Submitted URL: https://www.dpd.redeliver9b2q.com/
Effective URL: https://www.xemkeoonline.com/
Submission: On July 13 via automatic, source certstream-suspicious

Summary

This website contacted 25 IPs in 5 countries across 22 domains to perform 143 HTTP transactions. The main IP is 111.90.148.73, located in Malaysia and belongs to SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY. The main domain is www.xemkeoonline.com.
TLS certificate: Issued by R3 on June 3rd 2021. Valid for: 3 months.
This is the only time www.xemkeoonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 45 111.90.148.73 45839 (SHINJIRU-...)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 11 2.16.186.211 20940 (AKAMAI-ASN1)
1 142.250.185.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 107.154.199.84 19551 (INCAPSULA)
2 20 220.242.170.82 54994 (QUANTILNE...)
1 192.0.77.48 2635 (AUTOMATTIC)
24 13.224.99.19 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 103.89.20.98 136462 (MOOTECHAS...)
8 119.13.89.234 136907 (HWCLOUDS-...)
1 104.21.92.9 13335 (CLOUDFLAR...)
1 209.9.48.83 3491 (BTN-ASN)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
143 25
Domain Requested by
44 www.xemkeoonline.com www.xemkeoonline.com
24 cdnjs.santisem.com rvn88cdn.agent1818.com
20 rvn88cdn.agent1818.com 2 redirects www.xemkeoonline.com
rvn88cdn.agent1818.com
cdnjs.santisem.com
12 fonts.gstatic.com fonts.googleapis.com
6 pagead2.googlesyndication.com www.xemkeoonline.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 cdn.livechatinc.com www.xemkeoonline.com
secure.livechatinc.com
4 vietsode.net www.xemkeoonline.com
3 contents.masamiab.com rvn88cdn.agent1818.com
contents.masamiab.com
3 ls.masamiab.com rvn88cdn.agent1818.com
3 api.livechatinc.com cdn.livechatinc.com
3 fonts.googleapis.com www.xemkeoonline.com
secure.livechatinc.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 announcements.masamiab.com rvn88cdn.agent1818.com
announcements.masamiab.com
2 accounts.livechatinc.com 1 redirects cdn.livechatinc.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 esports.w88api.com
1 ls.99k.info ls.masamiab.com
1 js.w2script.com rvn88cdn.agent1818.com
1 www.google-analytics.com rvn88cdn.agent1818.com
1 secure.livechatinc.com cdn.livechatinc.com
1 s.w.org www.xemkeoonline.com
1 rvn88.w2sports.com 1 redirects
1 m.vn88hn.live 1 redirects
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.dpd.redeliver9b2q.com 1 redirects
143 29

This site contains links to these domains. Also see Links.

Domain
affiliate.w88mp.com
Subject Issuer Validity Valid
xemkeoonline.com
R3
2021-06-03 -
2021-09-01
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-06-22 -
2021-09-14
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-06-22 -
2021-09-14
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-11 -
2022-07-10
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-06-22 -
2021-09-14
3 months crt.sh
livechat.com
DigiCert SHA2 Secure Server CA
2021-04-20 -
2022-04-25
a year crt.sh
*.googleadservices.com
GTS CA 1C3
2021-06-22 -
2021-09-14
3 months crt.sh
*.google.de
GTS CA 1C3
2021-06-22 -
2021-09-14
3 months crt.sh
*.google.com
GTS CA 1C3
2021-06-22 -
2021-09-14
3 months crt.sh
support11a.cdnetworks.net
DigiCert SHA2 High Assurance Server CA
2020-10-19 -
2021-11-19
a year crt.sh
*.w.org
Sectigo RSA Domain Validation Secure Server CA
2019-12-19 -
2021-12-18
2 years crt.sh
cdnjs.santisem.com
R3
2021-07-04 -
2021-10-02
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-06-22 -
2021-09-14
3 months crt.sh
ip2loc.w2script.com
Go Daddy Secure Certificate Authority - G2
2021-02-18 -
2022-03-22
a year crt.sh
ls.masamiab.com
R3
2021-06-27 -
2021-09-25
3 months crt.sh
contents.masamiab.com
R3
2021-05-31 -
2021-08-29
3 months crt.sh
announcements.masamiab.com
R3
2021-05-31 -
2021-08-29
3 months crt.sh
*.w88api.com
Sectigo RSA Domain Validation Secure Server CA
2020-09-26 -
2021-10-27
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-06-22 -
2021-09-14
3 months crt.sh
www.google.com
GTS CA 1C3
2021-06-22 -
2021-09-14
3 months crt.sh

This page contains 9 frames:

Primary Page: https://www.xemkeoonline.com/
Frame ID: CBCB2F6F2B35B234C35471E4B06600B7
Requests: 77 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210708/r20190131/zrt_lookup.html
Frame ID: CB7E73D1CCF9DFAEB08B85F5DB2CE13E
Requests: 1 HTTP requests in this frame

Frame: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Frame ID: F13A687BDC74EF3318935C46072AEB9C
Requests: 53 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3478514043172783&output=html&adk=1812271804&adf=3025194257&lmt=1626142154&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.xemkeoonline.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626142153310&bpp=622&bdt=55&idt=736&shv=r20210708&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5273251555888&frm=20&pv=2&ga_vid=1016815943.1626142154&ga_sid=1626142154&ga_hid=1032937108&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060972%2C31060974%2C31061380%2C31061746&oid=3&pvsid=1247231796001468&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=762
Frame ID: 8FE3C78A85C507F193B52B0CC35B84BB
Requests: 1 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=12142308&group=0&embedded=1&widget_version=3&unique_groups=0
Frame ID: B5A42718E27DB4776F2334764419D5EF
Requests: 7 HTTP requests in this frame

Frame: https://accounts.livechatinc.com/static/postmessage.html
Frame ID: F328283380C0B711CBB74D9248103988
Requests: 1 HTTP requests in this frame

Frame: https://ls.99k.info/_blank.htm
Frame ID: 142385408D8D36A230513A35C1CFF0A2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 3429DB54B6E788BEBE4A0874BB1578F4
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 10C514463A294C7B80129DFB7E8DCA45
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://www.dpd.redeliver9b2q.com/ HTTP 301
    https://www.xemkeoonline.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

143
Requests

100 %
HTTPS

56 %
IPv6

22
Domains

29
Subdomains

25
IPs

5
Countries

4369 kB
Transfer

11271 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.dpd.redeliver9b2q.com/ HTTP 301
    https://www.xemkeoonline.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68
  • https://m.vn88hn.live/launcher/sports/esports-euro HTTP 302
  • https://rvn88.w2sports.com/sports?ExternalToken=x&LangID=241&oddsstyleid=3&random=1 HTTP 302
  • https://rvn88cdn.agent1818.com//sports?ExternalToken=x&LangID=241&oddsstyleid=3&random=1 HTTP 301
  • https://rvn88cdn.agent1818.com/sports/?ExternalToken=x&LangID=241&oddsstyleid=3&random=1 HTTP 302
  • https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Request Chain 83
  • https://accounts.livechatinc.com/customer?license_id=12142308&flow=button&response_type=token&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&redirect_uri=https%3A%2F%2Fsecure.livechatinc.com%2Fcustomer%2Faction%2Fopen_chat&post_message_uri=https%3A%2F%2Fsecure.livechatinc.com%2Fcustomer%2Faction%2Fopen_chat&state=%40livechat%2Fcustomer-auth HTTP 302
  • https://accounts.livechatinc.com/static/postmessage.html

143 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.xemkeoonline.com/
Redirect Chain
  • https://www.dpd.redeliver9b2q.com/
  • https://www.xemkeoonline.com/
189 KB
30 KB
Document
General
Full URL
https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
eff5db4c5a6ac07da2c19f570fb7f3055e4b98f69e1162984c9caa2dfc6f7b41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.xemkeoonline.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Tue, 13 Jul 2021 02:09:12 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej; expires=Tue, 13-Jul-2021 08:09:12 GMT; Max-Age=21600; path=/; domain=www.xemkeoonline.com; HttpOnly
link
<https://www.xemkeoonline.com/wp-json/>; rel="https://api.w.org/" <https://www.xemkeoonline.com/wp-json/wp/v2/pages/30>; rel="alternate"; type="application/json" <https://www.xemkeoonline.com/>; rel=shortlink
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
content-encoding
gzip

Redirect headers

server
nginx
date
Tue, 13 Jul 2021 02:09:11 GMT
content-type
text/html; charset=UTF-8
location
https://www.xemkeoonline.com/
set-cookie
PHPSESSID=h6tp78786kju8pu7vco2tojn8v; expires=Tue, 13-Jul-2021 08:09:11 GMT; Max-Age=21600; path=/; domain=www.dpd.redeliver9b2q.com; HttpOnly
expires
Tue, 13 Jul 2021 03:09:11 GMT
cache-control
max-age=3600
x-redirect-by
WordPress
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
134 KB
48 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a54226b03e3da4fcaa3a4e2e3ddeaaf037c507138061bde5b91de7aaf2f7018e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:09:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48547
x-xss-protection
0
server
cafe
etag
3147834316727996905
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 13 Jul 2021 02:09:13 GMT
style.min.css
www.xemkeoonline.com/wp-includes/css/dist/block-library/
57 KB
9 KB
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:13 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 04:12:19 GMT
server
nginx
etag
W/"6077bd23-e33b"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:13 GMT
frontend.min.css
www.xemkeoonline.com/wp-content/themes/astra/assets/css/minified/
47 KB
9 KB
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=3.5.0
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
9f797a163645a8d6308f5c6ee5c7c96cdf26c20d28a5c608fa488a0fac45f6df

Request headers

:path
/wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=3.5.0
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:13 GMT
content-encoding
gzip
last-modified
Tue, 08 Jun 2021 11:04:59 GMT
server
nginx
etag
W/"60bf4edb-bcd1"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:13 GMT
css
fonts.googleapis.com/
10 KB
982 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2Ci%2C700%2C700i%2C%7CMontserrat%3A500&display=fallback&ver=3.5.0
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b4060f918f12bcc8dc11069732cb9f2bc32a59f04d7f91e05ae04b661f43f298
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 13 Jul 2021 02:09:13 GMT
server
ESF
date
Tue, 13 Jul 2021 02:09:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Jul 2021 02:09:13 GMT
menu-image.css
www.xemkeoonline.com/wp-content/plugins/menu-image/includes/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/menu-image/includes/css/menu-image.css?ver=3.0.4
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
75db663f63c3505c2d1d2c41b82da41465bcd39b390516728f7fd323f95f644e

Request headers

:path
/wp-content/plugins/menu-image/includes/css/menu-image.css?ver=3.0.4
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:13 GMT
content-encoding
gzip
last-modified
Tue, 06 Apr 2021 06:35:22 GMT
server
nginx
etag
W/"606c012a-d0f"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:13 GMT
dashicons.min.css
www.xemkeoonline.com/wp-includes/css/
58 KB
35 KB
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-includes/css/dashicons.min.css?ver=5.7.2
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

:path
/wp-includes/css/dashicons.min.css?ver=5.7.2
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:13 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 04:12:19 GMT
server
nginx
etag
W/"6077bd23-e688"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:13 GMT
cb70d11b8.min.css
www.xemkeoonline.com/wp-content/uploads/essential-addons-elementor/
99 KB
11 KB
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-content/uploads/essential-addons-elementor/cb70d11b8.min.css?ver=1626142152
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
bfee97408d02a4ae6084406b0fc6a17249f76144e1ab2218c66218703ebe592e

Request headers

:path
/wp-content/uploads/essential-addons-elementor/cb70d11b8.min.css?ver=1626142152
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:13 GMT
content-encoding
gzip
last-modified
Sat, 10 Jul 2021 03:47:32 GMT
server
nginx
etag
W/"60e91854-18c46"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:13 GMT
astra-addon-60e5d2016f0f89-88744431.css
www.xemkeoonline.com/wp-content/uploads/astra-addon/
56 KB
7 KB
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-content/uploads/astra-addon/astra-addon-60e5d2016f0f89-88744431.css?ver=3.5.4
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
2d2c6f5ec4686e7cb2373fcd2cc49970220227ac721b21e297f90981e74a2fc1

Request headers

:path
/wp-content/uploads/astra-addon/astra-addon-60e5d2016f0f89-88744431.css?ver=3.5.4
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:13 GMT
content-encoding
gzip
last-modified
Wed, 07 Jul 2021 16:10:41 GMT
server
nginx
etag
W/"60e5d201-e089"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:13 GMT
wp-emoji-release.min.js
www.xemkeoonline.com/wp-includes/js/
14 KB
5 KB
Script
General
Full URL
https://www.xemkeoonline.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej; __gads=ID=15e2b7623409c6cf-22a0c09c7ac8007b:T=1626142154:RT=1626142154:S=ALNI_MYkupSicAbcSAAR3xjXOu8xr1EOBQ
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:14 GMT
content-encoding
gzip
last-modified
Thu, 04 Feb 2021 04:14:08 GMT
server
nginx
etag
W/"601b7490-3795"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:14 GMT
sassy-social-share-public.css
www.xemkeoonline.com/wp-content/plugins/sassy-social-share/public/css/
36 KB
10 KB
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.3.20
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
2c5b024ac47363f4d7bb9f9ba156f11847254f45d37783068345e1217ce3fd25

Request headers

:path
/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.3.20
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:13 GMT
content-encoding
gzip
last-modified
Thu, 10 Jun 2021 08:00:33 GMT
server
nginx
etag
W/"60c1c6a1-8ff4"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:13 GMT
sassy-social-share-svg.css
www.xemkeoonline.com/wp-content/plugins/sassy-social-share/admin/css/
111 KB
35 KB
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/sassy-social-share/admin/css/sassy-social-share-svg.css?ver=3.3.20
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
7f8fc2a8f340314b8c37cf2e52c17df22e0b6e756625c61dd87f650ee28fdb37

Request headers

:path
/wp-content/plugins/sassy-social-share/admin/css/sassy-social-share-svg.css?ver=3.3.20
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:13 GMT
content-encoding
gzip
last-modified
Thu, 10 Jun 2021 08:00:33 GMT
server
nginx
etag
W/"60c1c6a1-1baf8"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:13 GMT
elementor-icons.min.css
www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/eicons/css/
17 KB
4 KB
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.11.0
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
e36eaa6e7cebbd4138dfb008ee3d53ab8195f45953b0f4f27d0d8156ab059021

Request headers

:path
/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.11.0
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:13 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:09:35 GMT
server
nginx
etag
W/"60ca223f-4350"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:13 GMT
animations.min.css
www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/animations/
18 KB
3 KB
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.2.5
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Request headers

:path
/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.2.5
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:13 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:09:35 GMT
server
nginx
etag
W/"60ca223f-4824"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:13 GMT
frontend-legacy.min.css
www.xemkeoonline.com/wp-content/plugins/elementor/assets/css/
4 KB
773 B
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.2.5
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
1e5aeaa58ab4c2345953f77e07fbc20578326076a259ed702eea64e077fde675

Request headers

:path
/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.2.5
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:13 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:09:35 GMT
server
nginx
etag
W/"60ca223f-f0e"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:13 GMT
frontend.min.css
www.xemkeoonline.com/wp-content/plugins/elementor/assets/css/
115 KB
17 KB
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.2.5
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
3f9c38934fc41ee2a85f1a6e1ad59e96f7f1e73b9b4e653394708715d5ab32c5

Request headers

:path
/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.2.5
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:13 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:09:35 GMT
server
nginx
etag
W/"60ca223f-1cc44"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:13 GMT
post-38.css
www.xemkeoonline.com/wp-content/uploads/elementor/css/
2 KB
930 B
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-content/uploads/elementor/css/post-38.css?ver=1623860060
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
5db00cc0aaaef4c68ce7be752bd8794cc0b67469cedfed7f4bb493c328cd5611

Request headers

:path
/wp-content/uploads/elementor/css/post-38.css?ver=1623860060
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:13 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:14:20 GMT
server
nginx
etag
W/"60ca235c-97f"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:13 GMT
post-30.css
www.xemkeoonline.com/wp-content/uploads/elementor/css/
4 KB
837 B
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-content/uploads/elementor/css/post-30.css?ver=1625887947
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
d59771829b640eb8e2109dd4199b2e7e48dbffd81bf351ad1ee909ac2f419a6c

Request headers

:path
/wp-content/uploads/elementor/css/post-30.css?ver=1625887947
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:13 GMT
content-encoding
gzip
last-modified
Sat, 10 Jul 2021 03:32:27 GMT
server
nginx
etag
W/"60e914cb-e70"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:13 GMT
style.css
www.xemkeoonline.com/wp-content/themes/astra-child/
1 KB
934 B
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-content/themes/astra-child/style.css?ver=1.0.0
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
ed6659edd6031b871799dacd6ece7702502f8e749af40426d5a3013dd9eb1a25

Request headers

:path
/wp-content/themes/astra-child/style.css?ver=1.0.0
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:13 GMT
content-encoding
gzip
last-modified
Sat, 21 Nov 2020 08:35:51 GMT
server
nginx
etag
W/"5fb8d167-49a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:13 GMT
css
fonts.googleapis.com/
42 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.7.2
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
30a949187cdd1c73e43b3bdee9398a9ae27f403a9481999fc9f5f946d8af0079
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 13 Jul 2021 00:34:13 GMT
server
ESF
date
Tue, 13 Jul 2021 02:09:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Jul 2021 02:09:13 GMT
fontawesome.min.css
www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/
57 KB
13 KB
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.1
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
f8d00356859998784bda26e1d14f2d981515921b96ded50d5d6f6f0e75bac15c

