urlscan.io logo urlscan.io
SecurityTrails logo

www.vnlfantasy.com Open in urlscan Pro
2600:9000:21da:600:0:275:e800:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://vnlfantasy.com/
Effective URL: https://www.vnlfantasy.com/
Submission: On July 24 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 6 domains to perform 19 HTTP transactions. The main IP is 2600:9000:21da:600:0:275:e800:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.vnlfantasy.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on July 23rd 2024. Valid for: a year.
This is the only time www.vnlfantasy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    3.70.17.83 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-70-17-83.eu-central-1.compute.amazonaws.com
vnlfantasy.com
3    2600:9000:21da:600:0:275:e800:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.vnlfantasy.com
4    2607:f8b0:400d:c1d::9b (Morganton, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    23.200.173.93 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-173-93.deploy.static.akamaitechnologies.com
appleid.cdn-apple.com
3    2607:f8b0:4004:c21::5e (Washington, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2607:f8b0:400d:c0d::9d (Morganton, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2607:f8b0:400d:c07::84 (Morganton, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2607:f8b0:400d:c07::69 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
Apex Domain
Subdomains		 Transfer
6 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
tpc.googlesyndication.com — Cisco Umbrella Rank: 203
237 KB
4 gstatic.com
www.gstatic.com
csi.gstatic.com
74 KB
4 vnlfantasy.com
vnlfantasy.com
www.vnlfantasy.com
61 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
1 google.com
www.google.com — Cisco Umbrella Rank: 10
1 cdn-apple.com
appleid.cdn-apple.com — Cisco Umbrella Rank: 5013
17 KB
19 6
Domain Requested by
4 pagead2.googlesyndication.com www.vnlfantasy.com
pagead2.googlesyndication.com
3 www.gstatic.com www.vnlfantasy.com
3 www.vnlfantasy.com www.vnlfantasy.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 csi.gstatic.com pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 appleid.cdn-apple.com www.vnlfantasy.com
1 vnlfantasy.com 1 redirects
19 9

This site contains no links.

Subject Issuer Validity Valid
*.vnlfantasy.com
Amazon RSA 2048 M03		 2024-07-23 -
2025-08-21		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
appleid.cdn-apple.com
Apple Public EV Server RSA CA 2 - G1		 2024-06-06 -
2024-12-03		 6 months crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.vnlfantasy.com/
Frame ID: 4113E49166879D1B379BF7AE0042DEEA
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240722/r20110914/zrt_lookup_fy2021.html
Frame ID: 2950F8085B81C83067ECEAEDAF28EDFD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6928759504783120&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1721744964&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.vnlfantasy.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=32_7~27_15~30_19&aiixl=29_5~32_9~27_3~30_6&aslmct=0.7&asamct=0.7&aiapm=0.46927&aiapmi=0.48129&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721785833278&bpp=4&bdt=1032&idt=532&shv=r20240722&mjsv=m202407180101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3875250682858&rume=1&frm=20&pv=2&ga_vid=182043021.1721785834&ga_sid=1721785834&ga_hid=56263035&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95331833%2C95332586%2C95334525%2C95334830%2C95337870%2C95338229%2C95338249%2C95336521%2C95336266%2C31061691%2C31061692%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3749672503757276&tmod=1236745739&uas=0&nvt=1&fsapi=1&fc=1920&brdim=580%2C580%2C580%2C580%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=557
Frame ID: 0E1D0647A3983502DAC50E48E1158AA8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FF4F733EEAD177D05609CEF3F245F28C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 183FBA0FACAC475A1BC74E6858BBCED9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

VNL Fantasy | The Official VNL Fantasy Game

Page URL History Show full URLs

  1. https://vnlfantasy.com/ HTTP 301
    https://www.vnlfantasy.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • appleid\.auth\.js
Overall confidence: 100%
Detected patterns
  • <meta[^>]*google-signin-client_id
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

