-for-25-years-in-fast5-draw-1.98226968&u=D9iYTqCWxSPDpVVrK&d=gulfnews.com&g=61780&g0=uae&g1=By%20Faisal%20Masudi%2C%20Assistant%20Editor&n=1&f=00001&c=0&x=0&m=0&y=3866&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwin.dezaign.com%2F&b=2489&t=Dt2jmmiphTobAHcEDkUxD5E2Zq&V=141&i=Emirates%20Draw%3A%20Filipina%20wins%20Dh25%2C000%20a%20month%20for%2025%20years%20in%20FAST5%20draw%20%7C%20Uae%20%E2%80%93%20Gulf%20News&tz=600&_acct=anon&sn=1&sv=BVQ_DjCo7dkaDeDeHqBHEg5XHygGy&sd=1&im=067b9cdf&_ Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.219.183.154 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-219-183-154.compute-1.amazonaws.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers content-type image/gif pragma no-cache date Sun, 28 Jan 2024 23:57:39 GMT cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-length 43 expires 0
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	3 KB 3 KB	166ms 56ms	Script application/x-javascript	2a03:2880:f003:c0e:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: win.dezaign.com URL: https://win.dezaign.com/js/main.158859ff9788180b8a96.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 1eb0b0183c40128459944ed2cf9605d6b2f844970c8433a6d0aa96537306dec4 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=() strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Sun, 28 Jan 2024 23:57:39 GMT content-md5 LAwaR7RktPM0yKj0koXGEg== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1685 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0" x-fb-debug SvMh4M5blxEFPE3MHi1OHccFJ9VBxauVKhgf9W6t8MFLx5gP03mqc7MHrRcCdAETk+AlpiPsbEduXz041bVAJg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-content-md5 0aa9ffb33ad38d505196da73b63b27ea cross-origin-opener-policy same-origin-allow-popups etag "88a141e1ec9a604b4d5b28ef87e5f6d7" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() x-frame-options DENY timing-allow-origin * expires Mon, 29 Jan 2024 00:17:09 GMT
GET H2	200	Stock-Jobs-and-Recruitment_176f688baac_small.jpg imagevars.gulfnews.com/2021/01/12/	24 KB 25 KB	2598ms 164ms	Image image/jpg	38.60.178.84 BEDGE-CO-LIMITED
General Check archive.org Show headers Download Go to Show image Full URL https://imagevars.gulfnews.com/2021/01/12/Stock-Jobs-and-Recruitment_176f688baac_small.jpg Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 38.60.178.84 Mexico City, Mexico, ASN63139 (BEDGE-CO-LIMITED, US), Reverse DNS Software openresty / Resource Hash 62b163e5a9440f898a64c6aff2d646c24fd7c9e58501435f0aa1142c801ad31d Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers nginx-hit 1 date Sun, 28 Jan 2024 23:57:42 GMT via LA-MEX-mexicocity-EDGE2-CACHE7[10],LA-MEX-mexicocity-EDGE2-CACHE4[0,TCP_HIT,7],LA-MEX-mexicocity-GLOBAL1-CACHE21[21],LA-MEX-mexicocity-GLOBAL1-CACHE17[0,TCP_HIT,20] x-ccdn-cachettl 86400 x-amz-request-id 9AXTKVJTP66VNQEN age 9122093 content-length 24829 x-amz-id-2 xz7LT/KoQQ3hJmiXSDY1GT8TRwEn5r8MWjMlUuMn4+NVZ7rKa+K7XWrKu/Oq0wcI/M0vzV6n4i0= last-modified Thu, 15 Jul 2021 12:01:42 GMT server openresty etag "aa06e00fe0b20132d744a2e5adfcc4e8" content-type image/jpg cache-control max-age=864000 x-ccdn-expires 61193 accept-ranges bytes x-hcs-proxy-type 1
GET H2	200	Whale-RAK_18b279f51db_small.jpg imagevars.gulfnews.com/2023/10/13/	10 KB 10 KB	2603ms 184ms	Image image/jpg	38.60.178.84 BEDGE-CO-LIMITED
General Check archive.org Show headers Download Go to Show image Full URL https://imagevars.gulfnews.com/2023/10/13/Whale-RAK_18b279f51db_small.jpg Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 38.60.178.84 Mexico City, Mexico, ASN63139 (BEDGE-CO-LIMITED, US), Reverse DNS Software openresty / Resource Hash 85aed811873238c6fe45e3c41661312cef180f2c874019c573bec0eab403f22a Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers nginx-hit 1 date Sun, 28 Jan 2024 23:57:42 GMT via LA-MEX-mexicocity-EDGE2-CACHE7[9],LA-MEX-mexicocity-EDGE2-CACHE7[0,TCP_HIT,5],LA-MEX-mexicocity-GLOBAL1-CACHE19[6],LA-MEX-mexicocity-GLOBAL1-CACHE19[0,TCP_HIT,2] x-ccdn-cachettl 86400 x-amz-request-id VV091W1BKMNEKW8J age 9308173 x-amz-server-side-encryption AES256 content-length 10130 x-amz-id-2 AKJLurlax6zf0Sdg+v6d6DXCjBntFDJwFJQBgcfeLE+5Nx05IBrYjmiZEgpqjolvb0y2i1LTn3Y= last-modified Fri, 13 Oct 2023 06:00:39 GMT server openresty etag "318e0280acf88d5d4090ac4d1c4c49f1" content-type image/jpg cache-control max-age=864000 x-ccdn-expires 61194 accept-ranges bytes x-hcs-proxy-type 1
GET H2	200	marinerescue-1697281945560_18b2de32ff0_small.jpg imagevars.gulfnews.com/2023/10/14/	16 KB 17 KB	2535ms 176ms	Image image/jpg	38.60.178.84 BEDGE-CO-LIMITED
General Check archive.org Show headers Download Go to Show image Full URL https://imagevars.gulfnews.com/2023/10/14/marinerescue-1697281945560_18b2de32ff0_small.jpg Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 38.60.178.84 Mexico City, Mexico, ASN63139 (BEDGE-CO-LIMITED, US), Reverse DNS Software openresty / Resource Hash e760f2a803adf8ea64d1231043b3af852536876ebffc7276a2bca2f031280f01 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers nginx-hit 1 date Sun, 28 Jan 2024 23:57:42 GMT via LA-MEX-mexicocity-EDGE2-CACHE7[8],LA-MEX-mexicocity-EDGE2-CACHE8[0,TCP_HIT,4],LA-MEX-mexicocity-GLOBAL1-CACHE29[479],LA-MEX-mexicocity-GLOBAL1-CACHE32[473,TCP_MISS,475] x-ccdn-cachettl 86400 x-amz-request-id ZSZFSCS82QK0QWHE age 9204010 x-amz-server-side-encryption AES256 content-length 16639 x-amz-id-2 zl63uDWC8cowiurMofvFoaukplnMyJrvLm7PMFO/di4WWH/zGu6XiLEXZi61rgVqstqOSs7Da4w= last-modified Sat, 14 Oct 2023 11:12:29 GMT server openresty etag "795d72524af97c0cfeedc4fabcbcde02" content-type image/jpg cache-control max-age=864000 x-ccdn-expires 61192 accept-ranges bytes x-hcs-proxy-type 1
GET H2	200	Dubai-Taxi-RTA_18004b43ea2_small.jpg imagevars.gulfnews.com/2022/04/07/	27 KB 28 KB	2457ms 102ms	Image image/jpg	38.60.178.84 BEDGE-CO-LIMITED
General Check archive.org Show headers Download Go to Show image Full URL https://imagevars.gulfnews.com/2022/04/07/Dubai-Taxi-RTA_18004b43ea2_small.jpg Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 38.60.178.84 Mexico City, Mexico, ASN63139 (BEDGE-CO-LIMITED, US), Reverse DNS Software openresty / Resource Hash 82f7149f95f97d1811f7c6a98e74cb22394678b82d6442b6e8dc9af6e273281f Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers nginx-hit 1 date Sun, 28 Jan 2024 23:57:42 GMT via LA-MEX-mexicocity-EDGE2-CACHE7[7],LA-MEX-mexicocity-EDGE2-CACHE7[0,TCP_HIT,5],LA-MEX-mexicocity-GLOBAL1-CACHE16[19],LA-MEX-mexicocity-GLOBAL1-CACHE23[0,TCP_HIT,18] x-ccdn-cachettl 86400 x-amz-request-id S8HCKF99N395XNJV age 196923 content-length 27894 x-amz-id-2 5vV7YRom/OiD7H0T8YAQH41GThSRKtOqd6JJ7rzbKvOk4tEVPIU+47YbW4hLS/Ff34RSl0yQh1U= last-modified Thu, 07 Apr 2022 15:46:06 GMT server openresty etag "6339d8f58052179c1db78fe23ebd68db" content-type image/jpg cache-control max-age=864000 x-ccdn-expires 61173 accept-ranges bytes x-hcs-proxy-type 1
GET H2	200	3-_Archive_photo-1697347763590_18b31cf7d9b_small.jpg imagevars.gulfnews.com/2023/10/15/	22 KB 22 KB	2428ms 85ms	Image image/jpg	38.60.178.84 BEDGE-CO-LIMITED
General Check archive.org Show headers Download Go to Show image Full URL https://imagevars.gulfnews.com/2023/10/15/3-_Archive_photo-1697347763590_18b31cf7d9b_small.jpg Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 38.60.178.84 Mexico City, Mexico, ASN63139 (BEDGE-CO-LIMITED, US), Reverse DNS Software openresty / Resource Hash f1833a76c9bc56fd40d5b120da339ed00473f7121ce806f0cb723c36a2f5066f Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers nginx-hit 1 date Sun, 28 Jan 2024 23:57:42 GMT via LA-MEX-mexicocity-EDGE2-CACHE7[7],LA-MEX-mexicocity-EDGE2-CACHE8[0,TCP_HIT,3],LA-MEX-mexicocity-GLOBAL1-CACHE21[12],LA-MEX-mexicocity-GLOBAL1-CACHE16[0,TCP_HIT,9] x-ccdn-cachettl 86400 x-amz-request-id A27PHFSZRMVWTBNA age 9138091 x-amz-server-side-encryption AES256 content-length 22156 x-amz-id-2 qSMaz6aoj8yjucawYBVwzs6wSWNTsjkcKSIfN0Wzg3bMb0T1Z7ku909fFCfa7A7yA7fG8gGO+Zc= last-modified Sun, 15 Oct 2023 05:29:28 GMT server openresty etag "1e7ffc0881e1ce2a37be3a891b445b5b" content-type image/jpg cache-control max-age=864000 x-ccdn-expires 61173 accept-ranges bytes x-hcs-proxy-type 1