Request headers

:path
/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.1
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:13 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:09:35 GMT
server
nginx
etag
W/"60ca223f-e238"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:13 GMT
solid.min.css
www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/
669 B
548 B
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.1
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
1ada5259a5ac61a7d68315f7efa6b98d61d2d0478df0545869c880afeaa67dcd

Request headers

:path
/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.1
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:13 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:09:35 GMT
server
nginx
etag
W/"60ca223f-29d"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:13 GMT
jquery.min.js
www.xemkeoonline.com/wp-includes/js/jquery/
87 KB
31 KB
Script
General
Full URL
https://www.xemkeoonline.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path
/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:13 GMT
content-encoding
gzip
last-modified
Wed, 09 Dec 2020 14:43:46 GMT
server
nginx
etag
W/"5fd0e2a2-15d98"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:13 GMT
jquery-migrate.min.js
www.xemkeoonline.com/wp-includes/js/jquery/
11 KB
4 KB
Script
General
Full URL
https://www.xemkeoonline.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:13 GMT
content-encoding
gzip
last-modified
Wed, 09 Dec 2020 14:43:46 GMT
server
nginx
etag
W/"5fd0e2a2-2bd8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:13 GMT
HinhW.gif
vietsode.net/uploads/minh_hoa/hinh/
374 KB
375 KB
Image
General
Full URL
https://vietsode.net/uploads/minh_hoa/hinh/HinhW.gif
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e097f0071264fdeaecaeced46cdf28762ffa5bc3694aefc95197353ef0bdf03f

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:09:14 GMT
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
382801
last-modified
Sat, 05 Jun 2021 09:43:15 GMT
server
cloudflare
etag
"60bb4733-5d751"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=34SiY90RKkw%2BMOp1cmddO7sSad3tZqXEEw22vBDxNZBi3dxKjz2QG3qd93I8FjRsnLZwxrINa5V5j7b5BdjppPsS2hN5Bo9IwZNzjKWR8NgwpQGbSmxmqTSm%2BSt4rV%2FHoxUMCxe9"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
cf-ray
66def7ce2fc62c22-FRA
expires
Tue, 13 Jul 2021 02:09:43 GMT
HinhVN.gif
vietsode.net/uploads/minh_hoa/hinh/
351 KB
352 KB
Image
General
Full URL
https://vietsode.net/uploads/minh_hoa/hinh/HinhVN.gif
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37fa40e483b873056df8057f5fc06d08389b3741f1b97ff774595d940e81d009

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:09:14 GMT
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
359355
last-modified
Sat, 05 Jun 2021 09:44:12 GMT
server
cloudflare
etag
"60bb476c-57bbb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JbtXfnmQPpFICGL5KI7q4k4QaLIhD%2FpwxBhQ9WRqSLmAQ2RI%2BNgotMF0ZIMpqViMjnQUuOgelDWggj6DKMYBNQ47X3TiXiIXTY91BejIWQcVgPndxhwiW0n1GGkU3%2FDUY4EqaDVf"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
cf-ray
66def7ce2fc52c22-FRA
expires
Tue, 13 Jul 2021 02:09:43 GMT
HinhVN920.gif
vietsode.net/uploads/minh_hoa/hinh/
562 KB
562 KB
Image
General
Full URL
https://vietsode.net/uploads/minh_hoa/hinh/HinhVN920.gif
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d1b0abead4afbcc2e58204a0d787973b9ed656ec66809bfa4038503ec44783a

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:09:14 GMT
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
575023
last-modified
Sat, 05 Jun 2021 09:44:16 GMT
server
cloudflare
etag
"60bb4770-8c62f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qpNfh4CAD9NbONGP939zmiuRAwYWfHxZWLhrXvW8oD5YJNkqjiYL7diIlz6t4BtI886qlgVzep2hMkq8MEh2EKosFhA8Wvs0rwjZhiXILz3rf12xd3tLiYLZUgTvzcUvvSZo0ikC"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
cf-ray
66def7ce2fc82c22-FRA
expires
Tue, 13 Jul 2021 02:09:43 GMT
HinhW920.gif
vietsode.net/uploads/minh_hoa/hinh/
504 KB
504 KB
Image
General
Full URL
https://vietsode.net/uploads/minh_hoa/hinh/HinhW920.gif
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db52f8cd89bc79466c3a38395a327e89fd194b80e62ba0ef7099454d1c765414

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:09:14 GMT
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
515622
last-modified
Sat, 05 Jun 2021 09:41:50 GMT
server
cloudflare
etag
"60bb46de-7de26"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=oZU4PvkI%2FIkk5fMqVwufzo%2BDOpHy3lNpcNdL5clSCTeETkcbpHPN3dVLTbgImNSZJp1TLN00u1%2BgxNe%2BYyZg%2BveJJ8K33vn1gmjpUbGeA%2FRbEWK7ikeCMbb7dCTemNP5aNEfIq3E"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
cf-ray
66def7ce2fc92c22-FRA
expires
Tue, 13 Jul 2021 02:09:43 GMT
all.min.css
www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/
58 KB
13 KB
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=4.7.5
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

Request headers

:path
/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=4.7.5
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:14 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:09:35 GMT
server
nginx
etag
W/"60ca223f-e7d0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:14 GMT
v4-shims.min.css
www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/
26 KB
4 KB
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=4.7.5
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
fda3035030d3843c2751dc0da65fb802230ec00a4008aeed83ddddc7b97cbc93

Request headers

:path
/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=4.7.5
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:14 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:09:35 GMT
server
nginx
etag
W/"60ca223f-684e"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:14 GMT
frontend.min.js
www.xemkeoonline.com/wp-content/themes/astra/assets/js/minified/
16 KB
4 KB
Script
General
Full URL
https://www.xemkeoonline.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.5.0
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
f533f1b930a04aef032a5fb9ddbfb85a14fc1ec2b7631cbc0ff87531bfce7120

Request headers

:path
/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.5.0
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:14 GMT
content-encoding
gzip
last-modified
Tue, 08 Jun 2021 11:04:59 GMT
server
nginx
etag
W/"60bf4edb-41fc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:14 GMT
sac.php
www.xemkeoonline.com/wp-content/plugins/simple-ajax-chat/resources/
17 KB
5 KB
Script
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/simple-ajax-chat/resources/sac.php?ver=20210210
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
7ddc2de2f2f207edae32c3515d85b82ff8fbf9b9fd5eec1b3f1904b6d5bae20e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/simple-ajax-chat/resources/sac.php?ver=20210210
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:09:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
must-revalidate
x-xss-protection
1; mode=block
expires
Sat, 11 Sep 2021 02:09:14 GMT
cb70d11b8.min.js
www.xemkeoonline.com/wp-content/uploads/essential-addons-elementor/
48 KB
14 KB
Script
General
Full URL
https://www.xemkeoonline.com/wp-content/uploads/essential-addons-elementor/cb70d11b8.min.js?ver=1626142152
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
f0fd6cbfbf2a4baec0ea585b8073df94193ba59132f7f3bded7769474d3486ee

Request headers

:path
/wp-content/uploads/essential-addons-elementor/cb70d11b8.min.js?ver=1626142152
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:14 GMT
content-encoding
gzip
last-modified
Sat, 10 Jul 2021 03:47:32 GMT
server
nginx
etag
W/"60e91854-c092"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:14 GMT
smush-lazy-load.min.js
www.xemkeoonline.com/wp-content/plugins/wp-smushit/app/assets/js/
8 KB
4 KB
Script
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.8.7
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
b30169a38c7ecd17eefc119177c0c61337b17a8f1abfd337ac37284d1a04a65b

Request headers

:path
/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.8.7
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:14 GMT
content-encoding
gzip
last-modified
Wed, 30 Jun 2021 04:10:39 GMT
server
nginx
etag
W/"60dbeebf-1eee"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:14 GMT
astra-addon-60e5d2016fb2a0-25651636.js
www.xemkeoonline.com/wp-content/uploads/astra-addon/
30 KB
6 KB
Script
General
Full URL
https://www.xemkeoonline.com/wp-content/uploads/astra-addon/astra-addon-60e5d2016fb2a0-25651636.js?ver=3.5.4
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
cf3d17563947bb679f33f02c7a099f3e5ef7f934f3639a50d7dd8f8b09679f6e

Request headers

:path
/wp-content/uploads/astra-addon/astra-addon-60e5d2016fb2a0-25651636.js?ver=3.5.4
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:14 GMT
content-encoding
gzip
last-modified
Wed, 07 Jul 2021 16:10:41 GMT
server
nginx
etag
W/"60e5d201-7923"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:14 GMT
wp-embed.min.js
www.xemkeoonline.com/wp-includes/js/
1 KB
1013 B
Script
General
Full URL
https://www.xemkeoonline.com/wp-includes/js/wp-embed.min.js?ver=5.7.2
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=5.7.2
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:14 GMT
content-encoding
gzip
last-modified
Thu, 04 Feb 2021 04:14:08 GMT
server
nginx
etag
W/"601b7490-592"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:14 GMT
webpack.runtime.min.js
www.xemkeoonline.com/wp-content/plugins/elementor/assets/js/
5 KB
2 KB
Script
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.2.5
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
b5641645c15c48b3ff5ce52e718563e1d04d18492e552eb126862768327e2855

Request headers

:path
/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.2.5
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:14 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:09:35 GMT
server
nginx
etag
W/"60ca223f-12a1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:14 GMT
frontend-modules.min.js
www.xemkeoonline.com/wp-content/plugins/elementor/assets/js/
63 KB
21 KB
Script
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.2.5
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
d8e1bb6afaee4a9709470e6bc6712a4288aab63eff4a430e75935d0095648bb6

Request headers

:path
/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.2.5
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:14 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:09:35 GMT
server
nginx
etag
W/"60ca223f-fd92"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:14 GMT
waypoints.min.js
www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/waypoints/
12 KB
3 KB
Script
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

:path
/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:14 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:09:35 GMT
server
nginx
etag
W/"60ca223f-2fa6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:14 GMT
core.min.js
www.xemkeoonline.com/wp-includes/js/jquery/ui/
20 KB
7 KB
Script
General
Full URL
https://www.xemkeoonline.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Request headers

:path
/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej; __gads=ID=15e2b7623409c6cf-22a0c09c7ac8007b:T=1626142154:RT=1626142154:S=ALNI_MYkupSicAbcSAAR3xjXOu8xr1EOBQ
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:14 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 04:12:19 GMT
server
nginx
etag
W/"6077bd23-5133"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:14 GMT
swiper.min.js
www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/swiper/
136 KB
35 KB
Script
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804

Request headers

:path
/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej; __gads=ID=15e2b7623409c6cf-22a0c09c7ac8007b:T=1626142154:RT=1626142154:S=ALNI_MYkupSicAbcSAAR3xjXOu8xr1EOBQ
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:14 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:09:35 GMT
server
nginx
etag
W/"60ca223f-21f91"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:14 GMT
share-link.min.js
www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/share-link/
3 KB
1 KB
Script
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.2.5
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580

Request headers

:path
/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.2.5
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej; __gads=ID=15e2b7623409c6cf-22a0c09c7ac8007b:T=1626142154:RT=1626142154:S=ALNI_MYkupSicAbcSAAR3xjXOu8xr1EOBQ
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:14 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:09:35 GMT
server
nginx
etag
W/"60ca223f-a12"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:14 GMT
dialog.min.js
www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/dialog/
11 KB
4 KB
Script
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
2989e0b9e836cb9de3274d641ec6a58c2052f039e790ddd59b22303930bfdeeb

Request headers

:path
/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej; __gads=ID=15e2b7623409c6cf-22a0c09c7ac8007b:T=1626142154:RT=1626142154:S=ALNI_MYkupSicAbcSAAR3xjXOu8xr1EOBQ
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:14 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:09:35 GMT
server
nginx
etag
W/"60ca223f-2a6f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:14 GMT
frontend.min.js
www.xemkeoonline.com/wp-content/plugins/elementor/assets/js/
66 KB
19 KB
Script
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.2.5
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
17f076500dca787c42b1dd6238ce50a0752771eafd040e8512c713a7ec947c65

Request headers

:path
/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.2.5
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej; __gads=ID=15e2b7623409c6cf-22a0c09c7ac8007b:T=1626142154:RT=1626142154:S=ALNI_MYkupSicAbcSAAR3xjXOu8xr1EOBQ
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:14 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:09:35 GMT
server
nginx
etag
W/"60ca223f-1086a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:14 GMT
preloaded-modules.min.js
www.xemkeoonline.com/wp-content/plugins/elementor/assets/js/
57 KB
17 KB
Script
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.2.5
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
d882dbd828af87ed3434862bf608a2dee6d347817ae547421c9b2051ce29a905

Request headers

:path
/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.2.5
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej; __gads=ID=15e2b7623409c6cf-22a0c09c7ac8007b:T=1626142154:RT=1626142154:S=ALNI_MYkupSicAbcSAAR3xjXOu8xr1EOBQ
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:14 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:09:35 GMT
server
nginx
etag
W/"60ca223f-e2e0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:09:14 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210708/r20190131/
243 KB
90 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210708/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3478514043172783&plah=www.xemkeoonline.com&amaexp=1&bust=exp%3D31061746
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d7731cd19278dd8d68435b1df5709fd2e12e8f13e43d86409ccc26f3354ea52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:09:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
92103
x-xss-protection
0
server
cafe
etag
18322328620552464558
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 13 Jul 2021 02:09:13 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210708/r20190131/ Frame CB7E
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210708/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210708/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.xemkeoonline.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.xemkeoonline.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 13 Jul 2021 00:54:05 GMT
expires
Tue, 27 Jul 2021 00:54:05 GMT
content-type
text/html; charset=UTF-8
etag
15579341980913220427
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4579
x-xss-protection
0
age
4508
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v27/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2Ci%2C700%2C700i%2C%7CMontserrat%3A500&display=fallback&ver=3.5.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.xemkeoonline.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 00:14:56 GMT
x-content-type-options
nosniff
age
6857
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11860
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:33 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 00:14:56 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2Ci%2C700%2C700i%2C%7CMontserrat%3A500&display=fallback&ver=3.5.0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.xemkeoonline.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 06:52:18 GMT
x-content-type-options
nosniff
age
587815
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 06:52:18 GMT
truncated
/ Frame F13A
37 B
37 B
Document
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/
37 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2Ci%2C700%2C700i%2C%7CMontserrat%3A500&display=fallback&ver=3.5.0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.xemkeoonline.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 20:33:46 GMT
x-content-type-options
nosniff
age
20127
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19272
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:11:03 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Jul 2022 20:33:46 GMT
astra.woff
www.xemkeoonline.com/wp-content/themes/astra/assets/fonts/
3 KB
3 KB
Font
General
Full URL
https://www.xemkeoonline.com/wp-content/themes/astra/assets/fonts/astra.woff
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
ec7ef7aa5fd1e019f1c26193e95e46d481d4983673936a9dda086705ada6e3d5

Request headers

sec-fetch-mode
cors
origin
https://www.xemkeoonline.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej
:path
/wp-content/themes/astra/assets/fonts/astra.woff
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.xemkeoonline.com
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:14 GMT
last-modified
Tue, 08 Jun 2021 11:04:59 GMT
server
nginx
etag
"60bf4edb-ce8"
content-type
application/font-woff
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
3304
expires
Thu, 12 Aug 2021 02:09:14 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.7.2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.xemkeoonline.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 20:14:24 GMT
x-content-type-options
nosniff
age
194089
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Jul 2022 20:14:24 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2Ci%2C700%2C700i%2C%7CMontserrat%3A500&display=fallback&ver=3.5.0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.xemkeoonline.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 03:00:34 GMT
x-content-type-options
nosniff
age
601719
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 03:00:34 GMT
fa-solid-900.woff2
www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/
78 KB
79 KB
Font
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://www.xemkeoonline.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej
:path
/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.xemkeoonline.com
Referer
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:09:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 16 Jun 2021 16:09:35 GMT
server
nginx
etag
"60ca223f-139ac"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
accept-ranges
bytes
content-length
80300
x-xss-protection
1; mode=block
tracking.js
cdn.livechatinc.com/
85 KB
25 KB
Script
General
Full URL
https://cdn.livechatinc.com/tracking.js
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-211.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
299f002a908a15968be878534247c58b43b6204eb9b9100b91225b54986fe40c