19
Requests

89 %
HTTPS

78 %
IPv6

6
Domains

9
Subdomains

9
IPs

2
Countries

390 kB
Transfer

1655 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://vnlfantasy.com/ HTTP 301
    https://www.vnlfantasy.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.vnlfantasy.com/
Redirect Chain
  • https://vnlfantasy.com/
  • https://www.vnlfantasy.com/
4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.vnlfantasy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:600:0:275:e800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5082190fbae3c9e0360e808fc18d23d8cf1eb8cf2a12e4d92eda0041b247c307

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
4234
content-type
text/html
date
Wed, 24 Jul 2024 01:50:33 GMT
etag
"bb432eebf309724247dc59cb541a369e"
last-modified
Tue, 23 Jul 2024 14:29:24 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 284419e56e7f935ce4c1c55765241348.cloudfront.net (CloudFront)
x-amz-cf-id
u2TNZeBlERCZA3lLlnPycdbywWwKNK7v6Cog7X5cAD2TnRZgKgdSaQ==
x-amz-cf-pop
EWR53-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront

Redirect headers

Connection
keep-alive
Content-Length
178
Content-Type
text/html
Date
Wed, 24 Jul 2024 01:50:30 GMT
Location
https://www.vnlfantasy.com
Server
nginx/1.18.0 (Ubuntu)
flutter.js
www.vnlfantasy.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vnlfantasy.com/flutter.js
Requested by
Host: www.vnlfantasy.com
URL: https://www.vnlfantasy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:600:0:275:e800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
abb5c407db14908c2af56263bff34c683be228a5e22c384d7a6b852e731f466a

Request headers

Referer
https://www.vnlfantasy.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 19:23:16 GMT
content-encoding
br
via
1.1 284419e56e7f935ce4c1c55765241348.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jul 2024 14:29:23 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
23237
etag
W/"c71a09214cb6f5f8996a531350400a9a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
JFvfHhSTK0YZfiI76d7sL0bBsO-32j_w-VRbc99JSaRvuFZey26_4w==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		159 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6928759504783120
Requested by
Host: www.vnlfantasy.com
URL: https://www.vnlfantasy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c1d::9b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
017fa9857ccc557f503fd71d1f7931ef3bf74be0ad2266ba3d6c7b3641ae8df2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vnlfantasy.com/
Origin
https://www.vnlfantasy.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 01:50:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53429
x-xss-protection
0
server
cafe
etag
1463076171046579956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 24 Jul 2024 01:50:33 GMT
appleid.auth.js
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/ 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js
Requested by
Host: www.vnlfantasy.com
URL: https://www.vnlfantasy.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.200.173.93 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-173-93.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.vnlfantasy.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Wed, 24 Jul 2024 01:50:32 GMT
Last-Modified
Mon, 22 Jul 2024 18:42:27 GMT
Server
Apple
ETag
W/"43171-1721673747044"
Vary
accept-encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400,stale-while-revalidate=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17356
firebase-app.js
www.gstatic.com/firebasejs/8.10.0/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.10.0/firebase-app.js
Requested by
Host: www.vnlfantasy.com
URL: https://www.vnlfantasy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a78d872dee0b66e1fd7cfdab14645678b8f9596cf42b212029825029acda4dfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vnlfantasy.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 12:40:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
306596
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7003
x-xss-protection
0
last-modified
Thu, 19 Aug 2021 20:25:44 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 20 Jul 2025 12:40:36 GMT
firebase-auth.js
www.gstatic.com/firebasejs/8.10.0/ 		173 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.10.0/firebase-auth.js
Requested by
Host: www.vnlfantasy.com
URL: https://www.vnlfantasy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a99665d77fbb2a8996da55c9dee2f8df31fb163a4ea3aa612042c9dfbd7d7dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vnlfantasy.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 11:20:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
311390
