ori-www.hadiahjuara.com Open in urlscan Pro
110.50.230.86 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ori-www.hadiahjuara.com/
Effective URL:
https://ori-www.hadiahjuara.com/en
Submission: On March 17 via api (March 17th 2024, 9:00:56 am UTC) from US — Scanned from US

Summary HTTP 161 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 61 IPs in 9 countries across 67 domains to perform 161 HTTP transactions. The main IP is 110.50.230.86, located in Philippines and belongs to GAMEBUILDERS-AS-PH Gamebuilders Inc., PH. The main domain is ori-www.hadiahjuara.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on May 15th 2023. Valid for: a year.

This is the only time ori-www.hadiahjuara.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 42	110.50.230.86 110.50.230.86	18018 (GAMEBUILD...) (GAMEBUILDERS-AS-PH Gamebuilders Inc.)
3	2607:f8b0:400... 2607:f8b0:4006:81f::2008	15169 (GOOGLE) (GOOGLE)
2	18.238.80.98 18.238.80.98	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:824::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::9b	15169 (GOOGLE) (GOOGLE)
2	202.165.61.110 202.165.61.110	18018 (GAMEBUILD...) (GAMEBUILDERS-AS-PH Gamebuilders Inc.)
3	2600:141b:1c0... 2600:141b:1c00:2e::17d1:48c7	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700:20:... 2606:4700:20::ac43:4437	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3 7	68.67.178.10 68.67.178.10	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 3	35.211.233.246 35.211.233.246	19527 (GOOGLE-2) (GOOGLE-2)
9 10	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
7 7	142.251.40.162 142.251.40.162	15169 (GOOGLE) (GOOGLE)
2	192.173.28.19 192.173.28.19	13360 (TRITONDIG...) (TRITONDIGITAL)
2	54.192.100.113 54.192.100.113	16509 (AMAZON-02) (AMAZON-02)
1	18.173.132.56 18.173.132.56	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4006:821::200e	15169 (GOOGLE) (GOOGLE)
1	108.138.106.49 108.138.106.49	16509 (AMAZON-02) (AMAZON-02)
1	185.167.164.44 185.167.164.44	198622 (ADFORM) (ADFORM)
1 3	45.54.49.5 45.54.49.5	63911 (NETACTUAT...) (NETACTUATE-AS-AP NetActuate)
1 2	37.157.3.26 37.157.3.26	198622 (ADFORM) (ADFORM)
2 5	185.84.60.23 185.84.60.23	198622 (ADFORM) (ADFORM)
3 3	34.202.14.48 34.202.14.48	14618 (AMAZON-AES) (AMAZON-AES)
1	192.73.251.161 192.73.251.161	36236 (NETACTUATE) (NETACTUATE)
1	18.164.96.87 18.164.96.87	16509 (AMAZON-02) (AMAZON-02)
9	2607:f740:e61... 2607:f740:e619::1	63911 (NETACTUAT...) (NETACTUATE-AS-AP NetActuate)
1	52.79.118.14 52.79.118.14	16509 (AMAZON-02) (AMAZON-02)
2	34.149.119.194 34.149.119.194	15169 (GOOGLE) (GOOGLE)
1 13	185.167.164.39 185.167.164.39	198622 (ADFORM) (ADFORM)
1	192.73.251.162 192.73.251.162	36236 (NETACTUATE) (NETACTUATE)
2 3	54.146.31.104 54.146.31.104	14618 (AMAZON-AES) (AMAZON-AES)
1	23.51.56.126 23.51.56.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.195.92.168 18.195.92.168	16509 (AMAZON-02) (AMAZON-02)
1 1	23.83.76.58 23.83.76.58	395954 (LEASEWEB-...) (LEASEWEB-USA-LAX)
1	63.251.28.233 63.251.28.233	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	52.70.146.159 52.70.146.159	14618 (AMAZON-AES) (AMAZON-AES)
1 2	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	50.57.31.206 50.57.31.206	19994 (RACKSPACE) (RACKSPACE)
1 2	52.55.144.0 52.55.144.0	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.0.156.250 52.0.156.250	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:6ea0:c40... 2a02:6ea0:c400::12	60068 (CDN77 _) (CDN77 _)
2 2	35.244.154.8 35.244.154.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.0.10.132 52.0.10.132	14618 (AMAZON-AES) (AMAZON-AES)
1 4	23.46.225.71 23.46.225.71	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	52.208.99.103 52.208.99.103	16509 (AMAZON-02) (AMAZON-02)
1	52.218.89.211 52.218.89.211	16509 (AMAZON-02) (AMAZON-02)
1	107.20.244.107 107.20.244.107	14618 (AMAZON-AES) (AMAZON-AES)
1	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	18.238.55.58 18.238.55.58	16509 (AMAZON-02) (AMAZON-02)
2 3	3.248.111.133 3.248.111.133	16509 (AMAZON-02) (AMAZON-02)
2 2	54.86.148.40 54.86.148.40	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2600:9000:251... 2600:9000:2512:5200:1a:609a:6780:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	54.164.170.49 54.164.170.49	14618 (AMAZON-AES) (AMAZON-AES)
2 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
3 4	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	23.52.165.154 23.52.165.154	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2600:9000:220... 2600:9000:2209:1600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	70.42.32.127 70.42.32.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1	100.24.217.221 100.24.217.221	14618 (AMAZON-AES) (AMAZON-AES)
3 3	141.94.171.215 141.94.171.215	16276 (OVH) (OVH)
1 2	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
1	44.212.89.30 44.212.89.30	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2606:4700:10:... 2606:4700:10::6816:3262	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	52.78.8.111 52.78.8.111	16509 (AMAZON-02) (AMAZON-02)
2	23.40.179.145 23.40.179.145	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	110.50.228.90 110.50.228.90	18018 (GAMEBUILD...) (GAMEBUILDERS-AS-PH Gamebuilders Inc.)
2	104.117.182.9 104.117.182.9	() ()
161	61

42 110.50.230.86 (Philippines) 1 redirects

ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH)

ori-www.hadiahjuara.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81f::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.238.80.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-80-98.jfk52.r.cloudfront.net

cdn.appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::200e (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 202.165.61.110 (Philippines)

ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH)

login.megasportcasino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:141b:1c00:2e::17d1:48c7 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

tm.ads.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracker.ads.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4437 (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.prdredir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtg.prdredir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 68.67.178.10 (North Bergen, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.233.246 (North Charleston, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 246.233.211.35.bc.googleusercontent.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
use.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.211.178.172 (North Charleston, United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.251.40.162 (Queens, United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.173.28.19 (Canada)

ASN13360 (TRITONDIGITAL, CA)

yield-op-idsync.live.streamtheworld.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.192.100.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-100-113.ewr53.r.cloudfront.net

dk0tzorg7uge9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.132.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-56.jfk52.r.cloudfront.net

d313lzv9559yp9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:821::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-49.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.167.164.44 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.54.49.5 (United States) 1 redirects

ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US)
PTR: 5.49.54.45.ptr.anycast.net

radar.cedexis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.26 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.84.60.23 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

asia.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
asia.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.202.14.48 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-14-48.compute-1.amazonaws.com

sc.adelement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.73.251.161 (New York, United States)

ASN36236 (NETACTUATE, US)

i2-fwtslbsjhvylcpjrknsapvfobnkjnk.init.cedexis-radar.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-87.jfk50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f740:e619::1 (United States)

ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US)

rpt.cedexis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.79.118.14 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-79-118-14.ap-northeast-2.compute.amazonaws.com

dafabetcomasia.asia.frosmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.119.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.119.149.34.bc.googleusercontent.com

col.0wp0usgn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 185.167.164.39 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.73.251.162 (New York, United States)

ASN36236 (NETACTUATE, US)

i1-j5-20-124-1-20200-1659234813-s.init.cedexis-radar.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.146.31.104 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-31-104.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.51.56.126 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-56-126.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.92.168 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-92-168.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.83.76.58 (Los Angeles, United States) 1 redirects

ASN395954 (LEASEWEB-USA-LAX, US)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.28.233 (Secaucus, United States)

ASN13789 (INTERNAP-BLK3, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.70.146.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-146-159.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.151.101 (San Francisco, United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.57.31.206 (United States) 1 redirects

ASN19994 (RACKSPACE, US)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.55.144.0 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-144-0.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.0.156.250 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c400::12 (New York, United States)

ASN60068 (CDN77 _, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.154.8 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.0.10.132 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-10-132.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.46.225.71 (Secaucus, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-46-225-71.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.99.103 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-99-103.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.89.211 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.20.244.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-244-107.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.55.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-58.jfk52.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.248.111.133 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-111-133.eu-west-1.compute.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.86.148.40 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-148-40.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2512:5200:1a:609a:6780:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.164.170.49 (United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-170-49.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.19.138.120 (Frankfurt am Main, Germany) 3 redirects

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.165.154 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-165-154.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2209:1600:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.24.217.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-217-221.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.94.171.215 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.22.214 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.212.89.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-212-89-30.compute-1.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:3262 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 52.78.8.111 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com

asia.frosmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.40.179.145 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-40-179-145.deploy.static.akamaitechnologies.com

aka-www.dffgames.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 110.50.228.90 (Philippines)

ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH)

origin-228.shadowsamurai.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.117.182.9 (None, )

ASN- ()

aka-mcashier.df-bet.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	hadiahjuara.com 1 redirects ori-www.hadiahjuara.com	3 MB
20	adform.net 4 redirects s2.adform.net — Cisco Umbrella Rank: 7143 track.adform.net — Cisco Umbrella Rank: 5182 asia.adform.net — Cisco Umbrella Rank: 53410 c1.adform.net — Cisco Umbrella Rank: 545 dmp.adform.net — Cisco Umbrella Rank: 3241	44 KB
18	frosmo.com dafabetcomasia.asia.frosmo.com asia.frosmo.com	62 KB
12	cedexis.com 1 redirects radar.cedexis.com — Cisco Umbrella Rank: 2925 rpt.cedexis.com — Cisco Umbrella Rank: 2148	25 KB
10	bidswitch.net 9 redirects x.bidswitch.net — Cisco Umbrella Rank: 380	6 KB
8	doubleclick.net 7 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 90 cm.g.doubleclick.net — Cisco Umbrella Rank: 271	1 KB
7	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 496 ib.adnxs.com — Cisco Umbrella Rank: 269	8 KB
4	id5-sync.com 3 redirects id5-sync.com — Cisco Umbrella Rank: 480	5 KB
4	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 741	1 KB
3	onaudience.com 3 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3221	1 KB
3	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 2135	2 KB
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 1905 load77.exelator.com — Cisco Umbrella Rank: 3804	2 KB
3	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 718 ice.360yield.com — Cisco Umbrella Rank: 2128	1 KB
3	adelement.com 3 redirects sc.adelement.com — Cisco Umbrella Rank: 377224	853 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	21 KB
3	cloudfront.net dk0tzorg7uge9.cloudfront.net d313lzv9559yp9.cloudfront.net	238 KB
3	sportradarserving.com 1 redirects a.sportradarserving.com — Cisco Umbrella Rank: 2519 use.sportradarserving.com — Cisco Umbrella Rank: 68930	3 KB
3	sportradar.com tm.ads.sportradar.com — Cisco Umbrella Rank: 63048 tracker.ads.sportradar.com — Cisco Umbrella Rank: 70835	66 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	253 KB
2	df-bet.org aka-mcashier.df-bet.org	4 KB
2	shadowsamurai.net origin-228.shadowsamurai.net	18 KB
2	dffgames.com aka-www.dffgames.com	3 KB
2	zeotap.com 1 redirects spl.zeotap.com — Cisco Umbrella Rank: 3408 mwzeom.zeotap.com — Cisco Umbrella Rank: 3321	906 B
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 451	960 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 13682	630 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 368	662 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 905	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 245	1 KB
2	openx.net 1 redirects eu-u.openx.net — Cisco Umbrella Rank: 2924	491 B
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 886	837 B
2	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 343	892 B
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 475	814 B
2	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 1149	1 KB
2	semasio.net 1 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1330	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 626	1 KB
2	0wp0usgn.com col.0wp0usgn.com	351 B
2	cedexis-radar.net i2-fwtslbsjhvylcpjrknsapvfobnkjnk.init.cedexis-radar.net i1-j5-20-124-1-20200-1659234813-s.init.cedexis-radar.net	2 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 742 script.hotjar.com — Cisco Umbrella Rank: 1067	59 KB
2	streamtheworld.com yield-op-idsync.live.streamtheworld.com — Cisco Umbrella Rank: 8422	899 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 188	70 KB
2	prdredir.com scripts.prdredir.com — Cisco Umbrella Rank: 86854 rtg.prdredir.com — Cisco Umbrella Rank: 154625	2 KB
2	megasportcasino.com login.megasportcasino.com	6 KB
2	appdynamics.com cdn.appdynamics.com — Cisco Umbrella Rank: 4516	52 KB
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 2404	120 B
1	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 1621	109 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 29109	49 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 892	360 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 673	536 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1422	278 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1508	456 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 571	648 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 23722	444 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 908	472 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 1196	44 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 29196	380 B
1	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 788	634 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1643	559 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 599	641 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 675	669 B
1	adscale.de ih.adscale.de — Cisco Umbrella Rank: 4474	38 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 487	663 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4835	400 B
1	seadform.net asia.seadform.net — Cisco Umbrella Rank: 103483	467 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	274 B
1	google.com analytics.google.com — Cisco Umbrella Rank: 163	260 B
0	dafabet.com Failed cdn3-www.dafabet.com Failed
161	67

	Domain	Requested by
42	ori-www.hadiahjuara.com	1 redirects ori-www.hadiahjuara.com cdn.appdynamics.com
17	asia.frosmo.com	dk0tzorg7uge9.cloudfront.net cdn.appdynamics.com
10	x.bidswitch.net	9 redirects ori-www.hadiahjuara.com
9	c1.adform.net	1 redirects asia.adform.net c1.adform.net
9	rpt.cedexis.com	cdn.appdynamics.com
7	cm.g.doubleclick.net	7 redirects
5	secure.adnxs.com	2 redirects ori-www.hadiahjuara.com c1.adform.net
4	id5-sync.com	3 redirects c1.adform.net
4	dmp.adform.net	c1.adform.net
4	tags.bluekai.com	1 redirects c1.adform.net
4	asia.adform.net	2 redirects
3	pixel.onaudience.com	3 redirects
3	a.audrte.com	2 redirects c1.adform.net
3	sc.adelement.com	3 redirects
3	radar.cedexis.com	1 redirects radar.cedexis.com
3	www.google-analytics.com	ori-www.hadiahjuara.com cdn.appdynamics.com www.googletagmanager.com
3	www.googletagmanager.com	ori-www.hadiahjuara.com www.googletagmanager.com www.google-analytics.com
2	aka-mcashier.df-bet.org	radar.cedexis.com
2	origin-228.shadowsamurai.net	radar.cedexis.com
2	aka-www.dffgames.com	radar.cedexis.com
2	eb2.3lift.com	1 redirects c1.adform.net
2	redirect.frontend.weborama.fr	2 redirects
2	match.adsrvr.org	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	eu-u.openx.net	1 redirects c1.adform.net
2	sync.crwdcntrl.net	1 redirects c1.adform.net
2	px.ads.linkedin.com	1 redirects c1.adform.net
2	idsync.rlcdn.com	2 redirects
2	loadm.exelator.com	2 redirects
2	ps.eyeota.net	1 redirects c1.adform.net
2	uipglob.semasio.net	1 redirects c1.adform.net
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	ad.360yield.com	1 redirects c1.adform.net
2	col.0wp0usgn.com	cdn.appdynamics.com
2	ib.adnxs.com	1 redirects
2	track.adform.net	1 redirects
2	dk0tzorg7uge9.cloudfront.net	ori-www.hadiahjuara.com
2	yield-op-idsync.live.streamtheworld.com	ori-www.hadiahjuara.com
2	a.sportradarserving.com	1 redirects ori-www.hadiahjuara.com
2	tracker.ads.sportradar.com	tm.ads.sportradar.com tracker.ads.sportradar.com
2	connect.facebook.net	ori-www.hadiahjuara.com connect.facebook.net
2	login.megasportcasino.com	ori-www.hadiahjuara.com
2	cdn.appdynamics.com	ori-www.hadiahjuara.com cdn.appdynamics.com
1	mwzeom.zeotap.com	c1.adform.net
1	spl.zeotap.com	1 redirects
1	e1.emxdgt.com	c1.adform.net
1	bpi.rtactivate.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	sync.outbrain.com	c1.adform.net
1	s.ad.smaato.net	1 redirects
1	sync.teads.tv	c1.adform.net
1	ice.360yield.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	pippio.com	1 redirects
1	load77.exelator.com	c1.adform.net
1	sync.bfmio.com	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	rtb-csync.smartadserver.com	1 redirects
1	ih.adscale.de	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	i1-j5-20-124-1-20200-1659234813-s.init.cedexis-radar.net	cdn.appdynamics.com
1	asia.seadform.net
1	dafabetcomasia.asia.frosmo.com	dk0tzorg7uge9.cloudfront.net
1	script.hotjar.com	static.hotjar.com
1	i2-fwtslbsjhvylcpjrknsapvfobnkjnk.init.cedexis-radar.net	cdn.appdynamics.com
1	s2.adform.net	ori-www.hadiahjuara.com
1	static.hotjar.com	ori-www.hadiahjuara.com
1	d313lzv9559yp9.cloudfront.net	ori-www.hadiahjuara.com
1	use.sportradarserving.com	ori-www.hadiahjuara.com
1	www.facebook.com	ori-www.hadiahjuara.com
1	rtg.prdredir.com	ori-www.hadiahjuara.com
1	scripts.prdredir.com	www.googletagmanager.com
1	tm.ads.sportradar.com	ori-www.hadiahjuara.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
0	cdn3-www.dafabet.com Failed	radar.cedexis.com
161	84

This site contains links to these domains. Also see Links.