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
p5qZmk.LnfyBMGzHFQEAsEX5_hgtrVd9
content-encoding
br
last-modified
Thu, 08 Jul 2021 08:51:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
W/"dcdb94139b10be92dbb9b5fe82ac82d9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=28800
date
Tue, 13 Jul 2021 02:09:14 GMT
content-length
24910
x-amz-cf-id
neK3J3rbx-p_HYaIvCXNht4yYDmcmmWTRW4zoBIH-BF3-DulxXfpfw==
expires
Tue, 13 Jul 2021 10:09:14 GMT
KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v27/
5 KB
5 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2Ci%2C700%2C700i%2C%7CMontserrat%3A500&display=fallback&ver=3.5.0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb56f0e08adb026eb4e4b28c2fc33b35ce3ddf30a075f9906ec14caff095fa3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.xemkeoonline.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 05:36:52 GMT
x-content-type-options
nosniff
age
592341
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5540
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 05:36:52 GMT
KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/
11 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.7.2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.xemkeoonline.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 21:42:00 GMT
x-content-type-options
nosniff
age
16033
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11768
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:42 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Jul 2022 21:42:00 GMT
KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2Ci%2C700%2C700i%2C%7CMontserrat%3A500&display=fallback&ver=3.5.0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.xemkeoonline.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 03:22:29 GMT
x-content-type-options
nosniff
age
600404
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11836
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:52 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 03:22:29 GMT
KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/
5 KB
5 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.7.2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b03ef4b198588654c13a7eacbf4b45a6a42b5d250019c8a6c16dc475e4e97fba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.xemkeoonline.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 18:29:07 GMT
x-content-type-options
nosniff
age
27607
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5580
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:52 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Jul 2022 18:29:07 GMT
KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/
5 KB
5 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2Ci%2C700%2C700i%2C%7CMontserrat%3A500&display=fallback&ver=3.5.0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ac62ad133b177d67c52cfd6b1fa821b3566637b15c3637335036aae03cf972a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.xemkeoonline.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 22:40:10 GMT
x-content-type-options
nosniff
age
12544
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5524
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:44 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Jul 2022 22:40:10 GMT
cookie.js
partner.googleadservices.com/gampad/
206 B
661 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.xemkeoonline.com&callback=_gfp_s_&client=ca-pub-3478514043172783
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210708/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3478514043172783&plah=www.xemkeoonline.com&amaexp=1&bust=exp%3D31061746
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
55562f316d7b7869866b4afd434a6eed2851e28f68ce76277f8530544043d0a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:09:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
195
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.xemkeoonline.com%2F&tn=DIV&cls=float-ck-phai&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Jul 2021 02:09:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.xemkeoonline.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210708/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3478514043172783&plah=www.xemkeoonline.com&amaexp=1&bust=exp%3D31061746
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 13 Jul 2021 02:09:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.xemkeoonline.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210708/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3478514043172783&plah=www.xemkeoonline.com&amaexp=1&bust=exp%3D31061746
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 13 Jul 2021 02:09:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8FE3
603 B
68 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3478514043172783&output=html&adk=1812271804&adf=3025194257&lmt=1626142154&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.xemkeoonline.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626142153310&bpp=622&bdt=55&idt=736&shv=r20210708&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5273251555888&frm=20&pv=2&ga_vid=1016815943.1626142154&ga_sid=1626142154&ga_hid=1032937108&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060972%2C31060974%2C31061380%2C31061746&oid=3&pvsid=1247231796001468&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=762
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210708/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3478514043172783&plah=www.xemkeoonline.com&amaexp=1&bust=exp%3D31061746
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3478514043172783&output=html&adk=1812271804&adf=3025194257&lmt=1626142154&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.xemkeoonline.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626142153310&bpp=622&bdt=55&idt=736&shv=r20210708&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5273251555888&frm=20&pv=2&ga_vid=1016815943.1626142154&ga_sid=1626142154&ga_hid=1032937108&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060972%2C31060974%2C31061380%2C31061746&oid=3&pvsid=1247231796001468&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=762
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.xemkeoonline.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.xemkeoonline.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 13 Jul 2021 02:09:14 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 13-Jul-2021 02:24:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 13 Jul 2021 02:09:14 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
73 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210708/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3478514043172783&plah=www.xemkeoonline.com&amaexp=1&bust=exp%3D31061746
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e605d633428c71e4f9bf101f068d079e1e8d34362d2e8b765a5e9da64342d219
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:09:14 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1626118492032678"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27897
x-xss-protection
0
expires
Tue, 13 Jul 2021 02:09:14 GMT
get_dynamic_configuration
api.livechatinc.com/v3.3/customer/action/
266 B
468 B
Script
General
Full URL
https://api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=12142308&url=https%3A%2F%2Fwww.xemkeoonline.com%2F&channel_type=code&jsonp=__1hwzk25kfir
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-211.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c27efb861cbb6c850ba13777a5ae09df88347e504f5d32fca1e39c207f84672f
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://www.xemkeoonline.com/;
X-Frame-Options allow-from https://www.xemkeoonline.com/

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
frame-ancestors https://www.xemkeoonline.com/;
x-frame-options
allow-from https://www.xemkeoonline.com/
date
Tue, 13 Jul 2021 02:09:14 GMT
content-length
266
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
Cookie set /
rvn88cdn.agent1818.com/vi/sports/ Frame F13A
Redirect Chain
  • https://m.vn88hn.live/launcher/sports/esports-euro
  • https://rvn88.w2sports.com/sports?ExternalToken=x&LangID=241&oddsstyleid=3&random=1
  • https://rvn88cdn.agent1818.com//sports?ExternalToken=x&LangID=241&oddsstyleid=3&random=1
  • https://rvn88cdn.agent1818.com/sports/?ExternalToken=x&LangID=241&oddsstyleid=3&random=1
  • https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
1 MB
221 KB
Document
General
Full URL
https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.8.7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
69943e18a5c8c045a653f9525b9d75d544126e1badb2c37eba0ae7f7048e1ebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
rvn88cdn.agent1818.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.xemkeoonline.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
lb_sess=44893a9adfe705342544800bf8d03145; sbtssid=uvvbfw1kzpq4ip2bcos2w1je; firstrefer=aHR0cHM6Ly93d3cueGVta2Vvb25saW5lLmNvbS8_; firstrequest=aHR0cDovL3J2bjg4Y2RuLmFnZW50MTgxOC5jb20vc3BvcnRzP0V4dGVybmFsVG9rZW49eCZMYW5nSUQ9MjQxJm9kZHNzdHlsZWlkPTMmcmFuZG9tPTE_; lng=241
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==

Response headers

Date
Tue, 13 Jul 2021 02:09:17 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Server
PWS/8.3.1.0.8
Set-Cookie
lb_sess=44893a9adfe705342544800bf8d03145; secure; path=/; SameSite=None; sbtssid=uvvbfw1kzpq4ip2bcos2w1je; domain=.agent1818.com; path=/; SameSite=None; secure; HttpOnly lng=241; domain=.agent1818.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; SameSite=None; secure; HttpOnly oSt2=3; expires=Tue, 13-Jul-2021 03:09:16 GMT; path=/; SameSite=None; secure; HttpOnly dTz=; domain=.agent1818.com; expires=Sun, 13-Jun-2021 02:09:17 GMT; path=/; SameSite=None; secure; HttpOnly cTz=8; domain=.agent1818.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; SameSite=None; secure bVC=2; domain=.agent1818.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; SameSite=None; secure
Cache-Control
private
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Encoding
gzip
Via
1.1 PSxgHKG8oa90:6 (W), 1.1 PS-FRA-014cL39:5 (W)
X-Px
ms PS-FRA-014cL39FRA,ms PSxgHKG8oa90000(origin)
X-Ws-Request-Id
60ecf5cc_PS-FRA-011zR44_31372-48027

Redirect headers

Date
Tue, 13 Jul 2021 02:09:16 GMT
Content-Type
text/html; charset=utf-8
Content-Length
175
Connection
keep-alive
Server
PWS/8.3.1.0.8
Set-Cookie
lb_sess=44893a9adfe705342544800bf8d03145; secure; path=/; SameSite=None; sbtssid=uvvbfw1kzpq4ip2bcos2w1je; domain=.agent1818.com; path=/; SameSite=None; secure; HttpOnly lng=241; domain=.agent1818.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; SameSite=None; secure; HttpOnly
Cache-Control
private
Location
/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Via
1.1 PSxgHKG8oa90:6 (W), 1.1 PS-FRA-014cL39:5 (W)
X-Px
ms PS-FRA-014cL39FRA,ms PSxgHKG8oa90000(origin)
X-Ws-Request-Id
60ecf5cc_PS-FRA-011zR44_31372-48025
cropped-500x200_XKlogo-1-200x80.png
www.xemkeoonline.com/wp-content/uploads/2020/11/
21 KB
22 KB
Image
General
Full URL
https://www.xemkeoonline.com/wp-content/uploads/2020/11/cropped-500x200_XKlogo-1-200x80.png
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
119b2522ae491ae9bdc831255cbd184f83746403d91ed27b074f63f1b960db82

Request headers

:path
/wp-content/uploads/2020/11/cropped-500x200_XKlogo-1-200x80.png
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej; __gads=ID=15e2b7623409c6cf-22a0c09c7ac8007b:T=1626142154:RT=1626142154:S=ALNI_MYkupSicAbcSAAR3xjXOu8xr1EOBQ
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:14 GMT
last-modified
Thu, 17 Jun 2021 08:45:00 GMT
server
nginx
etag
"60cb0b8c-55e5"
content-type
image/png
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
21989
expires
Thu, 12 Aug 2021 02:09:14 GMT
fire-icon-vector-7-e1617692294138.png
www.xemkeoonline.com/wp-content/uploads/2021/04/
2 KB
2 KB
Image
General
Full URL
https://www.xemkeoonline.com/wp-content/uploads/2021/04/fire-icon-vector-7-e1617692294138.png
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
893678a05aea064715789c2002b776939d31b2a75ac82fd21549654e43827fc5

Request headers

:path
/wp-content/uploads/2021/04/fire-icon-vector-7-e1617692294138.png
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej; __gads=ID=15e2b7623409c6cf-22a0c09c7ac8007b:T=1626142154:RT=1626142154:S=ALNI_MYkupSicAbcSAAR3xjXOu8xr1EOBQ
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:14 GMT
last-modified
Tue, 06 Apr 2021 06:58:14 GMT
server
nginx
etag
"606c0686-613"
content-type
image/png
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
1555
expires
Thu, 12 Aug 2021 02:09:14 GMT
1f525.svg
s.w.org/images/core/emoji/13.0.1/svg/
822 B
696 B
Image
General
Full URL
https://s.w.org/images/core/emoji/13.0.1/svg/1f525.svg
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
4fa646a4dbc10513ddeb70561789483638faf456e15186f4eb7291c5c455cbb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 13 Jul 2021 02:09:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Oct 2020 16:13:32 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
1366x500_HOD-01-1-1024x375.jpg
www.xemkeoonline.com/wp-content/uploads/2021/06/
67 KB
67 KB
Image
General
Full URL
https://www.xemkeoonline.com/wp-content/uploads/2021/06/1366x500_HOD-01-1-1024x375.jpg
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
0ce1d7dbbf86a00c587e87e67f93f638c5184c5801d241bf5de7dfff0eaf8d9a

Request headers

:path
/wp-content/uploads/2021/06/1366x500_HOD-01-1-1024x375.jpg
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej; __gads=ID=15e2b7623409c6cf-22a0c09c7ac8007b:T=1626142154:RT=1626142154:S=ALNI_MYkupSicAbcSAAR3xjXOu8xr1EOBQ
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:14 GMT
last-modified
Wed, 16 Jun 2021 05:21:37 GMT
server
nginx
etag
"60c98a61-10ae8"
content-type
image/jpeg
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
68328
expires
Thu, 12 Aug 2021 02:09:14 GMT
1366x500_HOD-02-1024x375.jpg
www.xemkeoonline.com/wp-content/uploads/2021/06/
55 KB
55 KB
Image
General
Full URL
https://www.xemkeoonline.com/wp-content/uploads/2021/06/1366x500_HOD-02-1024x375.jpg
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
a4b03fe5f82241e38e98ce1b5987e432c21b3f88957bac9a9a566cf44ecfd489

Request headers

:path
/wp-content/uploads/2021/06/1366x500_HOD-02-1024x375.jpg
pragma
no-cache
cookie
PHPSESSID=ttkn6e51f1hipfofbr7ojk0qej; __gads=ID=15e2b7623409c6cf-22a0c09c7ac8007b:T=1626142154:RT=1626142154:S=ALNI_MYkupSicAbcSAAR3xjXOu8xr1EOBQ
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:09:14 GMT
last-modified
Tue, 01 Jun 2021 03:11:10 GMT
server
nginx
etag
"60b5a54e-da97"
content-type
image/jpeg
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
55959
expires
Thu, 12 Aug 2021 02:09:14 GMT
get_configuration
api.livechatinc.com/v3.3/customer/action/
6 KB
2 KB
Script
General
Full URL
https://api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=12142308&version=381.1.1.1335.161.116.13.1.2.1.2.18&group_id=0&jsonp=__lc_static_config
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-211.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
65d607a2713e2a567dcf1db9f11b8427a1d4efcc48b2178940c1ae0b2f089bf5

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:09:14 GMT
cache-control
public, max-age=567
content-type
application/javascript; charset=UTF-8
content-encoding
gzip
content-length
2068
vary
Accept-Encoding
expires
Tue, 13 Jul 2021 02:18:41 GMT
open_chat
secure.livechatinc.com/customer/action/ Frame B5A4
4 KB
2 KB
Document
General
Full URL
https://secure.livechatinc.com/customer/action/open_chat?license_id=12142308&group=0&embedded=1&widget_version=3&unique_groups=0
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-211.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e1f1603e01f51047a2ce9e57f32d29ca5ac7613c861be9a6ad1d20dcce4a8496

Request headers

:method
GET
:authority
secure.livechatinc.com
:scheme
https
:path
/customer/action/open_chat?license_id=12142308&group=0&embedded=1&widget_version=3&unique_groups=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.xemkeoonline.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.xemkeoonline.com/

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-length
2008
expires
Tue, 13 Jul 2021 02:09:14 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Tue, 13 Jul 2021 02:09:14 GMT
get_localization
api.livechatinc.com/v3.3/customer/action/
13 KB
5 KB
Script
General
Full URL
https://api.livechatinc.com/v3.3/customer/action/get_localization?license_id=12142308&version=cb63cc4add40307cfb1d839bdba9daa0_b79398291dbf718f84d0a9f47bbf91cf&language=vi&group_id=0&jsonp=__lc_localization
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-211.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1e81e2aab71ba2f9cd54090aedcbfe6d2447c1f66918bcafb708d7c3086c7b0e

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:09:14 GMT
cache-control
public, max-age=568
content-type
application/javascript; charset=UTF-8
content-encoding
gzip
content-length
4607
vary
Accept-Encoding
expires
Tue, 13 Jul 2021 02:18:42 GMT
css
fonts.googleapis.com/ Frame B5A4
5 KB
709 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=12142308&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f2296fc1af54692bd56501bf9156cae1da8028424f9dbf8b00e5f40b6c3a4d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 13 Jul 2021 01:26:45 GMT
server
ESF
date
Tue, 13 Jul 2021 02:09:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Jul 2021 02:09:14 GMT
2.c5551093.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame B5A4
377 KB
110 KB
Script
General
Full URL
https://cdn.livechatinc.com/widget/static/js/2.c5551093.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=12142308&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-211.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
74b4a28729201fae2dbb53b42592ee518a7343ed8bbb6508ee0844d4d1e0030b

Request headers

Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
4VlY0JX.WEGYnUUxoteC6PMDdqMps0w9
content-encoding
br
last-modified
Fri, 02 Jul 2021 07:12:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
W/"d799bf79962bc0c1d21d5829b734f344"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
date
Tue, 13 Jul 2021 02:09:14 GMT
content-length
111578
x-amz-cf-id
8FbR4MV7Fi9yLaumWZxi8ZToy1e40933suxZZA5HfjulLAX9kq5MxA==
expires
Wed, 13 Jul 2022 02:09:14 GMT
0.88d54b4c.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame B5A4
23 KB
8 KB
Script
General
Full URL
https://cdn.livechatinc.com/widget/static/js/0.88d54b4c.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=12142308&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-211.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
70eef99f016276772a27a6176e60dd2565d7acd70c3850e9cc9f8d240abe814d

Request headers

Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
OTkE1UFJkii6KMFdKNIvJ9iAxal6VobA
content-encoding
br
last-modified
Thu, 01 Jul 2021 12:56:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"ff8e1d51eee6cb0c2e221d1129f678bb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
date
Tue, 13 Jul 2021 02:09:14 GMT
content-length
7947
x-amz-cf-id
VtS8XYmXAQx_ueqqU-4f3queCOkfmcZfHkJJ5NjPjGKLKMTbM_sskQ==
expires
Wed, 13 Jul 2022 02:09:14 GMT
iframe.debbe1b4.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame B5A4
410 KB
108 KB
Script
General
Full URL
https://cdn.livechatinc.com/widget/static/js/iframe.debbe1b4.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=12142308&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-211.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
551707f405323967c876f683bad8a28ab94ee48024fb61eaa3ec3b39be5b4f05

Request headers

Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
QBPnTxwpr8mnbWcxyZq9HuUOdoa8eY.p
content-encoding
br
last-modified
Mon, 12 Jul 2021 12:20:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
W/"25656a4e6df1a0777253ecdc25a9177c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
date
Tue, 13 Jul 2021 02:09:14 GMT
content-length
109836
x-amz-cf-id
rQLj3YHXS3EOi8Liy2Qt5M6C6dXxUuvt2UOKZoXE8J0xtTLG0ig5Lg==
expires
Wed, 13 Jul 2022 02:09:14 GMT
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v12/ Frame B5A4
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/notosans/v12/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://secure.livechatinc.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 05:12:10 GMT
x-content-type-options
nosniff
age
593824
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16056
x-xss-protection
0
last-modified
Wed, 24 Mar 2021 17:50:31 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 05:12:10 GMT
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v12/ Frame B5A4
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/notosans/v12/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://secure.livechatinc.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 13:51:41 GMT
x-content-type-options
nosniff
age
562653
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16180
x-xss-protection
0
last-modified
Wed, 24 Mar 2021 17:43:44 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 13:51:41 GMT
postmessage.html
accounts.livechatinc.com/static/ Frame F328
Redirect Chain
  • https://accounts.livechatinc.com/customer?license_id=12142308&flow=button&response_type=token&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&redirect_uri=https%3A%2F%2Fsecure.livechatinc.com%2Fcustomer...
  • https://accounts.livechatinc.com/static/postmessage.html
553 B
493 B
Document
General
Full URL
https://accounts.livechatinc.com/static/postmessage.html
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/widget/static/js/iframe.debbe1b4.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-211.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7cb6c118ec3898ea3cf8db6f9d26f49cbe1ed8475e269b78d8162307b648b1ae

Request headers

:method
GET
:authority
accounts.livechatinc.com
:scheme
https
:path
/static/postmessage.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secure.livechatinc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://secure.livechatinc.com/