GET H2	200	AIRBRIDGE-1697380413368_18b33c1afcd_small.jpg imagevars.gulfnews.com/2023/10/15/	14 KB 14 KB	2383ms 95ms	Image image/jpg	38.60.178.84 BEDGE-CO-LIMITED
General Check archive.org Show headers Download Go to Show image Full URL https://imagevars.gulfnews.com/2023/10/15/AIRBRIDGE-1697380413368_18b33c1afcd_small.jpg Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 38.60.178.84 Mexico City, Mexico, ASN63139 (BEDGE-CO-LIMITED, US), Reverse DNS Software openresty / Resource Hash a3f49c347922fbf4d4dc803477aa29a9116c33fdec6b00c7bf596221033a9df9 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers nginx-hit 1 date Sun, 28 Jan 2024 23:57:42 GMT via LA-MEX-mexicocity-EDGE2-CACHE7[7],LA-MEX-mexicocity-EDGE2-CACHE2[0,TCP_HIT,3],LA-MEX-mexicocity-GLOBAL1-CACHE32[346],LA-MEX-mexicocity-GLOBAL1-CACHE28[342,TCP_MISS,343] x-ccdn-cachettl 86400 x-amz-request-id TKRKT6682FSN396J age 9105272 x-amz-server-side-encryption AES256 content-length 13976 x-amz-id-2 asMpftyixA8D5AxJ/VHBOXkfeQlJep+WGg51t+Zh+/iwiw4jzJ9BSS1RnplrKpe7dOhQEIyUPHA= last-modified Sun, 15 Oct 2023 14:33:37 GMT server openresty etag "6cc1e93a1dbcd52936967113c6c79809" content-type image/jpg cache-control max-age=864000 x-ccdn-expires 61195 accept-ranges bytes x-hcs-proxy-type 1
OPTIONS H3	200	223 api-esp.piano.io/publisher/fusion/lucid/data/ Frame	0 0	97ms 65ms	Preflight	2606:4700::6811:c376 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api-esp.piano.io/publisher/fusion/lucid/data/223?email=&visitor=lry5uwdrpxd2c2wi&stored_visitor=&pnespid= Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://win.dezaign.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token access-control-allow-methods GET,PUT,POST,PATCH,DELETE,OPTIONS access-control-allow-origin https://win.dezaign.com access-control-max-age 36000 alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 84cd2dd1ef6d21ca-MIA date Sun, 28 Jan 2024 23:57:39 GMT p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" server cloudflare strict-transport-security max-age=86400; includeSubDomains
GET H2	200	223 Show response api-esp.piano.io/publisher/fusion/lucid/data/	89 B 256 B	67ms 66ms	XHR application/json	2606:4700::6811:c376 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api-esp.piano.io/publisher/fusion/lucid/data/223?email=&visitor=lry5uwdrpxd2c2wi&stored_visitor=&pnespid= Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-2.2.0.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2e057b83d7b8c6a14b6daaa563f235b2ad3e246d0c96a4c11aac493263989d96 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://win.dezaign.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Content-Type application/json Response headers date Sun, 28 Jan 2024 23:57:39 GMT strict-transport-security max-age=86400; includeSubDomains content-encoding br cf-cache-status DYNAMIC x-cache-status BYPASS p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" alt-svc h3=":443"; ma=86400 server cloudflare etag W/"59-SXg/jb0NLElOQhl+Y89BeDRNJxs" access-control-max-age 36000 access-control-allow-methods GET,PUT,POST,PATCH,DELETE,OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://win.dezaign.com access-control-allow-credentials true cf-ray 84cd2dd25ec90a0e-MIA access-control-allow-headers Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
GET H/1.1	200 OK	cx.js Show response cdn.cxense.com/ Frame 6D0E	112 KB 37 KB	71ms 71ms	Script application/x-javascript	2600:1408:5400:58f::268b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.cxense.com/cx.js Requested by Host: cdn.cxense.com URL: https://cdn.cxense.com/sp1.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2600:1408:5400:58f::268b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 45c30844eec1accd74992758427c1d49aa0479b284de22199cb6d4e92c4d192d Request headers accept-language en-US,en;q=0.9 Referer https://cdn.cxense.com/sp1.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:39 GMT Content-Encoding gzip Last-Modified Fri, 26 Jan 2024 13:48:01 GMT Server AkamaiNetStorage Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 37323 Expires Mon, 29 Jan 2024 00:57:39 GMT
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 567 B	182ms 124ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept * Referer https://win.dezaign.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sun, 28 Jan 2024 23:57:39 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 646D570642CD4FFFB2BF82E4212D4E64 Ref B: MIAEDGE2317 Ref C: 2024-01-28T23:57:39Z linkedin-action 1 vary Origin x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 access-control-allow-origin https://win.dezaign.com x-li-proto http/2 access-control-allow-credentials true x-li-uuid AAYQCktRJJ0G95+pkWYpEA==
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5658201&time=1706486259502&url=https%3A%2F%2Fwin.dezaign.com%2F&tm=gtmv2 https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5658201&time=1706486259502&url=https%3A%2F%2Fwin.dezaign.com%2F&tm=gtmv2&cookiesTest=true https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5658201%26time%3D1706486259502%26url%3Dhttps%253A%252F%252Fwin.dezaign.com%252F%2... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5658201&time=1706486259502&url=https%3A%2F%2Fwin.dezaign.com%2F&tm=gtmv2&cookiesTest=true&liSync=true https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5658201&time=1706486259502&url=https%3A%2F%2Fwin.dezaign.com%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQKX5RUGX6DVTAAAAY1SgeEEzgI6KsRVdzEG...	0 489 B	183ms 124ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5658201&time=1706486259502&url=https%3A%2F%2Fwin.dezaign.com%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQKX5RUGX6DVTAAAAY1SgeEEzgI6KsRVdzEG5FiVVjSZRGX8Q4NxaKaDYf3k4Jbj3hqVXvE Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 28 Jan 2024 23:57:40 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: EF2ECB56BEB04C65BCA0BBC1BE90E33D Ref B: MIAEDGE1719 Ref C: 2024-01-28T23:57:40Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-lva1 x-li-proto http/2 content-length 0 x-li-uuid AAYQCktcENAKy/ny8/CpwA== Redirect headers date Sun, 28 Jan 2024 23:57:39 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: F7DB58E06912427CBDFA61F857333FA3 Ref B: MIAEDGE2317 Ref C: 2024-01-28T23:57:39Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5658201&time=1706486259502&url=https%3A%2F%2Fwin.dezaign.com%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQKX5RUGX6DVTAAAAY1SgeEEzgI6KsRVdzEG5FiVVjSZRGX8Q4NxaKaDYf3k4Jbj3hqVXvE x-li-proto http/2 content-length 0 x-li-uuid AAYQCktW4RYE795ZcUBd4g==
GET H/1.1	200 OK	p1.js Show response p1cluster.cxense.com/ Frame 6D0E	46 B 636 B	161ms 56ms	Script text/javascript	145.40.89.32 PACKET
General Check archive.org Show headers Download Go to Full URL https://p1cluster.cxense.com/p1.js Requested by Host: cdn.cxense.com URL: https://cdn.cxense.com/cx.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 145.40.89.32 Ashburn, United States, ASN54825 (PACKET, US), Reverse DNS Software Jetty(9.4.28.v20200408) / Resource Hash f86708458d79f1c97cfd3b832fe28c17068f9ab07cabdda6468ffd31472402a6 Request headers accept-language en-US,en;q=0.9 Referer https://cdn.cxense.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 28 Jan 2024 23:57:39 GMT last-modified Fri, 28 Jul 2023 23:57:39 GMT server Jetty(9.4.28.v20200408) etag xcykm4h5tsep3mv8edwq196eo p3p policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-type text/javascript;charset=utf-8 cache-control private, proxy-revalidate content-length 46 expires Tue, 28 Jan 2025 23:57:39 GMT