Domain
dfgameplay.com
888df.com
dfnec.com
dfplay888.com
dafabet-partnership.com
www.dafabetaffiliates.com
twitter.com
www.youtube.com
www.jogadoresanonimos.org.br
www.dafabet.com

Subject Issuer	Validity	Valid
*.hadiahjuara.com Entrust Certification Authority - L1K	`2023-05-15` - `2024-06-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.appdynamics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-21` - `2024-07-21`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.megasportcasino.com GeoTrust TLS RSA CA G1	`2024-03-01` - `2025-02-28`	a year	crt.sh
tracker.ads.sportradar.com R3	`2024-02-22` - `2024-05-22`	3 months	crt.sh
prdredir.com GTS CA 1P5	`2024-02-27` - `2024-05-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-25` - `2024-03-24`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.init.cedexis-radar.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-21` - `2025-02-20`	a year	crt.sh
radar.cedexis.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-26` - `2024-04-25`	a year	crt.sh
*.asia.frosmo.com R3	`2024-02-01` - `2024-05-01`	3 months	crt.sh
col.0wp0usgn.com GeoTrust TLS RSA CA G1	`2024-03-03` - `2025-03-02`	a year	crt.sh
*.seadform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-08`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adscale.de Amazon RSA 2048 M02	`2023-07-18` - `2024-08-15`	a year	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2024-01-31` - `2025-01-29`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.userreport.com Amazon RSA 2048 M02	`2023-11-20` - `2024-12-17`	a year	crt.sh
teads.tv R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2023-05-29` - `2024-06-04`	a year	crt.sh
rtactivate.com Amazon RSA 2048 M03	`2024-02-12` - `2025-03-11`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2023-06-14` - `2024-06-14`	a year	crt.sh
dffgames.com R3	`2024-01-26` - `2024-04-25`	3 months	crt.sh
*.shadowsamurai.net GeoTrust TLS RSA CA G1	`2024-03-01` - `2025-02-28`	a year	crt.sh
df-bet.org R3	`2024-01-26` - `2024-04-25`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://ori-www.hadiahjuara.com/en
Frame ID: 0F027CB02B36B5CFA6D8F895404DFBCD
Requests: 111 HTTP requests in this frame

Frame: https://dafabetcomasia.asia.frosmo.com/frosmo.xdm.html?24.20.0
Frame ID: 151A41DC46FD332D4E7950435602A93B
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713
Frame ID: FE8C2C3BC724173798463A0608139C17
Requests: 42 HTTP requests in this frame

Frame: https://aka-www.dffgames.com/en/promotions/sureroute.html?rnd=1-1-20200-1-20200-42793-786172938-_CgJqMRAUGHwiBggBEOidASiKmPD2AjC-4tqvBji-4tqvBkCsjbWzCUoUCAEQ3wEYl2gggoCAwAQonoCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24xLmxnYS5odi5wcm9kggEUCAEQ3wEYvQUghYCAwAQooICAoASIAc6FgasBkAEAmAEA
Frame ID: 2F55BB6B80333FE5709A0B404B9ED2A9
Requests: 1 HTTP requests in this frame

Frame: https://aka-www.dffgames.com/en/promotions/sureroute.html?rnd=0-1-20200-1-20200-42793-786172938-_CgJqMRAUGHwiBggBEOidASiKmPD2AjC-4tqvBji-4tqvBkCsjbWzCUoUCAEQ3wEYl2gggoCAwAQonoCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24xLmxnYS5odi5wcm9kggEUCAEQ3wEYvQUghYCAwAQooICAoASIAc6FgasBkAEAmAEA
Frame ID: 39C6B22532DEF92A4F193D3A74B77E4E
Requests: 1 HTTP requests in this frame

Frame: https://origin-228.shadowsamurai.net/test/d17.html?rnd=1-1-20200-1-20200-47789-786172938-_CgJqMRAUGHwiBggBEOidASiKmPD2AjC-4tqvBji-4tqvBkCsjbWzCUoUCAEQ3wEYl2gggoCAwAQonoCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24xLmxnYS5odi5wcm9kggEUCAEQ3wEYvQUghYCAwAQooICAoASIAc6FgasBkAEAmAEA
Frame ID: 53307B503096C848F13E098C1F391875
Requests: 1 HTTP requests in this frame

Frame: https://origin-228.shadowsamurai.net/test/d17.html?rnd=0-1-20200-1-20200-47789-786172938-_CgJqMRAUGHwiBggBEOidASiKmPD2AjC-4tqvBji-4tqvBkCsjbWzCUoUCAEQ3wEYl2gggoCAwAQonoCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24xLmxnYS5odi5wcm9kggEUCAEQ3wEYvQUghYCAwAQooICAoASIAc6FgasBkAEAmAEA
Frame ID: 2E67A99D65CDC9A2E7881C0D78ED437C
Requests: 1 HTTP requests in this frame

Frame: https://aka-mcashier.df-bet.org/sureroute.html?rnd=1-1-20200-1-20200-46060-786172938-_CgJqMRAUGHwiBggBEOidASiKmPD2AjC-4tqvBji-4tqvBkCsjbWzCUoUCAEQ3wEYl2gggoCAwAQonoCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24xLmxnYS5odi5wcm9kggEUCAEQ3wEYvQUghYCAwAQooICAoASIAc6FgasBkAEAmAEA
Frame ID: 3EDD3D465C44C92C7EDDAEA706892FA3
Requests: 1 HTTP requests in this frame

Frame: https://aka-mcashier.df-bet.org/sureroute.html?rnd=0-1-20200-1-20200-46060-786172938-_CgJqMRAUGHwiBggBEOidASiKmPD2AjC-4tqvBji-4tqvBkCsjbWzCUoUCAEQ3wEYl2gggoCAwAQonoCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24xLmxnYS5odi5wcm9kggEUCAEQ3wEYvQUghYCAwAQooICAoASIAc6FgasBkAEAmAEA
Frame ID: CF999011E4E664F0342126639F1DBC38
Requests: 1 HTTP requests in this frame

Frame: https://cdn3-www.dafabet.com/en/promotions/sureroute.html?rnd=1-1-20200-1-20200-47938-786172938-_CgJqMRAUGHwiBggBEOidASiKmPD2AjC-4tqvBji-4tqvBkCsjbWzCUoUCAEQ3wEYl2gggoCAwAQonoCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24xLmxnYS5odi5wcm9kggEUCAEQ3wEYvQUghYCAwAQooICAoASIAc6FgasBkAEAmAEA
Frame ID: 44442A02759E94F4B94D4A6F95EE7EF9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://ori-www.hadiahjuara.com/ HTTP 302
https://ori-www.hadiahjuara.com/en Page URL

Detected technologies

AppDynamics (Analytics) Expand

Overall confidence: 100%
Detected patterns

adrum

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

<(?:iframe|img)[^>]+adnxs\.(?:net|com)
adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

Page Statistics

161
Requests

77 %
HTTPS

19 %
IPv6

67
Domains

84
Subdomains

61
IPs

9
Countries

4099 kB
Transfer

6878 kB
Size

102
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://dfgameplay.com/gjdqub
Title: Add us on WhatsApp!

Search URL Search Domain Scan URL

URL: https://dfgameplay.com/gjdpp9
Title: DafaAsia

Search URL Search Domain Scan URL

URL: https://888df.com/app
Title: CASINO

Search URL Search Domain Scan URL

URL: https://dfnec.com/dfc-ep
Title: DAFABET CONNECT

Search URL Search Domain Scan URL

URL: https://dfgameplay.com/gjdnjr
Title: DafaAsia

Search URL Search Domain Scan URL

URL: https://dfplay888.com/gjdubr
Title: Dafabet Support

Search URL Search Domain Scan URL

URL: https://dafabet-partnership.com/

Search URL Search Domain Scan URL

URL: https://dafabet-partnership.com/#teams

Search URL Search Domain Scan URL

URL: https://dafabet-partnership.com/#brand-ambassadors

Search URL Search Domain Scan URL

URL: https://www.dafabetaffiliates.com/en
Title: Affiliates

Search URL Search Domain Scan URL

URL: https://twitter.com/dafabet
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TheDafabetChannel
Title: youtube

Search URL Search Domain Scan URL

URL: http://www.jogadoresanonimos.org.br/
Title: Jogue com responsabilidade.

Search URL Search Domain Scan URL

URL: https://www.dafabet.com/pt/responsible-gaming
Title: Jogo Responsável

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ori-www.hadiahjuara.com/ HTTP 302
https://ori-www.hadiahjuara.com/en Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://secure.adnxs.com/px?id=1766814&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1766814%26t%3D2

Request Chain 49

https://a.sportradarserving.com/pixel?type=js&aid=1839&id=9009 HTTP 302
https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1839&id=9009

Request Chain 51

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=dcbad93f-ee37-44a2-96db-4e9d692af304&cb=47787f4f-4bc8-4de8-b8c2-5767b14c095f HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=3&user_id=dcbad93f-ee37-44a2-96db-4e9d692af304&cb=47787f4f-4bc8-4de8-b8c2-5767b14c095f HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=_DOmbckbQFCetHp98v3anQ==&gdpr=&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=_DOmbckbQFCetHp98v3anQ==&gdpr=&gdpr_consent=&google_tc= HTTP 302
https://x.bidswitch.net/google_sync_status?ssp_name=google&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr=&gdpr_consent=&google_gid=CAESEMmiGH2Au4eVWy6a9sv25dg&google_cver=1

Request Chain 52

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=dcbad93f-ee37-44a2-96db-4e9d692af304&cb=6d956709-a39a-4829-8d58-06e17560a025 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=3&user_id=dcbad93f-ee37-44a2-96db-4e9d692af304&cb=6d956709-a39a-4829-8d58-06e17560a025 HTTP 302
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=bsw&uid=1c426bbf-2a10-4329-92f8-0367c5326fd5&stn=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 53

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=dcbad93f-ee37-44a2-96db-4e9d692af304&cb=7e9ca0b5-9cba-4eb9-a429-7d388295e14a HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=3&user_id=dcbad93f-ee37-44a2-96db-4e9d692af304&cb=7e9ca0b5-9cba-4eb9-a429-7d388295e14a HTTP 302
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=bsw&uid=9030b860-73f7-4318-9a24-866c4c16d463&stn=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 54

https://x.bidswitch.net/syncd?dsp_id=409&user_id=dcbad93f-ee37-44a2-96db-4e9d692af304&user_group=3&redir=%2F%2Fuse.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D HTTP 302
https://x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=dcbad93f-ee37-44a2-96db-4e9d692af304&user_group=3&redir=%2F%2Fuse.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D HTTP 302
https://use.sportradarserving.com/bsw_sync?bsw_uid=1c426bbf-2a10-4329-92f8-0367c5326fd5

Request Chain 62

https://radar.cedexis.com/1/20200/radar.js HTTP 302
https://radar.cedexis.com/1707728419/radar.js

Request Chain 65

https://track.adform.net/Serving/TrackPoint/?pm=2281077&ADFPageName=Entry%20Page&ADFdivider=%7C&ord=754458954423&ADFtpmode=2&loc=https%3A%2F%2Fori-www.hadiahjuara.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2281077&ADFPageName=Entry%20Page&ADFdivider=%7C&ord=754458954423&ADFtpmode=2&loc=https%3A%2F%2Fori-www.hadiahjuara.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 66

https://asia.adform.net/Serving/TrackPoint/?pm=2449026&ADFdivider=%7C&ord=90899368701&ADFtpmode=2&loc=https%3A%2F%2Fori-www.hadiahjuara.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=2449026&ADFdivider=%7C&ord=90899368701&ADFtpmode=2&loc=https%3A%2F%2Fori-www.hadiahjuara.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 67

https://asia.adform.net/Serving/TrackPoint/?pm=3095779&ADFPageName=Dafabet%20All%20Pages&ADFdivider=%7C&ord=718712017691&ADFtpmode=2&loc=https%3A%2F%2Fori-www.hadiahjuara.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=3095779&ADFPageName=Dafabet%20All%20Pages&ADFdivider=%7C&ord=718712017691&ADFtpmode=2&loc=https%3A%2F%2Fori-www.hadiahjuara.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 68

https://sc.adelement.com/setRT_adelement_cookie.php?ae_rt=68b6d5bdc9e20db6e1aa8b0d8ae420a1&depth=0&language_code=en HTTP 302
https://sc.adelement.com/setRT_adelement_cookie.php?ae_rt=68b6d5bdc9e20db6e1aa8b0d8ae420a1&depth=0&language_code=en&_aeset=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adl&google_cm&google_hm=b%27cjlCSmtjUHlIbW1oa0s4RzRlM0Q0TGVK%27 HTTP 302
https://sc.adelement.com/cs?google_hm=2&google_gid=CAESEHRn-14WEeH8gt05ml63FLs&google_cver=1 HTTP 302
https://ib.adnxs.com/setuid?entity=389&code=r9BJkcPyHmmhkK8G4e3D4LeJ

Request Chain 87

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=3266975578527815707&Expiration=1711875648 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=3266975578527815707&Expiration=1711875648

Request Chain 91

https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=3266975578527815707&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID HTTP 302
https://c1.adform.net/serving/cookie/match?party=10&cid=7004116333399358510

Request Chain 93

https://x.bidswitch.net/sync?dsp_id=70&user_id=3266975578527815707 HTTP 302
https://sync.bfmio.com/sync?pid=103&uid=1c426bbf-2a10-4329-92f8-0367c5326fd5&dsp_id=&dsp_uuid=&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 94

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=3266975578527815707&expiration=1711875648 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=3266975578527815707&expiration=1711875648&C=1

Request Chain 95

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=3266975578527815707&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=3266975578527815707&sInitiator=external

Request Chain 96

https://ps.eyeota.net/match?uid=3266975578527815707&bid=9gdtmu1 HTTP 302
https://ps.eyeota.net/match/bounce/?uid=3266975578527815707&bid=9gdtmu1

Request Chain 97

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=3266975578527815707 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=3266975578527815707&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 98

https://idsync.rlcdn.com/398366.gif?partner_uid=3266975578527815707 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTMzI2Njk3NTU3ODUyNzgxNTcwNxAAGg0IwOLarwYSBQjoBxAAQgBKAA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=698efc260b87f195606589baccfa3f610f41aeed3a3475fa12dfcc198f5f9eea791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=698efc260b87f195606589baccfa3f610f41aeed3a3475fa12dfcc198f5f9eea791426b5417dce21&rand=07737896 HTTP 302
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=698efc260b87f195606589baccfa3f610f41aeed3a3475fa12dfcc198f5f9eea791426b5417dce21&rand=07737896&expected_cookie=9b64cc64-f9f0-4959-b32e-85ccb5d9083e

Request Chain 99

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=3266975578527815707/gdpr=/gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=3266975578527815707/gdpr=/gdpr_consent=

Request Chain 101

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3266975578527815707 HTTP 302
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=3266975578527815707

Request Chain 102

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 104

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MzI2Njk3NTU3ODUyNzgxNTcwNw HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOXqrf1vDRRRy3ooz1Trmys&google_cver=1&google_ula=1641347,0

Request Chain 106

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=7255945857962684622&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=3266975578527815707

Request Chain 109

https://a.audrte.com/a?adform_uid=3266975578527815707 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NzdhdE9SVEoxMm9UZi03eGlUdHh1WnVFQQ%3D%3D&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/p

Request Chain 110

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=3266975578527815707&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=3266975578527815707&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=38841012947876771691221654816744185946&noredirect=1

Request Chain 111

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=3266975578527815707 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=213430604824002719021

Request Chain 112

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7347254734836660377

Request Chain 114

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=F90ppWe41RLMnT5

Request Chain 115

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=f261940f-7500-4d4b-847f-0705bc4d46bd

Request Chain 116

https://id5-sync.com/s/10/0.gif?puid=3266975578527815707 HTTP 302
https://id5-sync.com/c/10/10/2/1.gif?puid=3266975578527815707&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/10/2/1/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/10/2/1/2.gif?puid=7255945857962684622&gdpr=0&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-5022a-cHeQLWs3xi5FZMkGE5YEN7_tZYk8nLU_ZoiQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F0%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/cq/10/124/0/3.gif?puid=5f0edf52-34de-407c-8d72-d29456482330&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=

Request Chain 117

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=1376843928 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=JldQ208oAj3V/3Q3wbVwqO

Request Chain 119

https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=3266975578527815707 HTTP 302
https://sync.outbrain.com/cookie-sync?p=smaato&initiation=partner&uid=2ddfc4895c&gdpr=0&gdpr_consent=

Request Chain 122

https://pixel.onaudience.com/?mapped=3266975578527815707&partner=68 HTTP 302
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
https://tags.bluekai.com/site/33141?&id=92ecd86b8c55d032 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=dmR3eXdHSGQ5OWVrckZqaw%3D%3D HTTP 302
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEIXpi6P5a9PDd3PTXutRjGQ&google_cver=1

Request Chain 123

https://eb2.3lift.com/xuid?mid=7354&xuid=3266975578527815707&dongle=AD20 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=3266975578527815707&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=

Request Chain 125

https://pixel.onaudience.com/?partner=290&mapped=3266975578527815707 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=c6761212713106db HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3274414b-1ab9-4a4d-51db-2ddbc8aa55ee&reqId=8f90188c-d04d-4850-5744-d5b8b628102d&zcluid=c6761212713106db&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEMnPk4VO9qPzySShb9hnCBs&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3274414b-1ab9-4a4d-51db-2ddbc8aa55ee&reqId=8f90188c-d04d-4850-5744-d5b8b628102d&zcluid=c6761212713106db&zdid=1332

161 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request en Show response
ori-www.hadiahjuara.com/
Redirect Chain

https://ori-www.hadiahjuara.com/
https://ori-www.hadiahjuara.com/en

48 KB
49 KB

543ms
542ms

Document
text/html

110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-www.hadiahjuara.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

0b113df34bd712b8725353a36a569864c751a3ba2a3838aa92772de74cc25901

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, private, must-revalidate
Connection: keep-alive
Content-Language: en
Content-Type: text/html; charset=UTF-8
Date: Sun, 17 Mar 2024 09:00:43 GMT
Page-Cache: Miss
Server: nginx/1.11.10
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
X-Frame-Options: deny

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Server: BigIP
location: /en

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 215 KB
72 KB 159ms
50ms Script
application/javascript 2607:f8b0:4006:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TQD7V7Q

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

27bc3999de98227d0e8c68662811e9dbc5877b00da382b92819e5bf380059ed3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 09:00:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 73339
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 17 Mar 2024 09:00:43 GMT

GET
H/1.1 200
OK common.db6211be4096a310692d39e6878606f4.css
ori-www.hadiahjuara.com/en/dafa/css/ 81 KB
82 KB 341ms
217ms Stylesheet
text/css 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-www.hadiahjuara.com/en/dafa/css/common.db6211be4096a310692d39e6878606f4.css

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

e69da0edf49813f480dd0b072d338f888ea3b37fcf1fddb344ebc3633ea4af63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:43 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 14 Mar 2024 10:47:42 GMT
Server: nginx/1.11.10
ETag: "65f2d5ce-14599"
Content-Type: text/css
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 83353
Expires: Mon, 17 Mar 2025 09:00:43 GMT

GET
H/1.1 200
OK home.086ee44e932ca12f36321aed8872db27.css
ori-www.hadiahjuara.com/en/css/ 51 KB
52 KB 882ms
422ms Stylesheet
text/css 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-www.hadiahjuara.com/en/css/home.086ee44e932ca12f36321aed8872db27.css

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

271242878c5fdf7f7bbb97a4bfe6a8f58d2acb94bfd16aab43fcd7ef838dcef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:44 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 04 Mar 2024 09:06:10 GMT
Server: nginx/1.11.10
ETag: "65e58f02-cc8d"
Content-Type: text/css
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 52365
Expires: Mon, 17 Mar 2025 09:00:44 GMT

GET
H/1.1 200
OK default_image.db6211be4096a310692d39e6878606f4.png
ori-www.hadiahjuara.com/en/dafa/images/ 593 B
992 B 685ms
221ms Image
image/png 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ori-www.hadiahjuara.com/en/dafa/images/default_image.db6211be4096a310692d39e6878606f4.png

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

180109f8f37c833e1f965c5662f54e73b3e1291117a3c7fa320dab4ae7727dcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:43 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 14 Mar 2024 10:47:42 GMT
Server: nginx/1.11.10
ETag: "65f2d5ce-251"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 593
Expires: Mon, 17 Mar 2025 09:00:43 GMT

GET
H/1.1 200
OK loader.gif
ori-www.hadiahjuara.com/en/images/ 25 KB
25 KB 656ms
217ms Image
image/gif 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ori-www.hadiahjuara.com/en/images/loader.gif

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

1255cfe05d68366b2f1784987c772a817da92099f4922498a445f8768c52a710

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:43 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 04 Mar 2024 09:06:10 GMT
Server: nginx/1.11.10
ETag: "65e58f02-6240"
Content-Type: image/gif
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25152
Expires: Mon, 17 Mar 2025 09:00:43 GMT

GET
H/1.1 200
OK 1920x150_en-eu.jpg
ori-www.hadiahjuara.com/en/2024-03/ 187 KB
187 KB 680ms
219ms Image
image/jpeg 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ori-www.hadiahjuara.com/en/2024-03/1920x150_en-eu.jpg

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

5aa95a4bfebb369a2e42d02da463458a40a4c40ed9e3c4d937f723fa204e63b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:43 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Fri, 01 Mar 2024 04:15:52 GMT
Server: nginx/1.11.10
ETag: "65e15678-2ea36"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 191030
Expires: Mon, 17 Mar 2025 09:00:43 GMT

GET
H/1.1 200
OK 570x388-updated_0.jpg
ori-www.hadiahjuara.com/en/2020-11/ 74 KB
75 KB 884ms
422ms Image
image/jpeg 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ori-www.hadiahjuara.com/en/2020-11/570x388-updated_0.jpg

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

a2e3b730e59a00b1195cd8e5bfe193efdf3bd17b9c1dbd77ee796dc5c8b68c36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:44 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 09 Nov 2020 02:06:19 GMT
Server: nginx/1.11.10
ETag: "5fa8a41b-128fa"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 76026
Expires: Mon, 17 Mar 2025 09:00:44 GMT

GET
H/1.1 200
OK slots-560x218.jpg
ori-www.hadiahjuara.com/en/2018-09/ 87 KB
88 KB 219ms
218ms Image
image/jpeg 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ori-www.hadiahjuara.com/en/2018-09/slots-560x218.jpg

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

1af15a8dfe5dd8cb0597a2e42cc0490cb852627d522e4db0dcda73bc453f78cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:44 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 10 Sep 2018 01:53:45 GMT
Server: nginx/1.11.10
ETag: "5b95cea9-15d91"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89489
Expires: Mon, 17 Mar 2025 09:00:44 GMT

GET
H/1.1 200
OK entrypage-sponsors-575x149_en.jpg
ori-www.hadiahjuara.com/en/2024-03/ 94 KB
94 KB 527ms
229ms Image
image/jpeg 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ori-www.hadiahjuara.com/en/2024-03/entrypage-sponsors-575x149_en.jpg

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

53d92501cb5b9b4b8bbee57a8885a46fe3478cd00e82c3c144a0e71955726225

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:44 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Fri, 01 Mar 2024 04:36:53 GMT
Server: nginx/1.11.10
ETag: "65e15b65-176c9"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95945
Expires: Mon, 17 Mar 2025 09:00:44 GMT

GET
H/1.1 200
OK 560x218-entry-page-8-19-21.jpg
ori-www.hadiahjuara.com/en/2021-08/ 124 KB
124 KB 536ms
220ms Image
image/jpeg 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ori-www.hadiahjuara.com/en/2021-08/560x218-entry-page-8-19-21.jpg