Response headers

content-encoding
gzip
content-type
text/html
etag
"06F41167B22D690E6AD57C16440DEC37558AF6A5"
vary
Accept-Encoding
content-length
365
date
Tue, 13 Jul 2021 02:09:15 GMT

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://accounts.livechatinc.com/static/postmessage.html#access_token=dal:005u6uqyS8uQKv19CGT-nA&entity_id=a39b5881-ecd8-4479-721c-74e521829b41&expires_in=28800&redirect_uri=https://secure.livechatinc.com/customer/action/open_chat&state=@livechat/customer-auth&token_type=Bearer
pragma
no-cache
content-length
0
date
Tue, 13 Jul 2021 02:09:15 GMT
set-cookie
__lc_cid=a39b5881-ecd8-4479-721c-74e521829b41; Path=/customer; Domain=accounts.livechatinc.com; Expires=Thu, 13 Jul 2023 02:09:15 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None __lc_cst=504c7f90543feb420bbdd8310402a344245017cb94e3b0ced94da13b2b7b7c77af861ddb815c2434b39ef463169ec2cd3061e89ea929712e4df52771a4ff; Path=/customer; Domain=accounts.livechatinc.com; Expires=Thu, 13 Jul 2023 02:09:15 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None __lc2_cid=a39b5881-ecd8-4479-721c-74e521829b41; Path=/licence; Domain=accounts.livechatinc.com; Expires=Thu, 13 Jul 2023 02:09:15 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None __lc2_cst=504c7f90543feb420bbdd8310402a344245017cb94e3b0ced94da13b2b7b7c77af861ddb815c2434b39ef463169ec2cd3061e89ea929712e4df52771a4ff; Path=/licence; Domain=accounts.livechatinc.com; Expires=Thu, 13 Jul 2023 02:09:15 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None __oauth_redirect_detector=counter=1&t=1626142185&tag=ec3ff1093b732fb783ace340c1c94c95254958da; Path=/; Expires=Tue, 13 Jul 2021 02:09:45 GMT; HttpOnly
/
cdn.livechatinc.com/cloud/
28 KB
28 KB
Image
General
Full URL
https://cdn.livechatinc.com/cloud/?uri=https%3A%2F%2Flivechat.s3.amazonaws.com%2Fdefault%2FeyeCatchers%2Fnew108.gif
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-211.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a9afafd03001404329b0871e17c22112067e61c6e2c3e85a6e1389423ecf13e8

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
BNr21rqHAp8nqnbnHeuvqEjoTFMAy6EH
last-modified
Tue, 06 Mar 2018 10:29:26 GMT
server
AmazonS3
x-amz-request-id
7125A81E8B7DA842
etag
"c2d03ed3cde151c08cb657df3a018dbb"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=33978822
date
Tue, 13 Jul 2021 02:09:16 GMT
accept-ranges
bytes
content-length
28303
x-amz-id-2
63juaKK1XNpRQuop6BIwOGTpLlkEcnzOGP5ct7SLue1YcBV8ST77Gk4M6aF0cIq6FFGnHDqREGk=
expires
Wed, 10 Aug 2022 08:42:58 GMT
app.css
rvn88cdn.agent1818.com/css/ Frame F13A
1 MB
150 KB
Stylesheet
General
Full URL
https://rvn88cdn.agent1818.com/css/app.css?version=637616695361095627
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
a806d39d439a412fe95fc40b4989f8e98214670a999d2c6d3cace31d956e3533
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Jul 2021 02:09:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 12 Jul 2021 06:53:18 GMT
Server
PWS/8.3.1.0.8
ETag
"-1278035789"
X-Ws-Request-Id
60ecf5cd_PS-FRA-011zR44_31510-61106
Content-Type
text/css
Via
1.1 PSrbJP1ty77:0 (W), 1.1 PS-FRA-014cL39:5 (W)
Cache-Control
public, max-age=2592000
X-Px
ms PS-FRA-014cL39FRA,ht PSrbJP1ty77HND
Connection
keep-alive
Content-Length
153029
X-XSS-Protection
1; mode=block
Expires
Wed, 11 Aug 2021 07:17:58 GMT
splash.png
rvn88cdn.agent1818.com/imgs/ Frame F13A
567 B
1 KB
Image
General
Full URL
https://rvn88cdn.agent1818.com/imgs/splash.png
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
3127547b37eb862b3870692edb50889bf3404ac51db6e5f1c63869b309940a59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Jul 2021 02:09:17 GMT
Via
1.1 PS-TPE-01qXz223:2 (W), 1.1 PSrbdjTYO3sh60:0 (W), 1.1 PS-FRA-014cL39:5 (W)
X-Content-Type-Options
nosniff
Last-Modified
Mon, 16 Nov 2020 05:05:27 GMT
Server
PWS/8.3.1.0.8
Age
288312
ETag
"862954178"
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
public, max-age=2592000
X-Px
ht PS-FRA-014cL39FRA
Connection
keep-alive
X-Ws-Request-Id
60ecf5cd_PS-FRA-011zR44_31274-38796
X-XSS-Protection
1; mode=block
Expires
Sun, 08 Aug 2021 18:04:05 GMT
sbMsgBus.js
cdnjs.santisem.com/rj/sb-msg-bus/4.0.6/ Frame F13A
5 KB
3 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-msg-bus/4.0.6/sbMsgBus.js?version=61137255
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
f9b3507981d5ddcfbf64e7a082ef828e678917cd92d6ec700ac9d8ce0e0e9730

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=mRXbRg==, md5=5PY3NCojFJgWdciQHq/1ng==
date
Tue, 13 Jul 2021 02:09:18 GMT
content-encoding
gzip
age
1164866
x-guploader-uploadid
ADPycdtUu6IpUS-lN4KDHbfuNu-mWGUksawsYdEhi_ZtvAbqrB3UPyYQu47VjbThiDWcThCpjTLa-De5JO4tVkycfNcWAXjHMA
x-cache
Miss from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
1807
access-control-allow-origin
*
last-modified
Fri, 28 Jun 2019 14:42:00 GMT
server
nginx
etag
"e4f637342a2314981675c8901eaff59e"
vary
Accept-Encoding
x-mly-id
b33889fb70209397b4708a753fee6dc0
x-goog-generation
1561732920526314
via
mly, 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-goog-stored-content-length
1807
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
5UjXfzru90KdM1MHnJjZoM61H0DUPZJdkqiQSYktcTkJWNsywqksyQ==
expires
Thu, 29 Jul 2021 14:34:52 GMT
sbInternalMsgBus.js
cdnjs.santisem.com/rj/sb-internal-msg-bus/1.0.16/ Frame F13A
10 KB
4 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-internal-msg-bus/1.0.16/sbInternalMsgBus.js?version=61137255
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
9855c5142a9b459a083bea4c47ab52f96685c7233664243581062dbdc1d70a1f

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=GMQ30A==, md5=uOaVs7v+YyOe5jRxu7cPAg==
date
Tue, 13 Jul 2021 02:09:18 GMT
content-encoding
gzip
age
129132
x-guploader-uploadid
ADPycdux9enWYawv-YnnpbUZXvzVGU6_d59dR3BR3BrQsvJdH7kyHEYhW9dV4FPTT3k5fKdv_QdePWuS6UGXEFVzFh9g7ksyFw
x-cache
Miss from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
3059
access-control-allow-origin
*
last-modified
Wed, 19 Jun 2019 16:21:01 GMT
server
nginx
etag
"b8e695b3bbfe63239ee63471bbb70f02"
vary
Accept-Encoding
x-mly-id
196e346bd21dd503a34b25f3c6880397
x-goog-generation
1560961261598214
via
mly, 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-goog-stored-content-length
3059
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
innQctbsgxzlTrSVGo9Rv-1bq5u3kzoZSpxDp-oAMzInmDN2jEanLA==
expires
Tue, 10 Aug 2021 14:17:06 GMT
sbApprovedThirdPartyDependencies.js
cdnjs.santisem.com/rj/sb-approved-third-party-dependencies/1.0.0/ Frame F13A
104 KB
30 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-approved-third-party-dependencies/1.0.0/sbApprovedThirdPartyDependencies.js?version=61137255
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
fa8c160947edf98ff75f41c665729612fd111ce0bc5c5bea3adc4d10d92f35f7

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=dzjF+w==, md5=I06zCZUOlzwVQIIwLo82yQ==
date
Tue, 13 Jul 2021 02:09:18 GMT
content-encoding
gzip
age
361035
x-guploader-uploadid
ADPycdu-mcnHcTy8qWaR9rxSJjrjfIo7JwgqAIjDEH7L38NufA9o3yVF-FP9Gn1gnqC29AJ9FGJw0zSpexE5zMOy5F97B6fQ2g
x-cache
Miss from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
30373
access-control-allow-origin
*
last-modified
Tue, 14 May 2019 09:06:32 GMT
server
nginx
etag
"234eb309950e973c154082302e8f36c9"
vary
Accept-Encoding
x-mly-id
64ccd5de66f9c87f3591ac510dbeffad
x-goog-generation
1557824792946784
via
mly, 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-goog-stored-content-length
30373
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
IfNbkhQPMAaS6WU5DSs0Sgjlmk2MJuL2r-v8B43fpDLKMAOksE0UMg==
expires
Sat, 07 Aug 2021 21:52:03 GMT
sbReactDependencies.js
cdnjs.santisem.com/rj/sb-react-dependencies/1.0.1/ Frame F13A
219 KB
70 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-react-dependencies/1.0.1/sbReactDependencies.js?version=61137255
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
a3f97de5268375e39a7d3b9158899148f835a334f064bd20c0110f81f4757db6

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=YFybbQ==, md5=58rGj/+3gPbvlC/zMJQsug==
date
Tue, 13 Jul 2021 02:09:18 GMT
content-encoding
gzip
age
197976
x-guploader-uploadid
ADPycdsP4MI5Ysj-bHRi5TyU4xWuE68MRmd1wSJrpYEFLwyS91kVP_KJWHO-pW7MsI4A6l7umkV4xrZJN66Be2OyL7lm419tVw
x-cache
Miss from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
71316
access-control-allow-origin
*
last-modified
Mon, 20 May 2019 11:42:15 GMT
server
nginx
etag
"e7cac68fffb780f6ef942ff330942cba"
vary
Accept-Encoding
x-mly-id
c92def21e63f8c7ffbf1acdc066b3d48
x-goog-generation
1558352535077602
via
mly, 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-goog-stored-content-length
71316
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
dAyqNXuco4e7__WRFr-ICusUxG-4IF7erkBUCFW9hVeJvSG0pylgjw==
expires
Mon, 09 Aug 2021 19:09:42 GMT
velocityReact.js
cdnjs.santisem.com/rj/sb-react-dependencies/1.0.1/ Frame F13A
51 KB
15 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-react-dependencies/1.0.1/velocityReact.js?version=61137255
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
9fd71499be740db3b5066c33ba442501aae6418f758432667ff956b887b84c0d

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=Fbf8zw==, md5=Cgecu0VCRbIWD5o0mArlXQ==
date
Tue, 13 Jul 2021 02:09:18 GMT
content-encoding
gzip
age
391282
x-guploader-uploadid
ADPycdvRwqQc4p492oc2k3QkDvYP2iIzRqcgPr6abe__vc13mEAt9-dDSy5KXoA3K4q3slGWf2gl0WsCvAYAvfaLbgHqa5ecXg
x-cache
Miss from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
14793
access-control-allow-origin
*
last-modified
Mon, 20 May 2019 11:42:15 GMT
server
nginx
etag
"0a079cbb454245b2160f9a34980ae55d"
vary
Accept-Encoding
x-mly-id
da7830ec11a60b78640cff42693fa2e0
x-goog-generation
1558352535072689
via
mly, 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-goog-stored-content-length
14793
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
BcmSHbcOL6soFI9rqFBLLuaA6JCQMHWKgh0mfQXvUsWOJun5uT2sOg==
expires
Sat, 07 Aug 2021 13:27:56 GMT
sbPolyfills.js
cdnjs.santisem.com/rj/sb-polyfills/1.0.8/ Frame F13A
13 KB
5 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-polyfills/1.0.8/sbPolyfills.js?version=61137255
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
51025c11b35699936388814726cc4d808f3b3506d44665c6c6aaac79cbdc471a

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=nOFNCg==, md5=+Smlx0bZP9i4jdEGBy6NwQ==
date
Tue, 13 Jul 2021 02:09:18 GMT
content-encoding
gzip
age
266738
x-guploader-uploadid
ADPycdsDqJrxIyx9eG9j6f6BtDzjN5Dnl2VJONefo1QkmTYjLS2D8Ife6gpha_aN7rUcm7e_gBYkcBcIj9fSveURg4XlKps4qw
x-cache
Miss from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
4150
access-control-allow-origin
*
last-modified
Fri, 28 Jun 2019 08:35:45 GMT
server
nginx
etag
"f929a5c746d93fd8b88dd106072e8dc1"
vary
Accept-Encoding
x-mly-id
236db997c0467f4865e9dd03791a3c0d
x-goog-generation
1561710945250223
via
mly, 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-goog-stored-content-length
4150
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
GxvpkQ1mOBnwy3KNDH5lQV-AbC8cvWv6EIkunGgG59Xw7bSJMHDmEQ==
expires
Mon, 09 Aug 2021 00:03:40 GMT
sbJsExtends.js
cdnjs.santisem.com/rj/sb-js-extends/1.0.11/ Frame F13A
10 KB
3 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-js-extends/1.0.11/sbJsExtends.js?version=61137255
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
72b1a8a85556ee3ea2c9b50d12cf92c487082f14a58da9616ee5f09789533b69

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=0LoPXg==, md5=q/eZpWGU1czmRwhSJ7516Q==
date
Tue, 13 Jul 2021 02:09:18 GMT
content-encoding
gzip
age
54012
x-guploader-uploadid
ADPycduxXfGBjWSIW3ywxB3rJF5K2HdPDpiveQpJbEcVqe3SbyqIcipQRadak8-s0d6yuFBJ4u0etYYjXyhKhXyN47c
x-cache
Miss from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
2694
access-control-allow-origin
*
last-modified
Tue, 02 Jul 2019 13:02:55 GMT
server
nginx
etag
"abf799a56194d5cce647085227be75e9"
vary
Accept-Encoding
x-mly-id
2d33fbb959f0737fd9c1cdbd1fb045b3
x-goog-generation
1562072575932924
via
mly, 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=2592000
x-goog-stored-content-length
2694
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
RZljUE-dnQEFSoYoBtVQrjDvPGZJSgAFByhXzVRRgMjvbzYJluexow==
expires
Wed, 11 Aug 2021 11:09:06 GMT
sbRespBlockLib.js
cdnjs.santisem.com/rj/sb-resp-block-lib/3.9.14/ Frame F13A
12 KB
4 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-resp-block-lib/3.9.14/sbRespBlockLib.js?version=61137255
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
70ea929cc11e816ee21815a2a07b5c6d8d4271ca87fa22a821afbc53db7481fe

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=PQQA2Q==, md5=ulYNG5Jfvej2zy9fry3M3A==
date
Tue, 13 Jul 2021 02:09:18 GMT
content-encoding
gzip
age
213735
x-guploader-uploadid
ADPycduT3897V4ZohZLQ9RaI7ADCsfW1QXBFYeKy0Cck503fhymaxp3zE-BK5EYTSArQXiOlrLxvBU4uJxg5qJGdCsEKJPQ6SQ
x-cache
Miss from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
3724
access-control-allow-origin
*
last-modified
Fri, 12 Jul 2019 15:10:26 GMT
server
nginx
etag
"ba560d1b925fbde8f6cf2f5faf2dccdc"
vary
Accept-Encoding
x-mly-id
bd4744e6a4df46c0c56200ef0ddd22d9
x-goog-generation
1562944226840517
via
mly, 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-goog-stored-content-length
3724
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
fpKeJnO0EUz-ayHZLLNW1bmDcYi6VQLNb1UamGvLE9GByRRUW6shkw==
expires
Mon, 09 Aug 2021 14:47:03 GMT
sbBffIntegration-vendor.js
cdnjs.santisem.com/rj/sb-bff-integration/1.0.34/ Frame F13A
195 KB
59 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-bff-integration/1.0.34/sbBffIntegration-vendor.js?version=61137255
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
ee0d2c4b510212a0bbc5a2f32a2cec0fd4f420946835bec87dd1d2231786b96b

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=1UOslA==, md5=TexCyvgFwS8rxAeH8gevnQ==
date
Tue, 13 Jul 2021 02:09:18 GMT
content-encoding
gzip
age
598942
x-guploader-uploadid
ADPycduEVzbRNzTjP-kgHUOOrfi8h_i-PSuyZdnTfFo9doRHij6PYIcSxBf2Kdpw2R9NvuQ2tLOccALh4oN8oBHUU6bbevogzg
x-cache
Miss from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
59267
access-control-allow-origin
*
last-modified
Fri, 30 Aug 2019 12:02:52 GMT
server
nginx
etag
"4dec42caf805c12f2bc40787f207af9d"
vary
Accept-Encoding
x-mly-id
6e3aa11c2280dadd22a9e872e7ba290f
x-goog-generation
1567166572015090
via
mly, 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=2592000
x-goog-stored-content-length
59267
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
fG1mA7mvp3BK7W0Sw6BzWxg8F0HSQf1wfP9FGms2-7lzg5QZmCKxzQ==
expires
Thu, 05 Aug 2021 03:46:56 GMT
sbBffIntegration.js
cdnjs.santisem.com/rj/sb-bff-integration/1.0.34/ Frame F13A
33 KB
7 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-bff-integration/1.0.34/sbBffIntegration.js?version=61137255
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
2be6b6e5eac6433ad1cd45c1da385fd6be8061ec353c29b6984a3f7ffddc2d2e