GET H2	200	99fea595-8c86-4b99-8984-e2fc4ee61b2a.json Show response cdn.cookielaw.org/consent/99fea595-8c86-4b99-8984-e2fc4ee61b2a/	4 KB 2 KB	226ms 172ms	XHR application/x-javascript	2606:4700::6812:82ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/99fea595-8c86-4b99-8984-e2fc4ee61b2a/99fea595-8c86-4b99-8984-e2fc4ee61b2a.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6dcb150285f9e6090e077eb470ea21eb1c6561dbe4aa994736389ba1e13c1f6a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 28 Jan 2024 23:57:39 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload content-md5 FMg+SWaV1S3JXw84nlWbPQ== content-length 1647 x-ms-lease-status unlocked last-modified Tue, 25 Oct 2022 11:35:49 GMT server cloudflare etag 0x8DAB67D10807739 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 71b900a5-001e-002f-65ff-513448000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 84cd2dd2ca8f2878-MIA expires Mon, 29 Jan 2024 23:57:39 GMT
GET H3	200	AVmanager.js Show response player.aniview.com/script/6.1/ Frame F861	469 KB 135 KB	148ms 44ms	Script text/javascript	2600:1402:8800::1728:cd38 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6311fe190051b3255674e7d5 Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/player.js Protocol H3 Security QUIC, , AES_256_GCM Server 2600:1402:8800::1728:cd38 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software UploadServer / Resource Hash e88c160059fc55e84a997db69473cf4f136bd809e880a6b4a5a9fe5bebeba51f Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers expires Mon, 29 Jan 2024 00:12:39 GMT date Sun, 28 Jan 2024 23:57:39 GMT content-encoding gzip x-guploader-uploadid ABPtcPo8Dvr2DoByaA27hKG4tI6oYFlL7ne0mFZQ3Mbsw83kjG1pMqoZ0lYwRcYI6nOWPNV4634 x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 137771 last-modified Sun, 28 Jan 2024 08:10:28 GMT server UploadServer etag "1a235f5864ccde8171eff866eeaa1eac" vary Accept-Encoding x-goog-generation 1706429427958642 content-type text/javascript; charset=UTF-8 access-control-allow-origin * x-goog-hash crc32c=QiLEhA==, md5=GiNfWGTM3oFx7/hm7qoerA== access-control-expose-headers Content-Type cache-control public, no-transform, max-age=900 x-goog-stored-content-length 137771 accept-ranges bytes quic-version 0x00000001
GET H3	200	sdk.js Show response connect.facebook.net/en_US/	303 KB 87 KB	114ms 55ms	Script application/x-javascript	2a03:2880:f003:c0e:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=1da0adf28eb1974ea4d61da6a8f5dfb8 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 5e69ce4664061f12c73660e3bc39d60543e0ffee44af28d6fa190248d0528095 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://win.dezaign.com/ Origin https://win.dezaign.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=() strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Sun, 28 Jan 2024 23:57:39 GMT content-md5 HjQuV2uzkdDjdDp8KV9Bnw== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 88456 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0" x-fb-debug 2PWIXEsbCygDghQZN1gQZQ4MGBTmU+qhLS695m84dZSP3x8JiPSSL7IkprkD76HtGO4fRM3ABZT6hdmLoKLOmw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-content-md5 84654071139f1551d31f4da9f8db63f3 cross-origin-opener-policy same-origin-allow-popups etag "529e6a56933190747cf3c15bddca57d6" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() x-frame-options DENY timing-allow-origin * priority u=3,i expires Mon, 27 Jan 2025 23:38:50 GMT
GET H/1.1	200 OK	rep.gif comcluster.cxense.com/Repo/ Frame 6D0E	43 B 469 B	169ms 53ms	Image image/gif	145.40.89.32 PACKET
General Check archive.org Show headers Download Go to Show image Full URL https://comcluster.cxense.com/Repo/rep.gif?ver=2.8.47&typ=pgv&rnd=lry5uwdr667uf6id&sid=1129571403021454561&loc=https%3A%2F%2Fwin.dezaign.com%2F&new=1&arf=0&ltm=1706486258989&ref=&tzo=600&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=lry5uwle8x142jyo&ckp=lry5uwdrpxd2c2wi&glb=&cp_userState=anon&cst=xcykm4h5tsep3mv8edwq196eo Requested by Host: cdn.cxense.com URL: https://cdn.cxense.com/sp1.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 145.40.89.32 Ashburn, United States, ASN54825 (PACKET, US), Reverse DNS Software Jetty(9.4.28.v20200408) / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language en-US,en;q=0.9 Referer https://cdn.cxense.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers p3p policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" date Sun, 28 Jan 2024 23:57:39 GMT server Jetty(9.4.28.v20200408) content-length 43 content-type image/gif
GET H/1.1	200 OK	id Show response id.cxense.com/public/user/	103 B 676 B	171ms 56ms	Script text/javascript	145.40.89.32 PACKET
General Check archive.org Show headers Download Go to Full URL https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22lry5uwdrpxd2c2wi%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%22xcykm4h5tsep3mv8edwq196eo%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%22xcykm4h5tsep3mv8edwq196eo%22%7D%5D%2C%22siteId%22%3A%221129571403021454561%22%2C%22location%22%3A%22https%3A%2F%2Fwin.dezaign.com%2F%22%7D&callback=cXJsonpCB2 Requested by Host: cdn.cxense.com URL: https://cdn.cxense.com/cx.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 145.40.89.32 Ashburn, United States, ASN54825 (PACKET, US), Reverse DNS Software Jetty(9.4.28.v20200408) / Resource Hash b861b39404891d1ba5dfc281057a46d5ea75fe56e1269bf31277288a62eaeb19 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 28 Jan 2024 23:57:39 GMT x-content-type-options nosniff server Jetty(9.4.28.v20200408) content-type text/javascript;charset=utf-8 p3p policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" cache-control no-store, no-cache, must-revalidate content-length 103 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	68 B 307 B	108ms 50ms	XHR application/json	2606:4700:4400::6812:2089 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 71cfd0bf781e3f393bca283fc9d44777a2036985a4ffe9abedf14909e63a8aef Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept application/json Referer https://win.dezaign.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 28 Jan 2024 23:57:39 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin * cf-ray 84cd2dd43ea85c83-MIA access-control-allow-headers Content-Type
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/202209.2.0/	380 KB 91 KB	253ms 253ms	Script application/javascript	2606:4700::6812:82ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202209.2.0/otBannerSdk.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2c75c4c4d0aed145958afceb33a11e5d84c41343c718f93b77dfe4f4a9b85046 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 28 Jan 2024 23:57:39 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 e+e6AkPl94GL4uGcEXS00w== age 58458 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 92877 x-ms-lease-status unlocked last-modified Thu, 03 Nov 2022 15:58:07 GMT server cloudflare etag 0x8DABDB4331C221B vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id ce615010-101e-0051-516a-0ca40f000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 84cd2dd4cafadae1-MIA