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

affe144bc5730c89d09e953cd7162b1cbbc88210ae0be3bc482ed85bf1c34e76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:44 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Fri, 20 Aug 2021 03:24:24 GMT
Server: nginx/1.11.10
ETag: "611f2068-1ef8f"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 126863
Expires: Mon, 17 Mar 2025 09:00:44 GMT

GET
H/1.1 200
OK 560x149-en_1.jpg
ori-www.hadiahjuara.com/en/2023-06/ 68 KB
69 KB 587ms
219ms Image
image/jpeg 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ori-www.hadiahjuara.com/en/2023-06/560x149-en_1.jpg

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

2e3132788af3aa36a934025284d0bf1ef615cbc670e7c2bfa702a4877f9e0807

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Fri, 16 Jun 2023 08:13:11 GMT
Server: nginx/1.11.10
ETag: "648c1997-111cc"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70092
Expires: Mon, 17 Mar 2025 09:00:45 GMT

GET
H/1.1 200
OK es5.min.js Show response
ori-www.hadiahjuara.com/en/dafa/js/ 11 KB
11 KB 771ms
422ms Script
application/javascript 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-www.hadiahjuara.com/en/dafa/js/es5.min.js

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

ac3d45538ffdd87732763521ea21e1f9695551d5c8a1b506935fb9bbc5253bfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:44 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 14 Mar 2024 10:47:42 GMT
Server: nginx/1.11.10
ETag: "65f2d5ce-2b85"
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11141
Expires: Mon, 17 Mar 2025 09:00:44 GMT

GET
H/1.1 200
OK integration.js.php Show response
ori-www.hadiahjuara.com/jswrapper/ 45 KB
45 KB 219ms
218ms Script
application/javascript 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-www.hadiahjuara.com/jswrapper/integration.js.php?casino=dafa888&min=1

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

913a765cfb211a38d2f1e42bbc2a1894d59dad568b78e84fb3d7efdd5154e395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:44 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx/1.11.10
X-Cache-Status: HIT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Language: en-US
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Expires: Sun, 17 Mar 2024 09:15:44 GMT

GET
H/1.1 200
OK manifest.086ee44e932ca12f36321aed8872db27.bundle.js Show response
ori-www.hadiahjuara.com/en/js/ 1 KB
2 KB 217ms
217ms Script
application/javascript 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-www.hadiahjuara.com/en/js/manifest.086ee44e932ca12f36321aed8872db27.bundle.js

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

d1c331f264754087f3664acaa151e43d3b19a6075c1639b06990fff50a7a2922

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:44 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 04 Mar 2024 09:06:10 GMT
Server: nginx/1.11.10
ETag: "65e58f02-5a7"
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1447
Expires: Mon, 17 Mar 2025 09:00:44 GMT

GET
H/1.1 200
OK vendor.086ee44e932ca12f36321aed8872db27.bundle.js Show response
ori-www.hadiahjuara.com/en/js/ 105 KB
105 KB 218ms
218ms Script
application/javascript 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-www.hadiahjuara.com/en/js/vendor.086ee44e932ca12f36321aed8872db27.bundle.js

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

33ce8e4368139f685537cf3fd3f7ad2009f1639e339c8b5c59db43d3a868ebe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:44 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 04 Mar 2024 09:06:10 GMT
Server: nginx/1.11.10
ETag: "65e58f02-1a35e"
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 107358
Expires: Mon, 17 Mar 2025 09:00:44 GMT

GET
H/1.1 200
OK common.db6211be4096a310692d39e6878606f4.bundle.js Show response
ori-www.hadiahjuara.com/en/dafa/js/ 257 KB
257 KB 226ms
225ms Script
application/javascript 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-www.hadiahjuara.com/en/dafa/js/common.db6211be4096a310692d39e6878606f4.bundle.js

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

59d9754e201207e97a699a467c9ea89f8a0b779153169e8cd41761c69a06608a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:44 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 14 Mar 2024 10:47:42 GMT
Server: nginx/1.11.10
ETag: "65f2d5ce-402e3"
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 262883
Expires: Mon, 17 Mar 2025 09:00:44 GMT

GET
H/1.1 200
OK home.086ee44e932ca12f36321aed8872db27.bundle.js Show response
ori-www.hadiahjuara.com/en/js/ 17 KB
17 KB 219ms
219ms Script
application/javascript 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-www.hadiahjuara.com/en/js/home.086ee44e932ca12f36321aed8872db27.bundle.js

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

0b8dd8d5971e80679534bfadc0ce765a238de38ee76c93fd32215f711d98fdd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:44 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 04 Mar 2024 09:06:10 GMT
Server: nginx/1.11.10
ETag: "65e58f02-43f3"
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17395
Expires: Mon, 17 Mar 2025 09:00:44 GMT

GET
H2 200 adrum-4.5.10.2271.js Show response
cdn.appdynamics.com/adrum/ 89 KB
32 KB 287ms
115ms Script
application/javascript 18.238.80.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Requested by: Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-98.jfk52.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 635dda68d7c55054da4da5d2dc654d40a92c598d80ff35af158da5990ba21a80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:29:43 GMT
content-encoding: gzip
via: 1.1 3235d194bb862aa113227c9680bce62c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P5
age: 2028660
x-cache: Hit from cloudfront
last-modified: Mon, 13 May 2019 18:43:34 GMT
server: nginx/1.16.1
etag: W/"5cd9bad6-1636f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: OchmWaOI-0xQp0bWqz2nNOCm3zGxnqILaYGXm9Y_8-cekQwd3AA_yQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
93 KB 48ms
47ms Script
application/javascript 2607:f8b0:4006:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S5WHEF6PM5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQD7V7Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

56e136de44b14e6b5e210100a850f4150f758be17f91dc5b3a1e7f8148eca1fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 09:00:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95187
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 17 Mar 2024 09:00:43 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
260 B 8493ms
1233ms Ping
text/plain 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-S5WHEF6PM5&gtm=45je43d0v890350493z8890334128za200&_p=1710666043246&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1070854031.1710666044&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710666043&sct=1&seg=0&dl=https%3A%2F%2Fori-www.hadiahjuara.com%2Fen&dt=Dafabet%20is%20The%20Most%20Secure%20Online%20Betting%20Company%20in%20Asia&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2066
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S5WHEF6PM5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 09:00:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ori-www.hadiahjuara.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
260 B 176ms
84ms Ping
text/plain 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-S5WHEF6PM5&cid=1070854031.1710666044&gtm=45je43d0v890350493z8890334128za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S5WHEF6PM5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 09:00:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ori-www.hadiahjuara.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dacs.js Show response
login.megasportcasino.com/jswrapper/ 18 KB
5 KB 995ms
425ms Script
application/javascript 202.165.61.110
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.megasportcasino.com/jswrapper/dacs.js?v=2

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/jswrapper/integration.js.php?casino=dafa888&min=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

202.165.61.110 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

Resource Hash

b4280ce64566ebc14aad2e95190e8f82b3f0e9cd8a3a30a754c37c83b1590570

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:45 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=16070400; includeSubDomains
Vary: Accept-Encoding
Content-Type: application/javascript
Content-Language: en-US
Cache-Control: private, max-age=604800, immutable
Content-Length: 4940

GET
H/1.1 200
OK clientHintHeaders.js Show response
login.megasportcasino.com/jswrapper/ 2 KB
973 B 992ms
423ms Script
application/javascript 202.165.61.110
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.megasportcasino.com/jswrapper/clientHintHeaders.js?v=2

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/jswrapper/integration.js.php?casino=dafa888&min=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

202.165.61.110 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

Resource Hash

142617edf27459c2a888daaf7d0bf7777a3fb328fbe9a771fcb7059044791247

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:45 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=16070400; includeSubDomains
Vary: Accept-Encoding
Content-Type: application/javascript
Content-Language: en-US
Cache-Control: private, max-age=604800, immutable
Content-Length: 671

GET
H/1.1 200
OK default_image.086ee44e932ca12f36321aed8872db27.png
ori-www.hadiahjuara.com/en/promotions/images/ 593 B
992 B 315ms
217ms Image
image/png 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ori-www.hadiahjuara.com/en/promotions/images/default_image.086ee44e932ca12f36321aed8872db27.png

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en/css/home.086ee44e932ca12f36321aed8872db27.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

180109f8f37c833e1f965c5662f54e73b3e1291117a3c7fa320dab4ae7727dcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en/css/home.086ee44e932ca12f36321aed8872db27.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:44 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 04 Mar 2024 09:06:10 GMT
Server: nginx/1.11.10
ETag: "65e58f02-251"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 593
Expires: Mon, 17 Mar 2025 09:00:44 GMT

GET
H/1.1 200
OK sprite.db6211be4096a310692d39e6878606f4.png
ori-www.hadiahjuara.com/en/dafa/images/ 206 KB
206 KB 265ms
245ms Image
image/png 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ori-www.hadiahjuara.com/en/dafa/images/sprite.db6211be4096a310692d39e6878606f4.png

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en/dafa/css/common.db6211be4096a310692d39e6878606f4.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

4865df327140a52e50f92d603b9a546fba023ae7bc05c28904f5ccaf77675e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en/dafa/css/common.db6211be4096a310692d39e6878606f4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:44 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 14 Mar 2024 10:47:42 GMT
Server: nginx/1.11.10
ETag: "65f2d5ce-337ae"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 210862
Expires: Mon, 17 Mar 2025 09:00:44 GMT

GET
H/1.1 200
OK floating-banners Show response
ori-www.hadiahjuara.com/en/ajax/ 25 KB
25 KB 423ms
423ms XHR
application/json 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-www.hadiahjuara.com/en/ajax/floating-banners?path=%252F

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en/dafa/js/common.db6211be4096a310692d39e6878606f4.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

52e240a9889c5360990e3659e5b293754676fff941d0aae534c937e01d2d3155

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/javascript
Referer: https://ori-www.hadiahjuara.com/en
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Sun, 17 Mar 2024 09:00:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx/1.11.10
Transfer-Encoding: chunked
Content-Language: en
Content-Type: application/json
Cache-Control: no-cache, no-store, private, must-revalidate
Connection: keep-alive

GET
H/1.1 200
OK dafabet_logo.png
ori-www.hadiahjuara.com/en/dafa/images/ 3 KB
4 KB 233ms
225ms Image
image/png 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ori-www.hadiahjuara.com/en/dafa/images/dafabet_logo.png

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

0ea8ad9a1b5a3e3e0950b9dd614a5056250369587ff45165dacafd8d13e838e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 14 Mar 2024 10:47:42 GMT
Server: nginx/1.11.10
ETag: "65f2d5ce-d3d"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3389
Expires: Mon, 17 Mar 2025 09:00:45 GMT

GET
H/1.1 200
OK sprite.086ee44e932ca12f36321aed8872db27.png
ori-www.hadiahjuara.com/en/images/ 113 KB
113 KB 224ms
224ms Image
image/png 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ori-www.hadiahjuara.com/en/images/sprite.086ee44e932ca12f36321aed8872db27.png

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

0f47272de3875f1531038d1dd74318d65615e4a01403492d95d4de9d218ac06b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 04 Mar 2024 09:06:10 GMT
Server: nginx/1.11.10
ETag: "65e58f02-1c211"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 115217
Expires: Mon, 17 Mar 2025 09:00:45 GMT

GET
H/1.1 200
OK playtech-footer.png
ori-www.hadiahjuara.com/en/2022-07/ 6 KB
6 KB 218ms
218ms Image
image/png 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ori-www.hadiahjuara.com/en/2022-07/playtech-footer.png

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

caed37875e80934c7f52564ca26b7846bd1f7bfa26f6eb74994556ee9777dbec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 20 Jul 2022 08:22:19 GMT
Server: nginx/1.11.10
ETag: "62d7bb3b-1709"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5897
Expires: Mon, 17 Mar 2025 09:00:45 GMT

GET
H/1.1 200
OK bitcoin_Footer%20160x41.png
ori-www.hadiahjuara.com/en/2019-09/ 2 KB
3 KB 225ms
224ms Image
image/png 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ori-www.hadiahjuara.com/en/2019-09/bitcoin_Footer%20160x41.png

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

1fad8a0d38b8307c0781fbfd3222b43917c5c879bbcfb3d5e0b96d1b4416e5a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 23 Sep 2019 09:48:31 GMT
Server: nginx/1.11.10
ETag: "5d8894ef-9ad"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2477
Expires: Mon, 17 Mar 2025 09:00:45 GMT

GET
H/1.1 200
OK slider Show response
ori-www.hadiahjuara.com/en/ajax/ 4 KB
5 KB 474ms
374ms XHR
application/json 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-www.hadiahjuara.com/en/ajax/slider?nc=2024217

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en/js/vendor.086ee44e932ca12f36321aed8872db27.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

b3e56606bc3a50bdac33d1c1a9ada75c82d1ea0857f3537a7b333387c1bb31be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://ori-www.hadiahjuara.com/en
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Sun, 17 Mar 2024 09:00:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx/1.11.10
Transfer-Encoding: chunked
Content-Language: en
Content-Type: application/json
Cache-Control: no-cache, no-store, private, must-revalidate
Connection: keep-alive

GET
H/1.1 200
OK dafabet_logo.png
ori-www.hadiahjuara.com/en/dafa/images/ 3 KB
4 KB 226ms
225ms Image
image/png 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ori-www.hadiahjuara.com/en/dafa/images/dafabet_logo.png

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

0ea8ad9a1b5a3e3e0950b9dd614a5056250369587ff45165dacafd8d13e838e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 14 Mar 2024 10:47:42 GMT
Server: nginx/1.11.10
ETag: "65f2d5ce-d3d"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3389
Expires: Mon, 17 Mar 2025 09:00:45 GMT

GET
H/1.1 200
OK sprite.db6211be4096a310692d39e6878606f4.png
ori-www.hadiahjuara.com/en/dafa/images/ 206 KB
206 KB 219ms
219ms Image
image/png 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ori-www.hadiahjuara.com/en/dafa/images/sprite.db6211be4096a310692d39e6878606f4.png

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

4865df327140a52e50f92d603b9a546fba023ae7bc05c28904f5ccaf77675e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 14 Mar 2024 10:47:42 GMT
Server: nginx/1.11.10
ETag: "65f2d5ce-337ae"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 210862
Expires: Mon, 17 Mar 2025 09:00:45 GMT

GET
H/1.1 200
OK sprite.086ee44e932ca12f36321aed8872db27.png
ori-www.hadiahjuara.com/en/images/ 113 KB
113 KB 223ms
222ms Image
image/png 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ori-www.hadiahjuara.com/en/images/sprite.086ee44e932ca12f36321aed8872db27.png

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

0f47272de3875f1531038d1dd74318d65615e4a01403492d95d4de9d218ac06b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 04 Mar 2024 09:06:10 GMT
Server: nginx/1.11.10
ETag: "65e58f02-1c211"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 115217
Expires: Mon, 17 Mar 2025 09:00:45 GMT

GET
H/1.1 200
OK playtech-footer.png
ori-www.hadiahjuara.com/en/2022-07/ 6 KB
6 KB 227ms
227ms Image
image/png 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ori-www.hadiahjuara.com/en/2022-07/playtech-footer.png

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

caed37875e80934c7f52564ca26b7846bd1f7bfa26f6eb74994556ee9777dbec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 20 Jul 2022 08:22:19 GMT
Server: nginx/1.11.10
ETag: "62d7bb3b-1709"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5897
Expires: Mon, 17 Mar 2025 09:00:45 GMT

GET
H/1.1 200
OK bitcoin_Footer%20160x41.png
ori-www.hadiahjuara.com/en/2019-09/ 2 KB
3 KB 223ms
223ms Image
image/png 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ori-www.hadiahjuara.com/en/2019-09/bitcoin_Footer%20160x41.png

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

1fad8a0d38b8307c0781fbfd3222b43917c5c879bbcfb3d5e0b96d1b4416e5a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 23 Sep 2019 09:48:31 GMT
Server: nginx/1.11.10
ETag: "5d8894ef-9ad"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2477
Expires: Mon, 17 Mar 2025 09:00:45 GMT

GET
H2 200 tag-manager.js Show response
tm.ads.sportradar.com/dist/ 370 KB
35 KB 388ms
242ms Script
application/javascript 2600:141b:1c00:2e::17d1:48c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAA06
Requested by: Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:2e::17d1:48c7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0d3c696deadf4ce3ab9d038c8c794a690617742083d0f980771292468c49a608

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 09:00:45 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900, public
x-n: S
content-length: 36113
apigw-requestid: UxChnjWPjoEEP2A=

GET
H2 200 k_dafabet.js Show response
scripts.prdredir.com/scripts/ 2 KB
1 KB 193ms
70ms Script
text/javascript 2606:4700:20::ac43:4437
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.prdredir.com/scripts/k_dafabet.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQD7V7Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4437 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 448d305ad6e8d6b57c5e4d37afbf26c77bcf2c2548e1fe462772757ee6ccbbe1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-runtime: 0.019165
date: Sun, 17 Mar 2024 09:00:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"448d305ad6e8d6b57c5e4d37afbf26c7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fk8FjCrAX3gLPR1Em%2BVLkg76DATCOQOAYqcwVz3dzrZV6Lwt0fTNOZFnBdmBiby%2BOFAGyu3HQ9rqlOqOv57jdGfDPsSmy6nnaAeefwbVMR2fCGRisjEiU1A%2BDnWjv%2FptiDOSmu1A%2FRymf3EH%2FrZJHEZK"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 865bcb5e9aac9dff-EWR
x-request-id: fcca9dd2-0677-4e6e-b94b-14f6e702f4b0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 216 KB
58 KB 155ms
34ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 17 Mar 2024 09:00:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57659
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=13, mss=1392, tbw=2773, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: fqS5QbKzgsE00buUbgmW/H9N9pcKZnl1QfuuV+TEZqEdROb3pwekZnVTE7LHLvARWrYdnu45MhqU+AAh4HyBRQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1766814&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1766814%26t%3D2

43 B
1 KB

65ms
65ms

Image
image/gif

68.67.178.10
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1766814%26t%3D2

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

Server

68.67.178.10 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 09:00:45 GMT
an-x-request-uuid: 781a9690-b054-4890-8703-74658b1f3c82
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 206.66.96.21; 206.66.96.21; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 17 Mar 2024 09:00:45 GMT
an-x-request-uuid: 189a1e72-d748-4ec9-a674-161f65f984ed
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1766814%26t%3D2
cache-control: no-store, no-cache, private
x-proxy-origin: 206.66.96.21; 206.66.96.21; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 1727308371340020 Show response
connect.facebook.net/signals/config/ 54 KB
11 KB 177ms
177ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1727308371340020?v=2.9.150&r=stable&domain=ori-www.hadiahjuara.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

582c58a235e6e34fd2bd2543d0239be39a0e675a067e41c967ef6eb86b6620eb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 17 Mar 2024 09:00:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=61, mss=1392, tbw=62749, tp=-1, tpl=-1, uplat=141, ullat=0
pragma: public
x-fb-debug: RFiLuXPrKeRXkOMT13XIcXSgFoyD71F7XbQin52SNEkVhwGxwS+kSDieMnFSpnM5Zqa6rRxvKhXUrUzSzAEvJg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sync
rtg.prdredir.com/ 43 B
660 B 53ms
37ms Image
image/gif 2606:4700:20::ac43:4437
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtg.prdredir.com/sync?ref=&lp=https%3A%2F%2Fori-www.hadiahjuara.com%2Fen&sh=1200&sw=1600&date=1710666045271&fp=uid-3024642962.8923400694

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4437 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 09:00:45 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-transfer-encoding: binary
content-disposition: inline; filename="pixel.gif"
content-length: 43
x-xss-protection: 1; mode=block
x-request-id: 1b490ed6-8b05-48cd-8b19-514c324eb330
x-runtime: 0.001176
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DF3aRtGbX2GxnShAEBCkkJ2tF%2Bgerve6nfoILwSGmxHIhigb3%2FXbTvqjTD2VdTp5BMoV2cY32876vLiHmRlnmc6F%2FsdC4xu0KN93V8FV%2FV2DWI7dskzj1U8klu9wd7GHsi2IhmqjbjmgjjgaA%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache
cf-ray: 865bcb5f2ad89dff-EWR

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 129ms
32ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1727308371340020&ev=PageView&dl=https%3A%2F%2Fori-www.hadiahjuara.com%2Fen&rl=&if=false&ts=1710666045484&sw=1600&sh=1200&v=2.9.150&r=stable&ec=0&o=4126&fbp=fb.1.1710666045482.843774157&ler=empty&cdl=API_unavailable&it=1710666045268&coo=false&rqm=GET

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=10, mss=1392, tbw=2764, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 17 Mar 2024 09:00:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK 1920x360%20%282%29.jpg
ori-www.hadiahjuara.com/en/2024-01/ 250 KB
250 KB 388ms
232ms Image
image/jpeg 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ori-www.hadiahjuara.com/en/2024-01/1920x360%20%282%29.jpg