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=Nu+Q+w==, md5=k+1cbkpoqXbiVrOkq/x5yw==
date
Tue, 13 Jul 2021 02:09:18 GMT
content-encoding
gzip
age
681612
x-guploader-uploadid
ADPycducpAxfNZktl4WJR8ZFC2vS0dFvjVtmA6qAfo1c7Q6glGf7B-bzCAA7Prb_DFnkcli_CQrhl3jMJjheDFi-PZjbwcc8OA
x-cache
Miss from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
6013
access-control-allow-origin
*
last-modified
Fri, 30 Aug 2019 12:02:52 GMT
server
nginx
etag
"93ed5c6e4a68a976e256b3a4abfc79cb"
vary
Accept-Encoding
x-mly-id
bef74f8391e1b368ee69f783e86cf4b7
x-goog-generation
1567166572014980
via
mly, 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-goog-stored-content-length
6013
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
Mag9vWH_9xeAPvHdyiXgl1PP0cBOM04jaqdDDhNSSZGiA8H4X0zMug==
expires
Wed, 04 Aug 2021 04:49:06 GMT
sbCommonLib.js
cdnjs.santisem.com/rj/sb-common-lib/3.9.9/ Frame F13A
223 KB
67 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-common-lib/3.9.9/sbCommonLib.js?version=61137255
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
f76e4b52a3cecca6e57f6ee8dc6777a20a26ba7a87b02c8789f4ea3f0d2accdd

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=0HGYgQ==, md5=4iSUBpoS31udgrAmCjwtEA==
date
Tue, 13 Jul 2021 02:09:18 GMT
content-encoding
gzip
age
465039
x-guploader-uploadid
ADPycduLoBrbEHp9vdAeE6L8qP8aaokP5J8IDd8Tm1vayD0zcwhoQyvbk-pZIJdWGn2BxiRkvbYCNZnoCtCInAu0CtVulsEixQ
x-cache
Miss from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
67988
access-control-allow-origin
*
last-modified
Mon, 16 Sep 2019 13:44:40 GMT
server
nginx
etag
"e22494069a12df5b9d82b0260a3c2d10"
vary
Accept-Encoding
x-mly-id
fc2460946f609d6604e03b163a2d7665
x-goog-generation
1568641480025427
via
mly, 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=2592000
x-goog-stored-content-length
67988
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
umZ3tdGWw0InR2iR_cGuh45MCPc4l7uEl9YJmgNR8R3M3WKFVmyRMw==
expires
Fri, 06 Aug 2021 16:58:39 GMT
sbUiMessage.js
cdnjs.santisem.com/rj/sb-ui-message/1.0.2/ Frame F13A
25 KB
6 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-ui-message/1.0.2/sbUiMessage.js?version=61137255
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
a59b154d69f616520a00b883621fc796400c9ef6e3148154771a9fa1c77b858b

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=H1hczA==, md5=wcR0hMrTZL1NhyMR5/mZPQ==
date
Tue, 13 Jul 2021 02:09:18 GMT
content-encoding
gzip
age
1784524
x-guploader-uploadid
ABg5-UyzHiGUlfJ0xoGafykjjm62Nsj0_C7t5_5yp-AjTuEtSpcSe8iCDKiXxMMIWb4GjLAS4GzYPaneZZ894nPO3Xmf9z-e7g
x-cache
Miss from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
5836
access-control-allow-origin
*
last-modified
Wed, 19 Jun 2019 07:28:35 GMT
server
nginx
etag
"c1c47484cad364bd4d872311e7f9993d"
vary
Accept-Encoding
x-mly-id
8e08faba155ac8ed99710683134850d7
x-goog-generation
1560929315491889
via
mly, 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-goog-stored-content-length
5836
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
Qq8bFJzUZ1zi4aVlEQvJmlvaUOKTiCfQWPKBRUTxB-Vcqfj76djx4A==
expires
Thu, 22 Jul 2021 10:27:14 GMT
sbHelpers.js
cdnjs.santisem.com/rj/sb-helpers/1.0.14/ Frame F13A
13 KB
5 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-helpers/1.0.14/sbHelpers.js?version=61137255
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
d3ba919da871374ec11e13b7360b191981e5936e2d30aaca123a01cde9a59298

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=RytNpQ==, md5=T8fYjFKCjwBkLvcdJUk6JQ==
date
Tue, 13 Jul 2021 02:09:18 GMT
content-encoding
gzip
age
543513
x-guploader-uploadid
ADPycdu1trmLoRYWn541Im17NB41myGvczaORB7HqufXAqxDeDGjC_b0VG0VZ8ICqG4H-hdXTYY1nQctlCUZHkgjdONtsjzY2A
x-cache
Miss from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
4722
access-control-allow-origin
*
last-modified
Mon, 24 Jun 2019 13:31:51 GMT
server
nginx
etag
"4fc7d88c52828f00642ef71d25493a25"
vary
Accept-Encoding
x-mly-id
71d2eff0263c78fd93d2d067f281d4b7
x-goog-generation
1561383111568750
via
mly, 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-goog-stored-content-length
4722
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
BdpcdszFSTZi2E-SeUMEfkr6FFpZQQARr6P2l72HwHQHNRxThFMlqw==
expires
Thu, 05 Aug 2021 19:10:45 GMT
sbCasinoSlimSdk.js
cdnjs.santisem.com/rj/sb-casino-slim-sdk/1.0.1/ Frame F13A
2 KB
1 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-casino-slim-sdk/1.0.1/sbCasinoSlimSdk.js?version=61137255
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
cc7b137e42cc03c622f9791be5303a3a37ecca800d36b53e240dc587c04aad76

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=/D+YDw==, md5=gUuNg26mtoedYGgWHb8HYw==
date
Tue, 13 Jul 2021 02:09:18 GMT
content-encoding
gzip
age
215378
x-guploader-uploadid
ADPycducSHeh1MF2ouN_dNMnXXH2H7C-YmH-7vX7lyH5Wgbt9g1rct1SRCNiL31aNVmW0JWwRBuXAUacwzmP3vlCYw
x-cache
Miss from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
757
access-control-allow-origin
*
last-modified
Fri, 28 Jun 2019 07:50:04 GMT
server
nginx
etag
"814b8d836ea6b6879d6068161dbf0763"
vary
Accept-Encoding
x-mly-id
1b3a49e70be7c711289b29c051fc643d
x-goog-generation
1561708204112459
via
mly, 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-goog-stored-content-length
757
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
map__hxYhfC5VwsBAEK_i9QZapmSwUkLpH83CclDd6gXXhdVEEhWnw==
expires
Mon, 09 Aug 2021 14:19:40 GMT
analytics.js
www.google-analytics.com/ Frame F13A
0
19 KB
Other
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
1111
date
Tue, 13 Jul 2021 01:50:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Tue, 13 Jul 2021 03:50:46 GMT
sbWrapperIntegrations.js
cdnjs.santisem.com/rj/sb-wrapper-integrations/1.0.1/ Frame F13A
1 KB
1 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-wrapper-integrations/1.0.1/sbWrapperIntegrations.js?version=61137255
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
b8c32ed1dffc7730c3c4742eb2c7e152056c8ef22a360399f130002ba1454bba

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=hWuP+w==, md5=wJNUevucJXWbA7ZIm8CQaA==
date
Tue, 13 Jul 2021 02:09:18 GMT
content-encoding
gzip
age
359241
x-guploader-uploadid
ADPycdtEAdP5iaInyIEcLvzLHXuwkD92gl4jF8WE7g_IYqSht6NkNHwPv4wVaKPmlQMUQ0PM5bKX7oNBYwtHQUd8zs9Qno9Ptg
x-cache
Miss from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
669
access-control-allow-origin
*
last-modified
Tue, 20 Aug 2019 12:01:35 GMT
server
nginx
etag
"c093547afb9c25759b03b6489bc09068"
vary
Accept-Encoding
x-mly-id
063910e8ea82416eb1d0323f4a07459b
x-goog-generation
1566302495802726
via
mly, 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-goog-stored-content-length
669
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
s9puhWrQo2AkmzzPOiv7SLS4ZJdXBpeDpTAbrzx51RhWr7yoLr3pLg==
expires
Sat, 07 Aug 2021 22:21:57 GMT
sb-app-lib.js
cdnjs.santisem.com/rj/sb-app-lib/3.9.17/ Frame F13A
148 KB
42 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-app-lib/3.9.17/sb-app-lib.js?version=61137255
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
1cdb6df8107e75d4aaf5591cbec5f1f31038186d7179154c96b3ba420b5d9d7d

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=HXq8Kg==, md5=TkVt8Pmh58oHK8/kUXozvA==
date
Tue, 13 Jul 2021 02:09:18 GMT
content-encoding
gzip
age
884528
x-guploader-uploadid
ADPycdtB0zYD65qxDFAa656JEIa5QdKZF3yWpjgq0GWskLLZ9e2uEO1d9YVQDshXI_frC1kYwGIsAPIsndPZFrKrOA
x-cache
Miss from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
42474
access-control-allow-origin
*
last-modified
Wed, 02 Oct 2019 13:27:43 GMT
server
nginx
etag
"4e456df0f9a1e7ca072bcfe4517a33bc"
vary
Accept-Encoding
x-mly-id
530c9df805284f97aabf059bc2fdf4b9
x-goog-generation
1570022863277302
via
mly, 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-goog-stored-content-length
42474
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
20DDXcJgMSlKkbotuq3yKzbU6_VphDq7EP4iJlsOeQlD-W-PhAT57g==
expires
Sun, 01 Aug 2021 20:27:10 GMT
sb-data-lib.js
cdnjs.santisem.com/rj/sb-data-lib/3.9.6/ Frame F13A
166 KB
38 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-data-lib/3.9.6/sb-data-lib.js?version=61137255
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
9615492622f7c0cf75625707073408fc5a733b60124c65f17eac9041c19d4c4f

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=hNwBeQ==, md5=NQJgAvo+wshskmoiV88Gzg==
date
Tue, 13 Jul 2021 02:09:18 GMT
content-encoding
gzip
age
1707879
x-guploader-uploadid
ABg5-UwWeWzFOUYwFL7AsOEj26dYuCXvjG1iM3myWAK8NEx_5Ko3MTXMsekMVJ9ys6kstVZ4-1xrUGv8b9DtDpnHPFy6f82fSA
x-cache
Miss from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
38035
access-control-allow-origin
*
last-modified
Thu, 17 Oct 2019 11:35:13 GMT
server
nginx
etag
"35026002fa3ec2c86c926a2257cf06ce"
vary
Accept-Encoding
x-mly-id
e912334dd653aa46525a0a78a5089cf2
x-goog-generation
1571312113009020
via
mly, 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-goog-stored-content-length
38035
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
n9yQ1rHd2VKkBzsHJdjjnwPr4-NJQQyUNxzv3cuaox9Bozp5hd-Gcw==
expires
Fri, 23 Jul 2021 07:44:39 GMT
sbt.js
js.w2script.com/sports/ Frame F13A
4 KB
2 KB
Script
General
Full URL
https://js.w2script.com/sports/sbt.js
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.89.20.98 , Taiwan, ASN136462 (MOOTECHASIA-AS-AP Mootech Asia, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
27818e1b7cabc0805920bd57c19496f05c2699afaee78482e99026169872be24

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Jul 2021 02:09:17 GMT
Content-Encoding
gzip
ETag
"803ea1fecc6fd61:0"
Last-Modified
Tue, 11 Aug 2020 10:48:49 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
svr
07
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-control
private
Accept-Ranges
bytes
Content-Length
1295
sb-responsive-pulse-bet-blocks.js
cdnjs.santisem.com/rj/sb-responsive-pulse-bet-blocks/3.9.1/ Frame F13A
83 KB
17 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-responsive-pulse-bet-blocks/3.9.1/sb-responsive-pulse-bet-blocks.js
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
2e83256a8afd34bddf3b1516da5f39aa85b37856eb114a54413ce630fc936ea7

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=HPF/sA==, md5=eFu/Y6RBgqB4Ct+psuvdZQ==
date
Tue, 13 Jul 2021 02:09:18 GMT
content-encoding
gzip
age
291235
x-guploader-uploadid
ADPycduTbVoDWoZqM0sP3sWeCmGa7BI6jApJcQ0rGQRhysvv-tpuCZ1TPshNEaNfOjILFkZsIZLK2-DxjsL7wK-okaHiNY3N-A
x-cache
Miss from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
16491
access-control-allow-origin
*
last-modified
Mon, 08 Jul 2019 15:42:07 GMT
server
nginx
etag
"785bbf63a44182a0780adfa9b2ebdd65"
vary
Accept-Encoding
x-mly-id
c80348b0110aa4feecd8a705f84af4d2
x-goog-generation
1562600527227299
via
mly, 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-goog-stored-content-length
16491
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
g8MgApuqmPlNLZ6_nsXawRA2QseNlid1tQdo4E2NQHTbjuBf8wjzuQ==
expires
Sun, 08 Aug 2021 17:15:23 GMT
pulsebetmarkets.js
cdnjs.santisem.com/rj/sb-responsive-pulse-bet-blocks/3.9.1/ Frame F13A
20 KB
5 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-responsive-pulse-bet-blocks/3.9.1/pulsebetmarkets.js
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
f6693145fdf1fda108e2720210f5a035e675449ea721e10e58ac9b1a6eabcca6

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=BupTRA==, md5=QBIUHdlR96H5wl5fsAUg9Q==
date
Tue, 13 Jul 2021 02:09:18 GMT
content-encoding
gzip
age
650078
x-guploader-uploadid
ADPycdtkhLMKVkoBaCvtrGg_euSkG4BP3fncfDjWnPGSp_f1hJuA1abGJ4pdDg8jzdTeiqgjAiJPsm1RHmuJI9jzpM0
x-cache
Miss from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
4774
access-control-allow-origin
*
last-modified
Mon, 08 Jul 2019 15:42:07 GMT
server
nginx
etag
"4012141dd951f7a1f9c25e5fb00520f5"
vary
Accept-Encoding
x-mly-id
fe8e5e3133aa3554758c31d49dba50a6
x-goog-generation
1562600527247026
via
mly, 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-goog-stored-content-length
4774
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
AfRRWsGIYFMCmfCgTLyK3n9BtvewjK0aYnInYLncia0aihzylvb3Og==
expires
Wed, 04 Aug 2021 13:34:40 GMT
mypulsebets.js
cdnjs.santisem.com/rj/sb-responsive-pulse-bet-blocks/3.9.1/ Frame F13A
38 KB
8 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-responsive-pulse-bet-blocks/3.9.1/mypulsebets.js
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
8320a27c1ba11b3324315bdb8b869ea39cc2ae4d1fbd5fd19d65a1489a7643a0

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=awdleg==, md5=o4zsnyzeGl3RYK5iABidDg==
date
Tue, 13 Jul 2021 02:09:18 GMT
content-encoding
gzip
age
687729
x-guploader-uploadid
ADPycdt8bja6_lbYJHG-8h4KLSdCLPPpwzoql91--pYBf5qx0iSIJHGEi2ai2Xql6heHM5_xMveXcfJgK9_OYnC7fmYtzu52oQ
x-cache
Miss from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
7861
access-control-allow-origin
*
last-modified
Mon, 08 Jul 2019 15:42:07 GMT
server
nginx
etag
"a38cec9f2cde1a5dd160ae6200189d0e"
vary
Accept-Encoding
x-mly-id
82b699f62969e4185ccebd08b75e1c17
x-goog-generation
1562600527201948
via
mly, 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-goog-stored-content-length
7861
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
Er5yv5by-h65lMB8HzVZ8l8TiWU_bv_2meSDobVqqNMOcRUXCxEefw==
expires
Wed, 04 Aug 2021 03:07:09 GMT
scoreboard.js
cdnjs.santisem.com/rj/sb-responsive-scoreboard-block/3.9.1/ Frame F13A
25 KB
6 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-responsive-scoreboard-block/3.9.1/scoreboard.js
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
fef39bd55372a3adba905c77b32fd9c843dddfe0c0929535d8081ab30b314e6b

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=Gp14Lg==, md5=p1S7+2CV5D1x7jy3Vlo6Rg==
date
Tue, 13 Jul 2021 02:09:18 GMT
content-encoding
gzip
age
664923
x-guploader-uploadid
ADPycdvKx3vS5HFLOnKJPOiw_9jwHkfQoyufWkg6fvJIEWWIPWwqBczqBWp7rBj2efhRgYdjVLWaBoxaGEo49IFNukY__IYZ8w
x-cache
Miss from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
4895
access-control-allow-origin
*
last-modified
Thu, 05 Sep 2019 08:45:09 GMT
server
nginx
etag
"a754bbfb6095e43d71ee3cb7565a3a46"
vary
Accept-Encoding
x-mly-id
2bbb2c96c0ae993caf6a25e78ac6eba8
x-goog-generation
1567673109312372
via
mly, 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-goog-stored-content-length
4895
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
Hv06j2O5WQDuD_80yaQQmDKDa1xhNuQ8PtcBWpCmNh8PPbb87vzKkw==
expires
Wed, 04 Aug 2021 09:27:15 GMT
_getsettings.aspx
ls.masamiab.com/ Frame F13A
149 B
734 B
Script
General
Full URL
https://ls.masamiab.com/_getsettings.aspx
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
119.13.89.234 Fuzhou, China, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
c89194be55453d89f2378407760b6a3f010714c1dac858bea6df3f565f32021f