GET DATA	200 OK	truncated /	194 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 23ccc2eb5ab2f26dc90911585b07893758e681dca2f83417457640c91a407fb9 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	573 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0213165f17c942a002a9ab00385e768717b2a9ebe889cdb37f092d3bc7715f33 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	242 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 00cc63cd6ed4b645ed0a274e431628073d79150a2e0a3c20c5ab2685abc43c95 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	528 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash cede6b4d3db7dfd01d7d6e9bf322105ac466e167be6ca281e9ac500b1f302194 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	224 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e96aa7c60bb144fee6bbdbcc58f8b542df774635705f3b3f1211a706b3516bfa Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	306 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6621912d07a2de8622885fddfd9a6ce5f5bdb3a0923d599fa2bd70982df19029 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	325 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c2406e05a30a7a5d4afe4e7154f3cfa0b859de69aca0b52c88eae016f0ca1075 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	398 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ac9a19e1c87802a0542f754d3786bc70681cda30eafd9d204f293bff57fe0ca1 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H2	200	logo.svg www.foxpush.com/assets/images/	7 KB 3 KB	245ms 240ms	Image image/svg+xml	2606:4700:20::681a:55d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.foxpush.com/assets/images/logo.svg Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:55d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 74c473f1ad49dd0a87352a0428b1a0eae06e94467caea6d479c1b3f910aa57f3 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 28 Jan 2024 23:57:40 GMT x-amz-version-id 97BDCQ23gR2tzsjxL48EEnXefo_BKGnj via 1.1 04a7e6061ff44278cba30d4bada61a54.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop MIA3-C3 age 6457 x-amz-server-side-encryption AES256 content-encoding br x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Thu, 13 Jul 2023 15:49:08 GMT server cloudflare etag W/"eec0fcc7af6d66e7c6b4fd7a264865f0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wuEGSsbXui4zyC1ckDW37O%2FlLbkBKG7015v62OGHXfVw084IP8Bzlk24YiisBkNd0LWYPbE2%2BjAwRP1Jj%2Fv2lmWRTl7Cc9w1ZVtVNpQ2WznhXfbfj0hRP9ZToHq5a0fJvg62P2qC3X885SVyfg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=86400 cf-ray 84cd2dd4e91231e0-MIA x-amz-cf-id vl9OxPCJgPZCxvVcuWl9ErDdC5NmC6GXY8EQX8Kb7MW0Atr6sKKPtA==
GET H2	200	/ Show response go1.aniview.com/api/adserver/tag/	4 KB 2 KB	375ms 126ms	XHR application/json	173.0.146.6 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://go1.aniview.com/api/adserver/tag/?AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwin.dezaign.com%2F&AV_PUBLISHERID=6311fe190051b3255674e7d5&AV_CHANNELID=63ef55d1d4908bbd4d0b2906&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=win.dezaign.com&AV_DADPOS=3&AV_TAG=63ef561cea214c48560d40d6&AV_TEMPLATE=6322d12390f5a408b626fa85&AV_GPID=/6311fe190051b3255674e7d5/63ef561cea214c48560d40d6/win.dezaign.com&d36=6.2.166&responsive=1&sver=4&avtoken=259968&omv=1.0.1&clsid=4370c129-68b1-4d8f-b077-a24dfe8b3206&rando=57&scnt=1&AV_WIDTH=697&AV_HEIGHT=392&AV_DNT=0&cb=1706486259972&wfc=1 Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6311fe190051b3255674e7d5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.0.146.6 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software / Resource Hash e21baaf58153aa987577e67b5a67f6e560800e1564f48f71cb67d8ee4921d388 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 28 Jan 2024 23:57:40 GMT x-bamboo-c-skst 1 content-encoding gzip x-bamboo-c-skfe 1 accept-ch sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64 x-bamboo-c-s BYPASS access-control-max-age 1728000 vary Accept-Encoding access-control-allow-methods GET, POST, DELETE, PUT, OPTIONS, INDEX access-control-allow-origin https://win.dezaign.com content-type application/json cache-control no-cache access-control-allow-credentials true access-control-allow-headers Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With expires Wed, 17 Jan 2024 10:11:00 GMT
GET H2	200	track track1.aniview.com/	0 142 B	62ms 62ms	Image text/plain	96.46.186.186 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://track1.aniview.com/track?r=win.dezaign.com&sn=&ic=0&tgt=0&app=&wi=697&he=392&test=&d36=6.2.166&apppkg=&fv=3&proto=https&clsid=4370c129-68b1-4d8f-b077-a24dfe8b3206&rando=57&scnt=1&pid=6311fe190051b3255674e7d5&cid=63ef55d1d4908bbd4d0b2906&stagid=63ef561cea214c48560d40d6&stplid=6322d12390f5a408b626fa85&e=inventory&vi=0&cb=1706486259971 Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.46.186.186 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 28 Jan 2024 23:57:40 GMT cache-control max-age=0, no-cache, no-store content-length 0
GET H2	200	en.json Show response cdn.cookielaw.org/consent/99fea595-8c86-4b99-8984-e2fc4ee61b2a/1d385b41-8e9b-47ef-b999-60d15c4aa2a6/	89 KB 17 KB	171ms 170ms	Fetch application/x-javascript	2606:4700::6812:82ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/99fea595-8c86-4b99-8984-e2fc4ee61b2a/1d385b41-8e9b-47ef-b999-60d15c4aa2a6/en.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202209.2.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f8f87b20e680ed7fdb922d62b3769edd15ff97a085b3b851b5412910adecbcfd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 28 Jan 2024 23:57:40 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload content-md5 hssKoWVyGeRJ9YWDurP6NQ== content-length 17067 x-ms-lease-status unlocked last-modified Tue, 25 Oct 2022 11:35:50 GMT server cloudflare etag 0x8DAB67D112F1454 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 64404c18-501e-006f-38ff-513370000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 84cd2dd6b8292878-MIA expires Mon, 29 Jan 2024 23:57:40 GMT
GET H2	200	script.js Show response cdnstat.net/get/	129 B 695 B	444ms 263ms	Script text/html	172.67.176.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnstat.net/get/script.js?referrer=https://win.dezaign.com/ Requested by Host: win.dezaign.com URL: https://win.dezaign.com/js/vendors.c24cb0867537b0a8c71d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.176.240 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.2.1 Resource Hash c59a3960888d96b3748601b9b77df171bafa3d53289ec4b8b6db3d474e9a39e1 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 28 Jan 2024 23:57:40 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/8.2.1 vary Accept-Encoding access-control-allow-methods GET, POST content-type text/html; charset=utf-8 access-control-allow-origin https://win.dezaign.com report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JflhYHH8qGVyTkymd6ftucb9AcTA4UYKwl4RPH3kqEn3T9CGujKA6%2FZGFYtlucOq9WZMwFLWXqP%2FOfpw8yRizsS0E0hj7N9DdagyGuSKFi4KsNO3s5BgHUKhroexcA%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 84cd2dd7e8ce25a6-MIA access-control-allow-headers X-Requested-With,content-type alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	_Incapsula_Resource win.dezaign.com/	32 KB 32 KB	168ms 168ms	Image text/plain	92.118.150.103 GREENFLOID-AS
General Check archive.org Show headers Download Go to Show image Full URL https://win.dezaign.com/_Incapsula_Resource?SWKMTFSR=1&e=0.8920796222224583 Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 92.118.150.103 Gdansk, Poland, ASN204957 (GREENFLOID-AS, US), Reverse DNS wuore139318.vds Software nginx/1.24.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:40 GMT Last-Modified Mon, 16 Oct 2023 07:16:38 GMT Server nginx/1.24.0 Connection keep-alive Accept-Ranges bytes ETag "245c6-607d02fdf0180" Content-Length 148934