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

fc0953ba4aa29f232ecdd245e6554d01d92cb146dc4a804dd534e79deb8b096f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Tue, 02 Jan 2024 02:37:48 GMT
Server: nginx/1.11.10
ETag: "659376fc-3e70f"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 255759
Expires: Mon, 17 Mar 2025 09:00:45 GMT

GET
H/1.1 200
OK bournemouth-2023.jpg
ori-www.hadiahjuara.com/en/2023-08/ 423 KB
423 KB 384ms
228ms Image
image/jpeg 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ori-www.hadiahjuara.com/en/2023-08/bournemouth-2023.jpg

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

d5e6377c191ab2d447f9c5dccefabcd9aa5fcb36b9232fb38dcf07db762d27e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Tue, 29 Aug 2023 03:47:52 GMT
Server: nginx/1.11.10
ETag: "64ed6a68-69c07"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 433159
Expires: Mon, 17 Mar 2025 09:00:45 GMT

GET
H/1.1 200
OK 1920x360_29.jpg
ori-www.hadiahjuara.com/en/2024-02/ 99 KB
99 KB 430ms
239ms Image
image/jpeg 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ori-www.hadiahjuara.com/en/2024-02/1920x360_29.jpg

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

85140fd1ed0bf2706e5f6b2760d913f231d905d9e0c54b05b8707485950a1efb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 12 Feb 2024 02:18:16 GMT
Server: nginx/1.11.10
ETag: "65c97fe8-18a2e"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 100910
Expires: Mon, 17 Mar 2025 09:00:45 GMT

GET
H/1.1 200
OK 1920x360%20%284%29.jpg
ori-www.hadiahjuara.com/en/2024-01/ 78 KB
79 KB 329ms
222ms Image
image/jpeg 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ori-www.hadiahjuara.com/en/2024-01/1920x360%20%284%29.jpg

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

535c49898bf95ae4a860eb2f3dd2e55f98a046ab976e74449c061428a5e3bd25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Tue, 02 Jan 2024 03:28:34 GMT
Server: nginx/1.11.10
ETag: "659382e2-1386f"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 79983
Expires: Mon, 17 Mar 2025 09:00:45 GMT

GET
H/1.1 200
OK sprite.086ee44e932ca12f36321aed8872db27.png
ori-www.hadiahjuara.com/en/promotions/images/ 113 KB
113 KB 234ms
222ms Image
image/png 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ori-www.hadiahjuara.com/en/promotions/images/sprite.086ee44e932ca12f36321aed8872db27.png

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en/css/home.086ee44e932ca12f36321aed8872db27.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

0f47272de3875f1531038d1dd74318d65615e4a01403492d95d4de9d218ac06b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en/css/home.086ee44e932ca12f36321aed8872db27.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 04 Mar 2024 09:06:10 GMT
Server: nginx/1.11.10
ETag: "65e58f02-1c211"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 115217
Expires: Mon, 17 Mar 2025 09:00:45 GMT

GET
H2 200 tracker.js Show response
tracker.ads.sportradar.com/dist/ 27 KB
7 KB 118ms
106ms Script
application/javascript 2600:141b:1c00:2e::17d1:48c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.ads.sportradar.com/dist/tracker.js
Requested by: Host: tm.ads.sportradar.com
URL: https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAA06
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:2e::17d1:48c7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 063237f5f52863c3f711ef56625653397a5650eca2da3fa375dc181985a1badb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 09:00:45 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 08:33:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
x-amz-server-side-encryption: AES256
etag: "235331a0761142ae4fd345cdf7c7f9ed"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900, public
accept-ranges: bytes
x-amz-cf-id: z3TWj5PxezGaH8YOMcpzOIs55KeV7pqlsHzC5ozxvM3tZAnVyoid9Q==
content-length: 6405

GET
H2

200

pixel Show response
a.sportradarserving.com/ul_cb/
Redirect Chain

https://a.sportradarserving.com/pixel?type=js&aid=1839&id=9009
https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1839&id=9009

1 KB
2 KB

52ms
51ms

Script
text/javascript

35.211.233.246
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1839&id=9009
Requested by: Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en
Protocol: H2
Server: 35.211.233.246 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 246.233.211.35.bc.googleusercontent.com
Software: /
Resource Hash: 65b8361a03f5efae0217c4dbd4425c0e3ecf318880f4f45fabbeb09b1e5b927d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 09:00:45 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1528
content-type: text/javascript; charset=UTF-8

Redirect headers

location: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1839&id=9009
date: Sun, 17 Mar 2024 09:00:45 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sp-3.8.0.js Show response
tracker.ads.sportradar.com/dist// 73 KB
24 KB 309ms
309ms Script
application/javascript 2600:141b:1c00:2e::17d1:48c7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.ads.sportradar.com/dist//sp-3.8.0.js
Requested by: Host: tracker.ads.sportradar.com
URL: https://tracker.ads.sportradar.com/dist/tracker.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:2e::17d1:48c7 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6361e3a49a38d1fdc74ec96bd29ee1ecd7c30045ccb0e5f361413d65cbf5ef87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 09:00:46 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 08:33:18 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
x-amz-server-side-encryption: AES256
etag: "143272dddc33395008a84a86ac9c2e96"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900, public
accept-ranges: bytes
x-amz-cf-id: 70aWXTBqvoo5tZsQzhvq1d6sdta_Qis6uqLy20byLBjS3jULjgclFw==
content-length: 24162

GET
H/1.1

200
OK

google_sync_status
x.bidswitch.net/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=dcbad93f-ee37-44a2-96db-4e9d692af304&cb=47787f4f-4bc8-4de8-b8c2-5767b14c095f
https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=3&user_id=dcbad93f-ee37-44a2-96db-4e9d692af304&cb=47787f4f-4bc8-4de8-b8c2-5767b14c095f
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=_DOmbckbQFCetHp98v3anQ==&gdpr=&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=_DOmbckbQFCetHp98v3anQ==&gdpr=&gdpr_consent=&google_tc=
https://x.bidswitch.net/google_sync_status?ssp_name=google&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr=&gdpr_consent=&google_gid=CAESEMmiGH2Au4eVWy6a9sv25dg&google_cver=1

43 B
235 B

45ms
42ms

Image
image/gif

35.211.178.172
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/google_sync_status?ssp_name=google&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr=&gdpr_consent=&google_gid=CAESEMmiGH2Au4eVWy6a9sv25dg&google_cver=1
Requested by: Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:46 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 17 Mar 2024 09:00:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://x.bidswitch.net/google_sync_status?ssp_name=google&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr=&gdpr_consent=&google_gid=CAESEMmiGH2Au4eVWy6a9sv25dg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 394
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel.gif
yield-op-idsync.live.streamtheworld.com/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=dcbad93f-ee37-44a2-96db-4e9d692af304&cb=6d956709-a39a-4829-8d58-06e17560a025
https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=3&user_id=dcbad93f-ee37-44a2-96db-4e9d692af304&cb=6d956709-a39a-4829-8d58-06e17560a025
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=bsw&uid=1c426bbf-2a10-4329-92f8-0367c5326fd5&stn=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

43 B
449 B

475ms
162ms

Image
image/gif

192.173.28.19
TRITONDIGITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=bsw&uid=1c426bbf-2a10-4329-92f8-0367c5326fd5&stn=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by: Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en
Protocol: H2
Server: 192.173.28.19 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 09:00:46 GMT
x-stw-site: VAN
content-length: 43
content-type: image/gif

Redirect headers

Location: //yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=bsw&uid=1c426bbf-2a10-4329-92f8-0367c5326fd5&stn=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date: Sun, 17 Mar 2024 09:00:46 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

pixel.gif
yield-op-idsync.live.streamtheworld.com/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=dcbad93f-ee37-44a2-96db-4e9d692af304&cb=7e9ca0b5-9cba-4eb9-a429-7d388295e14a
https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=3&user_id=dcbad93f-ee37-44a2-96db-4e9d692af304&cb=7e9ca0b5-9cba-4eb9-a429-7d388295e14a
https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=bsw&uid=9030b860-73f7-4318-9a24-866c4c16d463&stn=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

43 B
450 B

538ms
161ms

Image
image/gif

192.173.28.19
TRITONDIGITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=bsw&uid=9030b860-73f7-4318-9a24-866c4c16d463&stn=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by: Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en
Protocol: H2
Server: 192.173.28.19 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 09:00:46 GMT
x-stw-site: VAN
content-length: 43
content-type: image/gif

Redirect headers

Location: //yield-op-idsync.live.streamtheworld.com/pixel.gif?partner=bsw&uid=9030b860-73f7-4318-9a24-866c4c16d463&stn=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date: Sun, 17 Mar 2024 09:00:46 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

bsw_sync
use.sportradarserving.com/
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=409&user_id=dcbad93f-ee37-44a2-96db-4e9d692af304&user_group=3&redir=%2F%2Fuse.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
https://x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=dcbad93f-ee37-44a2-96db-4e9d692af304&user_group=3&redir=%2F%2Fuse.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
https://use.sportradarserving.com/bsw_sync?bsw_uid=1c426bbf-2a10-4329-92f8-0367c5326fd5

43 B
103 B

126ms
117ms

Image
image/gif

35.211.233.246
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://use.sportradarserving.com/bsw_sync?bsw_uid=1c426bbf-2a10-4329-92f8-0367c5326fd5
Requested by: Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en
Protocol: H2
Server: 35.211.233.246 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 246.233.211.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 09:00:46 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

Redirect headers

Location: //use.sportradarserving.com/bsw_sync?bsw_uid=1c426bbf-2a10-4329-92f8-0367c5326fd5
Date: Sun, 17 Mar 2024 09:00:46 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK announcements Show response
ori-www.hadiahjuara.com/en/ajax/v2/ 24 B
800 B 346ms
345ms XHR
application/json 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-www.hadiahjuara.com/en/ajax/v2/announcements?nocache=1710666046702

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

ea1bd05db50c7890dd053edf77ee864749a4d8d726a063c80c606a88d095cabd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://ori-www.hadiahjuara.com/en
X-Requested-With: XMLHttpRequest
ADRUM: isAjax:true
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

ADRUM_4: e%3A53
Date: Sun, 17 Mar 2024 09:00:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx/1.11.10
ADRUM_0: g%3A61bb1230-ab20-44d4-ada4-46848ab40f8e7602
Transfer-Encoding: chunked
ADRUM_1: n%3Acustomer1_49a8be7d-1247-453d-8b9d-eefa04fc150a
Content-Language: en
Content-Type: application/json
ADRUM_2: i%3A8801
ADRUM_3: d%3A124
Cache-Control: no-cache, no-store, private, must-revalidate
Connection: keep-alive

GET
H/1.1 200
OK frosmo.easy.js Show response
dk0tzorg7uge9.cloudfront.net/ 182 KB
52 KB 151ms
33ms Script
application/javascript 54.192.100.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Requested by: Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.100.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-100-113.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8d0b03de3793754f7010082639bd9e075e96577c53085116c3c9bd609cb69160

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:41 GMT
Content-Encoding: gzip
Via: 1.1 df1151801209e878a7d395961b098b20.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: EWR53-C3
Age: 8
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 52175
Last-Modified: Thu, 29 Feb 2024 05:12:39 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1687630540/ctime:1709182953/gid:700/gname:developers/md5:93ed526dd4522048bdefad91bb889f54/mode:33188/mtime:1709182953/uid:1024/uname:martyn
ETag: "93ed526dd4522048bdefad91bb889f54"
Content-Type: application/javascript
Cache-Control: public, max-age=86400
Accept-Ranges: bytes
X-Amz-Cf-Id: fZ36X2JMWYX6zsrvAL3PV0dAeVLVuri7M5ldTSZhYqRu91V5ywAaxQ==

GET
H/1.1 200
OK 283cd6f3bdbf77c939ae868613cb575a.js Show response
dk0tzorg7uge9.cloudfront.net/sites/ 757 KB
145 KB 948ms
830ms Script
application/javascript 54.192.100.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk0tzorg7uge9.cloudfront.net/sites/283cd6f3bdbf77c939ae868613cb575a.js
Requested by: Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.100.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-100-113.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c3d5a3baea319dfacf6278173e2c55a28d83c7aae0ea5e0755f146c9952ea4e8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:48 GMT
Content-Encoding: gzip
Via: 1.1 890550823a9a161b47289586a4b1b944.cloudfront.net (CloudFront)
Last-Modified: Wed, 28 Feb 2024 17:12:02 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1709140321/ctime:1709140321/gid:501/gname:fcp/md5:1d5ae1770c37117d651e0b4f771f1798/mode:33204/mtime:1709140120/uid:501/uname:fcp
X-Amz-Cf-Pop: EWR53-C3
x-amz-server-side-encryption: AES256
ETag: "1d5ae1770c37117d651e0b4f771f1798"
X-Cache: RefreshHit from cloudfront
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 147296
X-Amz-Cf-Id: gYFK2MPllD_I9N7k07drUVAleJLx7TPKop86YttDtzs9M12r188NcA==

GET
H2 200 68b6d5bdc9e20db6e1aa8b0d8ae420a1.js Show response
d313lzv9559yp9.cloudfront.net/ 176 KB
42 KB 146ms
30ms Script
application/x-javascript 18.173.132.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d313lzv9559yp9.cloudfront.net/68b6d5bdc9e20db6e1aa8b0d8ae420a1.js
Requested by: Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-56.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0cd609cb62d8ef9292ef7b48e19ce8091e68b553b308dd4ed5e21192280c721a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 15:26:38 GMT
content-encoding: gzip
via: 1.1 3b25d3847d37119898f877230ee8f426.cloudfront.net (CloudFront)
last-modified: Wed, 04 Mar 2020 11:05:00 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P2
age: 236049
etag: W/"f05cd165be398728c81754e4067c7c16"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
x-amz-meta-md5-hash: f05cd165be398728c81754e4067c7c16
x-amz-cf-id: F6tHZDkhTUFsVZfJNiUknJIzg2vdGV4PSFGoc_reYHXLVEtjiHpCzw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 115ms
28ms Script
text/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 17 Mar 2024 07:51:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4144
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 17 Mar 2024 09:51:42 GMT

GET
H2 200 hotjar-121800.js Show response
static.hotjar.com/c/ 9 KB
4 KB 248ms
119ms Script
application/javascript 108.138.106.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-121800.js?sv=5

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-49.jfk50.r.cloudfront.net

Software

Resource Hash

8967f74e7d85c9965046873c0a2c03e0a20223465ee0fa0bef50a11f9cbef8b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Sun, 17 Mar 2024 09:00:46 GMT
via: 1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
etag: W/8ed2f7e0820b184caf85956027152d40
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: HjK1Tw4Bxaz2jw0ZFBXpUxnJdrRguTy_T5-uePKx0DZP6GHChtLtZA==

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 80 KB
31 KB 121ms
29ms Script
application/javascript 185.167.164.44
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.44 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8ddc6cbdb63a791bfc33f40d4b0a250a18e85e0ae93f72389ebda9242bef010d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 09:00:46 GMT
content-encoding: gzip
last-modified: Fri, 08 Mar 2024 07:02:31 GMT
server: nginx
x-amz-request-id: tx00000bbe73cbd24ef5535-0065eaccdd-3296fce9-default
etag: W/"1c188eabf1f0749a0cffb2c108473370"
x-cache-status: HIT, HIT, HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H/1.1

200
OK

radar.js Show response
radar.cedexis.com/1707728419/
Redirect Chain

https://radar.cedexis.com/1/20200/radar.js
https://radar.cedexis.com/1707728419/radar.js

44 KB
19 KB

38ms
37ms

Script
application/javascript

45.54.49.5
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://radar.cedexis.com/1707728419/radar.js
Protocol: HTTP/1.1
Server: 45.54.49.5 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS: 5.49.54.45.ptr.anycast.net
Software: nginx /
Resource Hash: 2c5b3aeacf827e181a8131451f9a2a2f402ce22800d2365feb071f1fb7bf666d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Feb 2024 09:50:53 GMT
Server: nginx
ETag: W/"65c9e9fd-af82"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1209600, public
Connection: keep-alive
Expires: Sun, 31 Mar 2024 09:00:46 GMT

Redirect headers

Date: Sun, 17 Mar 2024 09:00:46 GMT
Server: nginx
Vary: User-Agent,DNT
Content-Type: text/html
Location: /1707728419/radar.js
Cache-Control: max-age=600
Connection: keep-alive
Content-Length: 154
Expires: Sun, 17 Mar 2024 09:10:46 GMT

GET
H2 200 adrum-ext.5d7b2188022f1c8e1f74b468f022cb04.js Show response
cdn.appdynamics.com/ 50 KB
20 KB 29ms
29ms Script
application/javascript 18.238.80.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum-ext.5d7b2188022f1c8e1f74b468f022cb04.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-98.jfk52.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: cf7cf39b9083ee5503540f737097dc4daf98b42efff20d25a93d0202c7f8e5d3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 04:24:20 GMT
content-encoding: gzip
via: 1.1 3235d194bb862aa113227c9680bce62c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P5
age: 2608586
x-cache: Hit from cloudfront
last-modified: Mon, 13 May 2019 18:43:34 GMT
server: nginx/1.16.1
etag: W/"5cd9bad6-c7d7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0Qx0tZahLc31M5UsGAkA4pZVKkBZB-mLcHFCLzByz4qvtFl4WqXHVQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
227 B 36ms
35ms XHR
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1167093933&t=pageview&_s=1&dl=https%3A%2F%2Fori-www.hadiahjuara.com%2Fen&ul=en-us&de=UTF-8&dt=Dafabet%20is%20The%20Most%20Secure%20Online%20Betting%20Company%20in%20Asia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1524486012&gjid=1387683227&cid=1070854031.1710666044&tid=UA-89039619-1&_gid=634477800.1710666047&_r=1&_slc=1&z=1655213245

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

69e5bd6a3392e9ac3ad144d8b727223f7d655288d7fe2723debd7b964925197e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ori-www.hadiahjuara.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 09:00:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ori-www.hadiahjuara.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=2281077&ADFPageName=Entry%20Page&ADFdivider=%7C&ord=754458954423&ADFtpmode=2&loc=https%3A%2F%2Fori-www.hadiahjuara.com%2Fen&Set1=en-US%7Cen-US%7C1600...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2281077&ADFPageName=Entry%20Page&ADFdivider=%7C&ord=754458954423&ADFtpmode=2&loc=https%3A%2F%2Fori-www.hadiahjuara.com%2Fen&Set1=en-US%7Cen-US%7...

110 B
714 B

143ms
142ms

Script
text/javascript

37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2281077&ADFPageName=Entry%20Page&ADFdivider=%7C&ord=754458954423&ADFtpmode=2&loc=https%3A%2F%2Fori-www.hadiahjuara.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

40de67281c077668bd49d1d8d3817452e66677e565bfe9a1e5477d83e53f802b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 09:00:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 184
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 17 Mar 2024 09:00:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2281077&ADFPageName=Entry%20Page&ADFdivider=%7C&ord=754458954423&ADFtpmode=2&loc=https%3A%2F%2Fori-www.hadiahjuara.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2

200

/ Show response
asia.adform.net/Serving/TrackPoint/
Redirect Chain

https://asia.adform.net/Serving/TrackPoint/?pm=2449026&ADFdivider=%7C&ord=90899368701&ADFtpmode=2&loc=https%3A%2F%2Fori-www.hadiahjuara.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24
https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=2449026&ADFdivider=%7C&ord=90899368701&ADFtpmode=2&loc=https%3A%2F%2Fori-www.hadiahjuara.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24

84 B
720 B

476ms
475ms

Script
text/javascript

185.84.60.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=2449026&ADFdivider=%7C&ord=90899368701&ADFtpmode=2&loc=https%3A%2F%2Fori-www.hadiahjuara.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Server

185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f2deabdbb23fe4b9189cc3aeb682e8bd696278846e0a996b19628aa9a70911ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 09:00:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 190
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 17 Mar 2024 09:00:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=2449026&ADFdivider=%7C&ord=90899368701&ADFtpmode=2&loc=https%3A%2F%2Fori-www.hadiahjuara.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2

200

/ Show response
asia.adform.net/Serving/TrackPoint/
Redirect Chain

https://asia.adform.net/Serving/TrackPoint/?pm=3095779&ADFPageName=Dafabet%20All%20Pages&ADFdivider=%7C&ord=718712017691&ADFtpmode=2&loc=https%3A%2F%2Fori-www.hadiahjuara.com%2Fen&Set1=en-US%7Cen-U...
https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=3095779&ADFPageName=Dafabet%20All%20Pages&ADFdivider=%7C&ord=718712017691&ADFtpmode=2&loc=https%3A%2F%2Fori-www.hadiahjuara.com%2Fen&Set1=en-US%7...