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:09:18 GMT
content-encoding
gzip
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-remote-addr
37.120.211.140
http-geo-ipcountry
PL
content-length
209
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private
accept-ranges
bytes
access-control-allow-headers
Access-Control-Allow-Origin
access-control-request-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers,Access-Control-Allow-Origin
stream.js
ls.masamiab.com/ Frame F13A
5 KB
2 KB
Script
General
Full URL
https://ls.masamiab.com/stream.js
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
119.13.89.234 Fuzhou, China, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
f557f900f62afdeb7a8b0de31cb3a138cfd8bc1a83f52e3b3a94cf1f4600dbea

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:09:18 GMT
content-encoding
gzip
x-powered-by
ASP.NET
x-remote-addr
37.120.211.140
http-geo-ipcountry
PL
last-modified
Wed, 03 Mar 2021 11:23:12 GMT
server
nginx
etag
W/"e29bc8981f10d71:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 13 Jul 2021 03:09:18 GMT
cache-control
max-age=3600
x-forwarded-port
443
access-control-allow-headers
Access-Control-Allow-Origin
x-proxy-cache
HIT
access-control-request-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers,Access-Control-Allow-Origin
streamIconJS.js
ls.masamiab.com/ Frame F13A
6 KB
2 KB
Script
General
Full URL
https://ls.masamiab.com/streamIconJS.js
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
119.13.89.234 Fuzhou, China, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
045cd6720377282ab525f4634d12a02ef2c7bcb984991b09d6ff3691df36c1b7

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:09:18 GMT
content-encoding
gzip
x-powered-by
ASP.NET
x-remote-addr
37.120.211.140
http-geo-ipcountry
PL
last-modified
Sun, 27 Sep 2020 11:45:44 GMT
server
nginx
etag
W/"4b7ac0bbc394d61:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 13 Jul 2021 03:09:18 GMT
cache-control
max-age=3600
x-forwarded-port
443
access-control-allow-headers
Access-Control-Allow-Origin
x-proxy-cache
HIT
access-control-request-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers,Access-Control-Allow-Origin
bui.min.js
contents.masamiab.com/bui/ Frame F13A
3 KB
1 KB
Script
General
Full URL
https://contents.masamiab.com/bui/bui.min.js
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
119.13.89.234 Fuzhou, China, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
4f481d78a1dcc4eb5d25ac20d829ab107a70e04420e42dd50d16d7f1d880c4c5

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:09:18 GMT
content-encoding
gzip
x-powered-by
ASP.NET
x-remote-addr
37.120.211.140
http-geo-ipcountry
PL
last-modified
Thu, 30 Jul 2020 06:47:02 GMT
server
nginx
etag
W/"0b7d33a3d66d61:0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 13 Jul 2021 02:19:18 GMT
cache-control
max-age=600
x-forwarded-port
443
access-control-allow-headers
Access-Control-Allow-Origin
x-proxy-cache
HIT
access-control-request-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers,Access-Control-Allow-Origin
announcement.js
announcements.masamiab.com/ Frame F13A
2 KB
1 KB
Script
General
Full URL
https://announcements.masamiab.com/announcement.js
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
119.13.89.234 Fuzhou, China, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
8100eced22e7bba712a8db44a2539fdbd8330fdcfce338316d02fd502d13b4b2

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:09:18 GMT
content-encoding
gzip
last-modified
Wed, 02 Dec 2020 05:56:03 GMT
server
nginx
x-powered-by
ASP.NET
etag
W/"48325ad16fc8d61:0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-remote-addr
37.120.211.140
expires
Tue, 13 Jul 2021 02:19:18 GMT
cache-control
max-age=600
http-geo-ipcountry
PL
x-forwarded-port
443
x-proxy-cache
HIT
hamburgernavigationsettingsbuttonblock.js
cdnjs.santisem.com/rj/sb-responsive-hamburger-navigation-blocks/3.9.2/ Frame F13A
6 KB
2 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-responsive-hamburger-navigation-blocks/3.9.2/hamburgernavigationsettingsbuttonblock.js
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
b548bcd50c5a99cfe97f842748da8916387ba6673dcd55dadb58e6abbe18917e

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=i8L7ww==, md5=x9srL9vIL/tmQSAb4THGBg==
date
Tue, 13 Jul 2021 02:09:18 GMT
content-encoding
gzip
age
350746
x-guploader-uploadid
ADPycdvYtQZEt6FZH5XwfttC7oT0aRBQIjv3QNL4loxlzr5Khiod6YoAuT6GLfY52EVKE3o9ELcMoO9NngC6QOAPF9YT5pis8Q
x-cache
Miss from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
1686
access-control-allow-origin
*
last-modified
Thu, 18 Jul 2019 07:02:22 GMT
server
nginx
etag
"c7db2b2fdbc82ffb6641201be131c606"
vary
Accept-Encoding
x-mly-id
44137d31e8137d5942f99f28953ed1ed
x-goog-generation
1563433342012203
via
mly, 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-goog-stored-content-length
1686
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
yxOAO_TYkZu-RN-V2NOhV16RZHXWaHjWAZRVXq3ewYIiSnsxLHD6jw==
expires
Sun, 08 Aug 2021 00:43:32 GMT
sb-user-lib.js
cdnjs.santisem.com/rj/sb-user-lib/3.9.0/ Frame F13A
29 KB
8 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-user-lib/3.9.0/sb-user-lib.js?version=61137255
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
ccf5e3c2e32d058e36d0c6ba18c8e6a063d692438079a700e8aa5802254bfb8a

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=DFcROQ==, md5=w6u5qZIMxkoXuoj22uuqWA==
date
Tue, 13 Jul 2021 02:09:18 GMT
content-encoding
gzip
age
981000
x-guploader-uploadid
ADPycdt-cHTXALyTpwB9W8ehLNK3vTl9WoQH05htEUlnfYl1PaaL4QiW2xmAptDpmmXFfdO5yVs8cntY5i6zXAAGqXo0DCu1Hw
x-cache
Miss from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
7307
access-control-allow-origin
*
last-modified
Wed, 26 Jun 2019 19:07:01 GMT
server
nginx
etag
"c3abb9a9920cc64a17ba88f6daebaa58"
vary
Accept-Encoding
x-mly-id
87a7151d48b9b11ed263af2af810b344
x-goog-generation
1561576021624150
via
mly, 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-goog-stored-content-length
7307
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
a31SKiXqWlfP6EqMBjQHb7T9My8VtAFuuclBW9RsBw9QC5rjCpiNwA==
expires
Sat, 31 Jul 2021 17:39:18 GMT
sb-betslip-lib.js
cdnjs.santisem.com/rj/sb-betslip-lib/3.9.42/ Frame F13A
615 KB
130 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-betslip-lib/3.9.42/sb-betslip-lib.js?version=61137255
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
d7282962004e3841c0ef0537ba431b29ca770cb4c67027af372edfce5489df32

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=jyZQ0w==, md5=hkeBIxJqpZXjbEEGs84gzA==
date
Tue, 13 Jul 2021 02:09:18 GMT
content-encoding
gzip
age
181326
x-guploader-uploadid
ADPycdvJjh0As7HA-Zmz82i8XBzmgncwhpauVYzH9wQ3Y_YZc0v4pPFd9q5tKZHQGNVrnTXOD3nCJNPh7vuhR1kkM7yZRvCrLw
x-cache
Miss from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
132033
access-control-allow-origin
*
last-modified
Wed, 18 Sep 2019 14:20:08 GMT
server
nginx
etag
"86478123126aa595e36c4106b3ce20cc"
vary
Accept-Encoding
x-mly-id
663df32d4140089a4feb1f03fa5d6b11
x-goog-generation
1568816408377924
via
mly, 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-goog-stored-content-length
132033
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
Ycf7N3pwKpjcUZew3Nc5xsUGaN90U__O7fhDo9s7TxCyRJhNszRjVA==
expires
Mon, 09 Aug 2021 23:47:12 GMT
GetServerTime
rvn88cdn.agent1818.com/pagemethods_ros.aspx/ Frame F13A
33 B
756 B
XHR
General
Full URL
https://rvn88cdn.agent1818.com/pagemethods_ros.aspx/GetServerTime?
Requested by
Host: cdnjs.santisem.com
URL: https://cdnjs.santisem.com/rj/sb-common-lib/3.9.9/sbCommonLib.js?version=61137255
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
ce72d8ccbbf63e77d126d107d81dbc17ad362836250301180bba38d718a81f3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

RequestTarget
AJAXService
Referer
https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
X-JWToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTZXNzaW9uSUQiOiJ1dnZiZncxa3pwcTRpcDJiY29zMncxamUiLCJTaXRlSUQiOiI0MSIsIm5iZiI6MTYyNjE0MjE1NywiZXhwIjoxNjI2NzQ2OTU3LCJpYXQiOjE2MjYxNDIxNTd9.1AHjgC2lzpQRbIbjYVHHIM-7kUqy5os-ODPzWydm0rQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 13 Jul 2021 02:09:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
PWS/8.3.1.0.8
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
Via
1.1 PSxgHKG8oa90:6 (W), 1.1 PS-FRA-014cL39:5 (W)
Cache-Control
private
X-Px
ms PS-FRA-014cL39FRA,ms PSxgHKG8oa90000(origin)
Connection
keep-alive
X-Ws-Request-Id
60ecf5cf_PS-FRA-011zR44_31510-61109
X-XSS-Protection
1; mode=block
Expires
Tue, 13 Jul 2021 01:59:19 GMT
jsprofile.js
rvn88cdn.agent1818.com/ Frame F13A
2 MB
312 KB
XHR
General
Full URL
https://rvn88cdn.agent1818.com/jsprofile.js?version=61137255&deviceType=IsDesktop
Requested by
Host: cdnjs.santisem.com
URL: https://cdnjs.santisem.com/rj/sb-common-lib/3.9.9/sbCommonLib.js?version=61137255
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
c2e85e9ffadf8645149458d9cfbea9180e2364852314c9fa6d5150267ffaf44c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

RequestTarget
XmlService
Referer
https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Jul 2021 02:09:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 13 Jul 2021 02:05:37 GMT
Server
PWS/8.3.1.0.8
ETag
"-1110022972"
X-Ws-Request-Id
60ecf5cf_PS-FRA-011zR44_31274-38801
Content-Type
application/x-javascript
Via
1.1 PS-TPE-01TU5222:10 (W), 1.1 PSrbdjTYO3nt44:9 (W), 1.1 PS-FRA-014cL39:5 (W)
Cache-Control
max-age=86400
X-Px
ms PS-FRA-014cL39FRA,ms PSrbdjTYO3nt44HND,ms PS-TPE-01TU5222TPE(origin)
Connection
keep-alive
Content-Length
318492
X-XSS-Protection
1; mode=block
Expires
Thu, 12 Aug 2021 02:09:20 GMT
GetLeagues
rvn88cdn.agent1818.com/methods/sportscontent.ashx/ Frame F13A
39 KB
11 KB
XHR
General
Full URL
https://rvn88cdn.agent1818.com/methods/sportscontent.ashx/GetLeagues?
Requested by
Host: cdnjs.santisem.com
URL: https://cdnjs.santisem.com/rj/sb-common-lib/3.9.9/sbCommonLib.js?version=61137255
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
ad508a71764b0a0b011629edfd9fb561505aa1f9302cbf27b3df7a5128d92324
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

RequestTarget
AJAXService
Referer
https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
X-JWToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTZXNzaW9uSUQiOiJ1dnZiZncxa3pwcTRpcDJiY29zMncxamUiLCJTaXRlSUQiOiI0MSIsIm5iZiI6MTYyNjE0MjE1NywiZXhwIjoxNjI2NzQ2OTU3LCJpYXQiOjE2MjYxNDIxNTd9.1AHjgC2lzpQRbIbjYVHHIM-7kUqy5os-ODPzWydm0rQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 13 Jul 2021 02:09:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
PWS/8.3.1.0.8
Transfer-Encoding
chunked
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Via
1.1 PSxgHKG8oa90:6 (W), 1.1 PS-FRA-014cL39:5 (W)
Cache-Control
private
X-Px
ms PS-FRA-014cL39FRA,ms PSxgHKG8oa90000(origin)
Connection
keep-alive
Content-Type
application/json; charset=utf-8
X-Ws-Request-Id
60ecf5d1_PS-FRA-011zR44_31274-38802
X-XSS-Protection
1; mode=block
Expires
Tue, 13 Jul 2021 01:59:21 GMT
GetPartialLiveContent
rvn88cdn.agent1818.com/methods/sportscontent.ashx/ Frame F13A
6 KB
2 KB
XHR
General
Full URL
https://rvn88cdn.agent1818.com/methods/sportscontent.ashx/GetPartialLiveContent?
Requested by
Host: cdnjs.santisem.com
URL: https://cdnjs.santisem.com/rj/sb-common-lib/3.9.9/sbCommonLib.js?version=61137255
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
44731e0254a8aa84abb69678f2bf6b7378046f676ede4785b28718e0b0dbeafa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

RequestTarget
AJAXService
Referer
https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
X-JWToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTZXNzaW9uSUQiOiJ1dnZiZncxa3pwcTRpcDJiY29zMncxamUiLCJTaXRlSUQiOiI0MSIsIm5iZiI6MTYyNjE0MjE1NywiZXhwIjoxNjI2NzQ2OTU3LCJpYXQiOjE2MjYxNDIxNTd9.1AHjgC2lzpQRbIbjYVHHIM-7kUqy5os-ODPzWydm0rQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 13 Jul 2021 02:09:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
PWS/8.3.1.0.8
Transfer-Encoding
chunked
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Via
1.1 PSxgHKG8oa90:6 (W), 1.1 PS-FRA-014cL39:5 (W)
Cache-Control
private
X-Px
ms PS-FRA-014cL39FRA,ms PSxgHKG8oa90000(origin)
Connection
keep-alive
Content-Type
application/json; charset=utf-8
X-Ws-Request-Id
60ecf5d1_PS-FRA-011zR44_31510-61112
X-XSS-Protection
1; mode=block
Expires
Tue, 13 Jul 2021 01:59:21 GMT
splash.png
rvn88cdn.agent1818.com/imgs/ Frame 1423
567 B
1 KB
Document
General
Full URL
https://rvn88cdn.agent1818.com/imgs/splash.png
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
3127547b37eb862b3870692edb50889bf3404ac51db6e5f1c63869b309940a59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
rvn88cdn.agent1818.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
lb_sess=44893a9adfe705342544800bf8d03145; sbtssid=uvvbfw1kzpq4ip2bcos2w1je; firstrefer=aHR0cHM6Ly93d3cueGVta2Vvb25saW5lLmNvbS8_; firstrequest=aHR0cDovL3J2bjg4Y2RuLmFnZW50MTgxOC5jb20vc3BvcnRzP0V4dGVybmFsVG9rZW49eCZMYW5nSUQ9MjQxJm9kZHNzdHlsZWlkPTMmcmFuZG9tPTE_; lng=241; oSt2=3; cTz=8; bVC=2; externaltoken=x
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1

Response headers

Date
Tue, 13 Jul 2021 02:09:21 GMT
Content-Type
image/png
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sun, 08 Aug 2021 18:04:05 GMT
Server
PWS/8.3.1.0.8
Cache-Control
public, max-age=2592000
Last-Modified
Mon, 16 Nov 2020 05:05:27 GMT
ETag
"862954178"
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Age
288316
Via
1.1 PS-TPE-01qXz223:2 (W), 1.1 PSrbdjTYO3sh60:0 (W), 1.1 PS-FRA-014cL39:5 (W)
X-Px
ht PS-FRA-014cL39FRA
X-Ws-Request-Id
60ecf5d1_PS-FRA-011zR44_31372-48039
_blank.htm
ls.99k.info/ Frame 1423
18 B
833 B
Document
General
Full URL
https://ls.99k.info/_blank.htm
Requested by
Host: ls.masamiab.com
URL: https://ls.masamiab.com/stream.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.92.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5a2ac931301d8e2c0e118db5387e5ab02472fc16b3a2fe1759e6932cdf5bb841

Request headers

:method
GET
:authority
ls.99k.info
:scheme
https
:path
/_blank.htm
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rvn88cdn.agent1818.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rvn88cdn.agent1818.com/

Response headers

date
Tue, 13 Jul 2021 02:09:21 GMT
content-type
text/html
last-modified
Fri, 19 Feb 2021 02:46:45 GMT
vary
Accept-Encoding
x-powered-by
ASP.NET
access-control-allow-origin
*
access-control-allow-headers
Access-Control-Allow-Origin
access-control-allow-methods
GET
access-control-request-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers,Access-Control-Allow-Origin
cache-control
max-age=86400
cf-cache-status
HIT
age
49368
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Po0tU%2Bb%2BhWQxKZLw9pLHpmE3T8icOtLWcNMgoRp5T3rzEHBMRxC%2B50OMTP2aTc5Ub6H5RXV3ObZYQAsNUpYEaifl84qCzUZFd3WUs%2BrbxMgRce0C2WoemEM%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
66def7fc090dc79d-AMS
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
bui.min.css
contents.masamiab.com/bui/ Frame F13A
3 KB
1 KB
Stylesheet
General
Full URL
https://contents.masamiab.com/bui/bui.min.css
Requested by
Host: contents.masamiab.com
URL: https://contents.masamiab.com/bui/bui.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
119.13.89.234 Fuzhou, China, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
071a95856a2c49ce02c7459999ecffdac8708d26faa0d212c7abc1a4792d882b

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:09:21 GMT
content-encoding
gzip
x-powered-by
ASP.NET
x-remote-addr
37.120.211.140
http-geo-ipcountry
PL
last-modified
Thu, 30 Jul 2020 06:47:02 GMT
server
nginx
etag
W/"0b7d33a3d66d61:0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Tue, 13 Jul 2021 02:19:21 GMT
cache-control
max-age=600
x-forwarded-port
443
access-control-allow-headers
Access-Control-Allow-Origin
x-proxy-cache
HIT
access-control-request-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers,Access-Control-Allow-Origin
ConfigSetting.json
contents.masamiab.com/bui/ Frame F13A
10 KB
2 KB
Fetch
General
Full URL
https://contents.masamiab.com/bui/ConfigSetting.json
Requested by
Host: contents.masamiab.com
URL: https://contents.masamiab.com/bui/bui.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
119.13.89.234 Fuzhou, China, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
fc43421161b96e5333a4f7a0714de7955eb1faf7179c581ad03d870ca8122048

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:09:21 GMT
content-encoding
gzip
last-modified
Tue, 06 Apr 2021 03:38:41 GMT
server
nginx
x-powered-by
ASP.NET
etag
W/"a388f56962ad71:0"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-remote-addr
37.120.211.140
http-geo-ipcountry
PL
access-control-allow-headers
Access-Control-Allow-Origin
access-control-request-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers,Access-Control-Allow-Origin
arrow-up.svg
rvn88cdn.agent1818.com/imgs/i-v2/o/generic/alt/ Frame F13A
343 B
977 B
Image
General
Full URL
https://rvn88cdn.agent1818.com/imgs/i-v2/o/generic/alt/arrow-up.svg
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/css/app.css?version=637616695361095627
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
0be1a415d7ebca00d716f6b3a259fd3c7e6770bb8ac10162de5a228be162129d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rvn88cdn.agent1818.com/css/app.css?version=637616695361095627
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Jul 2021 02:09:21 GMT
Via
1.1 PSxgHKG8oa90:6 (W), 1.1 PS-FRA-014cL39:5 (W)
X-Content-Type-Options
nosniff
Last-Modified
Mon, 16 Nov 2020 05:05:44 GMT
Server
PWS/8.3.1.0.8
ETag
"1292565564"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
public, max-age=2592000
X-Px
ms PS-FRA-014cL39FRA,ms PSxgHKG8oa90000(origin)
Connection
keep-alive
X-Ws-Request-Id
60ecf5d1_PS-FRA-011zR44_31372-48040
X-XSS-Protection
1; mode=block
Expires
Thu, 12 Aug 2021 02:09:21 GMT
Oswald-Regular.woff2
rvn88cdn.agent1818.com/css/shared/fonts/ Frame F13A
34 KB
35 KB
Font
General
Full URL
https://rvn88cdn.agent1818.com/css/shared/fonts/Oswald-Regular.woff2
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/css/app.css?version=637616695361095627
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
1e71313cedac2e409b994408e0f13fe2da38d474470c3b55493115cb3026777a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://rvn88cdn.agent1818.com
Referer
https://rvn88cdn.agent1818.com/css/app.css?version=637616695361095627
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Jul 2021 02:09:21 GMT
Via
1.1 PSxgHKG8oa90:6 (W), 1.1 PS-FRA-014cL39:5 (W)
X-Content-Type-Options
nosniff
Last-Modified
Mon, 16 Nov 2020 05:05:29 GMT
Server
PWS/8.3.1.0.8
ETag
"874913652"
Transfer-Encoding
chunked
Content-Type
application/font-woff2
Cache-Control
public
X-Px
ms PS-FRA-014cL39FRA,ms PSxgHKG8oa90000(origin)
Connection
keep-alive
X-Ws-Request-Id
60ecf5d1_PS-FRA-011zR44_31352-36123
X-XSS-Protection
1; mode=block
Expires
Thu, 12 Aug 2021 02:09:21 GMT
GetAllLiveContent
rvn88cdn.agent1818.com/methods/sportscontent.ashx/ Frame F13A
6 KB
2 KB
XHR
General
Full URL
https://rvn88cdn.agent1818.com/methods/sportscontent.ashx/GetAllLiveContent?
Requested by
Host: cdnjs.santisem.com
URL: https://cdnjs.santisem.com/rj/sb-common-lib/3.9.9/sbCommonLib.js?version=61137255
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
13990dc3b0835f84b60f6abb71082fb48064a55941a1714fdbab565f351e1f8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

RequestTarget
AJAXService
Referer
https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
X-JWToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTZXNzaW9uSUQiOiJ1dnZiZncxa3pwcTRpcDJiY29zMncxamUiLCJTaXRlSUQiOiI0MSIsIm5iZiI6MTYyNjE0MjE1NywiZXhwIjoxNjI2NzQ2OTU3LCJpYXQiOjE2MjYxNDIxNTd9.1AHjgC2lzpQRbIbjYVHHIM-7kUqy5os-ODPzWydm0rQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 13 Jul 2021 02:09:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
PWS/8.3.1.0.8
Transfer-Encoding
chunked
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Via
1.1 PSxgHKG8oa90:6 (W), 1.1 PS-FRA-014cL39:5 (W)
Cache-Control
private
X-Px
ms PS-FRA-014cL39FRA,ms PSxgHKG8oa90000(origin)
Connection
keep-alive
Content-Type
application/json; charset=utf-8
X-Ws-Request-Id
60ecf5d1_PS-FRA-011zR44_31510-61117
X-XSS-Protection
1; mode=block
Expires
Tue, 13 Jul 2021 01:59:21 GMT
settings.svg
rvn88cdn.agent1818.com/imgs/i-v2/o/hamburger/ Frame F13A
2 KB
2 KB
Image
General
Full URL
https://rvn88cdn.agent1818.com/imgs/i-v2/o/hamburger/settings.svg
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/css/app.css?version=637616695361095627
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
131d2d96e990b9dc54c165250f136cd86d27e2b779b3344ccccba0494662721d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rvn88cdn.agent1818.com/css/app.css?version=637616695361095627
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Jul 2021 02:09:22 GMT
Via
1.1 PSxgHKG8oa90:6 (W), 1.1 PS-FRA-014cL39:5 (W)
X-Content-Type-Options
nosniff
Last-Modified
Mon, 16 Nov 2020 05:05:15 GMT
Server
PWS/8.3.1.0.8
ETag
"1017148873"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
public, max-age=2592000
X-Px
ms PS-FRA-014cL39FRA,ms PSxgHKG8oa90000(origin)
Connection
keep-alive
X-Ws-Request-Id
60ecf5d1_PS-FRA-011zR44_31372-48043
X-XSS-Protection
1; mode=block
Expires
Thu, 12 Aug 2021 02:09:22 GMT
sodar
pagead2.googlesyndication.com/getconfig/
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210708&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210708/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3478514043172783&plah=www.xemkeoonline.com&amaexp=1&bust=exp%3D31061746
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21516838aa86eff83a4bc709a082a41a2c091da6aa4acb463b5f88a2b1e56bbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 13 Jul 2021 02:09:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8472
x-xss-protection
0
GetCurrentUserTags
rvn88cdn.agent1818.com/pagemethods_ros.aspx/ Frame F13A
102 B
1 KB
XHR
General
Full URL
https://rvn88cdn.agent1818.com/pagemethods_ros.aspx/GetCurrentUserTags
Requested by
Host: cdnjs.santisem.com
URL: https://cdnjs.santisem.com/rj/sb-common-lib/3.9.9/sbCommonLib.js?version=61137255
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
4fe01adb2fea580bd5051139d5ddbb390ba600125a5c6436585d4efe6d4c3d68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

RequestTarget
AJAXService
Referer
https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
X-JWToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTZXNzaW9uSUQiOiJ1dnZiZncxa3pwcTRpcDJiY29zMncxamUiLCJTaXRlSUQiOiI0MSIsIm5iZiI6MTYyNjE0MjE1NywiZXhwIjoxNjI2NzQ2OTU3LCJpYXQiOjE2MjYxNDIxNTd9.1AHjgC2lzpQRbIbjYVHHIM-7kUqy5os-ODPzWydm0rQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 13 Jul 2021 02:09:22 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
PWS/8.3.1.0.8
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
Via
1.1 PSxgHKG8oa90:6 (W), 1.1 PS-FRA-014cL39:5 (W)
Cache-Control
private
X-Px
ms PS-FRA-014cL39FRA,ms PSxgHKG8oa90000(origin)
Connection
keep-alive
X-Ws-Request-Id
60ecf5d1_PS-FRA-011zR44_31352-36125
X-XSS-Protection
1; mode=block
Expires
Tue, 13 Jul 2021 01:59:22 GMT
getUserOpenBetsData
rvn88cdn.agent1818.com/methods/userinfo.ashx/ Frame F13A
0
870 B
XHR
General
Full URL
https://rvn88cdn.agent1818.com/methods/userinfo.ashx/getUserOpenBetsData?
Requested by
Host: cdnjs.santisem.com
URL: https://cdnjs.santisem.com/rj/sb-common-lib/3.9.9/sbCommonLib.js?version=61137255
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

RequestTarget
AJAXService
Referer
https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
X-JWToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTZXNzaW9uSUQiOiJ1dnZiZncxa3pwcTRpcDJiY29zMncxamUiLCJTaXRlSUQiOiI0MSIsIm5iZiI6MTYyNjE0MjE1NywiZXhwIjoxNjI2NzQ2OTU3LCJpYXQiOjE2MjYxNDIxNTd9.1AHjgC2lzpQRbIbjYVHHIM-7kUqy5os-ODPzWydm0rQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 13 Jul 2021 02:09:22 GMT
Via
1.1 PSxgHKG8oa90:6 (W), 1.1 PS-FRA-014cL39:5 (W)
X-Content-Type-Options
nosniff
Server
PWS/8.3.1.0.8
X-Ws-Request-Id
60ecf5d1_PS-FRA-011zR44_31274-38805
Content-Type
application/json
Cache-Control
private
X-Px
ms PS-FRA-014cL39FRA,ms PSxgHKG8oa90000(origin)
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Tue, 13 Jul 2021 01:59:21 GMT
getUserInfo
rvn88cdn.agent1818.com/methods/userinfo.ashx/ Frame F13A
2 B
875 B
XHR
General
Full URL
https://rvn88cdn.agent1818.com/methods/userinfo.ashx/getUserInfo?
Requested by
Host: cdnjs.santisem.com
URL: https://cdnjs.santisem.com/rj/sb-common-lib/3.9.9/sbCommonLib.js?version=61137255
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
1bad6b8cf97131fceab8543e81f7757195fbb1d36b376ee994ad1cf17699c464
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

RequestTarget
AJAXService
Referer
https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
X-JWToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTZXNzaW9uSUQiOiJ1dnZiZncxa3pwcTRpcDJiY29zMncxamUiLCJTaXRlSUQiOiI0MSIsIm5iZiI6MTYyNjE0MjE1NywiZXhwIjoxNjI2NzQ2OTU3LCJpYXQiOjE2MjYxNDIxNTd9.1AHjgC2lzpQRbIbjYVHHIM-7kUqy5os-ODPzWydm0rQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 13 Jul 2021 02:09:22 GMT
Via
1.1 PSxgHKG8oa90:6 (W), 1.1 PS-FRA-014cL39:5 (W)
X-Content-Type-Options
nosniff
Server
PWS/8.3.1.0.8
X-Ws-Request-Id
60ecf5d1_PS-FRA-011zR44_31510-61119
Content-Type
application/json; charset=utf-8
Cache-Control
private
X-Px
ms PS-FRA-014cL39FRA,ms PSxgHKG8oa90000(origin)
Connection
keep-alive
Content-Length
2
X-XSS-Protection
1; mode=block
Expires
Tue, 13 Jul 2021 01:59:22 GMT
verifytoken
esports.w88api.com/ Frame F13A
0
377 B
Script
General
Full URL
https://esports.w88api.com/verifytoken?v=1626142161823&token=x&_=1626142161824
Requested by
Host:
URL: /jscomponents/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
209.9.48.83 , United States, ASN3491 (BTN-ASN, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Jul 2021 02:09:23 GMT
svr
08
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Cache-Control
private
X-Forwarded-Proto
https
Content-Length
0
getWaitingBetsSP
rvn88cdn.agent1818.com/pagemethods.aspx/ Frame F13A
2 B
875 B
XHR
General
Full URL
https://rvn88cdn.agent1818.com/pagemethods.aspx/getWaitingBetsSP?
Requested by
Host: cdnjs.santisem.com
URL: https://cdnjs.santisem.com/rj/sb-common-lib/3.9.9/sbCommonLib.js?version=61137255
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

RequestTarget
AJAXService
Referer
https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
X-JWToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTZXNzaW9uSUQiOiJ1dnZiZncxa3pwcTRpcDJiY29zMncxamUiLCJTaXRlSUQiOiI0MSIsIm5iZiI6MTYyNjE0MjE1NywiZXhwIjoxNjI2NzQ2OTU3LCJpYXQiOjE2MjYxNDIxNTd9.1AHjgC2lzpQRbIbjYVHHIM-7kUqy5os-ODPzWydm0rQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 13 Jul 2021 02:09:22 GMT
Via
1.1 PSxgHKG8oa90:6 (W), 1.1 PS-FRA-014cL39:5 (W)
X-Content-Type-Options
nosniff
Server
PWS/8.3.1.0.8
X-Ws-Request-Id
60ecf5d1_PS-FRA-011zR44_31372-48044
Content-Type
application/json; charset=utf-8
Cache-Control
private
X-Px
ms PS-FRA-014cL39FRA,ms PSxgHKG8oa90000(origin)
Connection
keep-alive
Content-Length
2
X-XSS-Protection
1; mode=block
Expires
Tue, 13 Jul 2021 01:59:22 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210708/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3478514043172783&plah=www.xemkeoonline.com&amaexp=1&bust=exp%3D31061746
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:09:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Tue, 13 Jul 2021 02:09:21 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 3429
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.xemkeoonline.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.xemkeoonline.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Mon, 12 Jul 2021 19:58:15 GMT
expires
Tue, 12 Jul 2022 19:58:15 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
22266
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 10C5
783 B
763 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
aea93d59bcede3b5e374520fe46a0b07a6064eb73389b2c0ae80a45b8dd48a06
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jy6fC7NJk7rR5r/r4SUgXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.xemkeoonline.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.xemkeoonline.com/

Response headers

expires
Tue, 13 Jul 2021 02:09:21 GMT
date
Tue, 13 Jul 2021 02:09:21 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-jy6fC7NJk7rR5r/r4SUgXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
b2gEWd4q8RfC2rkV4tdKCipW-yVpxc52qP_nX5010Jw.js
pagead2.googlesyndication.com/bg/ Frame 3429
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/b2gEWd4q8RfC2rkV4tdKCipW-yVpxc52qP_nX5010Jw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f680459de2af117c2dab915e2d74a0a2a56fb2569c5ce76a8ffe75f9d35d09c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:01:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
382066
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13336
x-xss-protection
0
last-modified
Tue, 06 Jul 2021 09:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Jul 2022 16:01:35 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210708&jk=1247231796001468&bg=!7O-l76vNAAZjFomlYxY7ACkAdvg8WtuXUIDM5SuJGdAcYoI2eFRGNOPRklRFAoLH4HmKxpUi_W-1CwIAAABdUgAAAApoAQcKAOc9967PH4_JIqAZ1tN6hYHpS9cNdc5kOLMDucoCsgTCFfPMUFAJjbh__DO4JBSccF2vjN7zr3SBtOI2lsAYmDQn3YlFWgK8MQjJgRVWqLJGF5a_tFTKcypb543VAhbBs4phgU9MPw0uceEkN-qyAsHqUuxs7Hxk5-cPt8gGLbiPiooIGpeBozYhlVz828lDOujpkNGXOXIEjkmUyeEr3eTbvMkxBFjPXCVocfI7H_nBaixXaayC6uRP5RFOcSRLkXpzhlJ3zLqOIGWSmESOlwm9JVp2MbRQBiAOZjcc-e8aJBOjI2OO0VOZAnQC-IKrbwAJnOfEOTiapdftj1aD97aLRwGenhi4joD34H9jo_xHuBBz4TXg2aIcJUcqK7k9kjCMojiRu1lSKEViK4lMEv1HZHsyGf1OpUQobDHzmGx8zBxp9KKScj_8dPqYezENH521qZWzDiez3OXRcjLPruRlrtynsNIoVOZrQ5eWyNY5dyHtIYR4qCbKlw0_VKj5FvX-1B4uZ-OKwtWjq_z2DVFsp3qFy6P_cdqZnx7A-KBIt8fzdUIDqTCOGQ10JA4UwLymTt9n0dpDjLWRMUL8X0v1FJyAIv54-zB-OzDngYxFWWCyvAvn_9iRxdVm45q06-h58_ABAcUWwT97wX26j-VF4gLFTD9Tsl0q7WsWheHcwoi5n75M06dOHh_LC_WZ4WVoKSa0xNBTt-CDXqeXqlCI5Pu-YEvUsY-E-a_5TzLd43zdjhd-40JIdqxzsvDQlyjN23d0e3bMKRhSQ34YnWSsNPA-hnAofGjDLF0jWC-JlOZ1Tu8P9mofX1lKQ60EFWm9-vA6KZQ4JWbA7RmlU2KpjoW0hZs4L7DJZpVmH9WFG9DKyfawwPEQsieIKZu7Yi5WxevKAbFm_y2EiPMHaxlVpyI0wvhKA0hO5PqODKRjqpOxm5lp3jPUWSwf0yCi-DtR3gTqXmxyPZd0uadsOKdXbKL-pRM6zJpCMj4VfPOuzqgLb-HxKzEG5qk8lgcEqLkEHP5C8Fo2NDOAMgh8WAyq85-UncF_jPblsEanzaryqQ9hgFy6lc0ECOYf3CxuAshGn2Hv3ug56zo7vDilqh1GWQWMoedImp__ezqc31xWZoO5H5LwsZNFRguY4zp5
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Jul 2021 02:09:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
announcement.aspx
announcements.masamiab.com/ Frame F13A
449 B
866 B
Script
General
Full URL
https://announcements.masamiab.com/announcement.aspx?lang=en
Requested by
Host: announcements.masamiab.com
URL: https://announcements.masamiab.com/announcement.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
119.13.89.234 Fuzhou, China, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
901456e9685d726a18b031311944e99d8e6095d9db51be836cdd3dc6b8c55419