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56948
x-xss-protection
0
last-modified
Thu, 19 Aug 2021 20:25:38 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 20 Jul 2025 11:20:42 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/8.10.0/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.10.0/firebase-messaging.js
Requested by
Host: www.vnlfantasy.com
URL: https://www.vnlfantasy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69df19aa714c324e70896cd5cc834d9dcc1080b58b2e771e86df18ab10b20859
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vnlfantasy.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 17:04:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
290744
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10881
x-xss-protection
0
last-modified
Thu, 19 Aug 2021 20:25:43 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 20 Jul 2025 17:04:48 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/ 		423 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6928759504783120
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c1d::9b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe2d552f5b5f5d466d6a729cc466fc8960adf03addda7a8de60b7de2ba95d7f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vnlfantasy.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 01:50:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146095
x-xss-protection
0
server
cafe
etag
8998190916158754913
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jul 2024 01:50:33 GMT
rum_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240722/r20110914/ 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240722/r20110914/rum_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c1d::9b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
817041cf915e6857dfb7795b7f1b8253af79ff3bca1f8161e655510284209724
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vnlfantasy.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 20:17:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
20006
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23498
x-xss-protection
0
server
cafe
etag
12124415713276486874
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Aug 2024 20:17:07 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240722/r20110914/ Frame 2950 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240722/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0d::9d Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vnlfantasy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age
10692
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4142
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jul 2024 22:52:22 GMT
etag
2738592464165616
expires
Tue, 06 Aug 2024 22:52:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0E1D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6928759504783120&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1721744964&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.vnlfantasy.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=32_7~27_15~30_19&aiixl=29_5~32_9~27_3~30_6&aslmct=0.7&asamct=0.7&aiapm=0.46927&aiapmi=0.48129&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721785833278&bpp=4&bdt=1032&idt=532&shv=r20240722&mjsv=m202407180101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3875250682858&rume=1&frm=20&pv=2&ga_vid=182043021.1721785834&ga_sid=1721785834&ga_hid=56263035&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95331833%2C95332586%2C95334525%2C95334830%2C95337870%2C95338229%2C95338249%2C95336521%2C95336266%2C31061691%2C31061692%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3749672503757276&tmod=1236745739&uas=0&nvt=1&fsapi=1&fc=1920&brdim=580%2C580%2C580%2C580%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=557
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0d::9d Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vnlfantasy.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Jul 2024 01:50:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240722&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c1d::9b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c346792f10b4eb2b45a5467b06631c9956930b245910c20cd3449a16c010fae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vnlfantasy.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 01:50:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12778
x-xss-protection
0
favicon.png
www.vnlfantasy.com/ 		55 KB
55 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.vnlfantasy.com/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:21da:600:0:275:e800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b8468c70cf6601fe631dca5eb83ef1cfb9636eace842b762bee0ccbab34c2b22