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/863512173/	2 KB 2 KB	174ms 65ms	Script text/javascript	2607:f8b0:4004:c07::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/863512173/?random=1706486260442&cv=11&fst=1706486260442&bg=ffffff&guid=ON&async=1&gtm=45He41o0v79701319&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwin.dezaign.com%2F&hn=www.googleadservices.com&frm=0&tiba=Emirates%20Draw%3A%20Filipina%20wins%20Dh25%2C000%20a%20month%20for%2025%20years%20in%20FAST5%20draw%20%7C%20Uae%20%E2%80%93%20Gulf%20News&pscdl=noapi&auid=1003227026.1706486259&uamb=0&uaw=0&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P27FG92 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 368ca1143f78d0fb1609b756ec70adfe07ae8a5b0f6609775f60122b87c9b159 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 28 Jan 2024 23:57:40 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1307 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	213 KB 56 KB	56ms 54ms	Script application/x-javascript	2a03:2880:f003:c0e:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash f54d3a9011dd18c3a6b2c5ca5c5bf3d490d5428046d806c4aa9ecec5f82139ca Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 28 Jan 2024 23:57:40 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 57158 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0" pragma public x-fb-debug zGSkubM7XV/Sl6aSejZ+nEIgZAFKQXZc6DwXi88jjSx2nZ/6dMCM8aJIa+aFTvyaMna7ZlAAqbtYLU6OpFk5KA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	OneSignalSDK.js Show response cdn.onesignal.com/sdks/	9 KB 3 KB	105ms 42ms	Script application/javascript	2606:4700::6812:d63b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.onesignal.com/sdks/OneSignalSDK.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P27FG92 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 28 Jan 2024 23:57:40 GMT via 1.1 google content-encoding br cf-cache-status HIT server cloudflare strict-transport-security max-age=15552000; includeSubDomains age 3145 etag W/"a87c48d211877c49b878679b2e3cdab8" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 84cd2dd8cbd5034d-MIA access-control-allow-headers OneSignal-Subscription-Id alt-svc h3=":443"; ma=86400 expires Wed, 31 Jan 2024 23:57:40 GMT
GET H2	200	advertising.js Show response www.npttech.com/	6 KB 3 KB	120ms 46ms	Script application/javascript	2606:4700:3037::ac43:9bd7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.npttech.com/advertising.js Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:9bd7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 28 Jan 2024 23:57:40 GMT x-amz-version-id AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id PPKG0BH3D6235G7G age 1231 alt-svc h3=":443"; ma=86400 x-amz-id-2 VPLZdLE0V6rD53deo5Z5Ne07djuq1B6uHQ7nJUOf6ZKqmJTTM3u3Mge65g18kN6igD6hFBteZpM= last-modified Tue, 18 Oct 2022 13:20:01 GMT server cloudflare etag W/"df0e1827cd8f289a645f38d8fecaf6e0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b1vzj0WQdLJ5TAwOI5zWowiupUA3TY%2F3ubj8ShW5ZZ8fg%2FHvxbsKzVT0sxT1vhdJD6dQz8M95lEZLBemSdCovhDrF414cbW9HZfz7ZCLjNMpxlVlQcncGyyjGkQvkg8Q9gqZKtBONx6dLQHnYPo%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=28800 cf-ray 84cd2dd918af9ab4-MIA
GET H/1.1	200 OK	dtm.js Show response dtm-dre.platform.hicloud.com/download/web/	53 KB 17 KB	493ms 148ms	Script application/javascript	80.158.18.121 AS6878
General Check archive.org Show headers Download Go to Full URL https://dtm-dre.platform.hicloud.com/download/web/dtm.js?id=DTM-ac1262027c6e10a2817cc06442e74a12 Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 80.158.18.121 , Germany, ASN6878 (AS6878, DE), Reverse DNS ecs-80-158-18-121.reverse.open-telekom-cloud.com Software elb / Resource Hash 7e50762892e97ea4638c86302b07e50d15dc157b9fbd3389320faf398f89d197 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 28 Jan 2024 23:57:41 GMT Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Content-Encoding gzip Server elb X-frame-options SAMEORIGIN Transfer-Encoding chunked Content-Type application/javascript; charset=utf-8 Cache-Control private,max-age=900 Content-Disposition inline Connection keep-alive X-XSS-Protection 1; mode=block
GET H2	200	ajdi47ze87 Show response www.clarity.ms/tag/	668 B 1 KB	303ms 67ms	Script application/x-javascript	2620:1ec:29:1::38 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/tag/ajdi47ze87 Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:29:1::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 932f8b95217f58993c101d3b84d1ff95eea6df5a9cc651d0876207c3200c492a Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers request-context appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8 date Sun, 28 Jan 2024 23:57:40 GMT x-azure-ref 09Om2ZQAAAAAE3dsR5ssCTpllgphURIwxQk4xQUEyMDUxMDE5MDMzADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ== x-cache CONFIG_NOCACHE content-type application/x-javascript cache-control no-cache, no-store content-length 668 expires -1
GET H2	200	smartechclient.js Show response cdnt.netcoresmartech.com/	3 KB 1 KB	304ms 68ms	Script application/javascript	2600:1408:5400:22::b819:7f94 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdnt.netcoresmartech.com/smartechclient.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P27FG92 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1408:5400:22::b819:7f94 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AmazonS3 / Resource Hash 9e2d780d5a5a0159d6e3ec900cf992daeaba275a0f191eb1791dcfdf0f635a0f Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 28 Jan 2024 23:57:40 GMT content-encoding gzip x-amz-request-id ED4D7VSQB248C9NV x-amz-server-side-encryption AES256 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1706486260815_389524308_1166732463_20_920_73_141_146";dur=1 content-length 997 x-amz-id-2 d7fdcrmPR4zweL8O3bLQTrMJx5rOSnqkOgLVRltaXoCLmLJl9ozGL1olIzV0+Fq65nfScNvn+Eo= last-modified Mon, 18 Dec 2023 15:56:18 GMT server AmazonS3 etag "fe63598f2dc8f3c8b4515d86fd91e3d4" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=278927 accept-ranges bytes expires Thu, 01 Feb 2024 05:26:27 GMT
POST H2	204	collect analytics.google.com/g/	0 45 B	61ms 60ms	Ping text/plain	2607:f8b0:4004:c09::64 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-VQSYK48MVF&gtm=45je41o0v889065839&_p=1706486258094&gcd=11l1l1l1l1&dma=0&cid=744998967.1706486259&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1706486259&sct=1&seg=0&dl=https%3A%2F%2Fwin.dezaign.com%2F&dt=Emirates%20Draw%3A%20Filipina%20wins%20Dh25%2C000%20a%20month%20for%2025%20years%20in%20FAST5%20draw%20%7C%20Uae%20%E2%80%93%20Gulf%20News&en=experienceExecute&_ee=1&ep.aid=3UHressLnd&ep.tags=standardArticle%2Carticle&ep.debug=false&ep.url=https%3A%2F%2Fwin.dezaign.com%2F&ep.event_category=experienceExecute&ep.event_label=Experience%20execute%20aid%3A3UHressLnd&ep.experience_id=N%2FA&ep.hit_type=event&ep.non_interaction=true&ep.event_action=aid_3UHressLnd&_et=18&tfd=3589 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-VQSYK48MVF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::64 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 28 Jan 2024 23:57:40 GMT server Golfe2 content-type text/plain access-control-allow-origin https://win.dezaign.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	otFlat.json Show response cdn.cookielaw.org/scripttemplates/202209.2.0/assets/	13 KB 3 KB	157ms 156ms	Fetch application/json	2606:4700::6812:82ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202209.2.0/assets/otFlat.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202209.2.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 28 Jan 2024 23:57:40 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 EeeTJseU5tDko7/qaeVjww== strict-transport-security max-age=31536000; includeSubDomains; preload content-length 3007 x-ms-lease-status unlocked last-modified Thu, 03 Nov 2022 15:57:58 GMT server cloudflare etag 0x8DABDB42D6FB08E vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 9ac9be7d-b01e-0058-2aff-51e1dc000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 84cd2dd7fa032878-MIA
GET H2	200	otPcCenter.json Show response cdn.cookielaw.org/scripttemplates/202209.2.0/assets/v2/	61 KB 12 KB	158ms 158ms	Fetch application/json	2606:4700::6812:82ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202209.2.0/assets/v2/otPcCenter.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202209.2.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 02aa8872f610a5b394f1d8fbc6abe0211e97f3d8a1e9dfd53aed7012977f7f0a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 28 Jan 2024 23:57:40 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 wDjFZLsL1Wx6P8H8iTOpGQ== strict-transport-security max-age=31536000; includeSubDomains; preload content-length 12523 x-ms-lease-status unlocked last-modified Thu, 03 Nov 2022 15:58:00 GMT server cloudflare etag 0x8DABDB42ED50167 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 0cf39958-701e-0035-58ff-515597000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 84cd2dd7fa062878-MIA
GET H2	200	otCookieSettingsButton.json Show response cdn.cookielaw.org/scripttemplates/202209.2.0/assets/	5 KB 2 KB	148ms 148ms	Fetch application/json	2606:4700::6812:82ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202209.2.0/assets/otCookieSettingsButton.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202209.2.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 28 Jan 2024 23:57:40 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 uyvbyq0s1EtYSd+dbvHHAw== strict-transport-security max-age=31536000; includeSubDomains; preload content-length 1767 x-ms-lease-status unlocked last-modified Thu, 03 Nov 2022 15:57:59 GMT server cloudflare etag 0x8DABDB42E89D23D vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id fa977988-f01e-0076-15ff-51b3cb000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 84cd2dd7fa092878-MIA
GET H2	200	otCommonStyles.css Show response cdn.cookielaw.org/scripttemplates/202209.2.0/assets/	21 KB 4 KB	171ms 170ms	Fetch text/css	2606:4700::6812:82ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202209.2.0/assets/otCommonStyles.css Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202209.2.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 087d847ee64707e372f572145600ecbcb13f2dd2382fd8962326f2fed03dd85d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 28 Jan 2024 23:57:40 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 oQsmwuIlJWH4cKDxpI1ltA== x-ms-lease-status unlocked last-modified Thu, 03 Nov 2022 15:58:11 GMT server cloudflare vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id 01b8b383-001e-0086-48ff-51f53a000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 84cd2dd7fa122878-MIA
GET H3	200	945632802879428 Show response connect.facebook.net/signals/config/	52 KB 11 KB	155ms 154ms	Script application/x-javascript	2a03:2880:f003:c0e:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/945632802879428?v=2.9.143&r=stable&domain=win.dezaign.com&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash a9dd6db1436387d0987e41375c6ee87c9d7d648642340eb99eb71f87f49a4307 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 28 Jan 2024 23:57:40 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0" pragma public x-fb-debug nLTXm2XNJpJZg6Ag26tee+uJxAsJOBUxdisudKhdhKLAW5qkQkwd84zxHkUIV+kCBhI06CeORiluZeAf7yd0iw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/863512173/	42 B 455 B	194ms 64ms	Image image/gif	2607:f8b0:4004:c17::68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/863512173/?random=1706486260442&cv=11&fst=1706482800000&bg=ffffff&guid=ON&async=1&gtm=45He41o0v79701319&u_w=1600&u_h=1200&url=https%3A%2F%2Fwin.dezaign.com%2F&frm=0&tiba=Emirates%20Draw%3A%20Filipina%20wins%20Dh25%2C000%20a%20month%20for%2025%20years%20in%20FAST5%20draw%20%7C%20Uae%20%E2%80%93%20Gulf%20News&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_7NkqKCqc9jgE_CfNmp2wxOXDCqJ_xQ&random=2082365180&rmt_tld=0&ipr=y Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::68 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 28 Jan 2024 23:57:40 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	OneSignalPageSDKES6.js Show response cdn.onesignal.com/sdks/	284 KB 68 KB	46ms 43ms	Script application/javascript	2606:4700::6812:d63b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605 Requested by Host: cdn.onesignal.com URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 28 Jan 2024 23:57:40 GMT via 1.1 google content-encoding br cf-cache-status HIT server cloudflare strict-transport-security max-age=15552000; includeSubDomains age 3143 etag W/"e3be409ac3c100e2a5d3f264ec260551" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 84cd2dd95ccc034d-MIA access-control-allow-headers OneSignal-Subscription-Id alt-svc h3=":443"; ma=86400 expires Wed, 31 Jan 2024 23:57:40 GMT
GET H2	200	gn_msite_logo.png cdn.cookielaw.org/logos/2e311614-d8fe-473d-9b40-85adbcfb6b63/99fea595-8c86-4b99-8984-e2fc4ee61b2a/3f02cb41-1d17-479a-81ca-0e4e79c979ee/	14 KB 15 KB	87ms 83ms	Image image/png	2606:4700::6812:82ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/2e311614-d8fe-473d-9b40-85adbcfb6b63/99fea595-8c86-4b99-8984-e2fc4ee61b2a/3f02cb41-1d17-479a-81ca-0e4e79c979ee/gn_msite_logo.png Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b482034912f49062e493bfb6f1d2c1b4e79844e3818153e62eb91868cef0bd60 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 28 Jan 2024 23:57:40 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-md5 ZR3ht81GlTOLsijJt16bHA== age 9146 content-length 14723 x-ms-lease-status unlocked last-modified Tue, 27 Sep 2022 12:30:07 GMT server cloudflare etag 0x8DAA084036BAEB2 vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id 5b41d74e-401e-004c-4ca3-0ba9b3000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 84cd2dd9ab7cdae1-MIA
GET H2	200	poweredBy_ot_logo.svg cdn.cookielaw.org/logos/static/	3 KB 2 KB	39ms 35ms	Image image/svg+xml	2606:4700::6812:82ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 28 Jan 2024 23:57:40 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 LpuayL42jB78xRllx0vkOw== age 45717 x-ms-lease-status unlocked last-modified Thu, 25 Jan 2024 20:55:21 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 7b0aef34-e01e-007a-4e25-5024c3000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 84cd2dd9ab7edae1-MIA
GET H2	200	web Show response onesignal.com/api/v1/sync/6d391df3-f5b1-45af-ad56-a24d914c5c23/	3 KB 2 KB	49ms 39ms	Script text/javascript	2606:4700::6812:d63b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onesignal.com/api/v1/sync/6d391df3-f5b1-45af-ad56-a24d914c5c23/web?callback=__jp0 Requested by Host: cdn.onesignal.com URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 27de4ae7d29474ddc72ab2bcbdb049163c3668748e6206fe2a94496d467f9e67 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 28 Jan 2024 23:57:40 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT content-encoding br x-permitted-cross-domain-policies none strict-transport-security max-age=15552000; includeSubDomains age 1818 cf-polished origSize=3370 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block x-request-id d95c7e96-4388-430a-8124-801d8257aecf x-runtime 0.027947 referrer-policy strict-origin-when-cross-origin cf-bgj minify server cloudflare etag W/"6fda1fadc8cd013222646388a366603c" x-download-options noopen vary Origin, Accept-Encoding x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=3600 cf-ray 84cd2ddadee0034d-MIA access-control-allow-headers SDK-Version expires Mon, 29 Jan 2024 00:57:40 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	164ms 55ms	Image text/plain	2a03:2880:f103:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=945632802879428&ev=PageView&dl=https%3A%2F%2Fwin.dezaign.com%2F&rl=&if=false&ts=1706486260827&sw=1600&sh=1200&v=2.9.143&r=stable&ec=0&o=4126&fbp=fb.1.1706486260826.1878305103&ler=empty&cdl=API_unavailable&it=1706486260659&coo=false&exp=d1&rqm=GET Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Sun, 28 Jan 2024 23:57:41 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	clarity.js Show response www.clarity.ms/s/0.7.20/	60 KB 20 KB	50ms 50ms	Script application/javascript	2620:1ec:29:1::38 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/s/0.7.20/clarity.js Requested by Host: www.clarity.ms URL: https://www.clarity.ms/tag/ajdi47ze87 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:29:1::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 28 Jan 2024 23:57:40 GMT content-encoding br last-modified Wed, 24 Jan 2024 14:33:55 GMT x-azure-ref-originshield 0OQe2ZQAAAAAyHSbYCGS6RLjCYgehO8eITU5aMjIxMDYwNjEyMDE5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ== etag "0x8DC1CE97EB406F9" x-azure-ref 09Om2ZQAAAABWVfCyF5hBS66VRo3DZ+y4Qk4xQUEyMDUxMDE5MDMzADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ== x-cache TCP_HIT content-type application/javascript;charset=utf-8 access-control-allow-origin * x-ms-request-id 7842bd5a-c01e-0049-2bb7-516c30000000 cache-control public, max-age=86400 x-ms-version 2018-03-28 accept-ranges bytes
GET H2	200	js-versioning Show response osjs.netcoresmartech.com/v1/	264 KB 75 KB	2602ms 2345ms	Script text/javascript	23.222.4.140 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K96B00J08QEV8C821K7FHEOG8MSGNG&siteid=449a762e93c939c90ffd890924572565&rc=l&cache=1 Requested by Host: cdnt.netcoresmartech.com URL: https://cdnt.netcoresmartech.com/smartechclient.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.222.4.140 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-222-4-140.deploy.static.akamaitechnologies.com Software / Resource Hash 3f1f7da59d37e9732054381b7a843207c0cd65b140fcef545ab5c0dab620fe84 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 28 Jan 2024 23:57:43 GMT content-encoding gzip last-modified Sun, 28 Jan 2024 23:32:43 GMT x-amzn-requestid d2cbd643-b226-4d10-8272-50bf6a1e4946 x-amzn-trace-id Root=1-65b6e9f6-74c18e8025e537bc2a1f7cf9;Sampled=0;lineage=8d157353:0 vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=604800 content-disposition inline; filename=smartech-sdk.js server-timing cdn-cache; desc=REVALIDATE, edge; dur=866, origin; dur=1427, ak_p; desc="1706486261147_400425868_949598295_229366_1155_51_125_146";dur=1 x-amz-apigw-id SRl-jEEShcwEV_A=
POST H/1.1	204 No Content	collect Show response t.clarity.ms/	0 295 B	150ms 49ms	XHR text/plain	20.114.189.70 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://t.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.20/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer https://win.dezaign.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Access-Control-Allow-Origin https://win.dezaign.com Date Sun, 28 Jan 2024 23:57:41 GMT Access-Control-Allow-Credentials true Server nginx/1.18.0 (Ubuntu) Connection keep-alive Vary Origin Request-Context appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
POST H/1.1	204 No Content	collect Show response t.clarity.ms/	0 295 B	169ms 104ms	XHR text/plain	20.114.189.70 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://t.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.20/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer https://win.dezaign.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Access-Control-Allow-Origin https://win.dezaign.com Date Sun, 28 Jan 2024 23:57:41 GMT Access-Control-Allow-Credentials true Server nginx/1.18.0 (Ubuntu) Connection keep-alive Vary Origin Request-Context appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
GET H2	200	sdk-runtime-config.js Show response buy.tinypass.com/api/v3/anon/assets/	279 B 518 B	156ms 87ms	XHR application/json	2606:4700::6812:907e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://buy.tinypass.com/api/v3/anon/assets/sdk-runtime-config.js?aid=3UHressLnd Requested by Host: cdn.tinypass.com URL: https://cdn.tinypass.com/api/tinypass.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:907e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a53982f13366ca30b86bff183bbe4c188d0a9ff5e30101283222f67cfb8fa5a3 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Accept application/json Referer https://win.dezaign.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 28 Jan 2024 23:57:42 GMT strict-transport-security max-age=86400; includeSubDomains content-encoding br cf-cache-status MISS p3p CP="NON DSP COR OUR IND" x-forwarded-https on alt-svc h3=":443"; ma=86400 x-request-id M68xz7sNu4z wn prod-dash-10-0-136-31 last-modified Sun, 28 Jan 2024 23:57:42 GMT server cloudflare vary Accept-Encoding content-type application/json access-control-allow-origin * server-time 0.006 cache-control public, max-age=14400 cf-ray 84cd2de259d97435-MIA expires Mon, 29 Jan 2024 03:57:42 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	99ms 28ms	Script text/javascript	2001:4860:4802:34::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sun, 28 Jan 2024 23:46:43 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 659 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Mon, 29 Jan 2024 01:46:43 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 209 B	41ms 40ms	XHR text/plain	2001:4860:4802:34::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1396659754&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwin.dezaign.com%2F&ul=en-us&de=UTF-8&dt=Emirates%20Draw%3A%20Filipina%20wins%20Dh25%2C000%20a%20month%20for%2025%20years%20in%20FAST5%20draw%20%7C%20Uae%20%E2%80%93%20Gulf%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=experienceExecute&el=Experience%20execute&_u=qCDAAEABAAAAACAAI~&jid=1449973948&gjid=368995361&cid=744998967.1706486259&tid=UA-7996438-50&_gid=1431048418.1706486262&_r=1&_slc=1&z=963355285 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://win.dezaign.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 28 Jan 2024 23:57:42 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://win.dezaign.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	2 B 149 B	60ms 59ms	XHR text/plain	2607:f8b0:4004:c08::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-7996438-50&cid=744998967.1706486259&jid=1449973948&gjid=368995361&_gid=1431048418.1706486262&_u=qCDAAEAAAAAAACAAI~&z=1976781420 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://win.dezaign.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Sun, 28 Jan 2024 23:57:42 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://win.dezaign.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 107 B	70ms 70ms	Image image/gif	2607:f8b0:4004:c17::68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-7996438-50&cid=744998967.1706486259&jid=1449973948&_u=qCDAAEAAAAAAACAAI~&z=976449972 Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::68 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 28 Jan 2024 23:57:42 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	c.gif c.clarity.ms/ Redirect Chain https://c.clarity.ms/c.gif https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A4432EBBBE744EE9BD1E0CE44A459036&RedC=c.clarity.ms&MXFR=12E0D74028106920157EC3542C106789 https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A4432EBBBE744EE9BD1E0CE44A459036&MUID=152F4271AA96695C2E6C5665AB8A689C	42 B 442 B	59ms 58ms	Image image/gif	20.125.209.212 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A4432EBBBE744EE9BD1E0CE44A459036&MUID=152F4271AA96695C2E6C5665AB8A689C Protocol H2 Server 20.125.209.212 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 28 Jan 2024 23:57:43 GMT last-modified Wed, 10 Jan 2024 21:11:28 GMT server Microsoft-IIS/10.0 etag "7eefd993944da1:0" x-powered-by ASP.NET content-type image/gif p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control private, no-cache, proxy-revalidate, no-store accept-ranges bytes content-length 42 Redirect headers pragma no-cache date Sun, 28 Jan 2024 23:57:43 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 90E170444A45480D8144E793E371E0DD Ref B: MIAEDGE1314 Ref C: 2024-01-28T23:57:43Z x-powered-by ASP.NET x-cache CONFIG_NOCACHE p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" location https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A4432EBBBE744EE9BD1E0CE44A459036&MUID=152F4271AA96695C2E6C5665AB8A689C cache-control private, no-cache, proxy-revalidate, no-store content-length 0