847 B
1 KB

425ms
425ms

Script
text/javascript

185.84.60.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=3095779&ADFPageName=Dafabet%20All%20Pages&ADFdivider=%7C&ord=718712017691&ADFtpmode=2&loc=https%3A%2F%2Fori-www.hadiahjuara.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Server

185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e460f96b55890d9f0adc7070e5ebf6b2d3997de02c75653795bac38abe1018bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 09:00:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 692
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 17 Mar 2024 09:00:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=3095779&ADFPageName=Dafabet%20All%20Pages&ADFdivider=%7C&ord=718712017691&ADFtpmode=2&loc=https%3A%2F%2Fori-www.hadiahjuara.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2

200

setuid
ib.adnxs.com/
Redirect Chain

https://sc.adelement.com/setRT_adelement_cookie.php?ae_rt=68b6d5bdc9e20db6e1aa8b0d8ae420a1&depth=0&language_code=en
https://sc.adelement.com/setRT_adelement_cookie.php?ae_rt=68b6d5bdc9e20db6e1aa8b0d8ae420a1&depth=0&language_code=en&_aeset=1
https://cm.g.doubleclick.net/pixel?google_nid=adl&google_cm&google_hm=b%27cjlCSmtjUHlIbW1oa0s4RzRlM0Q0TGVK%27
https://sc.adelement.com/cs?google_hm=2&google_gid=CAESEHRn-14WEeH8gt05ml63FLs&google_cver=1
https://ib.adnxs.com/setuid?entity=389&code=r9BJkcPyHmmhkK8G4e3D4LeJ

43 B
1 KB

31ms
29ms

Image
image/gif

68.67.178.10
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=389&code=r9BJkcPyHmmhkK8G4e3D4LeJ

Protocol

Server

68.67.178.10 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 09:00:47 GMT
an-x-request-uuid: a6a67473-7423-45ac-9822-2b897df32716
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 206.66.96.21; 206.66.96.21; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location: https://ib.adnxs.com/setuid?entity=389&code=r9BJkcPyHmmhkK8G4e3D4LeJ
date: Sun, 17 Mar 2024 09:00:47 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 seg
secure.adnxs.com/ 43 B
1 KB 27ms
27ms Image
image/gif 68.67.178.10
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=8385691&t=2

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.178.10 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 09:00:46 GMT
an-x-request-uuid: 0a597411-c378-4959-ac1e-cdfc4af94e76
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 206.66.96.21; 206.66.96.21; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 256 KB
88 KB 54ms
54ms Script
application/javascript 2607:f8b0:4006:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XTJPZCJBEY&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9cf83e7adb20fef90ab510538a2b3cd84bd2a1b815fe05490a5fde19df6eacd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 09:00:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89774
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 17 Mar 2024 09:00:46 GMT

GET
H/1.1 200
Ok providers.json Show response
i2-fwtslbsjhvylcpjrknsapvfobnkjnk.init.cedexis-radar.net/i2/1/20200/j1/20/124/1710666046/0/0/ 3 KB
1 KB 280ms
27ms XHR
application/json 192.73.251.161
NETACTUATE

General

Check archive.org

Show headers Download Go to

Full URL: https://i2-fwtslbsjhvylcpjrknsapvfobnkjnk.init.cedexis-radar.net/i2/1/20200/j1/20/124/1710666046/0/0/providers.json?imagesok=1&n=1&p=1&r=1&s=1&t=1
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.73.251.161 New York, United States, ASN36236 (NETACTUATE, US),
Reverse DNS
Software: nginx /
Resource Hash: 4c1578af52648e323110b17bbe4e605a75a7ef5e1d9eba806224780c957c3a31

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:47 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1

GET
H2 200 modules.a832f5d8f24964da1f4a.js Show response
script.hotjar.com/ 220 KB
55 KB 263ms
29ms Script
application/javascript 18.164.96.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.a832f5d8f24964da1f4a.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-121800.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-87.jfk50.r.cloudfront.net

Software

Resource Hash

a25146c544ae821d97ac637e817dae3f4985b7e991d7354cf1d21561a8dfc630

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 15 Mar 2024 17:22:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 a1546fc751225809c39b89ba9e8d715c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 142721
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55518
last-modified: Fri, 15 Mar 2024 17:21:16 GMT
etag: "8bd905e445d19a6e7c5adc15919ba59b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: R1lkg1DoSHgdD4kUj-MrWQ_-RtMA2_3XtTZtFnLssM1dFBn_7glgeA==

GET
H/1.1 200
OK Floating_Banner_left_bg.png
ori-www.hadiahjuara.com/en/2018-09/ 1 KB
2 KB 229ms
228ms Image
image/png 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ori-www.hadiahjuara.com/en/2018-09/Floating_Banner_left_bg.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

8736af2d295525a939c8c8dac5753efd917fbad619dd0a5d3e8c7ae31d5f58e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:47 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Fri, 07 Sep 2018 01:51:45 GMT
Server: nginx/1.11.10
ETag: "5b91d9b1-5cc"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1484
Expires: Mon, 17 Mar 2025 09:00:47 GMT

GET
H/1.1 200
OK Floating_Banner_right_bg_0.png
ori-www.hadiahjuara.com/en/2018-10/ 2 KB
2 KB 222ms
221ms Image
image/png 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ori-www.hadiahjuara.com/en/2018-10/Floating_Banner_right_bg_0.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

a3aa896141cf840e5548d76aafcaf0d10db50ebb4fc2811858b5ad4da3146a59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:47 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 15 Oct 2018 02:14:47 GMT
Server: nginx/1.11.10
ETag: "5bc3f817-74e"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1870
Expires: Mon, 17 Mar 2025 09:00:47 GMT

GET
H/1.1 200
OK sprite.db6211be4096a310692d39e6878606f4.png
ori-www.hadiahjuara.com/en/dafa/images/ 206 KB
206 KB 221ms
221ms Image
image/png 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ori-www.hadiahjuara.com/en/dafa/images/sprite.db6211be4096a310692d39e6878606f4.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

4865df327140a52e50f92d603b9a546fba023ae7bc05c28904f5ccaf77675e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:47 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 14 Mar 2024 10:47:42 GMT
Server: nginx/1.11.10
ETag: "65f2d5ce-337ae"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 210862
Expires: Mon, 17 Mar 2025 09:00:47 GMT

GET
H/1.1 200
OK Floating_Banner_right_bg_0.png
ori-www.hadiahjuara.com/en/2018-10/ 2 KB
2 KB 218ms
218ms Image
image/png 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ori-www.hadiahjuara.com/en/2018-10/Floating_Banner_right_bg_0.png

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en/js/vendor.086ee44e932ca12f36321aed8872db27.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

a3aa896141cf840e5548d76aafcaf0d10db50ebb4fc2811858b5ad4da3146a59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:47 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 15 Oct 2018 02:14:47 GMT
Server: nginx/1.11.10
ETag: "5bc3f817-74e"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1870
Expires: Mon, 17 Mar 2025 09:00:47 GMT

GET
H/1.1 200
OK Floating_Banner_left_bg.png
ori-www.hadiahjuara.com/en/2018-09/ 1 KB
2 KB 217ms
217ms Image
image/png 110.50.230.86
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ori-www.hadiahjuara.com/en/2018-09/Floating_Banner_left_bg.png

Requested by

Host: ori-www.hadiahjuara.com
URL: https://ori-www.hadiahjuara.com/en/dafa/js/common.db6211be4096a310692d39e6878606f4.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.50.230.86 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),

Reverse DNS

Software

nginx/1.11.10 /

Resource Hash

8736af2d295525a939c8c8dac5753efd917fbad619dd0a5d3e8c7ae31d5f58e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:47 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Fri, 07 Sep 2018 01:51:45 GMT
Server: nginx/1.11.10
ETag: "5b91d9b1-5cc"
Content-Type: image/png
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1484
Expires: Mon, 17 Mar 2025 09:00:47 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 40ms
40ms Ping
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-XTJPZCJBEY&gtm=45je43d0v9126248990za200&_p=1710666043246&gcd=13l3l3l3l2&npa=0&dma=0&ul=en-us&sr=1600x1200&cid=1070854031.1710666044&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fori-www.hadiahjuara.com%2Fen&dt=Dafabet%20is%20The%20Most%20Secure%20Online%20Betting%20Company%20in%20Asia&sid=1710666047&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=5728
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XTJPZCJBEY&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 09:00:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ori-www.hadiahjuara.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK impact.js Show response
radar.cedexis.com/releases/1707728419/ 7 KB
4 KB 22ms
21ms Script
application/javascript 45.54.49.5
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://radar.cedexis.com/releases/1707728419/impact.js
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.54.49.5 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS: 5.49.54.45.ptr.anycast.net
Software: nginx /
Resource Hash: 70ba610e8b04346fcfaf7131529082ab2f9cec6954ce32552b1cac0a9e567aba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Feb 2024 09:50:53 GMT
Server: nginx
ETag: W/"65c9e9fd-1c28"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1209600, public
Connection: keep-alive
Expires: Sun, 31 Mar 2024 09:00:47 GMT

GET
H/1.1 200
Ok 1710666044637 Show response
rpt.cedexis.com/n1/0/1710666041546/0/0/1710666041546/1710666042668/1710666042668/1710666042668/1710666042668/1710666042668/1710666042668/0/1710666042669/1710666043211/1710666043373/1710666043214/17... 16 B
276 B 155ms
64ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/n1/0/1710666041546/0/0/1710666041546/1710666042668/1710666042668/1710666042668/1710666042668/1710666042668/1710666042668/0/1710666042669/1710666043211/1710666043373/1710666043214/1710666045053/1710666045054/1710666045061/1710666046702/1710666046702/1710666046711/_CgJqMRAUGHwiBggBEOidASiKmPD2AjC-4tqvBji-4tqvBkCsjbWzCUoUCAEQ3wEYl2gggoCAwAQonoCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24xLmxnYS5odi5wcm9kggEUCAEQ3wEYvQUghYCAwAQooICAoASIAc6FgasBkAEAmAEA/0/1710666044637
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:47 GMT
Server: nginx
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 frosmo.xdm.html Show response
dafabetcomasia.asia.frosmo.com/ Frame 151A 3 KB
1 KB 837ms
249ms Document
text/html 52.79.118.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dafabetcomasia.asia.frosmo.com/frosmo.xdm.html?24.20.0
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.79.118.14 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-79-118-14.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 6b65e3870f0c53a1563b29a83330581f3be5b5f809b3105f38390a561ded34a3

Request headers

Referer: https://ori-www.hadiahjuara.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-length: 1104
content-type: text/html
date: Sun, 17 Mar 2024 09:00:48 GMT
etag: "5bea9576-450"
last-modified: Tue, 13 Nov 2018 09:12:22 GMT
server: nginx
vary: Accept-Encoding

POST
H2 200 adrum Show response
col.0wp0usgn.com/eumcollector/beacons/browser/v1/EUM-AAB-AVW/ 0
288 B 331ms
254ms XHR
text/html 34.149.119.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://col.0wp0usgn.com/eumcollector/beacons/browser/v1/EUM-AAB-AVW/adrum

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum-ext.5d7b2188022f1c8e1f74b468f022cb04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.119.194 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

194.119.149.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ori-www.hadiahjuara.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-type: text/plain

Response headers

appd-request-id: dcd331ec816e550c
date: Sun, 17 Mar 2024 09:00:48 GMT
via: 1.1 google
pragma: no-cache
x-content-type-options: nosniff
vary: *
content-type: text/html
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
access-control-allow-headers: origin, content-type, accept
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame FE8C 4 KB
2 KB 125ms
29ms Document
text/html 185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713

Requested by

Host: asia.adform.net
URL: https://asia.adform.net/Serving/TrackPoint/?pm=3095779&ADFPageName=Dafabet%20All%20Pages&ADFdivider=%7C&ord=718712017691&ADFtpmode=2&loc=https%3A%2F%2Fori-www.hadiahjuara.com%2Fen&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

5f39a6c8fa6e48ed0e482c54573cca60b3a3c4d22501a3827506aacc9bca6b1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ori-www.hadiahjuara.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 17 Mar 2024 09:00:48 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
asia.seadform.net/serving/cookie/sync/ 35 B
467 B 818ms
269ms Image
image/gif 185.84.60.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://asia.seadform.net/serving/cookie/sync/?uid=3266975578527815707&stamp=Mbqpb8ahSOADvP-67D9Y4w2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 09:00:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: private

GET
H/1.1 200
Ok json Show response
i1-j5-20-124-1-20200-1659234813-s.init.cedexis-radar.net/i1/1710666048/1659234813/ 215 B
482 B 151ms
63ms XHR
application/json 192.73.251.162
NETACTUATE

General

Check archive.org

Show headers Download Go to

Full URL: https://i1-j5-20-124-1-20200-1659234813-s.init.cedexis-radar.net/i1/1710666048/1659234813/json?seed=i1-j5-20-124-1-20200-1659234813-s
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.73.251.162 New York, United States, ASN36236 (NETACTUATE, US),
Reverse DNS
Software: nginx /
Resource Hash: 78fe18215db770e44d34bdf6b95086f09b6b37c60a7c3a0f5704ecb87b01f818

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:48 GMT
Server: nginx
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 215

GET
H2 200 plf
c1.adform.net/imatch/ Frame FE8C 0
384 B 55ms
55ms Image
text/plain 185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 09:00:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame FE8C
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=3266975578527815707&Expiration=1711875648
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=3266975578527815707&Expiration=1711875648

43 B
424 B

94ms
94ms

Image
image/gif

54.146.31.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=3266975578527815707&Expiration=1711875648
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713
Protocol: H2
Server: 54.146.31.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-31-104.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 17 Mar 2024 09:00:48 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=3266975578527815707&Expiration=1711875648
access-control-allow-origin: *
date: Sun, 17 Mar 2024 09:00:48 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame FE8C 0
400 B 203ms
101ms Image
text/plain 23.51.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=4879&ext_id=3266975578527815707
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.51.56.126 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-56-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Mar 2024 09:00:48 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Sat, 16 Mar 2024 09:00:48 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame FE8C 0
663 B 175ms
70ms Image
text/plain 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=3266975578527815707
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 1e5551a43c15a2a2988f4ec71599119f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 tpui
ih.adscale.de/adscale-ih/ Frame FE8C 0
38 B 502ms
231ms Image
text/plain 18.195.92.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=3266975578527815707&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.92.168 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-92-168.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 09:00:48 GMT
content-length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame FE8C
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=3266975578527815707&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
https://c1.adform.net/serving/cookie/match?party=10&cid=7004116333399358510

35 B
600 B

23ms
22ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=10&cid=7004116333399358510

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 09:00:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=10&cid=7004116333399358510
pragma: no-cache
date: Sun, 17 Mar 2024 09:00:47 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame FE8C 43 B
641 B 205ms
46ms Image
image/gif 63.251.28.233
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=3266975578527815707
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.251.28.233 Secaucus, United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Mar 2024 09:00:48 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1710666048551034-1195

GET
H/1.1

204

sync
sync.bfmio.com/ Frame FE8C
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=3266975578527815707
https://sync.bfmio.com/sync?pid=103&uid=1c426bbf-2a10-4329-92f8-0367c5326fd5&dsp_id=&dsp_uuid=&gdpr=&gdpr_consent=&gdpr_pd=

0
559 B

163ms
28ms

Image
text/plain

52.70.146.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=103&uid=1c426bbf-2a10-4329-92f8-0367c5326fd5&dsp_id=&dsp_uuid=&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713
Protocol: HTTP/1.1
Server: 52.70.146.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-146-159.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 17 Mar 2024 09:00:48 GMT

Redirect headers

Location: //sync.bfmio.com/sync?pid=103&uid=1c426bbf-2a10-4329-92f8-0367c5326fd5&dsp_id=&dsp_uuid=&gdpr=&gdpr_consent=&gdpr_pd=
Date: Sun, 17 Mar 2024 09:00:48 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame FE8C
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=3266975578527815707&expiration=1711875648
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=3266975578527815707&expiration=1711875648&C=1

43 B
344 B

79ms
78ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=3266975578527815707&expiration=1711875648&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713
Protocol: H2
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 09:00:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2JHNGw4bMlTRK980hgopm5tfpSTeOOVg2%2Bpksg2%2BgUDatciTmz1%2BgRsss9QXUHbD9gJRfbJk%2F%2B4EO1jj92ennSZ3%2FHnjLkUVous7bmZm73MRbqwGy8%2BsCj3B0NpXEKNENG0%2BfeYN%2BGZwkw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 865bcb73c9dd4cb2-PHL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 17 Mar 2024 09:00:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dT2N0hXXVH0nyC9avQmPuXox3T2qpD9msLim3u2%2BI9%2FTrW%2BKrIRgQJGado09p8Nfds5ocjEd4T%2FDTR%2BW9OBsCrBI6j%2FtAJid9yX0tjwAnxDcJ2T3GIMh%2BFR5SydT1uhLyM4VnIStPB7kqw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=111&external_user_id=3266975578527815707&expiration=1711875648&C=1
cache-control: no-cache
cf-ray: 865bcb7318414cb2-PHL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

info2
uipglob.semasio.net/adform/1/ Frame FE8C
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=3266975578527815707&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=3266975578527815707&sInitiator=external

42 B
604 B

42ms
42ms

Image
image/gif

50.57.31.206
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=3266975578527815707&sInitiator=external
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713
Protocol: HTTP/1.1
Server: 50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Mar 2024 09:00:48 GMT
Frontend-ID: 10
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type: image/gif
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin: *
Content-Length: 42
Routing-Server-ID: -1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 17 Mar 2024 09:00:48 GMT
Frontend-ID: 10
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location: /adform/1/info2?sType=sync&sExtCookieId=3266975578527815707&sInitiator=external
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Content-Length: 0
Routing-Server-ID: -1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

/
ps.eyeota.net/match/bounce/ Frame FE8C
Redirect Chain

https://ps.eyeota.net/match?uid=3266975578527815707&bid=9gdtmu1
https://ps.eyeota.net/match/bounce/?uid=3266975578527815707&bid=9gdtmu1

70 B
440 B

29ms
29ms

Image
image/gif

52.55.144.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match/bounce/?uid=3266975578527815707&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713
Protocol: HTTP/1.1
Server: 52.55.144.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-144-0.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sun, 17 Mar 2024 09:00:48 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /match/bounce/?uid=3266975578527815707&bid=9gdtmu1
Date: Sun, 17 Mar 2024 09:00:48 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

pixel.gif
load77.exelator.com/ Frame FE8C
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=3266975578527815707
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=3266975578527815707&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
458 B

212ms
67ms

Image
image/gif

2a02:6ea0:c400::12
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713
Protocol: H2
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Sun, 17 Mar 2024 09:00:49 GMT
x-amz-request-id: tx00000578d78a933a4fde6-0065909fa7-5134150-nyc
x-77-cache: HIT
x-cache: HIT
x-age: 468371
x-accel-date: 1710197678
content-length: 43
x-77-nzt: A1m7sQ83Nzf/kyUHAJySO+I3Nzexz9PUZiQIFwA
x-accel-expires: @1711234478
x-77-age: 468371
last-modified: Sat, 30 Dec 2023 22:32:08 GMT
server: CDN77-Turbo
etag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
x-77-nzt-ray: 49be1408c5941b1841b1f66505117e07
content-type: image/gif
x-rgw-object-type: Normal
accept-ranges: bytes

Redirect headers

date: Sun, 17 Mar 2024 09:00:48 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2

200

db_sync
px.ads.linkedin.com/ Frame FE8C
Redirect Chain

https://idsync.rlcdn.com/398366.gif?partner_uid=3266975578527815707
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTMzI2Njk3NTU3ODUyNzgxNTcwNxAAGg0IwOLarwYSBQjoBxAAQgBKAA
https://pippio.com/api/sync?pid=5324&it=1&iv=698efc260b87f195606589baccfa3f610f41aeed3a3475fa12dfcc198f5f9eea791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=698efc260b87f195606589baccfa3f610f41aeed3a3475fa12dfcc198f5f9eea791426b5417dce21&rand=07737896
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=698efc260b87f195606589baccfa3f610f41aeed3a3475fa12dfcc198f5f9eea791426b5417dce21&rand=07737896&expected_cookie=9b64cc64-f9f0-4959-b32e-85ccb5d9083e

0
142 B

46ms
45ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=698efc260b87f195606589baccfa3f610f41aeed3a3475fa12dfcc198f5f9eea791426b5417dce21&rand=07737896&expected_cookie=9b64cc64-f9f0-4959-b32e-85ccb5d9083e
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 09:00:49 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 202C0F887E1D4F8CB750423A6F438467 Ref B: PHL30EDGE0208 Ref C: 2024-03-17T09:00:49Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYT13owWar0TqLO/gr71Q==

Redirect headers

date: Sun, 17 Mar 2024 09:00:48 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 8D5D18956B9A4BCF9218926956258AEF Ref B: PHL30EDGE0208 Ref C: 2024-03-17T09:00:49Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: /db_sync?pid=10339&puuid=698efc260b87f195606589baccfa3f610f41aeed3a3475fa12dfcc198f5f9eea791426b5417dce21&rand=07737896&expected_cookie=9b64cc64-f9f0-4959-b32e-85ccb5d9083e
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYT13ovUAXYLX2zwwuXbA==

GET
H2

200

gdpr_consent=
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=3266975578527815707/gdpr=/ Frame FE8C
Redirect Chain

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=3266975578527815707/gdpr=/gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=3266975578527815707/gdpr=/gdpr_consent=

49 B
543 B

89ms
89ms

Image
image/gif

52.0.10.132
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=3266975578527815707/gdpr=/gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713
Protocol: H2
Server: 52.0.10.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-10-132.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 09:00:48 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.0.104
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 17 Mar 2024 09:00:48 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=3266975578527815707/gdpr=/gdpr_consent=
cache-control: no-cache
x-server: 10.40.4.83
content-length: 0
expires: 0

GET
H2 200 29729
tags.bluekai.com/site/ Frame FE8C 62 B
430 B 188ms
95ms Image
image/gif 23.46.225.71
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=3266975578527815707
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.46.225.71 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-46-225-71.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sun, 17 Mar 2024 09:00:48 GMT
content-length: 62
content-type: image/gif

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame FE8C
Redirect Chain

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3266975578527815707
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=3266975578527815707

43 B
171 B

37ms
36ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=3266975578527815707
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 09:00:48 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=3266975578527815707
date: Sun, 17 Mar 2024 09:00:48 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame FE8C
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

430ms
196ms

Image
image/gif

52.218.89.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713
Protocol: HTTP/1.1
Server: 52.218.89.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:50 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: W5DXRSS0KFXGHTQP
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: rczi1SS8QWfi3KvkiyXgHf2/h5UB9FXDjWuCtjaiIpsT8TxchXmOHiiVW0DfhvXRuEtP/n2joQk=

Redirect headers

X-Error-Reason: Missing UserId
Date: Sun, 17 Mar 2024 09:00:48 GMT
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 137

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame FE8C 0
44 B 185ms
57ms Image
text/plain 107.20.244.107
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=3266975578527815707
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.20.244.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-244-107.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 09:00:48 GMT
server: awselb/2.0

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame FE8C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MzI2Njk3NTU3ODUyNzgxNTcwNw
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOXqrf1vDRRRy3ooz1Trmys&google_cver=1&google_ula=1641347,0

35 B
591 B

21ms
21ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOXqrf1vDRRRy3ooz1Trmys&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 09:00:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 17 Mar 2024 09:00:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOXqrf1vDRRRy3ooz1Trmys&google_cver=1&google_ula=1641347,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame FE8C 0
384 B 56ms
53ms Image
text/plain 185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 09:00:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

setuid
secure.adnxs.com/ Frame FE8C
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://c1.adform.net/serving/cookie/match?party=3&id=7255945857962684622&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=3266975578527815707

43 B
1 KB

29ms
28ms

Image
image/gif

68.67.178.10
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=3266975578527815707

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713

Protocol

Server

68.67.178.10 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 09:00:48 GMT
an-x-request-uuid: 0aaa9c5d-5dfe-4289-864c-570741827395
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 206.66.96.21; 206.66.96.21; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 17 Mar 2024 09:00:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://secure.adnxs.com/setuid?entity=91&code=3266975578527815707
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame FE8C 42 B
472 B 113ms
32ms Image
image/gif 8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3266975578527815707
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 17 Mar 2024 09:00:48 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame FE8C 43 B
444 B 170ms
55ms Image
image/gif 18.238.55.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-58.jfk52.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sat, 16 Mar 2024 11:35:43 GMT
Via: 1.1 a5ec1cc448d0ca618712f253b7a7adba.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.24.0
X-Amz-Cf-Pop: JFK52-P4
Age: 77105
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: t20JxDLRYBNOm_qmJXy5sxzDowaEeBHzyCmF1NaNTp0HQ8Z7g5uL-g==

GET
H/1.1

200

p
a.audrte.com/ Frame FE8C
Redirect Chain

https://a.audrte.com/a?adform_uid=3266975578527815707
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NzdhdE9SVEoxMm9UZi03eGlUdHh1WnVFQQ%3D%3D&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/p

68 B
424 B

106ms
106ms

Image
image/png

3.248.111.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713
Protocol: HTTP/1.1
Server: 3.248.111.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-111-133.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:49 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Sun, 17 Mar 2024 09:00:49 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame FE8C
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=3266975578527815707&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=3266975578527815707&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=38841012947876771691221654816744185946&noredirect=1

35 B
591 B

52ms
52ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=38841012947876771691221654816744185946&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 09:00:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

dcs: dcs-prod-va6-1-v057-0cfc3a4cc.edge-va6.demdex.com 1 ms
pragma: no-cache
date: Sun, 17 Mar 2024 09:00:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: qTldJ9jyRRU=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://c1.adform.net/serving/cookie/match?party=1007&cid=38841012947876771691221654816744185946&noredirect=1
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame FE8C
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=3266975578527815707
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=213430604824002719021

35 B
591 B

33ms
32ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=213430604824002719021

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 09:00:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 17 Mar 2024 09:00:49 GMT
via: 1.1 b85629c88fd144a4bf7989a1ad1ecc54.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: JFK50-P7
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=213430604824002719021
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id: SOd_I8OjPNAorgRdInt-GpxpICveOkKDfMdnHZnuussopMhgmd3I0A==
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame FE8C
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7347254734836660377

35 B
591 B

24ms
23ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7347254734836660377

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 09:00:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7347254734836660377
Date: Sun, 17 Mar 2024 09:00:49 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 33302
tags.bluekai.com/site/ Frame FE8C 62 B
359 B 94ms
93ms Image
image/gif 23.46.225.71
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=3266975578527815707
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.46.225.71 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-46-225-71.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sun, 17 Mar 2024 09:00:48 GMT
content-length: 62
content-type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame FE8C
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=F90ppWe41RLMnT5

35 B
591 B

32ms
31ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=F90ppWe41RLMnT5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 09:00:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Sun, 17 Mar 2024 09:00:48 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-801-g0076fb7#rel-ec2-master i-09d873f5ebddf7f2b@us-east-1e@dxedge-app-us-east-1-prod-asg
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=F90ppWe41RLMnT5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame FE8C
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=f261940f-7500-4d4b-847f-0705bc4d46bd

35 B
591 B

48ms
47ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=f261940f-7500-4d4b-847f-0705bc4d46bd

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 09:00:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=f261940f-7500-4d4b-847f-0705bc4d46bd
date: Sun, 17 Mar 2024 09:00:49 GMT
server: Kestrel
content-length: 225

GET
H2

200

3.gif
id5-sync.com/cq/10/124/0/ Frame FE8C
Redirect Chain

https://id5-sync.com/s/10/0.gif?puid=3266975578527815707
https://id5-sync.com/c/10/10/2/1.gif?puid=3266975578527815707&gdpr=0&gdpr_consent=&us_privacy=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/10/2/1/2.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/10/2/1/2.gif?puid=7255945857962684622&gdpr=0&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-5022a-cHeQLWs3xi5FZMkGE5YEN7_tZYk8nLU_ZoiQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F0%2F3.gif%3Fpuid%3D%...
https://id5-sync.com/cq/10/124/0/3.gif?puid=5f0edf52-34de-407c-8d72-d29456482330&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=

43 B
1 KB

195ms
194ms

Image
image/gif

162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/cq/10/124/0/3.gif?puid=5f0edf52-34de-407c-8d72-d29456482330&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713

Protocol

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sun, 17 Mar 2024 09:00:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

Redirect headers

location: https://id5-sync.com/cq/10/124/0/3.gif?puid=5f0edf52-34de-407c-8d72-d29456482330&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
access-control-allow-origin: *
date: Sun, 17 Mar 2024 09:00:50 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame FE8C
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=1376843928
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=JldQ208oAj3V/3Q3wbVwqO

35 B
591 B

21ms
21ms

Image
image/gif

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=JldQ208oAj3V/3Q3wbVwqO

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Mar 2024 09:00:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 17 Mar 2024 09:00:48 GMT
via: 1.1 google
last-modified: Sun, 17 Mar 2024 09:00:49 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=JldQ208oAj3V/3Q3wbVwqO
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame FE8C 23 B
278 B 267ms
55ms Image
image/gif 23.52.165.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=3266975578527815707
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.165.154 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-165-154.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Sun, 17 Mar 2024 09:00:49 GMT
pragma: no-cache
date: Sun, 17 Mar 2024 09:00:49 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame FE8C
Redirect Chain

https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=3266975578527815707
https://sync.outbrain.com/cookie-sync?p=smaato&initiation=partner&uid=2ddfc4895c&gdpr=0&gdpr_consent=

0
360 B

843ms
24ms

Image
text/plain

70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.outbrain.com/cookie-sync?p=smaato&initiation=partner&uid=2ddfc4895c&gdpr=0&gdpr_consent=

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713

Protocol

HTTP/1.1

Server

70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:50 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: 3996b7014c430e85a147c0424bafacdf
Content-Length: 0

Redirect headers

date: Sun, 17 Mar 2024 09:00:49 GMT
via: 1.1 35c803afef083002d824403342d4c62e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
location: https://sync.outbrain.com/cookie-sync?p=smaato&initiation=partner&uid=2ddfc4895c&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: -1965cw_ecEqMEZAmVby4jSawMP1zKEWBqlPRTm0zPE92tmSzy4fng==

GET
H2 200 3266975578527815707
match.contentexchange.me/adform/ Frame FE8C 0
49 B 1331ms
295ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/3266975578527815707?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 09:00:50 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame FE8C 43 B
109 B 253ms
77ms Image
image/gif 100.24.217.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=16974&user_id=3266975578527815707
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.24.217.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-217-221.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 09:00:49 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H2

200

2981
tags.bluekai.com/site/ Frame FE8C
Redirect Chain

https://pixel.onaudience.com/?mapped=3266975578527815707&partner=68
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
https://tags.bluekai.com/site/33141?&id=92ecd86b8c55d032
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=dmR3eXdHSGQ5OWVrckZqaw%3D%3D
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEIXpi6P5a9PDd3PTXutRjGQ&google_cver=1

62 B
305 B

100ms
99ms

Image
image/gif

23.46.225.71
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEIXpi6P5a9PDd3PTXutRjGQ&google_cver=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713
Protocol: H2
Server: 23.46.225.71 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-46-225-71.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sun, 17 Mar 2024 09:00:50 GMT
content-length: 62
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 17 Mar 2024 09:00:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEIXpi6P5a9PDd3PTXutRjGQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame FE8C
Redirect Chain

https://eb2.3lift.com/xuid?mid=7354&xuid=3266975578527815707&dongle=AD20
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=3266975578527815707&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=

37 B
474 B

24ms
24ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=3266975578527815707&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 17 Mar 2024 09:00:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7354&xuid=3266975578527815707&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=
date: Sun, 17 Mar 2024 09:00:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 put
e1.emxdgt.com/ Frame FE8C 43 B
120 B 875ms
97ms Image
image/gif 44.212.89.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d52&uid=3266975578527815707
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.212.89.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-212-89-30.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 09:00:49 GMT
content-length: 43
x-nosync: emp
content-type: image/gif

GET
H2

200

mw
mwzeom.zeotap.com/ Frame FE8C
Redirect Chain

https://pixel.onaudience.com/?partner=290&mapped=3266975578527815707
https://spl.zeotap.com/?zdid=1332&zcluid=c6761212713106db
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3274414b-1ab9-4a4d-51db-2ddbc8aa55ee&reqId=8f90188c-d04d-4850-5744-d5b8b628102d&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEMnPk4VO9qPzySShb9hnCBs&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3274414b-1ab9-4a4d-51db-2ddbc8aa55ee&reqId=8f90188c-d04d-4850-5744-d5b...

95 B
188 B

1276ms
1253ms

Image
image/png

2606:4700:10::6816:3262
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?google_gid=CAESEMnPk4VO9qPzySShb9hnCBs&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3274414b-1ab9-4a4d-51db-2ddbc8aa55ee&reqId=8f90188c-d04d-4850-5744-d5b8b628102d&zcluid=c6761212713106db&zdid=1332

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713

Protocol

Server

2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 09:00:52 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://c1.adform.net
access-control-allow-credentials: true
cf-ray: 865bcb89adfc43f2-EWR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sun, 17 Mar 2024 09:00:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEMnPk4VO9qPzySShb9hnCBs&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3274414b-1ab9-4a4d-51db-2ddbc8aa55ee&reqId=8f90188c-d04d-4850-5744-d5b8b628102d&zcluid=c6761212713106db&zdid=1332
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame FE8C 0
384 B 53ms
52ms Image
text/plain 185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?bt=0&uid=3266975578527815707&agencyId=8910&advertiserId=2170253&src=tp&rnd=987713
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 09:00:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

POST
H/1.1 200
Ok _CgJqNRAUGHwiBggBEOidASj905eXBjDA4tqvBjjA4tqvBkCsjZWXCUoUCAEQ3wEYl2gggoCAwAQonoCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24yLmxnYS5odi5wcm9kggEUCAEQ3wEYvQUghYCAwAQooICAoASIAc6FgasB Show response
rpt.cedexis.com/r1/1/20200/ 16 B
276 B 126ms
48ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/r1/1/20200/_CgJqNRAUGHwiBggBEOidASj905eXBjDA4tqvBjjA4tqvBkCsjZWXCUoUCAEQ3wEYl2gggoCAwAQonoCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24yLmxnYS5odi5wcm9kggEUCAEQ3wEYvQUghYCAwAQooICAoASIAc6FgasB?rnd=wsczzifurecnesqsvhnrkzrnuekehibc
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Referer: https://ori-www.hadiahjuara.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 17 Mar 2024 09:00:48 GMT
Server: nginx
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
174 B 1140ms
481ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=visit&source=direct&device=desktop&sessionStart=20240317090048&cookieId=414phz.ltvaea7v&origin=dafabet_com_asia&ver=24.20.0-3.6&segments=&1709003
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 17 Mar 2024 09:00:49 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 eventsApi
asia.frosmo.com/ 43 B
123 B 1098ms
483ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/eventsApi?method=customAction&name=userLoggedIn&value=false&title=&cookieId=414phz.ltvaea7v&origin=dafabet_com_asia&ver=24.20.0-3.6&0
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 09:00:49 GMT
server: openresty
x-robots-tag: none
content-length: 43
content-type: image/gif

POST
H2 200 eventsApi
asia.frosmo.com/ 43 B
123 B 1096ms
483ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/eventsApi?method=customAction&name=chrome53&value=true&title=&cookieId=414phz.ltvaea7v&origin=dafabet_com_asia&ver=24.20.0-3.6&1
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 09:00:49 GMT
server: openresty
x-robots-tag: none
content-length: 43
content-type: image/gif

POST
H2 200 eventsApi
asia.frosmo.com/ 43 B
123 B 1094ms
482ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/eventsApi?method=customAction&name=chrome&value=true&title=&cookieId=414phz.ltvaea7v&origin=dafabet_com_asia&ver=24.20.0-3.6&2
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 09:00:49 GMT
server: openresty
x-robots-tag: none
content-length: 43
content-type: image/gif

POST
H2 200 eventsApi
asia.frosmo.com/ 43 B
123 B 1094ms
484ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/eventsApi?method=customAction&name=popupNrSpecificPlayers&value=1&title=&cookieId=414phz.ltvaea7v&origin=dafabet_com_asia&ver=24.20.0-3.6&3
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 09:00:49 GMT
server: openresty
x-robots-tag: none
content-length: 43
content-type: image/gif

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 1081ms
482ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=showMessage&messageId=2236&revision=999&sessionStart=20240317090048&cookieId=414phz.ltvaea7v&origin=dafabet_com_asia&ver=24.20.0-3.6&segments=&17090064
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 17 Mar 2024 09:00:49 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 location Show response
asia.frosmo.com/ 43 B
490 B 1121ms
528ms XHR
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/location
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 09:00:49 GMT
x-real-ip: 206.66.96.21
x-longitude: -74.06800
x-isp: Verizon Business
x-city: Secaucus
content-length: 43
x-country-name: United States
server: openresty
x-country2: US
content-type: image/gif
access-control-allow-origin: *
x-region-code: NJ
access-control-expose-headers: X-Country2,X-latitude,X-longitude,X-Region-Code,X-City,X-ISP,X-Real-IP
cache-control: no-cache, private
x-latitude: 40.78770
access-control-allow-headers: X-Country2,X-latitude,X-longitude,X-Region-Code,X-City,X-ISP,X-Real-IP
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 417ms
416ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=setUserSegment&segmentName=sgmt_1978&segmentValue=value1&sessionStart=20240317090048&cookieId=414phz.ltvaea7v&origin=dafabet_com_asia&ver=24.20.0-3.6&segments=1978&17090080
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 17 Mar 2024 09:00:50 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 466ms
465ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=setUserSegment&segmentName=sgmt_1548&segmentValue=value1&sessionStart=20240317090048&cookieId=414phz.ltvaea7v&origin=dafabet_com_asia&ver=24.20.0-3.6&segments=1978.1548&17090082
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 17 Mar 2024 09:00:50 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 467ms
466ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=setUserSegment&segmentName=sgmt_1563&segmentValue=value1&sessionStart=20240317090048&cookieId=414phz.ltvaea7v&origin=dafabet_com_asia&ver=24.20.0-3.6&segments=1978.1548.1563&17090083
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 17 Mar 2024 09:00:50 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 467ms
467ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=setUserSegment&segmentName=sgmt_1569&segmentValue=value1&sessionStart=20240317090048&cookieId=414phz.ltvaea7v&origin=dafabet_com_asia&ver=24.20.0-3.6&segments=1978.1548.1563.1569&17090085
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 17 Mar 2024 09:00:50 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 messageApi Show response
asia.frosmo.com/ 498 KB
58 KB 1076ms
536ms XHR
application/json 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/messageApi?method=multifetch&origin=dafabet_com_asia&cookieId=414phz.ltvaea7v&loginId=&positions=190.191.199.200.218.219.220.229.250.328.335.336.337.338.339.340.349.362.363.460.501.517.520.650.743.745.746.752.753.758.759.809.810.811.815.819.820.821.822.823.824.825.886.887.888.889.890.891.892.893.894.895.896.897.898.899.900.901.954.1199.1204.1476.1667.1775.1780.1861.1862.1863.1896.2095.2000.1999.1998.1997.923.903.881.761.760.756.755.754.751.750.749.748.747.744.742.741.735.734.733.732.731.730.729.728.727.726.725.724.723.722.721.720.719.718.717.716.715.714.713.712.711.710.709.708.707.706.705.704.690.676.651.649.400.247.244.222.221.189&states=%7B%22_device%22%3A%22desktop%22%2C%22loginStatus%22%3A%22unauthenticated%22%2C%22userLoggedIn%22%3A%22false%22%2C%22popupNrSpecificPlayers%22%3A%221%22%7D&ver=24.20.0-3.6&ts=1710666048804&segments=1978.1548.1563.1569&source=direct&sessionStart=20240317090048&debug=false
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: c68f7cb5beb5bf89d1b066099dc16b25a181c079b8344a2eec644e52c6fd5c91

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 09:00:49 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
x-robots-tag: none
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 sureroute.html Show response
aka-www.dffgames.com/en/promotions/ Frame 2F55 8 KB
2 KB 1285ms
880ms Document
text/html 23.40.179.145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://aka-www.dffgames.com/en/promotions/sureroute.html?rnd=1-1-20200-1-20200-42793-786172938-_CgJqMRAUGHwiBggBEOidASiKmPD2AjC-4tqvBji-4tqvBkCsjbWzCUoUCAEQ3wEYl2gggoCAwAQonoCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24xLmxnYS5odi5wcm9kggEUCAEQ3wEYvQUghYCAwAQooICAoASIAc6FgasBkAEAmAEA

Requested by

Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.179.145 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-179-145.deploy.static.akamaitechnologies.com

Software

nginx/1.11.10 /

Resource Hash

0c222d1ddf1d0b5a9799949a3be0df062185e54e02d404e3d5c2381e422437df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer: https://ori-www.hadiahjuara.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache
content-encoding: gzip
content-length: 1512
content-type: text/html
date: Sun, 17 Mar 2024 09:00:50 GMT
etag: "6571cc64-211b"
expires: Sun, 17 Mar 2024 09:00:50 GMT
last-modified: Thu, 07 Dec 2023 13:45:08 GMT
server: nginx/1.11.10
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept-Encoding

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHwiBggBEOidASiKmPD2AjC-4tqvBji-4tqvBkCsjbWzCUoUCAEQ3wEYl2gggoCAwAQonoCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24xLmxnYS5odi5wcm9kggEUCAEQ3wEYvQUghYCAwAQooICAoASIAc6FgasBkAEAm... 16 B
276 B 129ms
51ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHwiBggBEOidASiKmPD2AjC-4tqvBji-4tqvBkCsjbWzCUoUCAEQ3wEYl2gggoCAwAQonoCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24xLmxnYS5odi5wcm9kggEUCAEQ3wEYvQUghYCAwAQooICAoASIAc6FgasBkAEAmAEA/1/20200/42793/1,16/0/1297/0/0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:50 GMT
Server: nginx
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 sureroute.html Show response
aka-www.dffgames.com/en/promotions/ Frame 39C6 8 KB
2 KB 1874ms
1873ms Document
text/html 23.40.179.145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://aka-www.dffgames.com/en/promotions/sureroute.html?rnd=0-1-20200-1-20200-42793-786172938-_CgJqMRAUGHwiBggBEOidASiKmPD2AjC-4tqvBji-4tqvBkCsjbWzCUoUCAEQ3wEYl2gggoCAwAQonoCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24xLmxnYS5odi5wcm9kggEUCAEQ3wEYvQUghYCAwAQooICAoASIAc6FgasBkAEAmAEA

Requested by

Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.179.145 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-179-145.deploy.static.akamaitechnologies.com

Software

nginx/1.11.10 /

Resource Hash

0c222d1ddf1d0b5a9799949a3be0df062185e54e02d404e3d5c2381e422437df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer: https://ori-www.hadiahjuara.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache
content-encoding: gzip
content-length: 1512
content-type: text/html
date: Sun, 17 Mar 2024 09:00:51 GMT
etag: "6571cc64-211b"
expires: Sun, 17 Mar 2024 09:00:51 GMT
last-modified: Thu, 07 Dec 2023 13:45:08 GMT
server: nginx/1.11.10
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept-Encoding

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 225ms
224ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=showMessage&messageId=2214&revision=999&sessionStart=20240317090048&cookieId=414phz.ltvaea7v&origin=dafabet_com_asia&ver=24.20.0-3.6&segments=1978.1548.1563.1569&1709001684
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 17 Mar 2024 09:00:50 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 226ms
225ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=showMessage&messageId=3172&revision=999&sessionStart=20240317090048&cookieId=414phz.ltvaea7v&origin=dafabet_com_asia&ver=24.20.0-3.6&segments=1978.1548.1563.1569&1709001684
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 17 Mar 2024 09:00:50 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 437ms
437ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=showMessage&messageId=2195&revision=2&sessionStart=20240317090048&cookieId=414phz.ltvaea7v&origin=dafabet_com_asia&ver=24.20.0-3.6&segments=1978.1548.1563.1569&1709001685
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 17 Mar 2024 09:00:50 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 445ms
444ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=showMessage&messageId=4560&revision=999&sessionStart=20240317090048&cookieId=414phz.ltvaea7v&origin=dafabet_com_asia&ver=24.20.0-3.6&segments=1978.1548.1563.1569&1709001688
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 17 Mar 2024 09:00:50 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHwiBggBEOidASiKmPD2AjC-4tqvBji-4tqvBkCsjbWzCUoUCAEQ3wEYl2gggoCAwAQonoCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24xLmxnYS5odi5wcm9kggEUCAEQ3wEYvQUghYCAwAQooICAoASIAc6FgasBkAEAm... 16 B
276 B 167ms
67ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHwiBggBEOidASiKmPD2AjC-4tqvBji-4tqvBkCsjbWzCUoUCAEQ3wEYl2gggoCAwAQonoCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24xLmxnYS5odi5wcm9kggEUCAEQ3wEYvQUghYCAwAQooICAoASIAc6FgasBkAEAmAEA/1/20200/42793/0,16/0/1883/0/0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:52 GMT
Server: nginx
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK d17.html Show response
origin-228.shadowsamurai.net/test/ Frame 5330 9 KB
9 KB 967ms
227ms Document
text/html 110.50.228.90
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to

Full URL: https://origin-228.shadowsamurai.net/test/d17.html?rnd=1-1-20200-1-20200-47789-786172938-_CgJqMRAUGHwiBggBEOidASiKmPD2AjC-4tqvBji-4tqvBkCsjbWzCUoUCAEQ3wEYl2gggoCAwAQonoCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24xLmxnYS5odi5wcm9kggEUCAEQ3wEYvQUghYCAwAQooICAoASIAc6FgasBkAEAmAEA
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 110.50.228.90 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 0246d3b3e45ce8e0aa8e7c4260c1f3c28aac3067692ee685bcb58e8a20f031ba

Request headers

Referer: https://ori-www.hadiahjuara.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: private, max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 8738
Content-Type: text/html
Date: Sun, 17 Mar 2024 09:00:52 GMT
ETag: "6229b80b-2222"
Last-Modified: Thu, 10 Mar 2022 08:34:19 GMT
Pragma: no-cache
Server: nginx/1.12.2
Timing-Allow-Origin: *

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHwiBggBEOidASiKmPD2AjC-4tqvBji-4tqvBkCsjbWzCUoUCAEQ3wEYl2gggoCAwAQonoCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24xLmxnYS5odi5wcm9kggEUCAEQ3wEYvQUghYCAwAQooICAoASIAc6FgasBkAEAm... 16 B
276 B 20ms
19ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHwiBggBEOidASiKmPD2AjC-4tqvBji-4tqvBkCsjbWzCUoUCAEQ3wEYl2gggoCAwAQonoCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24xLmxnYS5odi5wcm9kggEUCAEQ3wEYvQUghYCAwAQooICAoASIAc6FgasBkAEAmAEA/1/20200/47789/1,16/0/931/0/0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:53 GMT
Server: nginx
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H/1.1 200
OK d17.html Show response
origin-228.shadowsamurai.net/test/ Frame 2E67 9 KB
9 KB 218ms
218ms Document
text/html 110.50.228.90
GAMEBUILDERS-AS-P...

General

Check archive.org

Show headers Download Go to

Full URL: https://origin-228.shadowsamurai.net/test/d17.html?rnd=0-1-20200-1-20200-47789-786172938-_CgJqMRAUGHwiBggBEOidASiKmPD2AjC-4tqvBji-4tqvBkCsjbWzCUoUCAEQ3wEYl2gggoCAwAQonoCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24xLmxnYS5odi5wcm9kggEUCAEQ3wEYvQUghYCAwAQooICAoASIAc6FgasBkAEAmAEA
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 110.50.228.90 , Philippines, ASN18018 (GAMEBUILDERS-AS-PH Gamebuilders Inc., PH),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 0246d3b3e45ce8e0aa8e7c4260c1f3c28aac3067692ee685bcb58e8a20f031ba

Request headers

Referer: https://ori-www.hadiahjuara.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: private, max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 8738
Content-Type: text/html
Date: Sun, 17 Mar 2024 09:00:53 GMT
ETag: "6229b80b-2222"
Last-Modified: Thu, 10 Mar 2022 08:34:19 GMT
Pragma: no-cache
Server: nginx/1.12.2
Timing-Allow-Origin: *

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHwiBggBEOidASiKmPD2AjC-4tqvBji-4tqvBkCsjbWzCUoUCAEQ3wEYl2gggoCAwAQonoCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24xLmxnYS5odi5wcm9kggEUCAEQ3wEYvQUghYCAwAQooICAoASIAc6FgasBkAEAm... 16 B
276 B 21ms
20ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHwiBggBEOidASiKmPD2AjC-4tqvBji-4tqvBkCsjbWzCUoUCAEQ3wEYl2gggoCAwAQonoCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24xLmxnYS5odi5wcm9kggEUCAEQ3wEYvQUghYCAwAQooICAoASIAc6FgasBkAEAmAEA/1/20200/47789/0,16/0/220/0/0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:53 GMT
Server: nginx
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 sureroute.html Show response
aka-mcashier.df-bet.org/ Frame 3EDD 8 KB
2 KB 1146ms
924ms Document
text/html 104.117.182.9

General

Check archive.org

Show headers Download Go to

Full URL

https://aka-mcashier.df-bet.org/sureroute.html?rnd=1-1-20200-1-20200-46060-786172938-_CgJqMRAUGHwiBggBEOidASiKmPD2AjC-4tqvBji-4tqvBkCsjbWzCUoUCAEQ3wEYl2gggoCAwAQonoCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24xLmxnYS5odi5wcm9kggEUCAEQ3wEYvQUghYCAwAQooICAoASIAc6FgasBkAEAmAEA

Requested by

Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.117.182.9 -, , ASN (),

Reverse DNS

Software

nginx/1.19.6 /

Resource Hash

5bf62200787a40e4af3e5352641483265476ce7f29a1e602a9c68c3aadaa06b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer: https://ori-www.hadiahjuara.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0
content-encoding: gzip
content-length: 1631
content-type: text/html
date: Sun, 17 Mar 2024 09:00:54 GMT
etag: W/"65e88564-211c"
expires: Sun, 17 Mar 2024 09:00:54 GMT
last-modified: Wed, 06 Mar 2024 15:01:56 GMT
server: nginx/1.19.6
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept-Encoding

POST
H/1.1 200
Ok _CgJqNRAUGHwiBggBEOidASj905eXBjDA4tqvBjjA4tqvBkCsjZWXCUoUCAEQ3wEYl2gggoCAwAQonoCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24yLmxnYS5odi5wcm9kggEUCAEQ3wEYvQUghYCAwAQooICAoASIAc6FgasB Show response
rpt.cedexis.com/r1/1/20200/ 16 B
276 B 21ms
21ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/r1/1/20200/_CgJqNRAUGHwiBggBEOidASj905eXBjDA4tqvBjjA4tqvBkCsjZWXCUoUCAEQ3wEYl2gggoCAwAQonoCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24yLmxnYS5odi5wcm9kggEUCAEQ3wEYvQUghYCAwAQooICAoASIAc6FgasB?rnd=snxlrgamuyvgepwhehsxwperzyeqzutf
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Referer: https://ori-www.hadiahjuara.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 17 Mar 2024 09:00:53 GMT
Server: nginx
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

POST
H2 200 optimizerApi
asia.frosmo.com/ 43 B
173 B 225ms
225ms Ping
image/gif 52.78.8.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.frosmo.com/optimizerApi?event=trueDisplay&messageId=2195&revision=2&sessionStart=20240317090048&cookieId=414phz.ltvaea7v&origin=dafabet_com_asia&ver=24.20.0-3.6&segments=1978.1548.1563.1569&1709004693
Requested by: Host: dk0tzorg7uge9.cloudfront.net
URL: https://dk0tzorg7uge9.cloudfront.net/frosmo.easy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 52.78.8.111 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-8-111.ap-northeast-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 17 Mar 2024 09:00:53 GMT
cache-control: no-cache, private
server: openresty
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 adrum Show response
col.0wp0usgn.com/eumcollector/beacons/browser/v1/EUM-AAB-AVW/ 0
63 B 227ms
227ms XHR
text/html 34.149.119.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://col.0wp0usgn.com/eumcollector/beacons/browser/v1/EUM-AAB-AVW/adrum

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum-ext.5d7b2188022f1c8e1f74b468f022cb04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.119.194 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

194.119.149.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ori-www.hadiahjuara.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-type: text/plain

Response headers

appd-request-id: 5ed73489d7b8e682
date: Sun, 17 Mar 2024 09:00:53 GMT
via: 1.1 google
pragma: no-cache
x-content-type-options: nosniff
vary: *
content-type: text/html
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
access-control-allow-headers: origin, content-type, accept
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHwiBggBEOidASiKmPD2AjC-4tqvBji-4tqvBkCsjbWzCUoUCAEQ3wEYl2gggoCAwAQonoCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24xLmxnYS5odi5wcm9kggEUCAEQ3wEYvQUghYCAwAQooICAoASIAc6FgasBkAEAm... 16 B
276 B 118ms
49ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHwiBggBEOidASiKmPD2AjC-4tqvBji-4tqvBkCsjbWzCUoUCAEQ3wEYl2gggoCAwAQonoCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24xLmxnYS5odi5wcm9kggEUCAEQ3wEYvQUghYCAwAQooICAoASIAc6FgasBkAEAmAEA/1/20200/46060/1,16/0/1544/0/0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:54 GMT
Server: nginx
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET
H2 200 sureroute.html Show response
aka-mcashier.df-bet.org/ Frame CF99 8 KB
2 KB 896ms
896ms Document
text/html 104.117.182.9

General

Check archive.org

Show headers Download Go to

Full URL

https://aka-mcashier.df-bet.org/sureroute.html?rnd=0-1-20200-1-20200-46060-786172938-_CgJqMRAUGHwiBggBEOidASiKmPD2AjC-4tqvBji-4tqvBkCsjbWzCUoUCAEQ3wEYl2gggoCAwAQonoCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24xLmxnYS5odi5wcm9kggEUCAEQ3wEYvQUghYCAwAQooICAoASIAc6FgasBkAEAmAEA

Requested by

Host: radar.cedexis.com
URL: https://radar.cedexis.com/1/20200/radar.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.117.182.9 -, , ASN (),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

5bf62200787a40e4af3e5352641483265476ce7f29a1e602a9c68c3aadaa06b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer: https://ori-www.hadiahjuara.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0
content-encoding: gzip
content-length: 1631
content-type: text/html
date: Sun, 17 Mar 2024 09:00:55 GMT
etag: W/"65e88564-211c"
expires: Sun, 17 Mar 2024 09:00:55 GMT
last-modified: Wed, 06 Mar 2024 15:01:56 GMT
server: nginx/1.20.1
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept-Encoding

GET
H/1.1 200
Ok 0 Show response
rpt.cedexis.com/f1/_CgJqMRAUGHwiBggBEOidASiKmPD2AjC-4tqvBji-4tqvBkCsjbWzCUoUCAEQ3wEYl2gggoCAwAQonoCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24xLmxnYS5odi5wcm9kggEUCAEQ3wEYvQUghYCAwAQooICAoASIAc6FgasBkAEAm... 16 B
276 B 20ms
20ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/f1/_CgJqMRAUGHwiBggBEOidASiKmPD2AjC-4tqvBji-4tqvBkCsjbWzCUoUCAEQ3wEYl2gggoCAwAQonoCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24xLmxnYS5odi5wcm9kggEUCAEQ3wEYvQUghYCAwAQooICAoASIAc6FgasBkAEAmAEA/1/20200/46060/0,16/0/909/0/0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.10.2271.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ori-www.hadiahjuara.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 17 Mar 2024 09:00:55 GMT
Server: nginx
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

GET sureroute.html
cdn3-www.dafabet.com/en/promotions/ Frame 4444 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn3-www.dafabet.com
URL: https://cdn3-www.dafabet.com/en/promotions/sureroute.html?rnd=1-1-20200-1-20200-47938-786172938-_CgJqMRAUGHwiBggBEOidASiKmPD2AjC-4tqvBji-4tqvBkCsjbWzCUoUCAEQ3wEYl2gggoCAwAQonoCAoARQAFoKCAAQABgAIAAoAGABahNidXR0b24xLmxnYS5odi5wcm9kggEUCAEQ3wEYvQUghYCAwAQooICAoASIAc6FgasBkAEAmAEA

Verdicts & Comments Add Verdict or Comment

243 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

102 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hadiahjuara.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8b9k43p09hrvql3b27r7oits87
.hadiahjuara.com/	1970-01-21 03:57:02	Name: mhlanguage Value: en
.hadiahjuara.com/	1970-01-21 04:47:06	Name: _ga_S5WHEF6PM5 Value: GS1.1.1710666043.1.0.1710666043.60.0.0
.adnxs.com/	1970-01-20 21:20:42	Name: XANDR_PANID Value: QOTdB_dC0zlX9LvAmR93TrPCLh7fxx8w0sTLq6htnhW_m5X0TpmjJhNK0sb-6mVIcMH8PZRakMPY9I-XADnrdDCLOKNoozfjno_gZKGL-ko.
.adnxs.com/	1970-01-21 04:47:06	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 21:20:42	Name: uuid2 Value: 7255945857962684622
ori-www.hadiahjuara.com/	1970-01-21 03:56:42	Name: __user_id Value: uid-3024642962.8923400694
.hadiahjuara.com/	1970-01-20 21:20:42	Name: _fbp Value: fb.1.1710666045482.843774157
.sportradarserving.com/	1970-01-21 03:56:42	Name: zuuid Value: dcbad93f-ee37-44a2-96db-4e9d692af304
.sportradarserving.com/	1970-01-21 03:56:42	Name: c Value: 1710666045
.sportradarserving.com/	1970-01-21 03:56:42	Name: zuuid_lu Value: 1710666045
.sportradarserving.com/	1970-01-21 03:56:42	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-21 03:56:42	Name: zuuid_k_lu Value: 1710666045
.sportradarserving.com/	1970-01-21 03:56:42	Name: bss Value: !bidswitch,479923245
.sportradarserving.com/	1970-01-21 03:56:42	Name: cm4 Value: !bidswitch,479995245
.hadiahjuara.com/	1970-01-20 19:11:07	Name: _sp_srt_ses.20fe Value: *
.hadiahjuara.com/	1970-01-21 04:47:06	Name: _sp_srt_id.20fe Value: 15ea6d11-8ae0-4826-a988-0b3af1561527.1710666046.1.1710666046..81f23b11-2229-4641-b8e0-c23558cd2883....0
.bidswitch.net/	1970-01-21 03:56:42	Name: c Value: 1710666046
.bidswitch.net/	1970-01-21 03:56:42	Name: tuuid_lu Value: 1710666046
.bidswitch.net/	1970-01-21 03:56:42	Name: tuuid Value: 1c426bbf-2a10-4329-92f8-0367c5326fd5
.doubleclick.net/	1970-01-21 04:47:06	Name: IDE Value: AHWqTUl3ced5YeCF90hTeJtbtF8a-UtBNZMMKUTweZG88Oy5ANh_WnTXdjPa7tWDRAg
.live.streamtheworld.com/	1970-01-20 19:21:10	Name: idsync-bsw-uid-s Value: 1c426bbf-2a10-4329-92f8-0367c5326fd5
.hadiahjuara.com/	1970-01-21 04:47:06	Name: _ga Value: GA1.2.1070854031.1710666044
.hadiahjuara.com/	1970-01-20 19:12:32	Name: _gid Value: GA1.2.634477800.1710666047
.hadiahjuara.com/	1970-01-20 19:11:06	Name: _gat Value: 1
.adelement.com/	1970-01-21 03:56:42	Name: OAID Value: r9BJkcPyHmmhkK8G4e3D4LeJ
.hadiahjuara.com/	1970-01-21 04:47:06	Name: _ga_XTJPZCJBEY Value: GS1.2.1710666047.1.0.1710666047.0.0.0
.adform.net/	1970-01-20 19:55:40	Name: C Value: 1
.adform.net/	1970-01-20 20:37:26	Name: receive-cookie-deprecation Value: 1
.hadiahjuara.com/	1970-01-21 03:56:42	Name: _hjSessionUser_121800 Value: eyJpZCI6ImJmYWZlZDg2LTdmNDgtNTZhZS1iYmY4LWY0YTA4NjYwNDljMCIsImNyZWF0ZWQiOjE3MTA2NjYwNDczNDUsImV4aXN0aW5nIjpmYWxzZX0=
.hadiahjuara.com/	1970-01-20 19:11:07	Name: _hjSession_121800 Value: eyJpZCI6IjNlOWY1ZWZiLThhZGMtNDQ1My04ODExLTNhNjAwN2M0ZThiZCIsImMiOjE3MTA2NjYwNDczNDYsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.adelement.com/	1970-01-21 03:56:42	Name: _ae_rt_tt Value: us-east-1
.adelement.com/	1970-01-21 03:56:42	Name: _ae_rt_te Value:
.adelement.com/	1970-01-21 03:56:42	Name: _ae_rt_dt Value:
.adform.net/	1970-01-20 20:37:30	Name: uid Value: 3266975578527815707
.adform.net/	1970-01-20 19:12:32	Name: CM Value: 1\|1
.adform.net/	1970-01-20 19:31:15	Name: CM14 Value: 1710752448_1710666048_1710666048_1_Hu7u4e4e4R7u4e4REREeEREREAAA4Q
.adnxs.com/	1970-01-20 21:20:42	Name: anj Value: dTM7k!M40]EVNsVF']wIg2In=fSc8R!]taR:yN'76d!YTW3@RSjs:GK(koI:wI69`cYy(<_O'VQ/41@d$Co8k!Dv'AAN9.E!I2@(nQ])4YEsx5+Znx5+?[u4h:6KL?Gq)BT3v>wL5L!!)[r-i:Wf
.casalemedia.com/	1970-01-21 03:56:42	Name: CMID Value: ZfaxQNHM6JEAACC3AFyw.gAA
.casalemedia.com/	1970-01-20 21:20:42	Name: CMPS Value: 1013
.casalemedia.com/	1970-01-20 21:20:42	Name: CMPRO Value: 1013
.rubiconproject.com/	1970-01-21 03:56:42	Name: khaos Value: LTVAEAS7-8-BD39
.rubiconproject.com/	1970-01-21 03:56:42	Name: audit Value: 1\|SsIO0nLGqNOmhJZXbzqZonGrfk7zlNsebt7buthfhw0OiiaDVsR94huuFZMpxO4peYe9Ow0B057yUhTWCqUS/I+whRf0v/l/05M3jx7a7rMhIp5rPo9Y/euSvEyVUDWQfY0V14FIbwNDA6MeUnKE5KZr5ZVxLWDe
.eyeota.net/	1970-01-21 03:56:42	Name: mako_uid Value: 18e4ba4643f-59a90000010a4f05
.eyeota.net/	1970-01-20 19:11:06	Name: SERVERID Value: 20229~DM
.360yield.com/	1970-01-20 21:20:42	Name: tuuid Value: 5f0edf52-34de-407c-8d72-d29456482330
.360yield.com/	1970-01-20 21:20:42	Name: tuuid_lu Value: 1710666048
.ads.stickyadstv.com/	1970-01-20 20:37:30	Name: uid-bp-617 Value: 3266975578527815707
.ads.stickyadstv.com/	1970-01-20 19:54:18	Name: UID Value: e324d5152a8069a86ee8e8109c7fb5c9
.bfmio.com/	1970-01-21 03:56:42	Name: __103_cid Value: 1c426bbf-2a10-4329-92f8-0367c5326fd5
.bfmio.com/	1970-01-20 19:11:20	Name: __103_exp Value: 1
.bfmio.com/	1970-01-21 03:56:42	Name: __io_cid Value: 312db01bb74e51542f850a5a032ec510c523e7e0
ori-www.hadiahjuara.com/	1970-01-21 03:56:42	Name: frosmo_quickContext Value: %7B%22VERSION%22%3A%221.1.0%22%2C%22UID%22%3A%22414phz.ltvaea7v%22%2C%22origin%22%3A%22dafabet_com_asia%22%2C%22lastDisplayTime%22%3A%7B%222236%22%3A1710666049%7D%2C%22lastRevisionId%22%3A%7B%222236%22%3A999%7D%2C%22lastPageView%22%3A%7B%22time%22%3A1710666048692%7D%2C%22states%22%3A%7B%22session%22%3A%7B%7D%7D%7D
.rlcdn.com/	1970-01-21 03:56:42	Name: rlas3 Value: IaaiUYDsQ4UYqDhPUAacd4BTc2Bb024g2AdeZ3Gvuk4=
.smartadserver.com/	1970-01-21 04:38:27	Name: pid Value: 7004116333399358510
.smartadserver.com/	1970-01-21 04:38:27	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 03:58:08	Name: csync Value: 22:3266975578527815707
.semasio.net/	1970-01-21 03:56:42	Name: SEUNCY Value: A16B3440A761D36F
.openx.net/	1970-01-21 03:56:42	Name: i Value: 8b54baf5-3aaa-4210-916c-c94eaef9352c\|1710666048
.bluekai.com/	1970-01-20 23:36:03	Name: bku Value: /Ux99WYh2ZVmIw9I
.rlcdn.com/	1970-01-20 20:37:30	Name: pxrc Value: CMDi2q8GEgUI6AcQABIFCOhHEAA=
.exelator.com/	1970-01-20 22:03:54	Name: EE Value: "ee6f11b994ac854ce95730ef834cef98"
.pubmatic.com/	1970-01-20 19:54:18	Name: KRTBCOOKIE_391 Value: 22924-3266975578527815707&KRTB&23263-3266975578527815707&KRTB&23481-3266975578527815707
.pubmatic.com/	1970-01-20 19:54:18	Name: PugT Value: 1710666048
.crwdcntrl.net/	1970-01-21 01:39:54	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 01:39:54	Name: _cc_id Value: 6247d30ac0abb7efd4a5f2be1c6ee6d4
.exelator.com/	1970-01-20 22:03:54	Name: ud Value: "eJxrXxzq6XKLQSE11SzN0DDJ0tIkMdnC1CQ51dLU3NggNc3CGMhOs7RYXJZatGBpaXFqStKhJRU5JTlNq8viQx3j3Rx9PX0ilzlnFOXnpq4AC4W5Bi02NDJakl%252BUmb4oNHhxUUoaw6KS4lPBx1UvAQC%252FJyq9"
.pippio.com/	1970-01-21 03:56:42	Name: did Value: 3KCWjAFRIMm0_QvI
.pippio.com/	1970-01-21 03:56:42	Name: didts Value: 1710666048
.pippio.com/	1970-01-20 20:37:30	Name: nnls Value:
.pippio.com/	1970-01-20 20:37:30	Name: pxrc Value: CMDi2q8GEgYIgr0rEAA=
.adsrvr.org/	1970-01-21 03:56:42	Name: TDID Value: f261940f-7500-4d4b-847f-0705bc4d46bd
.agkn.com/	1970-01-21 03:56:42	Name: ab Value: 0001%3ATjmAP%2BKBMGQixuXInIi2XlbHG%2BiYpzlE
.demdex.net/	1970-01-20 23:30:18	Name: demdex Value: 38841012947876771691221654816744185946
.w55c.net/	1970-01-21 04:41:20	Name: wfivefivec Value: F90ppWe41RLMnT5
.seadform.net/	1970-01-20 20:37:26	Name: uid Value: 3266975578527815707
.w55c.net/	1970-01-20 19:54:18	Name: matchadform Value: 5
.adsrvr.org/	1970-01-21 03:56:42	Name: TDCPM Value: CAEYBSABKAIyCwiWzf-J75rjPBAFOAE.
.linkedin.com/	1970-01-20 21:20:42	Name: li_sugr Value: 9b64cc64-f9f0-4959-b32e-85ccb5d9083e
.linkedin.com/	1970-01-21 03:56:42	Name: bcookie Value: "v=2&bf601f3f-47bd-43a0-8c01-6dd1f1d3af59"
.linkedin.com/	1970-01-20 19:12:32	Name: lidc Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2845:u=1:x=1:i=1710666049:t=1710752449:v=2:sig=AQETzVdYtLoxQbDvo6Qx6lh4h2tbs5OC"
.dpm.demdex.net/	1970-01-20 23:30:18	Name: dpm Value: 38841012947876771691221654816744185946
.audrte.com/	1970-01-20 19:32:42	Name: arcki2 Value: 77atORTJ12oTf-7xiTtxuZuEA!20220908!1710666049227!ip#206.66.96.21
.audrte.com/	1970-01-20 19:32:42	Name: arcki2_adform Value: 3266975578527815707!20220908!1710666049227
.teads.tv/	1970-01-21 03:55:15	Name: tt_viewer Value: 033fc4a1-c484-4f61-ac54-4a4907f42041
.smaato.net/	1970-01-20 19:41:20	Name: SCM Value: 2ddfc4895c
.smaato.net/	1970-01-20 19:41:20	Name: SCMo Value: 2ddfc4895c
.smaato.net/	1970-01-20 19:41:20	Name: SCM1001213 Value: 2ddfc4895c
.audrte.com/	1970-01-20 19:32:42	Name: arcki2_ddp2 Value: 77atORTJ12oTf-7xiTtxuZuEA!20220908!1710666049369
.weborama.fr/	1970-01-21 04:37:01	Name: AFFICHE_W Value: YL1RllHRVTFg15
.adfarm1.adition.com/	1970-01-20 21:20:42	Name: UserID1 Value: 7347254734836660377
.id5-sync.com/	1970-01-20 21:20:42	Name: id5 Value: ac006085-0120-7b2e-bc02-2e5269155ba2#1710666049492#2
.360yield.com/	1970-01-20 21:20:42	Name: um Value: !42,cPaH4w2qdKOMS932CNYAvLxoJgiPLRFMmhYDnZwtFbxH,1711875648!79,8LOfNMwR2yryCG2Xyq3UkQa7Iac6Dg1OM4l8p6wS9uOZLqLKpGZds9ioiQOFr0zd9si6s9zE3UPZlTcF,1718442050
.360yield.com/	1970-01-20 21:20:42	Name: umeh Value: !42,0,1772874048,-1!79,0,1772874050,-1
.id5-sync.com/	1970-01-20 21:20:42	Name: 3pi Value: 2#1710666049957#-578646850#7255945857962684622\|10#1710666049725#-1600372130#3266975578527815707\|124#1710666050193#1642242256
.3lift.com/	1970-01-20 21:20:42	Name: tluidp Value: 3105083781366130028223
.3lift.com/	1970-01-20 21:20:42	Name: tluid Value: 3105083781366130028223
.onaudience.com/	1970-01-20 19:12:32	Name: done_redirects109 Value: 1
.onaudience.com/	1970-01-20 19:12:32	Name: done_redirects219 Value: 1
.onaudience.com/	1970-01-21 03:56:42	Name: cookie Value: 536defa8f7d88a4e
.zeotap.com/	1970-01-21 03:56:42	Name: zc Value: 3274414b-1ab9-4a4d-51db-2ddbc8aa55ee
.zeotap.com/	1970-01-20 19:12:32	Name: zsc Value: %82%E6%E1%0C%2F%A4%D2%C5%A6%00%B2%3EQ%F1%14%C4%D0%3D%8ET%162%1CNz%EA%2A%3B%9A%96p%DC%7Ch%8B%13%0D%29Fx%95%29u3%EF%91%05%B97%D9u_%C3%DD%27%E7Y%8F%F9%7D%3A%DF%C1%9A%95%28%15%DB%B3%B4%EE%0E%8F%07%2BTMqK%C2%9A%B6%D9

343 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/1727308371340020?v=2.9.150&r=stable&domain=ori-www.hadiahjuara.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ori-www.hadiahjuara.com/en Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.sportradarserving.com
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.stickyadstv.com
aka-mcashier.df-bet.org
aka-www.dffgames.com
analytics.google.com
api.adrtx.net
asia.adform.net
asia.frosmo.com
asia.seadform.net
beacon.krxd.net
bpi.rtactivate.com
c1.adform.net
cdn.appdynamics.com
cdn3-www.dafabet.com
cm.g.doubleclick.net
col.0wp0usgn.com
connect.facebook.net
d313lzv9559yp9.cloudfront.net
dafabetcomasia.asia.frosmo.com
dk0tzorg7uge9.cloudfront.net
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
i1-j5-20-124-1-20200-1659234813-s.init.cedexis-radar.net
i2-fwtslbsjhvylcpjrknsapvfobnkjnk.init.cedexis-radar.net
ib.adnxs.com
ice.360yield.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
load77.exelator.com
loadm.exelator.com
login.megasportcasino.com
match.adsrvr.org
match.contentexchange.me
mwzeom.zeotap.com
ori-www.hadiahjuara.com
origin-228.shadowsamurai.net
pdw-adf.userreport.com
pippio.com
pixel.onaudience.com
pm.w55c.net
ps.eyeota.net
px.ads.linkedin.com
radar.cedexis.com
redirect.frontend.weborama.fr
rpt.cedexis.com
rtb-csync.smartadserver.com
rtg.prdredir.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
sc.adelement.com
script.hotjar.com
scripts.prdredir.com
secure.adnxs.com
simage2.pubmatic.com
spl.zeotap.com
static.hotjar.com
stats.g.doubleclick.net
sync.bfmio.com
sync.crwdcntrl.net
sync.outbrain.com
sync.teads.tv
tags.bluekai.com
tm.ads.sportradar.com
token.rubiconproject.com
track.adform.net
tracker.ads.sportradar.com
uipglob.semasio.net
use.sportradarserving.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
x.bidswitch.net
yield-op-idsync.live.streamtheworld.com
cdn3-www.dafabet.com
100.24.217.221
104.117.182.9
107.178.254.65
107.20.244.107
108.138.106.49
110.50.228.90
110.50.230.86
141.94.171.215
142.251.40.162
15.197.193.217
162.19.138.120
172.64.151.101
18.164.96.87
18.173.132.56
18.195.92.168
18.238.55.58
18.238.80.98
185.167.164.39
185.167.164.44
185.84.60.23
192.173.28.19
192.73.251.161
192.73.251.162
202.165.61.110
23.40.179.145
23.46.225.71
23.51.56.126
23.52.165.154
23.83.76.58
2600:141b:1c00:2e::17d1:48c7
2600:9000:2209:1600:1b:5138:8a40:93a1
2600:9000:2512:5200:1a:609a:6780:93a1
2606:4700:10::6816:3262
2606:4700:20::ac43:4437
2607:f740:e619::1
2607:f8b0:4004:c09::9b
2607:f8b0:4006:81f::2008
2607:f8b0:4006:821::200e
2607:f8b0:4006:824::200e
2620:1ec:21::14
2a02:6ea0:c400::12
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
3.248.111.133
34.149.119.194
34.202.14.48
35.190.24.218
35.211.178.172
35.211.233.246
35.244.154.8
35.244.159.8
37.157.3.26
44.212.89.30
45.54.49.5
46.19.11.36
50.57.31.206
52.0.10.132
52.0.156.250
52.208.99.103
52.218.89.211
52.223.22.214
52.55.144.0
52.70.146.159
52.78.8.111
52.79.118.14
54.146.31.104
54.164.170.49
54.192.100.113
54.86.148.40
63.251.28.233
68.67.178.10
70.42.32.127
8.28.7.83
8.43.72.97
85.114.159.93
0246d3b3e45ce8e0aa8e7c4260c1f3c28aac3067692ee685bcb58e8a20f031ba
063237f5f52863c3f711ef56625653397a5650eca2da3fa375dc181985a1badb
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b113df34bd712b8725353a36a569864c751a3ba2a3838aa92772de74cc25901
0b8dd8d5971e80679534bfadc0ce765a238de38ee76c93fd32215f711d98fdd0
0c222d1ddf1d0b5a9799949a3be0df062185e54e02d404e3d5c2381e422437df
0cd609cb62d8ef9292ef7b48e19ce8091e68b553b308dd4ed5e21192280c721a
0d3c696deadf4ce3ab9d038c8c794a690617742083d0f980771292468c49a608
0ea8ad9a1b5a3e3e0950b9dd614a5056250369587ff45165dacafd8d13e838e4
0f47272de3875f1531038d1dd74318d65615e4a01403492d95d4de9d218ac06b
1255cfe05d68366b2f1784987c772a817da92099f4922498a445f8768c52a710
142617edf27459c2a888daaf7d0bf7777a3fb328fbe9a771fcb7059044791247
180109f8f37c833e1f965c5662f54e73b3e1291117a3c7fa320dab4ae7727dcd
1af15a8dfe5dd8cb0597a2e42cc0490cb852627d522e4db0dcda73bc453f78cd
1fad8a0d38b8307c0781fbfd3222b43917c5c879bbcfb3d5e0b96d1b4416e5a9
271242878c5fdf7f7bbb97a4bfe6a8f58d2acb94bfd16aab43fcd7ef838dcef7
27bc3999de98227d0e8c68662811e9dbc5877b00da382b92819e5bf380059ed3
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c5b3aeacf827e181a8131451f9a2a2f402ce22800d2365feb071f1fb7bf666d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e3132788af3aa36a934025284d0bf1ef615cbc670e7c2bfa702a4877f9e0807
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33ce8e4368139f685537cf3fd3f7ad2009f1639e339c8b5c59db43d3a868ebe7
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
40de67281c077668bd49d1d8d3817452e66677e565bfe9a1e5477d83e53f802b
448d305ad6e8d6b57c5e4d37afbf26c77bcf2c2548e1fe462772757ee6ccbbe1
4865df327140a52e50f92d603b9a546fba023ae7bc05c28904f5ccaf77675e95
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c1578af52648e323110b17bbe4e605a75a7ef5e1d9eba806224780c957c3a31
4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52e240a9889c5360990e3659e5b293754676fff941d0aae534c937e01d2d3155
535c49898bf95ae4a860eb2f3dd2e55f98a046ab976e74449c061428a5e3bd25
53d92501cb5b9b4b8bbee57a8885a46fe3478cd00e82c3c144a0e71955726225
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56e136de44b14e6b5e210100a850f4150f758be17f91dc5b3a1e7f8148eca1fd
582c58a235e6e34fd2bd2543d0239be39a0e675a067e41c967ef6eb86b6620eb
59d9754e201207e97a699a467c9ea89f8a0b779153169e8cd41761c69a06608a
5aa95a4bfebb369a2e42d02da463458a40a4c40ed9e3c4d937f723fa204e63b1
5bf62200787a40e4af3e5352641483265476ce7f29a1e602a9c68c3aadaa06b1
5f39a6c8fa6e48ed0e482c54573cca60b3a3c4d22501a3827506aacc9bca6b1d
635dda68d7c55054da4da5d2dc654d40a92c598d80ff35af158da5990ba21a80
6361e3a49a38d1fdc74ec96bd29ee1ecd7c30045ccb0e5f361413d65cbf5ef87
65b8361a03f5efae0217c4dbd4425c0e3ecf318880f4f45fabbeb09b1e5b927d
69e5bd6a3392e9ac3ad144d8b727223f7d655288d7fe2723debd7b964925197e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b65e3870f0c53a1563b29a83330581f3be5b5f809b3105f38390a561ded34a3
70ba610e8b04346fcfaf7131529082ab2f9cec6954ce32552b1cac0a9e567aba
78fe18215db770e44d34bdf6b95086f09b6b37c60a7c3a0f5704ecb87b01f818
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85140fd1ed0bf2706e5f6b2760d913f231d905d9e0c54b05b8707485950a1efb
8736af2d295525a939c8c8dac5753efd917fbad619dd0a5d3e8c7ae31d5f58e0
8967f74e7d85c9965046873c0a2c03e0a20223465ee0fa0bef50a11f9cbef8b8
8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4
8d0b03de3793754f7010082639bd9e075e96577c53085116c3c9bd609cb69160
8ddc6cbdb63a791bfc33f40d4b0a250a18e85e0ae93f72389ebda9242bef010d
913a765cfb211a38d2f1e42bbc2a1894d59dad568b78e84fb3d7efdd5154e395
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cf83e7adb20fef90ab510538a2b3cd84bd2a1b815fe05490a5fde19df6eacd1
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a25146c544ae821d97ac637e817dae3f4985b7e991d7354cf1d21561a8dfc630
a2e3b730e59a00b1195cd8e5bfe193efdf3bd17b9c1dbd77ee796dc5c8b68c36
a3aa896141cf840e5548d76aafcaf0d10db50ebb4fc2811858b5ad4da3146a59
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac3d45538ffdd87732763521ea21e1f9695551d5c8a1b506935fb9bbc5253bfc
affe144bc5730c89d09e953cd7162b1cbbc88210ae0be3bc482ed85bf1c34e76
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3e56606bc3a50bdac33d1c1a9ada75c82d1ea0857f3537a7b333387c1bb31be
b4280ce64566ebc14aad2e95190e8f82b3f0e9cd8a3a30a754c37c83b1590570
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c3d5a3baea319dfacf6278173e2c55a28d83c7aae0ea5e0755f146c9952ea4e8
c68f7cb5beb5bf89d1b066099dc16b25a181c079b8344a2eec644e52c6fd5c91
caed37875e80934c7f52564ca26b7846bd1f7bfa26f6eb74994556ee9777dbec
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7cf39b9083ee5503540f737097dc4daf98b42efff20d25a93d0202c7f8e5d3
d1c331f264754087f3664acaa151e43d3b19a6075c1639b06990fff50a7a2922
d5e6377c191ab2d447f9c5dccefabcd9aa5fcb36b9232fb38dcf07db762d27e2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e460f96b55890d9f0adc7070e5ebf6b2d3997de02c75653795bac38abe1018bd
e69da0edf49813f480dd0b072d338f888ea3b37fcf1fddb344ebc3633ea4af63
ea1bd05db50c7890dd053edf77ee864749a4d8d726a063c80c606a88d095cabd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2deabdbb23fe4b9189cc3aeb682e8bd696278846e0a996b19628aa9a70911ca
fc0953ba4aa29f232ecdd245e6554d01d92cb146dc4a804dd534e79deb8b096f

ori-www.hadiahjuara.com Open in urlscan Pro 110.50.230.86 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

161 Requests

77 %HTTPS

19 %IPv6

67 Domains

84 Subdomains

61 IPs

9 Countries

4099 kBTransfer

6878 kBSize

102 Cookies

14 Outgoing links

Page URL History

Redirected requests

161 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ori-www.hadiahjuara.com Open in urlscan Pro
110.50.230.86 Public Scan

Screenshot
Live screenshot

Full Image

161
Requests

77 %
HTTPS

19 %
IPv6

67
Domains

84
Subdomains

61
IPs

9
Countries

4099 kB
Transfer

6878 kB
Size

102
Cookies

161 HTTP transactions
0 data transactions