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:09:23 GMT
content-encoding
gzip
server
nginx
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/html; charset=utf-8
x-remote-addr
37.120.211.140
cache-control
private
http-geo-ipcountry
PL
accept-ranges
bytes
content-length
577
hshandler.ashx
rvn88cdn.agent1818.com/async/ Frame F13A
54 B
1 KB
XHR
General
Full URL
https://rvn88cdn.agent1818.com/async/hshandler.ashx?version=1626142159352
Requested by
Host: cdnjs.santisem.com
URL: https://cdnjs.santisem.com/rj/sb-common-lib/3.9.9/sbCommonLib.js?version=61137255
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
f494c3bc5c78c73273df161b3332423e009aba27fe502fa592208f76edd9434f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

RequestTarget
XmlService
Referer
https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Jul 2021 02:09:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
PWS/8.3.1.0.8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Via
1.1 PSxgHKG8oa90:6 (W), 1.1 PS-FRA-014cL39:5 (W)
Cache-Control
private
X-Px
ms PS-FRA-014cL39FRA,ms PSxgHKG8oa90000(origin)
Access-Control-Allow-Headers
RequestTarget, Content-Type
Connection
keep-alive
X-Ws-Request-Id
60ecf5d4_PS-FRA-011zR44_31372-48048
X-XSS-Protection
1; mode=block
Access-Control-Request-Headers
RequestTarget, Content-Type
achan.ashx
rvn88cdn.agent1818.com/async/ Frame F13A
194 B
701 B
XHR
General
Full URL
https://rvn88cdn.agent1818.com/async/achan.ashx?version=1626142159352
Requested by
Host: cdnjs.santisem.com
URL: https://cdnjs.santisem.com/rj/sb-common-lib/3.9.9/sbCommonLib.js?version=61137255
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
0df5b63ca8eb70c73d0b254629a1bf12f85981192de171c0edf17af9b43e2c90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

RequestTarget
XmlService
Referer
https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Jul 2021 02:09:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
PWS/8.3.1.0.8
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Via
1.1 PSxgHKG8oa90:6 (W), 1.1 PS-FRA-014cL39:5 (W)
Cache-Control
private
X-Px
ms PS-FRA-014cL39FRA,ms PSxgHKG8oa90000(origin)
Connection
keep-alive
X-Ws-Request-Id
60ecf5d5_PS-FRA-011zR44_31372-48049
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async string| google_user_agent_client_hint undefined| $ function| jQuery function| hide_float_right function| google_spfd number| google_unique_id object| google_sv_map function| hide_float_left function| hide_float_right1 object| __lc object| LiveChatWidget function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| astra function| astraGetParents function| getParents function| astraToggleClass function| toggleClass function| astraTriggerEvent function| popupTriggerClick function| AstraToggleSubMenu function| AstraNavigationMenu function| AstraToggleMenu function| AstraToggleSetup function| astraNavMenuToggle boolean| __lc_inited object| LC_API object| Fat object| smilies function| sac_apply_filters function| filter_smilies function| make_links object| myBox function| scroll_to_position number| get_timeout undefined| sac_loadtimes undefined| httpReceiveChat undefined| httpSendChat number| sac_timeout string| GetChaturl string| SendChaturl function| initJavaScript function| receiveChatText function| handlehHttpReceiveChat function| sendComment function| insertNewContent function| pressedEnter function| checkStatus function| sac_getCookie function| checkName function| checkUrl function| getHTTPObject function| isNewNotificationSupported function| sacCustomNotify object| localize function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry boolean| isEditMode object| ea object| lazySizes object| astraAddon function| display_mega_menu_on_load object| items function| apply_megamenu_width_styles string| sticky_header_on_devices string| site_layout_box_width string| hook_sticky_footer string| sticky_footer_on_devices object| wp object| webpackChunkelementor object| __core-js_shared__ object| core object| elementorModules function| Waypoint function| Swiper function| ShareLink object| DialogsManager object| elementorFrontendConfig object| regeneratorRuntime object| elementorFrontend function| astScrollToTop object| twemoji number| link number| len object| GoogleGcLKhOms

0 Cookies

8 Console Messages

Source Level URL
Text
console-api log URL: https://www.xemkeoonline.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2
console-api log URL: https://announcements.masamiab.com/announcement.js(Line 48)
Message:
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
console-api warning URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1(Line 8)
Message:
/JSComponents/Data/UniSlip/Modes/TeaserSPSlipMode.ext.js is not registered
console-api log URL: https://contents.masamiab.com/bui/bui.min.js(Line 1)
Message:
[object Object]
console-api log URL: https://ls.masamiab.com/stream.js(Line 114)
Message:
[LS] LS HOST not found!!!
console-api log URL: https://ls.masamiab.com/stream.js(Line 115)
Message:
[LS] stream op found...
console-api log URL: https://ls.masamiab.com/streamIconJS.js(Line 106)
Message:
[LS] streamicon op found...
console-api log URL: https://announcements.masamiab.com/announcement.js(Line 24)
Message:
displayMarquee

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.livechatinc.com
adservice.google.com
adservice.google.de
announcements.masamiab.com
api.livechatinc.com
cdn.livechatinc.com
cdnjs.santisem.com
contents.masamiab.com
esports.w88api.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.w2script.com
ls.99k.info
ls.masamiab.com
m.vn88hn.live
pagead2.googlesyndication.com
partner.googleadservices.com
rvn88.w2sports.com
rvn88cdn.agent1818.com
s.w.org
secure.livechatinc.com
tpc.googlesyndication.com
vietsode.net
www.dpd.redeliver9b2q.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.xemkeoonline.com
103.89.20.98
104.21.92.9
107.154.199.84
111.90.148.73
119.13.89.234
13.224.99.19
142.250.185.66
192.0.77.48
2.16.186.211
209.9.48.83
220.242.170.82
2606:4700:3031::ac43:8957
2606:4700:3034::6815:46cd
2a00:1450:4001:803::2003
2a00:1450:4001:809::2004
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
045cd6720377282ab525f4634d12a02ef2c7bcb984991b09d6ff3691df36c1b7
071a95856a2c49ce02c7459999ecffdac8708d26faa0d212c7abc1a4792d882b
0be1a415d7ebca00d716f6b3a259fd3c7e6770bb8ac10162de5a228be162129d
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
0ce1d7dbbf86a00c587e87e67f93f638c5184c5801d241bf5de7dfff0eaf8d9a
0df5b63ca8eb70c73d0b254629a1bf12f85981192de171c0edf17af9b43e2c90
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
119b2522ae491ae9bdc831255cbd184f83746403d91ed27b074f63f1b960db82
131d2d96e990b9dc54c165250f136cd86d27e2b779b3344ccccba0494662721d
13990dc3b0835f84b60f6abb71082fb48064a55941a1714fdbab565f351e1f8f
17f076500dca787c42b1dd6238ce50a0752771eafd040e8512c713a7ec947c65
1ada5259a5ac61a7d68315f7efa6b98d61d2d0478df0545869c880afeaa67dcd
1bad6b8cf97131fceab8543e81f7757195fbb1d36b376ee994ad1cf17699c464
1cdb6df8107e75d4aaf5591cbec5f1f31038186d7179154c96b3ba420b5d9d7d
1e5aeaa58ab4c2345953f77e07fbc20578326076a259ed702eea64e077fde675
1e71313cedac2e409b994408e0f13fe2da38d474470c3b55493115cb3026777a
1e81e2aab71ba2f9cd54090aedcbfe6d2447c1f66918bcafb708d7c3086c7b0e
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
21516838aa86eff83a4bc709a082a41a2c091da6aa4acb463b5f88a2b1e56bbc
27818e1b7cabc0805920bd57c19496f05c2699afaee78482e99026169872be24
2989e0b9e836cb9de3274d641ec6a58c2052f039e790ddd59b22303930bfdeeb
299f002a908a15968be878534247c58b43b6204eb9b9100b91225b54986fe40c
2be6b6e5eac6433ad1cd45c1da385fd6be8061ec353c29b6984a3f7ffddc2d2e
2c5b024ac47363f4d7bb9f9ba156f11847254f45d37783068345e1217ce3fd25
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2d2c6f5ec4686e7cb2373fcd2cc49970220227ac721b21e297f90981e74a2fc1
2e83256a8afd34bddf3b1516da5f39aa85b37856eb114a54413ce630fc936ea7
30a949187cdd1c73e43b3bdee9398a9ae27f403a9481999fc9f5f946d8af0079
3127547b37eb862b3870692edb50889bf3404ac51db6e5f1c63869b309940a59
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
37fa40e483b873056df8057f5fc06d08389b3741f1b97ff774595d940e81d009
3f2296fc1af54692bd56501bf9156cae1da8028424f9dbf8b00e5f40b6c3a4d9
3f9c38934fc41ee2a85f1a6e1ad59e96f7f1e73b9b4e653394708715d5ab32c5
44731e0254a8aa84abb69678f2bf6b7378046f676ede4785b28718e0b0dbeafa
4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
4f481d78a1dcc4eb5d25ac20d829ab107a70e04420e42dd50d16d7f1d880c4c5
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fa646a4dbc10513ddeb70561789483638faf456e15186f4eb7291c5c455cbb6
4fe01adb2fea580bd5051139d5ddbb390ba600125a5c6436585d4efe6d4c3d68
51025c11b35699936388814726cc4d808f3b3506d44665c6c6aaac79cbdc471a
551707f405323967c876f683bad8a28ab94ee48024fb61eaa3ec3b39be5b4f05
55562f316d7b7869866b4afd434a6eed2851e28f68ce76277f8530544043d0a6
5a2ac931301d8e2c0e118db5387e5ab02472fc16b3a2fe1759e6932cdf5bb841
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5db00cc0aaaef4c68ce7be752bd8794cc0b67469cedfed7f4bb493c328cd5611
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
65d607a2713e2a567dcf1db9f11b8427a1d4efcc48b2178940c1ae0b2f089bf5
69943e18a5c8c045a653f9525b9d75d544126e1badb2c37eba0ae7f7048e1ebb
6ac62ad133b177d67c52cfd6b1fa821b3566637b15c3637335036aae03cf972a
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6d1b0abead4afbcc2e58204a0d787973b9ed656ec66809bfa4038503ec44783a
6f680459de2af117c2dab915e2d74a0a2a56fb2569c5ce76a8ffe75f9d35d09c
70ea929cc11e816ee21815a2a07b5c6d8d4271ca87fa22a821afbc53db7481fe
70eef99f016276772a27a6176e60dd2565d7acd70c3850e9cc9f8d240abe814d
72b1a8a85556ee3ea2c9b50d12cf92c487082f14a58da9616ee5f09789533b69
74b4a28729201fae2dbb53b42592ee518a7343ed8bbb6508ee0844d4d1e0030b
75db663f63c3505c2d1d2c41b82da41465bcd39b390516728f7fd323f95f644e
7cb6c118ec3898ea3cf8db6f9d26f49cbe1ed8475e269b78d8162307b648b1ae
7d7731cd19278dd8d68435b1df5709fd2e12e8f13e43d86409ccc26f3354ea52
7ddc2de2f2f207edae32c3515d85b82ff8fbf9b9fd5eec1b3f1904b6d5bae20e
7f8fc2a8f340314b8c37cf2e52c17df22e0b6e756625c61dd87f650ee28fdb37
8100eced22e7bba712a8db44a2539fdbd8330fdcfce338316d02fd502d13b4b2
8320a27c1ba11b3324315bdb8b869ea39cc2ae4d1fbd5fd19d65a1489a7643a0
893678a05aea064715789c2002b776939d31b2a75ac82fd21549654e43827fc5
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
901456e9685d726a18b031311944e99d8e6095d9db51be836cdd3dc6b8c55419
9615492622f7c0cf75625707073408fc5a733b60124c65f17eac9041c19d4c4f
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
9855c5142a9b459a083bea4c47ab52f96685c7233664243581062dbdc1d70a1f
9f797a163645a8d6308f5c6ee5c7c96cdf26c20d28a5c608fa488a0fac45f6df
9fd71499be740db3b5066c33ba442501aae6418f758432667ff956b887b84c0d
a3f97de5268375e39a7d3b9158899148f835a334f064bd20c0110f81f4757db6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b03fe5f82241e38e98ce1b5987e432c21b3f88957bac9a9a566cf44ecfd489
a54226b03e3da4fcaa3a4e2e3ddeaaf037c507138061bde5b91de7aaf2f7018e
a59b154d69f616520a00b883621fc796400c9ef6e3148154771a9fa1c77b858b
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a806d39d439a412fe95fc40b4989f8e98214670a999d2c6d3cace31d956e3533
a9afafd03001404329b0871e17c22112067e61c6e2c3e85a6e1389423ecf13e8
ad508a71764b0a0b011629edfd9fb561505aa1f9302cbf27b3df7a5128d92324
aea93d59bcede3b5e374520fe46a0b07a6064eb73389b2c0ae80a45b8dd48a06
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
b03ef4b198588654c13a7eacbf4b45a6a42b5d250019c8a6c16dc475e4e97fba
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
b30169a38c7ecd17eefc119177c0c61337b17a8f1abfd337ac37284d1a04a65b
b4060f918f12bcc8dc11069732cb9f2bc32a59f04d7f91e05ae04b661f43f298
b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738
b548bcd50c5a99cfe97f842748da8916387ba6673dcd55dadb58e6abbe18917e
b5641645c15c48b3ff5ce52e718563e1d04d18492e552eb126862768327e2855
b8c32ed1dffc7730c3c4742eb2c7e152056c8ef22a360399f130002ba1454bba
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bfee97408d02a4ae6084406b0fc6a17249f76144e1ab2218c66218703ebe592e
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c27efb861cbb6c850ba13777a5ae09df88347e504f5d32fca1e39c207f84672f
c2e85e9ffadf8645149458d9cfbea9180e2364852314c9fa6d5150267ffaf44c
c89194be55453d89f2378407760b6a3f010714c1dac858bea6df3f565f32021f
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc7b137e42cc03c622f9791be5303a3a37ecca800d36b53e240dc587c04aad76
ccf5e3c2e32d058e36d0c6ba18c8e6a063d692438079a700e8aa5802254bfb8a
ce72d8ccbbf63e77d126d107d81dbc17ad362836250301180bba38d718a81f3d
cf3d17563947bb679f33f02c7a099f3e5ef7f934f3639a50d7dd8f8b09679f6e
d3ba919da871374ec11e13b7360b191981e5936e2d30aaca123a01cde9a59298
d59771829b640eb8e2109dd4199b2e7e48dbffd81bf351ad1ee909ac2f419a6c
d7282962004e3841c0ef0537ba431b29ca770cb4c67027af372edfce5489df32
d882dbd828af87ed3434862bf608a2dee6d347817ae547421c9b2051ce29a905
d8e1bb6afaee4a9709470e6bc6712a4288aab63eff4a430e75935d0095648bb6
db52f8cd89bc79466c3a38395a327e89fd194b80e62ba0ef7099454d1c765414
e097f0071264fdeaecaeced46cdf28762ffa5bc3694aefc95197353ef0bdf03f
e1f1603e01f51047a2ce9e57f32d29ca5ac7613c861be9a6ad1d20dcce4a8496
e36eaa6e7cebbd4138dfb008ee3d53ab8195f45953b0f4f27d0d8156ab059021
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e605d633428c71e4f9bf101f068d079e1e8d34362d2e8b765a5e9da64342d219
ec7ef7aa5fd1e019f1c26193e95e46d481d4983673936a9dda086705ada6e3d5
ed6659edd6031b871799dacd6ece7702502f8e749af40426d5a3013dd9eb1a25
ee0d2c4b510212a0bbc5a2f32a2cec0fd4f420946835bec87dd1d2231786b96b
eff5db4c5a6ac07da2c19f570fb7f3055e4b98f69e1162984c9caa2dfc6f7b41
f0fd6cbfbf2a4baec0ea585b8073df94193ba59132f7f3bded7769474d3486ee
f494c3bc5c78c73273df161b3332423e009aba27fe502fa592208f76edd9434f
f533f1b930a04aef032a5fb9ddbfb85a14fc1ec2b7631cbc0ff87531bfce7120
f557f900f62afdeb7a8b0de31cb3a138cfd8bc1a83f52e3b3a94cf1f4600dbea
f6693145fdf1fda108e2720210f5a035e675449ea721e10e58ac9b1a6eabcca6
f76e4b52a3cecca6e57f6ee8dc6777a20a26ba7a87b02c8789f4ea3f0d2accdd
f8d00356859998784bda26e1d14f2d981515921b96ded50d5d6f6f0e75bac15c
f9b3507981d5ddcfbf64e7a082ef828e678917cd92d6ec700ac9d8ce0e0e9730
fa8c160947edf98ff75f41c665729612fd111ce0bc5c5bea3adc4d10d92f35f7
fb56f0e08adb026eb4e4b28c2fc33b35ce3ddf30a075f9906ec14caff095fa3c
fc43421161b96e5333a4f7a0714de7955eb1faf7179c581ad03d870ca8122048
fda3035030d3843c2751dc0da65fb802230ec00a4008aeed83ddddc7b97cbc93
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
fef39bd55372a3adba905c77b32fd9c843dddfe0c0929535d8081ab30b314e6b