POST H2	200	dispatchngn Show response twa.netcoresmartech.com/	7 B 95 B	762ms 258ms	XHR text/plain	43.205.46.115 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://twa.netcoresmartech.com/dispatchngn Requested by Host: osjs.netcoresmartech.com URL: https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K96B00J08QEV8C821K7FHEOG8MSGNG&siteid=449a762e93c939c90ffd890924572565&rc=l&cache=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.205.46.115 Mumbai, India, ASN16509 (AMAZON-02, US), Reverse DNS ec2-43-205-46-115.ap-south-1.compute.amazonaws.com Software awselb/2.0 / Resource Hash c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf Request headers Referer https://win.dezaign.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers access-control-allow-origin * date Sun, 28 Jan 2024 23:57:44 GMT server awselb/2.0 content-length 7 content-type text/plain
GET H2	200	ADGMOT35CHFLVDHBJNIG50K96B00J08QEV8C821K7FHEOG8MSGNG.js Show response cdnt.netcoresmartech.com/webactivity/	2 KB 1 KB	57ms 56ms	Script application/javascript	2600:1408:5400:22::b819:7f94 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdnt.netcoresmartech.com/webactivity/ADGMOT35CHFLVDHBJNIG50K96B00J08QEV8C821K7FHEOG8MSGNG.js Requested by Host: osjs.netcoresmartech.com URL: https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K96B00J08QEV8C821K7FHEOG8MSGNG&siteid=449a762e93c939c90ffd890924572565&rc=l&cache=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1408:5400:22::b819:7f94 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AmazonS3 / Resource Hash 5bffc30d33a893190899ebb6c55812008e81410071469699d50930c8508241da Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 28 Jan 2024 23:57:43 GMT content-encoding gzip x-amz-request-id HHHP0PMRVHK6CTB4 x-amz-server-side-encryption AES256 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1706486263732_389524308_1166752793_70_1093_66_0_146";dur=1 content-length 700 x-amz-id-2 W1hRhRtVqAUCU4ToVlaRBMa59NefMCfFGvpWB2fvLQEIYGOI0jxgg3EuV8S68JubJtWraZg9MZw= last-modified Thu, 23 Nov 2023 15:03:07 GMT server AmazonS3 etag "5bfee8c05b798f9bc2d993be237deeba" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control no-cache accept-ranges bytes expires Sun, 28 Jan 2024 23:57:43 GMT
POST H2	200	dispatchngn Show response twa.netcoresmartech.com/	7 B 95 B	754ms 257ms	XHR text/plain	43.205.46.115 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://twa.netcoresmartech.com/dispatchngn Requested by Host: osjs.netcoresmartech.com URL: https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K96B00J08QEV8C821K7FHEOG8MSGNG&siteid=449a762e93c939c90ffd890924572565&rc=l&cache=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.205.46.115 Mumbai, India, ASN16509 (AMAZON-02, US), Reverse DNS ec2-43-205-46-115.ap-south-1.compute.amazonaws.com Software awselb/2.0 / Resource Hash c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf Request headers Referer https://win.dezaign.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers access-control-allow-origin * date Sun, 28 Jan 2024 23:57:44 GMT server awselb/2.0 content-length 7 content-type text/plain
GET H2	200	df Show response twa.netcoresmartech.com/	57 B 151 B	751ms 255ms	XHR application/json	43.205.46.115 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://twa.netcoresmartech.com/df?user_key=ADGMOT35CHFLVDHBJNIG50K96B00J08QEV8C821K7FHEOG8MSGNG Requested by Host: osjs.netcoresmartech.com URL: https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K96B00J08QEV8C821K7FHEOG8MSGNG&siteid=449a762e93c939c90ffd890924572565&rc=l&cache=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.205.46.115 Mumbai, India, ASN16509 (AMAZON-02, US), Reverse DNS ec2-43-205-46-115.ap-south-1.compute.amazonaws.com Software awselb/2.0 / Resource Hash 9f878be7310ae8c9cb0334970d5a3ae14b0b4418374b8e73316756fc6abd1feb Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers access-control-allow-origin * date Sun, 28 Jan 2024 23:57:44 GMT server awselb/2.0 content-length 57 content-type application/json
POST H/1.1	204 No Content	collect Show response t.clarity.ms/	0 295 B	49ms 49ms	XHR text/plain	20.114.189.70 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://t.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.20/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer https://win.dezaign.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Access-Control-Allow-Origin https://win.dezaign.com Date Sun, 28 Jan 2024 23:57:43 GMT Access-Control-Allow-Credentials true Server nginx/1.18.0 (Ubuntu) Connection keep-alive Vary Origin Request-Context appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
GET H2	200	33cd2c5d5d59.js Show response www.instagram.com/static/bundles/metro/EmbedSDK.js/	16 KB 5 KB	299ms 56ms	Script text/javascript	2a03:2880:f203:e5:face:b00c:0:4420 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.instagram.com/static/bundles/metro/EmbedSDK.js/33cd2c5d5d59.js Requested by Host: win.dezaign.com URL: https://win.dezaign.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f203:e5:face:b00c:0:4420 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 90b73a92db101b10e83e1ec0c21ed79e11af82bffc175f1de147b36bcce5f5e4 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 18:47:23 GMT content-encoding br x-fb-load 428 etag "33cd2c5d5d59" vary Accept-Encoding content-type text/javascript access-control-allow-origin * edge-control max-age=1209600, no-transform cache-control public,max-age=31536000,immutable cross-origin-resource-policy cross-origin content-length 4954
POST H2	200	track track1.aniview.com/ Frame F861	0 145 B	58ms 57ms	Ping text/plain	96.46.186.186 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://track1.aniview.com/track?r=win.dezaign.com&sn=&ic=0&tgt=0&app=&wi=697&he=392&test=&d36=6.2.166&apppkg=&fv=3&proto=https&clsid=4370c129-68b1-4d8f-b077-a24dfe8b3206&rando=57&scnt=1 Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6311fe190051b3255674e7d5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.46.186.186 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://win.dezaign.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Sun, 28 Jan 2024 23:57:45 GMT cache-control max-age=0, no-cache, no-store content-length 0
POST H3	204	collect analytics.google.com/g/	0 17 B	60ms 60ms	Ping text/plain	2607:f8b0:4004:c09::64 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-VQSYK48MVF&gtm=45je41o0v889065839z879701319&_p=1706486258094&gcd=11l1l1l1l1&dma=0&cid=744998967.1706486259&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1706486259&sct=1&seg=1&dl=https%3A%2F%2Fwin.dezaign.com%2F&dt=Emirates%20Draw%3A%20Filipina%20wins%20Dh25%2C000%20a%20month%20for%2025%20years%20in%20FAST5%20draw%20%7C%20Uae%20%E2%80%93%20Gulf%20News&en=page_view&_et=1392&tfd=8590 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-VQSYK48MVF Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c09::64 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://win.dezaign.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 28 Jan 2024 23:57:45 GMT server Golfe2 content-type text/plain access-control-allow-origin https://win.dezaign.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

dmu-api.gulfnews.com

URL

https://dmu-api.gulfnews.com/gn-feeds/data/weather/dubai-min.json

Domain

dmu-api.gulfnews.com

URL

https://dmu-api.gulfnews.com/v2/gn-feeds/data/cricket.json?1706486259308