Request headers

Referer
https://www.vnlfantasy.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 19:23:17 GMT
via
1.1 c67ae9899d89f9402837da3a0ead9442.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jul 2024 14:29:23 GMT
server
AmazonS3
age
23237
x-amz-cf-pop
EWR53-C1
etag
"d5aeeb629d1a9a469d370982d827bd2a"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
55879
x-amz-cf-id
8a-37M9Jl8o_CU-NeQiYGInfWnZQnFk_kiDWIsyi6FeYv9qxyyoC6A==
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vnlfantasy.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 01:50:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 24 Jul 2024 01:50:34 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FF4F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vnlfantasy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
543264
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jul 2024 18:56:11 GMT
expires
Thu, 17 Jul 2025 18:56:11 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 183F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c07::69 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DylTxNtxs43mUw5NKN76Iw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.vnlfantasy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-DylTxNtxs43mUw5NKN76Iw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 24 Jul 2024 01:50:35 GMT
expires
Wed, 24 Jul 2024 01:50:35 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
csi
csi.gstatic.com/ 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lyz6tw5h&c=3749672503757276&e=44759876%2C44759927%2C44759842%2C42532523%2C95331833%2C95332586%2C95334525%2C95334830%2C95337870%2C95338229%2C95338249%2C95336521%2C31061691%2C31061692%2C31078663%2C31078668%2C31078670&ctx=1&met.3=1001.2db_1__1~164.2dd_1~165.2da_4~166.2ct_l~1032.2s2~326.2s5_1~832.2s7~868.2s7~216.2s2_7~215.2s2_7~843.2s0_8~889.2so~639.2t4~112.2x0_2~113.3db_1~1244.3kx&met.1=1.lyz6tt8h~6.rg~7.11a~8.11a~9.11a~10.16h~11.12m~12.16h~13.1kg~14.1kh~15.1km~16.23b~17.23b~18.23b~19.3d8~20.3d8~21.3da
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20240722/r20110914/rum_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.vnlfantasy.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jul 2024 01:50:36 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
main.dart.js
www.vnlfantasy.com/ 		640 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vnlfantasy.com/main.dart.js
Requested by
Host: www.vnlfantasy.com
URL: https://www.vnlfantasy.com/flutter.js
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.vnlfantasy.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 19:23:18 GMT
content-encoding
br
via
1.1 c67ae9899d89f9402837da3a0ead9442.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jul 2024 14:29:24 GMT
server
AmazonS3
age
23238
x-amz-cf-pop
EWR53-C1
etag
W/"92370dcfc1a845ab3c77e050fc6b480a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
Pg_ZpzluvJ39qHZPJyrS751tI2bhv4DwiJspSUtPHyDjZ9Tke3qGKg==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240722&jk=3749672503757276&bg=!LyylLGPNAAYaZPuaOmQ7ADQBe5WfOCDvjDPQsUFCd3kBqhQp0A3eCaWcVaufdI_mHCMiPjXvoU-1hjbwYd44umAjCi1DAgAAAEdSAAAAA2gBB34ANoL8PgyKfCDJK3_T8jLEzaYAhZwyWK2z7lefZFkPoeyIaHEV0F8N1HgmpOicLyhvX9Ae1k6IqpkCrgpHUu8RKyRx6FaNjvkVc4cfyAPDW7SHiSFn_MBGM3ceTgHUmQxs1qg0vN_RjVhVDViMhVl3T5UXOphWyy2pHQbawGwlxawFn0qkS5KthMmX0ApUrmshKsCrnIXcqRpPvCmC0vG0v3L3Zx_Oj_nZfDkKUv1cXg1Mzx_9z7re-1GQLaMF8PWm-bWNvStCCuARiUaX0ShXOiHW-AYZ3_4arpyE1qNPnFESKtcUmjNS4WE7Po0-BoMxvznXOu4UXYS8fbZ-26TW3pCZQ9lsaAbQ-YVY-kqwWmWw3ZqyYZHapL12Qo1y2Bf7L-87wHB_Zt_nvRlcQSLttlr7yisP5XEOAIlD9B8hnHRlyTbFU_bUayghby4-357f9CcoNggLiDIezZgM2DYSjT_08_soZiBtPGZ63GLzAIzGQVeBYJfYwWtSF-XkQJM5aX0ca45hjkYRwRvCB0rCz8rBcjg3sBJRCD75S5CPFUyhUzN9CTnI68Gl6loT9PAlkH3CH4aREYDYt46lPh2-iicvD5WFFP1eKaZHP7xOIOZy2tFfI7j7Xh5T02rFYwhdd5sqEBZ02rCARLO3Garn3UUuFk1wHFm0EZPFJUbx7J9YDjo4T-9z-bxXDQg99KDnlK_jenP5lWq2o5ePYdfP18a0DHeAXoKu7xLpxaCBTKEnIFqrvj8716F22-17x7rK8sT2ioSh0B1Q_X4q0vpJ_70qWO9O6Tc4Tr_vWEpavmpvydhzgkjgXItXc_VlpXSkDw0TgOfPwWAx1uCPiCQVw0Q74x2a3U_o0G_SJWuyfdDjPGi_CN4XsuLaiG-Fl34fXGKpRzo7NyShXPbwPQ5rVouPOT4GdhyREWs3jrrbo56VpKoXDsWWuPJnJu7_Ga-cKAGAdQK2p_zMM_YxqTHYIXOR0Y_F50df

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| AppleID object| firebase object| _flutter object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots number| google_rum_task_id_counter function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| google_sa_impl object| google_rum_config number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| _google_rum_ns_ object| GoogleGcLKhOms object| google_image_requests

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission