Submitted URL: https://redeliver5r9p.com/
Effective URL: https://www.xemkeoonline.com/
Submission: On July 13 via automatic, source certstream-suspicious

Summary

This website contacted 26 IPs in 6 countries across 22 domains to perform 144 HTTP transactions. The main IP is 111.90.148.73, located in Malaysia and belongs to SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY. The main domain is www.xemkeoonline.com.
TLS certificate: Issued by R3 on June 3rd 2021. Valid for: 3 months.
This is the only time www.xemkeoonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 45 111.90.148.73 45839 (SHINJIRU-...)
7 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 11 2.16.186.211 20940 (AKAMAI-ASN1)
1 216.58.212.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 107.154.199.84 19551 (INCAPSULA)
2 20 220.242.170.82 54994 (QUANTILNE...)
1 192.0.77.48 2635 (AUTOMATTIC)
24 13.224.99.19 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 103.89.20.98 136462 (MOOTECHAS...)
6 119.13.89.234 136907 (HWCLOUDS-...)
2 207.46.153.17 8075 (MICROSOFT...)
1 104.21.92.9 13335 (CLOUDFLAR...)
1 209.9.48.83 3491 (BTN-ASN)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
144 26
Domain Requested by
44 www.xemkeoonline.com www.xemkeoonline.com
24 cdnjs.santisem.com rvn88cdn.agent1818.com
20 rvn88cdn.agent1818.com 2 redirects www.xemkeoonline.com
rvn88cdn.agent1818.com
cdnjs.santisem.com
12 fonts.gstatic.com fonts.googleapis.com
7 pagead2.googlesyndication.com www.xemkeoonline.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 cdn.livechatinc.com www.xemkeoonline.com
secure.livechatinc.com
4 vietsode.net www.xemkeoonline.com
3 contents.masamiab.com rvn88cdn.agent1818.com
contents.masamiab.com
3 ls.masamiab.com rvn88cdn.agent1818.com
3 api.livechatinc.com cdn.livechatinc.com
3 fonts.googleapis.com www.xemkeoonline.com
secure.livechatinc.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 announcements.masamiab.com rvn88cdn.agent1818.com
announcements.masamiab.com
2 accounts.livechatinc.com 1 redirects cdn.livechatinc.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 esports.w88api.com
1 ls.99k.info ls.masamiab.com
1 js.w2script.com rvn88cdn.agent1818.com
1 www.google-analytics.com rvn88cdn.agent1818.com
1 secure.livechatinc.com cdn.livechatinc.com
1 s.w.org www.xemkeoonline.com
1 rvn88.w2sports.com 1 redirects
1 m.vn88hn.live 1 redirects
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 redeliver5r9p.com 1 redirects
144 29

This site contains links to these domains. Also see Links.

Domain
affiliate.w88mp.com
Subject Issuer Validity Valid
xemkeoonline.com
R3
2021-06-03 -
2021-09-01
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-06-22 -
2021-09-14
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-06-22 -
2021-09-14
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-11 -
2022-07-10
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-06-22 -
2021-09-14
3 months crt.sh
livechat.com
DigiCert SHA2 Secure Server CA
2021-04-20 -
2022-04-25
a year crt.sh
*.googleadservices.com
GTS CA 1C3
2021-06-22 -
2021-09-14
3 months crt.sh
*.google.de
GTS CA 1C3
2021-06-22 -
2021-09-14
3 months crt.sh
*.google.com
GTS CA 1C3
2021-06-22 -
2021-09-14
3 months crt.sh
support11a.cdnetworks.net
DigiCert SHA2 High Assurance Server CA
2020-10-19 -
2021-11-19
a year crt.sh
*.w.org
Sectigo RSA Domain Validation Secure Server CA
2019-12-19 -
2021-12-18
2 years crt.sh
cdnjs.santisem.com
R3
2021-07-04 -
2021-10-02
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-06-22 -
2021-09-14
3 months crt.sh
ip2loc.w2script.com
Go Daddy Secure Certificate Authority - G2
2021-02-18 -
2022-03-22
a year crt.sh
ls.masamiab.com
R3
2021-06-27 -
2021-09-25
3 months crt.sh
contents.masamiab.com
R3
2021-05-31 -
2021-08-29
3 months crt.sh
announcements.masamiab.com
R3
2021-05-31 -
2021-08-29
3 months crt.sh
*.w88api.com
Sectigo RSA Domain Validation Secure Server CA
2020-09-26 -
2021-10-27
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-06-22 -
2021-09-14
3 months crt.sh

This page contains 9 frames:

Primary Page: https://www.xemkeoonline.com/
Frame ID: 4F6B109CFFA751C9334F7AA94A5B3154
Requests: 78 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210708/r20190131/zrt_lookup.html
Frame ID: 4239A232D2EDE44BA1527CDAB5C54254
Requests: 1 HTTP requests in this frame

Frame: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Frame ID: C9869C081D1222CB7AC7D7351A1EF432
Requests: 53 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3478514043172783&output=html&adk=1812271804&adf=3025194257&lmt=1626144308&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.xemkeoonline.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626144308177&bpp=561&bdt=82&idt=669&shv=r20210708&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4909558502885&frm=20&pv=2&ga_vid=1288258043.1626144309&ga_sid=1626144309&ga_hid=1599942821&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060972%2C44740386&oid=3&pvsid=2845476238654714&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=712
Frame ID: A0E985958F550E96B259B51D9C8D3DAA
Requests: 1 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=12142308&group=0&embedded=1&widget_version=3&unique_groups=0
Frame ID: 5701896B62EA63B8E6FC46B974664B8E
Requests: 7 HTTP requests in this frame

Frame: https://accounts.livechatinc.com/static/postmessage.html
Frame ID: F5C1A75AAE4ADAE7C4A9C18CE6C4F7CC
Requests: 1 HTTP requests in this frame

Frame: https://ls.99k.info/_blank.htm
Frame ID: 3FD1D64EFEB8238077A7867D0E9B36C1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 0693AE4D6777B06E45854A7CA94C129C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CE3F761E6BB7C09DD3CFBC5CDA8380F2
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://redeliver5r9p.com/ HTTP 301
    https://www.xemkeoonline.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

144
Requests

100 %
HTTPS

54 %
IPv6

22
Domains

29
Subdomains

26
IPs

6
Countries

4371 kB
Transfer

11264 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://redeliver5r9p.com/ HTTP 301
    https://www.xemkeoonline.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68
  • https://m.vn88hn.live/launcher/sports/esports-euro HTTP 302
  • https://rvn88.w2sports.com/sports?ExternalToken=x&LangID=241&oddsstyleid=3&random=1 HTTP 302
  • https://rvn88cdn.agent1818.com//sports?ExternalToken=x&LangID=241&oddsstyleid=3&random=1 HTTP 301
  • https://rvn88cdn.agent1818.com/sports/?ExternalToken=x&LangID=241&oddsstyleid=3&random=1 HTTP 302
  • https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Request Chain 83
  • https://accounts.livechatinc.com/customer?license_id=12142308&flow=button&response_type=token&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&redirect_uri=https%3A%2F%2Fsecure.livechatinc.com%2Fcustomer%2Faction%2Fopen_chat&post_message_uri=https%3A%2F%2Fsecure.livechatinc.com%2Fcustomer%2Faction%2Fopen_chat&state=%40livechat%2Fcustomer-auth HTTP 302
  • https://accounts.livechatinc.com/static/postmessage.html

144 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.xemkeoonline.com/
Redirect Chain
  • https://redeliver5r9p.com/
  • https://www.xemkeoonline.com/
189 KB
30 KB
Document
General
Full URL
https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
18c9255efa5830e5d14614bdd0f3e05001674c05da1d4149ad90a14823b6809f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.xemkeoonline.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Tue, 13 Jul 2021 02:45:07 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0; expires=Tue, 13-Jul-2021 08:45:07 GMT; Max-Age=21600; path=/; domain=www.xemkeoonline.com; HttpOnly
link
<https://www.xemkeoonline.com/wp-json/>; rel="https://api.w.org/" <https://www.xemkeoonline.com/wp-json/wp/v2/pages/30>; rel="alternate"; type="application/json" <https://www.xemkeoonline.com/>; rel=shortlink
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
content-encoding
gzip

Redirect headers

server
nginx
date
Tue, 13 Jul 2021 02:45:06 GMT
content-type
text/html; charset=UTF-8
location
https://www.xemkeoonline.com/
set-cookie
PHPSESSID=kfjvap6gqml96kle3nme7qiifp; expires=Tue, 13-Jul-2021 08:45:06 GMT; Max-Age=21600; path=/; domain=redeliver5r9p.com; HttpOnly
expires
Tue, 13 Jul 2021 03:45:06 GMT
cache-control
max-age=3600
x-redirect-by
WordPress
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
134 KB
48 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90f3d044989dd24e2c3ae4b741979aa42d627a6979d5682b24b35ef98a490958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48540
x-xss-protection
0
server
cafe
etag
597180605778251549
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 13 Jul 2021 02:45:08 GMT
style.min.css
www.xemkeoonline.com/wp-includes/css/dist/block-library/
57 KB
9 KB
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 04:12:19 GMT
server
nginx
etag
W/"6077bd23-e33b"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
frontend.min.css
www.xemkeoonline.com/wp-content/themes/astra/assets/css/minified/
47 KB
9 KB
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=3.5.0
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
9f797a163645a8d6308f5c6ee5c7c96cdf26c20d28a5c608fa488a0fac45f6df

Request headers

:path
/wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=3.5.0
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Tue, 08 Jun 2021 11:04:59 GMT
server
nginx
etag
W/"60bf4edb-bcd1"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
css
fonts.googleapis.com/
10 KB
982 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2Ci%2C700%2C700i%2C%7CMontserrat%3A500&display=fallback&ver=3.5.0
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b4060f918f12bcc8dc11069732cb9f2bc32a59f04d7f91e05ae04b661f43f298
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 13 Jul 2021 02:45:08 GMT
server
ESF
date
Tue, 13 Jul 2021 02:45:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Jul 2021 02:45:08 GMT
menu-image.css
www.xemkeoonline.com/wp-content/plugins/menu-image/includes/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/menu-image/includes/css/menu-image.css?ver=3.0.4
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
75db663f63c3505c2d1d2c41b82da41465bcd39b390516728f7fd323f95f644e

Request headers

:path
/wp-content/plugins/menu-image/includes/css/menu-image.css?ver=3.0.4
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Tue, 06 Apr 2021 06:35:22 GMT
server
nginx
etag
W/"606c012a-d0f"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
dashicons.min.css
www.xemkeoonline.com/wp-includes/css/
58 KB
35 KB
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-includes/css/dashicons.min.css?ver=5.7.2
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

:path
/wp-includes/css/dashicons.min.css?ver=5.7.2
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 04:12:19 GMT
server
nginx
etag
W/"6077bd23-e688"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
cb70d11b8.min.css
www.xemkeoonline.com/wp-content/uploads/essential-addons-elementor/
99 KB
11 KB
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-content/uploads/essential-addons-elementor/cb70d11b8.min.css?ver=1626144307
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
bfee97408d02a4ae6084406b0fc6a17249f76144e1ab2218c66218703ebe592e

Request headers

:path
/wp-content/uploads/essential-addons-elementor/cb70d11b8.min.css?ver=1626144307
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Sat, 10 Jul 2021 03:47:32 GMT
server
nginx
etag
W/"60e91854-18c46"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
astra-addon-60e5d2016f0f89-88744431.css
www.xemkeoonline.com/wp-content/uploads/astra-addon/
56 KB
7 KB
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-content/uploads/astra-addon/astra-addon-60e5d2016f0f89-88744431.css?ver=3.5.4
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
2d2c6f5ec4686e7cb2373fcd2cc49970220227ac721b21e297f90981e74a2fc1

Request headers

:path
/wp-content/uploads/astra-addon/astra-addon-60e5d2016f0f89-88744431.css?ver=3.5.4
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Wed, 07 Jul 2021 16:10:41 GMT
server
nginx
etag
W/"60e5d201-e089"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
wp-emoji-release.min.js
www.xemkeoonline.com/wp-includes/js/
14 KB
5 KB
Script
General
Full URL
https://www.xemkeoonline.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Thu, 04 Feb 2021 04:14:08 GMT
server
nginx
etag
W/"601b7490-3795"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
sassy-social-share-public.css
www.xemkeoonline.com/wp-content/plugins/sassy-social-share/public/css/
36 KB
10 KB
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.3.20
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
2c5b024ac47363f4d7bb9f9ba156f11847254f45d37783068345e1217ce3fd25

Request headers

:path
/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.3.20
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Thu, 10 Jun 2021 08:00:33 GMT
server
nginx
etag
W/"60c1c6a1-8ff4"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
sassy-social-share-svg.css
www.xemkeoonline.com/wp-content/plugins/sassy-social-share/admin/css/
111 KB
35 KB
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/sassy-social-share/admin/css/sassy-social-share-svg.css?ver=3.3.20
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
7f8fc2a8f340314b8c37cf2e52c17df22e0b6e756625c61dd87f650ee28fdb37

Request headers

:path
/wp-content/plugins/sassy-social-share/admin/css/sassy-social-share-svg.css?ver=3.3.20
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Thu, 10 Jun 2021 08:00:33 GMT
server
nginx
etag
W/"60c1c6a1-1baf8"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
elementor-icons.min.css
www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/eicons/css/
17 KB
4 KB
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.11.0
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
e36eaa6e7cebbd4138dfb008ee3d53ab8195f45953b0f4f27d0d8156ab059021

Request headers

:path
/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.11.0
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:09:35 GMT
server
nginx
etag
W/"60ca223f-4350"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
animations.min.css
www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/animations/
18 KB
3 KB
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.2.5
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Request headers

:path
/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.2.5
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:09:35 GMT
server
nginx
etag
W/"60ca223f-4824"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
frontend-legacy.min.css
www.xemkeoonline.com/wp-content/plugins/elementor/assets/css/
4 KB
773 B
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.2.5
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
1e5aeaa58ab4c2345953f77e07fbc20578326076a259ed702eea64e077fde675

Request headers

:path
/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.2.5
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:09:35 GMT
server
nginx
etag
W/"60ca223f-f0e"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
frontend.min.css
www.xemkeoonline.com/wp-content/plugins/elementor/assets/css/
115 KB
17 KB
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.2.5
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
3f9c38934fc41ee2a85f1a6e1ad59e96f7f1e73b9b4e653394708715d5ab32c5

Request headers

:path
/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.2.5
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:09:35 GMT
server
nginx
etag
W/"60ca223f-1cc44"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
post-38.css
www.xemkeoonline.com/wp-content/uploads/elementor/css/
2 KB
930 B
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-content/uploads/elementor/css/post-38.css?ver=1623860060
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
5db00cc0aaaef4c68ce7be752bd8794cc0b67469cedfed7f4bb493c328cd5611

Request headers

:path
/wp-content/uploads/elementor/css/post-38.css?ver=1623860060
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:14:20 GMT
server
nginx
etag
W/"60ca235c-97f"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
post-30.css
www.xemkeoonline.com/wp-content/uploads/elementor/css/
4 KB
837 B
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-content/uploads/elementor/css/post-30.css?ver=1625887947
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
d59771829b640eb8e2109dd4199b2e7e48dbffd81bf351ad1ee909ac2f419a6c

Request headers

:path
/wp-content/uploads/elementor/css/post-30.css?ver=1625887947
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Sat, 10 Jul 2021 03:32:27 GMT
server
nginx
etag
W/"60e914cb-e70"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
style.css
www.xemkeoonline.com/wp-content/themes/astra-child/
1 KB
934 B
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-content/themes/astra-child/style.css?ver=1.0.0
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
ed6659edd6031b871799dacd6ece7702502f8e749af40426d5a3013dd9eb1a25

Request headers

:path
/wp-content/themes/astra-child/style.css?ver=1.0.0
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Sat, 21 Nov 2020 08:35:51 GMT
server
nginx
etag
W/"5fb8d167-49a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
css
fonts.googleapis.com/
42 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.7.2
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
30a949187cdd1c73e43b3bdee9398a9ae27f403a9481999fc9f5f946d8af0079
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 13 Jul 2021 02:34:08 GMT
server
ESF
date
Tue, 13 Jul 2021 02:45:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Jul 2021 02:45:08 GMT
fontawesome.min.css
www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/
57 KB
13 KB
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.1
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
f8d00356859998784bda26e1d14f2d981515921b96ded50d5d6f6f0e75bac15c

Request headers

:path
/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.1
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:09:35 GMT
server
nginx
etag
W/"60ca223f-e238"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
solid.min.css
www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/
669 B
548 B
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.1
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
1ada5259a5ac61a7d68315f7efa6b98d61d2d0478df0545869c880afeaa67dcd

Request headers

:path
/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.1
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:09:35 GMT
server
nginx
etag
W/"60ca223f-29d"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
jquery.min.js
www.xemkeoonline.com/wp-includes/js/jquery/
87 KB
31 KB
Script
General
Full URL
https://www.xemkeoonline.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path
/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Wed, 09 Dec 2020 14:43:46 GMT
server
nginx
etag
W/"5fd0e2a2-15d98"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
jquery-migrate.min.js
www.xemkeoonline.com/wp-includes/js/jquery/
11 KB
4 KB
Script
General
Full URL
https://www.xemkeoonline.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Wed, 09 Dec 2020 14:43:46 GMT
server
nginx
etag
W/"5fd0e2a2-2bd8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
HinhW.gif
vietsode.net/uploads/minh_hoa/hinh/
374 KB
375 KB
Image
General
Full URL
https://vietsode.net/uploads/minh_hoa/hinh/HinhW.gif
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:28b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e097f0071264fdeaecaeced46cdf28762ffa5bc3694aefc95197353ef0bdf03f

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:08 GMT
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
382801
last-modified
Sat, 05 Jun 2021 09:43:15 GMT
server
cloudflare
etag
"60bb4733-5d751"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IwkWJzbNpM2JPeDaTedDcr%2FqsHyJCSgjagxcnjFInepxqr0hf5wN5v28GyauRtSD9XmQ8yUBAzMSYsoXDB6rU1R5XQKl%2BGLFriC1merpdYhd2mNTU84p6LCcteP2b6sB9F5HKSeB"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
cf-ray
66df2c69c9fd4e67-FRA
expires
Tue, 13 Jul 2021 02:45:38 GMT
HinhVN.gif
vietsode.net/uploads/minh_hoa/hinh/
351 KB
352 KB
Image
General
Full URL
https://vietsode.net/uploads/minh_hoa/hinh/HinhVN.gif
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:28b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37fa40e483b873056df8057f5fc06d08389b3741f1b97ff774595d940e81d009

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:09 GMT
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
359355
last-modified
Sat, 05 Jun 2021 09:44:12 GMT
server
cloudflare
etag
"60bb476c-57bbb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=queRQCV2YvznYdsfG03j6MgVBPDtPgKu2mnhQeSqUlM66OvATprW2bXWq2hP%2B%2FKY%2B%2B3nz6nCUWvInucXOpzK28sPDNG%2F%2Fb9SnOBNlAXpIY94l%2Fl9OpYtFMTnhjiKFZnpHy5Es62n"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
cf-ray
66df2c69c9ff4e67-FRA
expires
Tue, 13 Jul 2021 02:45:39 GMT
HinhVN920.gif
vietsode.net/uploads/minh_hoa/hinh/
562 KB
562 KB
Image
General
Full URL
https://vietsode.net/uploads/minh_hoa/hinh/HinhVN920.gif
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:28b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d1b0abead4afbcc2e58204a0d787973b9ed656ec66809bfa4038503ec44783a

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:08 GMT
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
575023
last-modified
Sat, 05 Jun 2021 09:44:16 GMT
server
cloudflare
etag
"60bb4770-8c62f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8fNN582Tcdp5vRP7WB3llNFkfFt3BccnddOB4gzpirNDEJBfeqpVBIn7bUkZxBhOgxJDvFr9crC8gNG75G4eRH%2BLcLnysPL%2Br1vsJJDmhMiGfwq8JoBHzX3F7n32UE%2BAhGJ1ciI1"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
cf-ray
66df2c69ca004e67-FRA
expires
Tue, 13 Jul 2021 02:45:38 GMT
HinhW920.gif
vietsode.net/uploads/minh_hoa/hinh/
504 KB
505 KB
Image
General
Full URL
https://vietsode.net/uploads/minh_hoa/hinh/HinhW920.gif
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:28b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db52f8cd89bc79466c3a38395a327e89fd194b80e62ba0ef7099454d1c765414

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:08 GMT
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
515622
last-modified
Sat, 05 Jun 2021 09:41:50 GMT
server
cloudflare
etag
"60bb46de-7de26"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pJmalBemS1uq0xjcJYGzfWhobdwx1fASNnwBnEq09rk9VsJyLTrrpyq2duTq9eNiQrQjdgpbRb2vbnnP13LBe0wmfvqU%2Bmc5z8Yits2%2BY7mUvWg2tBwcLVCNeidHtULeK3sB05nP"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
cf-ray
66df2c69ca014e67-FRA
expires
Tue, 13 Jul 2021 02:45:38 GMT
all.min.css
www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/
58 KB
13 KB
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=4.7.5
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

Request headers

:path
/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=4.7.5
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:09:35 GMT
server
nginx
etag
W/"60ca223f-e7d0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
v4-shims.min.css
www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/
26 KB
4 KB
Stylesheet
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=4.7.5
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
fda3035030d3843c2751dc0da65fb802230ec00a4008aeed83ddddc7b97cbc93

Request headers

:path
/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=4.7.5
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:09:35 GMT
server
nginx
etag
W/"60ca223f-684e"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
frontend.min.js
www.xemkeoonline.com/wp-content/themes/astra/assets/js/minified/
16 KB
4 KB
Script
General
Full URL
https://www.xemkeoonline.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.5.0
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
f533f1b930a04aef032a5fb9ddbfb85a14fc1ec2b7631cbc0ff87531bfce7120

Request headers

:path
/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.5.0
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Tue, 08 Jun 2021 11:04:59 GMT
server
nginx
etag
W/"60bf4edb-41fc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
sac.php
www.xemkeoonline.com/wp-content/plugins/simple-ajax-chat/resources/
17 KB
5 KB
Script
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/simple-ajax-chat/resources/sac.php?ver=20210210
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
f47d60ba6aa372dde626714bb04e43f25775ed8986f37a83c2c5281a3faafa92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/simple-ajax-chat/resources/sac.php?ver=20210210
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
must-revalidate
x-xss-protection
1; mode=block
expires
Sat, 11 Sep 2021 02:45:08 GMT
cb70d11b8.min.js
www.xemkeoonline.com/wp-content/uploads/essential-addons-elementor/
48 KB
14 KB
Script
General
Full URL
https://www.xemkeoonline.com/wp-content/uploads/essential-addons-elementor/cb70d11b8.min.js?ver=1626144307
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
f0fd6cbfbf2a4baec0ea585b8073df94193ba59132f7f3bded7769474d3486ee

Request headers

:path
/wp-content/uploads/essential-addons-elementor/cb70d11b8.min.js?ver=1626144307
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Sat, 10 Jul 2021 03:47:32 GMT
server
nginx
etag
W/"60e91854-c092"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
smush-lazy-load.min.js
www.xemkeoonline.com/wp-content/plugins/wp-smushit/app/assets/js/
8 KB
4 KB
Script
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.8.7
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
b30169a38c7ecd17eefc119177c0c61337b17a8f1abfd337ac37284d1a04a65b

Request headers

:path
/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.8.7
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Wed, 30 Jun 2021 04:10:39 GMT
server
nginx
etag
W/"60dbeebf-1eee"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
astra-addon-60e5d2016fb2a0-25651636.js
www.xemkeoonline.com/wp-content/uploads/astra-addon/
30 KB
6 KB
Script
General
Full URL
https://www.xemkeoonline.com/wp-content/uploads/astra-addon/astra-addon-60e5d2016fb2a0-25651636.js?ver=3.5.4
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
cf3d17563947bb679f33f02c7a099f3e5ef7f934f3639a50d7dd8f8b09679f6e

Request headers

:path
/wp-content/uploads/astra-addon/astra-addon-60e5d2016fb2a0-25651636.js?ver=3.5.4
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Wed, 07 Jul 2021 16:10:41 GMT
server
nginx
etag
W/"60e5d201-7923"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
wp-embed.min.js
www.xemkeoonline.com/wp-includes/js/
1 KB
1013 B
Script
General
Full URL
https://www.xemkeoonline.com/wp-includes/js/wp-embed.min.js?ver=5.7.2
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=5.7.2
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Thu, 04 Feb 2021 04:14:08 GMT
server
nginx
etag
W/"601b7490-592"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
webpack.runtime.min.js
www.xemkeoonline.com/wp-content/plugins/elementor/assets/js/
5 KB
2 KB
Script
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.2.5
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
b5641645c15c48b3ff5ce52e718563e1d04d18492e552eb126862768327e2855

Request headers

:path
/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.2.5
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:09:35 GMT
server
nginx
etag
W/"60ca223f-12a1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
frontend-modules.min.js
www.xemkeoonline.com/wp-content/plugins/elementor/assets/js/
63 KB
21 KB
Script
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.2.5
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
d8e1bb6afaee4a9709470e6bc6712a4288aab63eff4a430e75935d0095648bb6

Request headers

:path
/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.2.5
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:09:35 GMT
server
nginx
etag
W/"60ca223f-fd92"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
waypoints.min.js
www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/waypoints/
12 KB
3 KB
Script
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

:path
/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:09:35 GMT
server
nginx
etag
W/"60ca223f-2fa6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
core.min.js
www.xemkeoonline.com/wp-includes/js/jquery/ui/
20 KB
7 KB
Script
General
Full URL
https://www.xemkeoonline.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Request headers

:path
/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 04:12:19 GMT
server
nginx
etag
W/"6077bd23-5133"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
swiper.min.js
www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/swiper/
136 KB
35 KB
Script
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804

Request headers

:path
/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:09:35 GMT
server
nginx
etag
W/"60ca223f-21f91"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
share-link.min.js
www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/share-link/
3 KB
1 KB
Script
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.2.5
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580

Request headers

:path
/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.2.5
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:09:35 GMT
server
nginx
etag
W/"60ca223f-a12"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
dialog.min.js
www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/dialog/
11 KB
4 KB
Script
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
2989e0b9e836cb9de3274d641ec6a58c2052f039e790ddd59b22303930bfdeeb

Request headers

:path
/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:09:35 GMT
server
nginx
etag
W/"60ca223f-2a6f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
frontend.min.js
www.xemkeoonline.com/wp-content/plugins/elementor/assets/js/
66 KB
19 KB
Script
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.2.5
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
17f076500dca787c42b1dd6238ce50a0752771eafd040e8512c713a7ec947c65

Request headers

:path
/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.2.5
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:09:35 GMT
server
nginx
etag
W/"60ca223f-1086a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
preloaded-modules.min.js
www.xemkeoonline.com/wp-content/plugins/elementor/assets/js/
57 KB
17 KB
Script
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.2.5
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
d882dbd828af87ed3434862bf608a2dee6d347817ae547421c9b2051ce29a905

Request headers

:path
/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.2.5
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:09:35 GMT
server
nginx
etag
W/"60ca223f-e2e0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
expires
Thu, 12 Aug 2021 02:45:08 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210708/r20190131/
243 KB
90 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210708/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3478514043172783&plah=www.xemkeoonline.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d7731cd19278dd8d68435b1df5709fd2e12e8f13e43d86409ccc26f3354ea52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
92103
x-xss-protection
0
server
cafe
etag
18322328620552464558
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 13 Jul 2021 02:45:08 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210708/r20190131/ Frame 4239
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210708/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210708/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.xemkeoonline.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.xemkeoonline.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 13 Jul 2021 00:45:58 GMT
expires
Tue, 27 Jul 2021 00:45:58 GMT
content-type
text/html; charset=UTF-8
etag
15579341980913220427
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4579
x-xss-protection
0
age
7150
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v27/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2Ci%2C700%2C700i%2C%7CMontserrat%3A500&display=fallback&ver=3.5.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.xemkeoonline.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 00:14:56 GMT
x-content-type-options
nosniff
age
9012
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11860
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:33 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 00:14:56 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2Ci%2C700%2C700i%2C%7CMontserrat%3A500&display=fallback&ver=3.5.0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.xemkeoonline.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 06:52:18 GMT
x-content-type-options
nosniff
age
589970
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 06:52:18 GMT
truncated
/ Frame C986
37 B
37 B
Document
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/
37 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
tracking.js
cdn.livechatinc.com/
85 KB
25 KB
Script
General
Full URL
https://cdn.livechatinc.com/tracking.js
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-211.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
299f002a908a15968be878534247c58b43b6204eb9b9100b91225b54986fe40c

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
p5qZmk.LnfyBMGzHFQEAsEX5_hgtrVd9
content-encoding
br
last-modified
Thu, 08 Jul 2021 08:51:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
W/"dcdb94139b10be92dbb9b5fe82ac82d9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=28800
date
Tue, 13 Jul 2021 02:45:08 GMT
content-length
24910
x-amz-cf-id
neK3J3rbx-p_HYaIvCXNht4yYDmcmmWTRW4zoBIH-BF3-DulxXfpfw==
expires
Tue, 13 Jul 2021 10:45:08 GMT
JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2Ci%2C700%2C700i%2C%7CMontserrat%3A500&display=fallback&ver=3.5.0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.xemkeoonline.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 20:33:46 GMT
x-content-type-options
nosniff
age
22282
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19272
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:11:03 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Jul 2022 20:33:46 GMT
astra.woff
www.xemkeoonline.com/wp-content/themes/astra/assets/fonts/
3 KB
3 KB
Font
General
Full URL
https://www.xemkeoonline.com/wp-content/themes/astra/assets/fonts/astra.woff
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
ec7ef7aa5fd1e019f1c26193e95e46d481d4983673936a9dda086705ada6e3d5

Request headers

sec-fetch-mode
cors
origin
https://www.xemkeoonline.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
:path
/wp-content/themes/astra/assets/fonts/astra.woff
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.xemkeoonline.com
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:08 GMT
last-modified
Tue, 08 Jun 2021 11:04:59 GMT
server
nginx
etag
"60bf4edb-ce8"
content-type
application/font-woff
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
3304
expires
Thu, 12 Aug 2021 02:45:08 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.7.2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.xemkeoonline.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Jul 2021 20:14:24 GMT
x-content-type-options
nosniff
age
196244
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Jul 2022 20:14:24 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2Ci%2C700%2C700i%2C%7CMontserrat%3A500&display=fallback&ver=3.5.0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.xemkeoonline.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 03:00:34 GMT
x-content-type-options
nosniff
age
603874
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 03:00:34 GMT
fa-solid-900.woff2
www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/
78 KB
79 KB
Font
General
Full URL
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://www.xemkeoonline.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0
:path
/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.xemkeoonline.com
Referer
https://www.xemkeoonline.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:08 GMT
x-content-type-options
nosniff
last-modified
Wed, 16 Jun 2021 16:09:35 GMT
server
nginx
etag
"60ca223f-139ac"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
accept-ranges
bytes
content-length
80300
x-xss-protection
1; mode=block
KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v27/
5 KB
5 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2Ci%2C700%2C700i%2C%7CMontserrat%3A500&display=fallback&ver=3.5.0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb56f0e08adb026eb4e4b28c2fc33b35ce3ddf30a075f9906ec14caff095fa3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.xemkeoonline.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 05:36:52 GMT
x-content-type-options
nosniff
age
594496
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5540
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 05:36:52 GMT
KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/
11 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.7.2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.xemkeoonline.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 21:42:00 GMT
x-content-type-options
nosniff
age
18188
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11768
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:42 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Jul 2022 21:42:00 GMT
KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2Ci%2C700%2C700i%2C%7CMontserrat%3A500&display=fallback&ver=3.5.0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.xemkeoonline.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 03:22:29 GMT
x-content-type-options
nosniff
age
602559
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11836
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:52 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 03:22:29 GMT
KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/
5 KB
5 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.7.2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b03ef4b198588654c13a7eacbf4b45a6a42b5d250019c8a6c16dc475e4e97fba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.xemkeoonline.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 18:29:07 GMT
x-content-type-options
nosniff
age
29761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5580
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:52 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Jul 2022 18:29:07 GMT
KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/
5 KB
5 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2Ci%2C700%2C700i%2C%7CMontserrat%3A500&display=fallback&ver=3.5.0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ac62ad133b177d67c52cfd6b1fa821b3566637b15c3637335036aae03cf972a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.xemkeoonline.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 22:40:10 GMT
x-content-type-options
nosniff
age
14698
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5524
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:44 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Jul 2022 22:40:10 GMT
cookie.js
partner.googleadservices.com/gampad/
206 B
662 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.xemkeoonline.com&callback=_gfp_s_&client=ca-pub-3478514043172783
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210708/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3478514043172783&plah=www.xemkeoonline.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
c8733b99c1638090d758de2e1e55f23c53115da5e702a7d51c3a84727cc8a8ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
196
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.xemkeoonline.com%2F&tn=DIV&cls=float-ck-phai&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Jul 2021 02:45:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/
107 B
853 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.xemkeoonline.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210708/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3478514043172783&plah=www.xemkeoonline.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
570 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.xemkeoonline.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210708/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3478514043172783&plah=www.xemkeoonline.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A0E9
603 B
68 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3478514043172783&output=html&adk=1812271804&adf=3025194257&lmt=1626144308&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.xemkeoonline.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626144308177&bpp=561&bdt=82&idt=669&shv=r20210708&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4909558502885&frm=20&pv=2&ga_vid=1288258043.1626144309&ga_sid=1626144309&ga_hid=1599942821&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060972%2C44740386&oid=3&pvsid=2845476238654714&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=712
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210708/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3478514043172783&plah=www.xemkeoonline.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3478514043172783&output=html&adk=1812271804&adf=3025194257&lmt=1626144308&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.xemkeoonline.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626144308177&bpp=561&bdt=82&idt=669&shv=r20210708&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4909558502885&frm=20&pv=2&ga_vid=1288258043.1626144309&ga_sid=1626144309&ga_hid=1599942821&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060972%2C44740386&oid=3&pvsid=2845476238654714&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=712
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.xemkeoonline.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.xemkeoonline.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 13 Jul 2021 02:45:08 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 13-Jul-2021 03:00:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 13 Jul 2021 02:45:08 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
73 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210708/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3478514043172783&plah=www.xemkeoonline.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff43600c228c39295ac3c0768717186ef6d68e1358a325b310a757bf53d265b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:08 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1625830134516437"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27897
x-xss-protection
0
expires
Tue, 13 Jul 2021 02:45:08 GMT
get_dynamic_configuration
api.livechatinc.com/v3.3/customer/action/
266 B
468 B
Script
General
Full URL
https://api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=12142308&url=https%3A%2F%2Fwww.xemkeoonline.com%2F&channel_type=code&jsonp=__xyk9557y7v8
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-211.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
567bcde204e2912b755f5beb16a136d75118e09b6d354604a1da9234df6e1914
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://www.xemkeoonline.com/;
X-Frame-Options allow-from https://www.xemkeoonline.com/

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
frame-ancestors https://www.xemkeoonline.com/;
x-frame-options
allow-from https://www.xemkeoonline.com/
date
Tue, 13 Jul 2021 02:45:09 GMT
content-length
266
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
Cookie set /
rvn88cdn.agent1818.com/vi/sports/ Frame C986
Redirect Chain
  • https://m.vn88hn.live/launcher/sports/esports-euro
  • https://rvn88.w2sports.com/sports?ExternalToken=x&LangID=241&oddsstyleid=3&random=1
  • https://rvn88cdn.agent1818.com//sports?ExternalToken=x&LangID=241&oddsstyleid=3&random=1
  • https://rvn88cdn.agent1818.com/sports/?ExternalToken=x&LangID=241&oddsstyleid=3&random=1
  • https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
1 MB
221 KB
Document
General
Full URL
https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.8.7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
851047f3d0df2c5511d31f2ee2d6b81d4266e55bd402fa823586e91ca341dee8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
rvn88cdn.agent1818.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.xemkeoonline.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
lb_sess=de755886615120d2a4756809fbed6d45; sbtssid=tv0rmuhpus4gfvqt3z0zbvgj; firstrefer=aHR0cHM6Ly93d3cueGVta2Vvb25saW5lLmNvbS8_; firstrequest=aHR0cDovL3J2bjg4Y2RuLmFnZW50MTgxOC5jb20vc3BvcnRzP0V4dGVybmFsVG9rZW49eCZMYW5nSUQ9MjQxJm9kZHNzdHlsZWlkPTMmcmFuZG9tPTE_; lng=241
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==

Response headers

Date
Tue, 13 Jul 2021 02:45:12 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Server
PWS/8.3.1.0.8
Set-Cookie
lb_sess=de755886615120d2a4756809fbed6d45; secure; path=/; SameSite=None; sbtssid=tv0rmuhpus4gfvqt3z0zbvgj; domain=.agent1818.com; path=/; SameSite=None; secure; HttpOnly lng=241; domain=.agent1818.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; SameSite=None; secure; HttpOnly oSt2=3; expires=Tue, 13-Jul-2021 03:45:11 GMT; path=/; SameSite=None; secure; HttpOnly dTz=; domain=.agent1818.com; expires=Sun, 13-Jun-2021 02:45:11 GMT; path=/; SameSite=None; secure; HttpOnly cTz=8; domain=.agent1818.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; SameSite=None; secure bVC=2; domain=.agent1818.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; SameSite=None; secure
Cache-Control
private
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Encoding
gzip
Via
1.1 PSxgHKG8oa90:8 (W), 1.1 PS-FRA-014cL39:2 (W)
X-Px
ms PS-FRA-014cL39FRA,ms PSxgHKG8oa90000(origin)
X-Ws-Request-Id
60ecfe37_kf41_122833-25755

Redirect headers

Date
Tue, 13 Jul 2021 02:45:11 GMT
Content-Type
text/html; charset=utf-8
Content-Length
175
Connection
keep-alive
Server
PWS/8.3.1.0.8
Set-Cookie
lb_sess=de755886615120d2a4756809fbed6d45; secure; path=/; SameSite=None; sbtssid=tv0rmuhpus4gfvqt3z0zbvgj; domain=.agent1818.com; path=/; SameSite=None; secure; HttpOnly lng=241; domain=.agent1818.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; SameSite=None; secure; HttpOnly
Cache-Control
private
Location
/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Via
1.1 PSxgHKG8oa90:8 (W), 1.1 PS-FRA-014cL39:2 (W)
X-Px
ms PS-FRA-014cL39FRA,ms PSxgHKG8oa90000(origin)
X-Ws-Request-Id
60ecfe37_kf41_122833-25754
cropped-500x200_XKlogo-1-200x80.png
www.xemkeoonline.com/wp-content/uploads/2020/11/
21 KB
22 KB
Image
General
Full URL
https://www.xemkeoonline.com/wp-content/uploads/2020/11/cropped-500x200_XKlogo-1-200x80.png
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
119b2522ae491ae9bdc831255cbd184f83746403d91ed27b074f63f1b960db82

Request headers

:path
/wp-content/uploads/2020/11/cropped-500x200_XKlogo-1-200x80.png
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0; __gads=ID=ef5edc92026acaa9-222811e27ac800b6:T=1626144309:RT=1626144309:S=ALNI_MYd0rwGftKQhs1GTZ7WDX6dd6Szrg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:09 GMT
last-modified
Thu, 17 Jun 2021 08:45:00 GMT
server
nginx
etag
"60cb0b8c-55e5"
content-type
image/png
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
21989
expires
Thu, 12 Aug 2021 02:45:09 GMT
fire-icon-vector-7-e1617692294138.png
www.xemkeoonline.com/wp-content/uploads/2021/04/
2 KB
2 KB
Image
General
Full URL
https://www.xemkeoonline.com/wp-content/uploads/2021/04/fire-icon-vector-7-e1617692294138.png
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
893678a05aea064715789c2002b776939d31b2a75ac82fd21549654e43827fc5

Request headers

:path
/wp-content/uploads/2021/04/fire-icon-vector-7-e1617692294138.png
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0; __gads=ID=ef5edc92026acaa9-222811e27ac800b6:T=1626144309:RT=1626144309:S=ALNI_MYd0rwGftKQhs1GTZ7WDX6dd6Szrg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:09 GMT
last-modified
Tue, 06 Apr 2021 06:58:14 GMT
server
nginx
etag
"606c0686-613"
content-type
image/png
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
1555
expires
Thu, 12 Aug 2021 02:45:09 GMT
1f525.svg
s.w.org/images/core/emoji/13.0.1/svg/
822 B
696 B
Image
General
Full URL
https://s.w.org/images/core/emoji/13.0.1/svg/1f525.svg
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
4fa646a4dbc10513ddeb70561789483638faf456e15186f4eb7291c5c455cbb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT arn 2
date
Tue, 13 Jul 2021 02:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Oct 2020 16:13:31 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
1366x500_HOD-01-1-1024x375.jpg
www.xemkeoonline.com/wp-content/uploads/2021/06/
67 KB
67 KB
Image
General
Full URL
https://www.xemkeoonline.com/wp-content/uploads/2021/06/1366x500_HOD-01-1-1024x375.jpg
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
0ce1d7dbbf86a00c587e87e67f93f638c5184c5801d241bf5de7dfff0eaf8d9a

Request headers

:path
/wp-content/uploads/2021/06/1366x500_HOD-01-1-1024x375.jpg
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0; __gads=ID=ef5edc92026acaa9-222811e27ac800b6:T=1626144309:RT=1626144309:S=ALNI_MYd0rwGftKQhs1GTZ7WDX6dd6Szrg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:09 GMT
last-modified
Wed, 16 Jun 2021 05:21:37 GMT
server
nginx
etag
"60c98a61-10ae8"
content-type
image/jpeg
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
68328
expires
Thu, 12 Aug 2021 02:45:09 GMT
1366x500_HOD-02-1024x375.jpg
www.xemkeoonline.com/wp-content/uploads/2021/06/
55 KB
55 KB
Image
General
Full URL
https://www.xemkeoonline.com/wp-content/uploads/2021/06/1366x500_HOD-02-1024x375.jpg
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
111.90.148.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
a4b03fe5f82241e38e98ce1b5987e432c21b3f88957bac9a9a566cf44ecfd489

Request headers

:path
/wp-content/uploads/2021/06/1366x500_HOD-02-1024x375.jpg
pragma
no-cache
cookie
PHPSESSID=7683fcjage85i2urpvrm26ird0; __gads=ID=ef5edc92026acaa9-222811e27ac800b6:T=1626144309:RT=1626144309:S=ALNI_MYd0rwGftKQhs1GTZ7WDX6dd6Szrg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.xemkeoonline.com
referer
https://www.xemkeoonline.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 13 Jul 2021 02:45:09 GMT
last-modified
Tue, 01 Jun 2021 03:11:10 GMT
server
nginx
etag
"60b5a54e-da97"
content-type
image/jpeg
cache-control
max-age=2592000 public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
55959
expires
Thu, 12 Aug 2021 02:45:09 GMT
get_configuration
api.livechatinc.com/v3.3/customer/action/
6 KB
2 KB
Script
General
Full URL
https://api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=12142308&version=381.1.1.1335.161.116.13.1.2.1.2.18&group_id=0&jsonp=__lc_static_config
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-211.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
65d607a2713e2a567dcf1db9f11b8427a1d4efcc48b2178940c1ae0b2f089bf5

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:09 GMT
cache-control
public, max-age=600
content-type
application/javascript; charset=UTF-8
content-encoding
gzip
content-length
2068
vary
Accept-Encoding
expires
Tue, 13 Jul 2021 02:55:09 GMT
open_chat
secure.livechatinc.com/customer/action/ Frame 5701
4 KB
2 KB
Document
General
Full URL
https://secure.livechatinc.com/customer/action/open_chat?license_id=12142308&group=0&embedded=1&widget_version=3&unique_groups=0
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-211.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e1f1603e01f51047a2ce9e57f32d29ca5ac7613c861be9a6ad1d20dcce4a8496

Request headers

:method
GET
:authority
secure.livechatinc.com
:scheme
https
:path
/customer/action/open_chat?license_id=12142308&group=0&embedded=1&widget_version=3&unique_groups=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.xemkeoonline.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.xemkeoonline.com/

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-length
2008
expires
Tue, 13 Jul 2021 02:45:09 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Tue, 13 Jul 2021 02:45:09 GMT
get_localization
api.livechatinc.com/v3.3/customer/action/
13 KB
5 KB
Script
General
Full URL
https://api.livechatinc.com/v3.3/customer/action/get_localization?license_id=12142308&version=cb63cc4add40307cfb1d839bdba9daa0_b79398291dbf718f84d0a9f47bbf91cf&language=vi&group_id=0&jsonp=__lc_localization
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-211.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1e81e2aab71ba2f9cd54090aedcbfe6d2447c1f66918bcafb708d7c3086c7b0e

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:10 GMT
cache-control
public, max-age=599
content-type
application/javascript; charset=UTF-8
content-encoding
gzip
content-length
4607
vary
Accept-Encoding
expires
Tue, 13 Jul 2021 02:55:09 GMT
css
fonts.googleapis.com/ Frame 5701
5 KB
709 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=12142308&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f2296fc1af54692bd56501bf9156cae1da8028424f9dbf8b00e5f40b6c3a4d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 13 Jul 2021 01:27:59 GMT
server
ESF
date
Tue, 13 Jul 2021 02:45:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Jul 2021 02:45:09 GMT
2.c5551093.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 5701
377 KB
110 KB
Script
General
Full URL
https://cdn.livechatinc.com/widget/static/js/2.c5551093.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=12142308&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-211.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
74b4a28729201fae2dbb53b42592ee518a7343ed8bbb6508ee0844d4d1e0030b

Request headers

Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
4VlY0JX.WEGYnUUxoteC6PMDdqMps0w9
content-encoding
br
last-modified
Fri, 02 Jul 2021 07:12:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
W/"d799bf79962bc0c1d21d5829b734f344"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
date
Tue, 13 Jul 2021 02:45:09 GMT
content-length
111578
x-amz-cf-id
8FbR4MV7Fi9yLaumWZxi8ZToy1e40933suxZZA5HfjulLAX9kq5MxA==
expires
Wed, 13 Jul 2022 02:45:09 GMT
0.88d54b4c.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 5701
23 KB
8 KB
Script
General
Full URL
https://cdn.livechatinc.com/widget/static/js/0.88d54b4c.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=12142308&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-211.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
70eef99f016276772a27a6176e60dd2565d7acd70c3850e9cc9f8d240abe814d

Request headers

Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
OTkE1UFJkii6KMFdKNIvJ9iAxal6VobA
content-encoding
br
last-modified
Thu, 01 Jul 2021 12:56:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"ff8e1d51eee6cb0c2e221d1129f678bb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
date
Tue, 13 Jul 2021 02:45:09 GMT
content-length
7947
x-amz-cf-id
VtS8XYmXAQx_ueqqU-4f3queCOkfmcZfHkJJ5NjPjGKLKMTbM_sskQ==
expires
Wed, 13 Jul 2022 02:45:09 GMT
iframe.debbe1b4.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 5701
410 KB
108 KB
Script
General
Full URL
https://cdn.livechatinc.com/widget/static/js/iframe.debbe1b4.chunk.js
Requested by
Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=12142308&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-211.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
551707f405323967c876f683bad8a28ab94ee48024fb61eaa3ec3b39be5b4f05

Request headers

Referer
https://secure.livechatinc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
QBPnTxwpr8mnbWcxyZq9HuUOdoa8eY.p
content-encoding
br
last-modified
Mon, 12 Jul 2021 12:20:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
W/"25656a4e6df1a0777253ecdc25a9177c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
date
Tue, 13 Jul 2021 02:45:09 GMT
content-length
109836
x-amz-cf-id
rQLj3YHXS3EOi8Liy2Qt5M6C6dXxUuvt2UOKZoXE8J0xtTLG0ig5Lg==
expires
Wed, 13 Jul 2022 02:45:09 GMT
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v12/ Frame 5701
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/notosans/v12/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://secure.livechatinc.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 05:12:10 GMT
x-content-type-options
nosniff
age
595979
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16056
x-xss-protection
0
last-modified
Wed, 24 Mar 2021 17:50:31 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 05:12:10 GMT
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v12/ Frame 5701
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/notosans/v12/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://secure.livechatinc.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 13:51:41 GMT
x-content-type-options
nosniff
age
564808
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16180
x-xss-protection
0
last-modified
Wed, 24 Mar 2021 17:43:44 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 13:51:41 GMT
postmessage.html
accounts.livechatinc.com/static/ Frame F5C1
Redirect Chain
  • https://accounts.livechatinc.com/customer?license_id=12142308&flow=button&response_type=token&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&redirect_uri=https%3A%2F%2Fsecure.livechatinc.com%2Fcustomer...
  • https://accounts.livechatinc.com/static/postmessage.html
553 B
493 B
Document
General
Full URL
https://accounts.livechatinc.com/static/postmessage.html
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/widget/static/js/iframe.debbe1b4.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-211.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7cb6c118ec3898ea3cf8db6f9d26f49cbe1ed8475e269b78d8162307b648b1ae

Request headers

:method
GET
:authority
accounts.livechatinc.com
:scheme
https
:path
/static/postmessage.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secure.livechatinc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://secure.livechatinc.com/

Response headers

content-encoding
gzip
content-type
text/html
etag
"06F41167B22D690E6AD57C16440DEC37558AF6A5"
vary
Accept-Encoding
content-length
365
date
Tue, 13 Jul 2021 02:45:10 GMT

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://accounts.livechatinc.com/static/postmessage.html#access_token=dal:ETmXPGLLTWigdkqqPV17LA&entity_id=96b21def-44d5-4d32-7baa-1a479fe8f7d0&expires_in=28800&redirect_uri=https://secure.livechatinc.com/customer/action/open_chat&state=@livechat/customer-auth&token_type=Bearer
pragma
no-cache
content-length
0
date
Tue, 13 Jul 2021 02:45:10 GMT
set-cookie
__lc_cid=96b21def-44d5-4d32-7baa-1a479fe8f7d0; Path=/customer; Domain=accounts.livechatinc.com; Expires=Thu, 13 Jul 2023 02:45:10 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None __lc_cst=d977566d18bee76a21977d25ad7991c2a6d4d882e991a6b1de080af5bf46fc7402378bbed86ff128e232cba27347a27d850a9476c73e7639534fa84fdfd0; Path=/customer; Domain=accounts.livechatinc.com; Expires=Thu, 13 Jul 2023 02:45:10 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None __lc2_cid=96b21def-44d5-4d32-7baa-1a479fe8f7d0; Path=/licence; Domain=accounts.livechatinc.com; Expires=Thu, 13 Jul 2023 02:45:10 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None __lc2_cst=d977566d18bee76a21977d25ad7991c2a6d4d882e991a6b1de080af5bf46fc7402378bbed86ff128e232cba27347a27d850a9476c73e7639534fa84fdfd0; Path=/licence; Domain=accounts.livechatinc.com; Expires=Thu, 13 Jul 2023 02:45:10 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None __oauth_redirect_detector=counter=1&t=1626144340&tag=ce70d798c576a39fbacb1671dff7fdb9237bf917; Path=/; Expires=Tue, 13 Jul 2021 02:45:40 GMT; HttpOnly
/
cdn.livechatinc.com/cloud/
28 KB
28 KB
Image
General
Full URL
https://cdn.livechatinc.com/cloud/?uri=https%3A%2F%2Flivechat.s3.amazonaws.com%2Fdefault%2FeyeCatchers%2Fnew108.gif
Requested by
Host: www.xemkeoonline.com
URL: https://www.xemkeoonline.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-211.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a9afafd03001404329b0871e17c22112067e61c6e2c3e85a6e1389423ecf13e8

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
BNr21rqHAp8nqnbnHeuvqEjoTFMAy6EH
last-modified
Tue, 06 Mar 2018 10:29:26 GMT
server
AmazonS3
x-amz-request-id
7125A81E8B7DA842
etag
"c2d03ed3cde151c08cb657df3a018dbb"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=33976667
date
Tue, 13 Jul 2021 02:45:11 GMT
accept-ranges
bytes
content-length
28303
x-amz-id-2
63juaKK1XNpRQuop6BIwOGTpLlkEcnzOGP5ct7SLue1YcBV8ST77Gk4M6aF0cIq6FFGnHDqREGk=
expires
Wed, 10 Aug 2022 08:42:58 GMT
app.css
rvn88cdn.agent1818.com/css/ Frame C986
1 MB
150 KB
Stylesheet
General
Full URL
https://rvn88cdn.agent1818.com/css/app.css?version=637616695263364414
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
6895060642b0fb711a3f89e2b0b31ee1041ad8a7c8dfb1f93379ca9316efa682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Jul 2021 02:45:12 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 12 Jul 2021 06:52:30 GMT
Server
PWS/8.3.1.0.8
ETag
"-1762625657"
X-Ws-Request-Id
60ecfe38_kf41_122560-39139
Content-Type
text/css
Via
1.1 PSrbJP1jg79:8 (W), 1.1 PS-FRA-014cL39:2 (W)
Cache-Control
public, max-age=2592000
X-Px
ms PS-FRA-014cL39FRA,ht PSrbJP1jg79HND
Connection
keep-alive
Content-Length
153029
X-XSS-Protection
1; mode=block
Expires
Wed, 11 Aug 2021 07:38:42 GMT
splash.png
rvn88cdn.agent1818.com/imgs/ Frame C986
567 B
1 KB
Image
General
Full URL
https://rvn88cdn.agent1818.com/imgs/splash.png
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
3127547b37eb862b3870692edb50889bf3404ac51db6e5f1c63869b309940a59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Jul 2021 02:45:12 GMT
Via
1.1 PS-TPE-01qXz223:0 (W), 1.1 PSrbdjTYO3sh60:5 (W), 1.1 PS-FRA-014cL39:2 (W)
X-Content-Type-Options
nosniff
Last-Modified
Mon, 16 Nov 2020 05:05:00 GMT
Server
PWS/8.3.1.0.8
Age
13580
ETag
"595599655"
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
public, max-age=2592000
X-Px
ht PS-FRA-014cL39FRA
Connection
keep-alive
X-Ws-Request-Id
60ecfe38_kf41_122806-48206
X-XSS-Protection
1; mode=block
Expires
Wed, 11 Aug 2021 22:58:52 GMT
sbMsgBus.js
cdnjs.santisem.com/rj/sb-msg-bus/4.0.6/ Frame C986
5 KB
3 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-msg-bus/4.0.6/sbMsgBus.js?version=58418710
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
f9b3507981d5ddcfbf64e7a082ef828e678917cd92d6ec700ac9d8ce0e0e9730

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:13 GMT
content-encoding
gzip
x-mly-id
6e0b1e2a2407f624cb3d7c318a6a8b1b
x-guploader-uploadid
ADPycdtUu6IpUS-lN4KDHbfuNu-mWGUksawsYdEhi_ZtvAbqrB3UPyYQu47VjbThiDWcThCpjTLa-De5JO4tVkycfNcWAXjHMA
x-cache
RefreshHit from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
1807
access-control-allow-origin
*
last-modified
Fri, 28 Jun 2019 14:42:00 GMT
server
nginx
etag
"e4f637342a2314981675c8901eaff59e"
vary
accept-encoding
x-goog-hash
crc32c=mRXbRg==, md5=5PY3NCojFJgWdciQHq/1ng==
x-goog-generation
1561732920526314
via
mly, 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
cache-control
private
x-goog-stored-content-length
1807
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
SQq1Y3ahyasI8H4EAQwJURVx8GVZ2nZhY5zhv63viOS8w_EYuejx0A==
expires
Thu, 29 Jul 2021 14:34:52 GMT
sbInternalMsgBus.js
cdnjs.santisem.com/rj/sb-internal-msg-bus/1.0.16/ Frame C986
10 KB
4 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-internal-msg-bus/1.0.16/sbInternalMsgBus.js?version=58418710
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
9855c5142a9b459a083bea4c47ab52f96685c7233664243581062dbdc1d70a1f

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:13 GMT
content-encoding
gzip
x-mly-id
02fd691181fe198d6249e966b413ab6f
x-guploader-uploadid
ABg5-UxEd3NMD8BJabjn9MPrdjQ7E20pIIdZMxpxwkrk2Htq7w5-9BbgtRSuKOJTWHw5cWB6hrPrq-koQ0-MpCIbY82xD-LF5A
x-cache
RefreshHit from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
3059
access-control-allow-origin
*
last-modified
Wed, 19 Jun 2019 16:21:01 GMT
server
nginx
etag
"b8e695b3bbfe63239ee63471bbb70f02"
vary
accept-encoding
x-goog-hash
crc32c=GMQ30A==, md5=uOaVs7v+YyOe5jRxu7cPAg==
x-goog-generation
1560961261598214
via
mly, 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
cache-control
private
x-goog-stored-content-length
3059
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
5WLLURWjKaerOMLFddOwbdBrBFinzRPNYXgNX_M3I1C8laWQen5Mqg==
expires
Thu, 22 Jul 2021 08:01:26 GMT
sbApprovedThirdPartyDependencies.js
cdnjs.santisem.com/rj/sb-approved-third-party-dependencies/1.0.0/ Frame C986
104 KB
30 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-approved-third-party-dependencies/1.0.0/sbApprovedThirdPartyDependencies.js?version=58418710
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
fa8c160947edf98ff75f41c665729612fd111ce0bc5c5bea3adc4d10d92f35f7

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:13 GMT
content-encoding
gzip
x-mly-id
8deb23867bfd3d448d6402e4b7cafd16
x-guploader-uploadid
ABg5-Uw1nEFQm2CnImAKi6wpBk9_2cbYTLNBg88EADVH1YwN5aJt7xAKafrP4cog4XQzz80Z-DMOLaS-qeqzK0dNzg
x-cache
RefreshHit from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
30373
access-control-allow-origin
*
last-modified
Tue, 14 May 2019 09:06:32 GMT
server
nginx
etag
"234eb309950e973c154082302e8f36c9"
vary
accept-encoding
x-goog-hash
crc32c=dzjF+w==, md5=I06zCZUOlzwVQIIwLo82yQ==
x-goog-generation
1557824792946784
via
mly, 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
cache-control
private
x-goog-stored-content-length
30373
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
hbJW3Ke3tDyN0JGKQbLufGL6s9pB65kFHIBkkV682CPG8ekFXdteXw==
expires
Tue, 10 Aug 2021 13:21:47 GMT
sbReactDependencies.js
cdnjs.santisem.com/rj/sb-react-dependencies/1.0.1/ Frame C986
219 KB
70 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-react-dependencies/1.0.1/sbReactDependencies.js?version=58418710
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
a3f97de5268375e39a7d3b9158899148f835a334f064bd20c0110f81f4757db6

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:13 GMT
content-encoding
gzip
x-mly-id
9b34ca45419ad3b30e012a6b07bd0496
x-guploader-uploadid
ADPycdsWR-AJA3-PyuxMViftc2J9ecAzc43NR3FNu_qkMIT3mCRAL0wG6iB6GdytcpyHx4bwgYFnPJlbl1WFoEegX--5-fPPNg
x-cache
RefreshHit from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
71316
access-control-allow-origin
*
last-modified
Mon, 20 May 2019 11:42:15 GMT
server
nginx
etag
"e7cac68fffb780f6ef942ff330942cba"
vary
accept-encoding
x-goog-hash
crc32c=YFybbQ==, md5=58rGj/+3gPbvlC/zMJQsug==
x-goog-generation
1558352535077602
via
mly, 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
cache-control
private
x-goog-stored-content-length
71316
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
WZISaxCAmHob7f25TnozzLSJdhz-g5NRcu1hTDHuae6YVlnlwKvzxA==
expires
Mon, 09 Aug 2021 14:13:20 GMT
velocityReact.js
cdnjs.santisem.com/rj/sb-react-dependencies/1.0.1/ Frame C986
51 KB
15 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-react-dependencies/1.0.1/velocityReact.js?version=58418710
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
9fd71499be740db3b5066c33ba442501aae6418f758432667ff956b887b84c0d

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:13 GMT
content-encoding
gzip
x-mly-id
fcc23545b75ed638ca0b9800d9437975
x-guploader-uploadid
ADPycdvuZQa_aiWZvjkIZbtbRV-EJ2MzthiC9NX94IHGDFRokUv40DdawhP_gayzYS2zfLLlWOm1s6EcPuLvPU3rrJEqxgeOXg
x-cache
RefreshHit from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
14793
access-control-allow-origin
*
last-modified
Mon, 20 May 2019 11:42:15 GMT
server
nginx
etag
"0a079cbb454245b2160f9a34980ae55d"
vary
accept-encoding
x-goog-hash
crc32c=Fbf8zw==, md5=Cgecu0VCRbIWD5o0mArlXQ==
x-goog-generation
1558352535072689
via
mly, 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
cache-control
private
x-goog-stored-content-length
14793
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
ni9dG55853ILgpzRYdXZDNSDAo-G8mv518nA5UrrryIX_r7JKesFHA==
expires
Mon, 09 Aug 2021 15:25:59 GMT
sbPolyfills.js
cdnjs.santisem.com/rj/sb-polyfills/1.0.8/ Frame C986
13 KB
5 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-polyfills/1.0.8/sbPolyfills.js?version=58418710
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
51025c11b35699936388814726cc4d808f3b3506d44665c6c6aaac79cbdc471a

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:13 GMT
content-encoding
gzip
x-mly-id
a15c7ca7f05d0b691ae918c9d24cfc2e
x-guploader-uploadid
ADPycdtXbbiVfi04G5CVpGd-ZIdA-yT9CVYzAcn698_Jm4KCBg7BlAJNf0eIgM48_9p3P8jt7UPsFkkdx2ONdPNKbeRUdvspPQ
x-cache
RefreshHit from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
4150
access-control-allow-origin
*
last-modified
Fri, 28 Jun 2019 08:35:45 GMT
server
nginx
etag
"f929a5c746d93fd8b88dd106072e8dc1"
vary
accept-encoding
x-goog-hash
crc32c=nOFNCg==, md5=+Smlx0bZP9i4jdEGBy6NwQ==
x-goog-generation
1561710945250223
via
mly, 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
cache-control
private
x-goog-stored-content-length
4150
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
wAduRy--bTuSxo8vW3ChYoEYukvhjjFFgciY8AJJfLGmh4hPZ95UiA==
expires
Sun, 08 Aug 2021 17:49:28 GMT
sbJsExtends.js
cdnjs.santisem.com/rj/sb-js-extends/1.0.11/ Frame C986
10 KB
3 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-js-extends/1.0.11/sbJsExtends.js?version=58418710
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
72b1a8a85556ee3ea2c9b50d12cf92c487082f14a58da9616ee5f09789533b69

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:13 GMT
content-encoding
gzip
x-mly-id
121c3afdbbd20dd264fbc2ea33f54686
x-guploader-uploadid
ADPycdtDOxUdWxzoPU9Luquul2JBjYqCSkX1uFdJcGj6zHCMGLS_VR2A9lFqUjXNB0L8imNiFgo1W1TGuIDllvzOSA9scaC2fA
x-cache
RefreshHit from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
2694
access-control-allow-origin
*
last-modified
Tue, 02 Jul 2019 13:02:55 GMT
server
nginx
etag
"abf799a56194d5cce647085227be75e9"
vary
accept-encoding
x-goog-hash
crc32c=0LoPXg==, md5=q/eZpWGU1czmRwhSJ7516Q==
x-goog-generation
1562072575932924
via
mly, 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
cache-control
private
x-goog-stored-content-length
2694
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
gMITFNFVP5t8TAshHaHgTRTOnTj2YeyAJi8953WlXBi6XosuYMkrVg==
expires
Tue, 20 Jul 2021 18:59:37 GMT
sbRespBlockLib.js
cdnjs.santisem.com/rj/sb-resp-block-lib/3.9.14/ Frame C986
12 KB
4 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-resp-block-lib/3.9.14/sbRespBlockLib.js?version=58418710
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
70ea929cc11e816ee21815a2a07b5c6d8d4271ca87fa22a821afbc53db7481fe

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:14 GMT
content-encoding
gzip
x-mly-id
f1b46be4150ad7ed2aedcc518ee558b0
x-guploader-uploadid
ABg5-UyPbErteeEv-xiwpxmK0VvInirTzjRYsjzybQ48qJKAnXoiY9vkhwJp6YL9EZfh5UCbM4q4ikLdRJCmL_ZcG98
x-cache
RefreshHit from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
3724
access-control-allow-origin
*
last-modified
Fri, 12 Jul 2019 15:10:26 GMT
server
nginx
etag
"ba560d1b925fbde8f6cf2f5faf2dccdc"
vary
accept-encoding
x-goog-hash
crc32c=PQQA2Q==, md5=ulYNG5Jfvej2zy9fry3M3A==
x-goog-generation
1562944226840517
via
mly, 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
cache-control
private
x-goog-stored-content-length
3724
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
Y_U5Livq0whEGgngNTTRUnPR9hOmVBxlFB4S1cj9agOA9-WqruO8Gw==
expires
Thu, 05 Aug 2021 06:42:34 GMT
sbBffIntegration-vendor.js
cdnjs.santisem.com/rj/sb-bff-integration/1.0.34/ Frame C986
195 KB
59 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-bff-integration/1.0.34/sbBffIntegration-vendor.js?version=58418710
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
ee0d2c4b510212a0bbc5a2f32a2cec0fd4f420946835bec87dd1d2231786b96b

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:14 GMT
content-encoding
gzip
x-mly-id
0b46e4a4fce1e968be6b97019d851abf
x-guploader-uploadid
ADPycdsuV5dn96LsrUy9O7GgvePGkOPiG9MS-SZycyuUrit2mNjn2F6ajKleQw2qjXhOO5-sfMCZmdfojYfQUti2iMzBZKy6xg
x-cache
RefreshHit from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
59267
access-control-allow-origin
*
last-modified
Fri, 30 Aug 2019 12:02:52 GMT
server
nginx
etag
"4dec42caf805c12f2bc40787f207af9d"
vary
accept-encoding
x-goog-hash
crc32c=1UOslA==, md5=TexCyvgFwS8rxAeH8gevnQ==
x-goog-generation
1567166572015090
via
mly, 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
cache-control
private
x-goog-stored-content-length
59267
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
Ig3_GQNtaU3fNNPeyuxhSCXS907MlTB7p01efqdJTOYIinQA3GeM1Q==
expires
Fri, 06 Aug 2021 16:01:27 GMT
sbBffIntegration.js
cdnjs.santisem.com/rj/sb-bff-integration/1.0.34/ Frame C986
33 KB
7 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-bff-integration/1.0.34/sbBffIntegration.js?version=58418710
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
2be6b6e5eac6433ad1cd45c1da385fd6be8061ec353c29b6984a3f7ffddc2d2e

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:13 GMT
content-encoding
gzip
x-mly-id
c0807412a933c706b48fde4631a38c9e
x-guploader-uploadid
ADPycducpAxfNZktl4WJR8ZFC2vS0dFvjVtmA6qAfo1c7Q6glGf7B-bzCAA7Prb_DFnkcli_CQrhl3jMJjheDFi-PZjbwcc8OA
x-cache
RefreshHit from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
6013
access-control-allow-origin
*
last-modified
Fri, 30 Aug 2019 12:02:52 GMT
server
nginx
etag
"93ed5c6e4a68a976e256b3a4abfc79cb"
vary
accept-encoding
x-goog-hash
crc32c=Nu+Q+w==, md5=k+1cbkpoqXbiVrOkq/x5yw==
x-goog-generation
1567166572014980
via
mly, 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
cache-control
private
x-goog-stored-content-length
6013
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
nx8t4C06Uzj_9Fu4i90O83rgRvxju1myMCFefaMjudEIQJw-nBPMGA==
expires
Thu, 05 Aug 2021 00:56:45 GMT
sbCommonLib.js
cdnjs.santisem.com/rj/sb-common-lib/3.9.9/ Frame C986
223 KB
67 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-common-lib/3.9.9/sbCommonLib.js?version=58418710
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
f76e4b52a3cecca6e57f6ee8dc6777a20a26ba7a87b02c8789f4ea3f0d2accdd

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:13 GMT
content-encoding
gzip
x-mly-id
6efab67ee5255af76d583054c49aa873
x-guploader-uploadid
ADPycdt_UpwJqBIIocnBF6V-oqn8AEJtO-f1VXWSsr3I2RwegvKaUJOrzYSxPbJFoNpKkKqGIY60PGpYrzkl4YRpAGWdSKBqIQ
x-cache
RefreshHit from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
67988
access-control-allow-origin
*
last-modified
Mon, 16 Sep 2019 13:44:40 GMT
server
nginx
etag
"e22494069a12df5b9d82b0260a3c2d10"
vary
accept-encoding
x-goog-hash
crc32c=0HGYgQ==, md5=4iSUBpoS31udgrAmCjwtEA==
x-goog-generation
1568641480025427
via
mly, 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
cache-control
private
x-goog-stored-content-length
67988
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
vLOfmNxzqr5vWFAZZgdiHUUcXjUQ7hdB2G6k0FtqITwn8vzsLoPZbA==
expires
Fri, 06 Aug 2021 16:58:39 GMT
sbUiMessage.js
cdnjs.santisem.com/rj/sb-ui-message/1.0.2/ Frame C986
25 KB
6 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-ui-message/1.0.2/sbUiMessage.js?version=58418710
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
a59b154d69f616520a00b883621fc796400c9ef6e3148154771a9fa1c77b858b

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:14 GMT
content-encoding
gzip
x-mly-id
927d3abe86feee2a8b3e44da0fa5b6d5
x-guploader-uploadid
ABg5-UwbsWVUCdbpFfb1WdMpFDTCDLmDrPUGXLQRyV0pezTYSw7MpouQk55ER_dPXp9WfbN0JHsSc8jEaIUX0ayfOuw
x-cache
RefreshHit from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
5836
access-control-allow-origin
*
last-modified
Wed, 19 Jun 2019 07:28:35 GMT
server
nginx
etag
"c1c47484cad364bd4d872311e7f9993d"
vary
accept-encoding
x-goog-hash
crc32c=H1hczA==, md5=wcR0hMrTZL1NhyMR5/mZPQ==
x-goog-generation
1560929315491889
via
mly, 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
cache-control
private
x-goog-stored-content-length
5836
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
UlrP-Y7N0CiEBN3Lfq956iKf_PtbxDapBM7qf4jq896vFpaw8s4t3A==
expires
Sun, 08 Aug 2021 15:46:09 GMT
sbHelpers.js
cdnjs.santisem.com/rj/sb-helpers/1.0.14/ Frame C986
13 KB
5 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-helpers/1.0.14/sbHelpers.js?version=58418710
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
d3ba919da871374ec11e13b7360b191981e5936e2d30aaca123a01cde9a59298

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:14 GMT
content-encoding
gzip
x-mly-id
2f5c88ce97ff24b1bec48ab11e661a20
x-guploader-uploadid
ADPycdutDDPobGTY8LKxMVIQTL6yPltVeHGjQoS8S3epBLxRCj77BUaKddldNT0h2HCH7APwL1u5iKre9pTIgdBwBiR0TIIXZQ
x-cache
RefreshHit from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
4722
access-control-allow-origin
*
last-modified
Mon, 24 Jun 2019 13:31:51 GMT
server
nginx
etag
"4fc7d88c52828f00642ef71d25493a25"
vary
accept-encoding
x-goog-hash
crc32c=RytNpQ==, md5=T8fYjFKCjwBkLvcdJUk6JQ==
x-goog-generation
1561383111568750
via
mly, 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
cache-control
private
x-goog-stored-content-length
4722
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
WJ74NRzA2Tfcv0fgfdtSlhYDjIiwTjmd80OXcQP3i8TvhPZKmFTMTA==
expires
Thu, 12 Aug 2021 01:07:05 GMT
sbCasinoSlimSdk.js
cdnjs.santisem.com/rj/sb-casino-slim-sdk/1.0.1/ Frame C986
2 KB
2 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-casino-slim-sdk/1.0.1/sbCasinoSlimSdk.js?version=58418710
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
cc7b137e42cc03c622f9791be5303a3a37ecca800d36b53e240dc587c04aad76

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:13 GMT
content-encoding
gzip
x-mly-id
db55528c4fe5e9db0224fff23609262e
x-guploader-uploadid
ADPycdv5Ci1Mkx15qYiuw9oIOj7tR6M7ic1XOJq2kwLzN-rKBeuQpE7HNxIu_khwy8l0mgoTrkTAl0FHJRemHsokYS3LBKUltg
x-cache
RefreshHit from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
757
access-control-allow-origin
*
last-modified
Fri, 28 Jun 2019 07:50:04 GMT
server
nginx
etag
"814b8d836ea6b6879d6068161dbf0763"
vary
accept-encoding
x-goog-hash
crc32c=/D+YDw==, md5=gUuNg26mtoedYGgWHb8HYw==
x-goog-generation
1561708204112459
via
mly, 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
private
x-goog-stored-content-length
757
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
zpjDfZLIbOdYAIQ9OhE7eVmxrxTcGfDeurUvTQShTnmbO3mGRIYYrg==
expires
Sun, 01 Aug 2021 14:47:53 GMT
analytics.js
www.google-analytics.com/ Frame C986
0
19 KB
Other
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
6853
date
Tue, 13 Jul 2021 00:50:59 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Tue, 13 Jul 2021 02:50:59 GMT
sbWrapperIntegrations.js
cdnjs.santisem.com/rj/sb-wrapper-integrations/1.0.1/ Frame C986
1 KB
1 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-wrapper-integrations/1.0.1/sbWrapperIntegrations.js?version=58418710
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
b8c32ed1dffc7730c3c4742eb2c7e152056c8ef22a360399f130002ba1454bba

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:13 GMT
content-encoding
gzip
x-mly-id
2067756a710071c3fe8119af92960265
x-guploader-uploadid
ADPycdsR7swoScjB87ZRvOKkl5fRne1TLS5E3DWJvXLz068lzGNxYaTgdBwr8aDoR9CrMRDchNF8CAe8piiNojkfTPGzAx47eA
x-cache
RefreshHit from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
669
access-control-allow-origin
*
last-modified
Tue, 20 Aug 2019 12:01:35 GMT
server
nginx
etag
"c093547afb9c25759b03b6489bc09068"
vary
accept-encoding
x-goog-hash
crc32c=hWuP+w==, md5=wJNUevucJXWbA7ZIm8CQaA==
x-goog-generation
1566302495802726
via
mly, 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
cache-control
private
x-goog-stored-content-length
669
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
y_mmUJF2AtQZXadwfWyDfGgcVmjrbYVnohe9JiOqO2gcimFG-TR0DQ==
expires
Thu, 05 Aug 2021 15:16:11 GMT
sb-app-lib.js
cdnjs.santisem.com/rj/sb-app-lib/3.9.17/ Frame C986
148 KB
42 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-app-lib/3.9.17/sb-app-lib.js?version=58418710
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
1cdb6df8107e75d4aaf5591cbec5f1f31038186d7179154c96b3ba420b5d9d7d

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:14 GMT
content-encoding
gzip
x-mly-id
8f7cef41bf91b0194dfadee8af870483
x-guploader-uploadid
ADPycdtB0zYD65qxDFAa656JEIa5QdKZF3yWpjgq0GWskLLZ9e2uEO1d9YVQDshXI_frC1kYwGIsAPIsndPZFrKrOA
x-cache
RefreshHit from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
42474
access-control-allow-origin
*
last-modified
Wed, 02 Oct 2019 13:27:43 GMT
server
nginx
etag
"4e456df0f9a1e7ca072bcfe4517a33bc"
vary
accept-encoding
x-goog-hash
crc32c=HXq8Kg==, md5=TkVt8Pmh58oHK8/kUXozvA==
x-goog-generation
1570022863277302
via
mly, 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
cache-control
private
x-goog-stored-content-length
42474
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
ol_DcfPd5DAck8WcxQh3CLMHfB0HLs54c_QjaBOF4D8hbgXo2hOOSA==
expires
Sun, 01 Aug 2021 20:27:10 GMT
sb-data-lib.js
cdnjs.santisem.com/rj/sb-data-lib/3.9.6/ Frame C986
166 KB
38 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-data-lib/3.9.6/sb-data-lib.js?version=58418710
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
9615492622f7c0cf75625707073408fc5a733b60124c65f17eac9041c19d4c4f

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:13 GMT
content-encoding
gzip
x-mly-id
895dcc26077cfe9a62567517030ba74e
x-guploader-uploadid
ADPycdtLEXd7mR5d5c3eBRyhwvw1gPxjonWtJGAI6X_9o-ixgNgrYvc_Opa41rvGeGsST10ovCgfP3cwvQBAaD2tX6PWQui8cw
x-cache
RefreshHit from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
38035
access-control-allow-origin
*
last-modified
Thu, 17 Oct 2019 11:35:13 GMT
server
nginx
etag
"35026002fa3ec2c86c926a2257cf06ce"
vary
accept-encoding
x-goog-hash
crc32c=hNwBeQ==, md5=NQJgAvo+wshskmoiV88Gzg==
x-goog-generation
1571312113009020
via
mly, 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
cache-control
private
x-goog-stored-content-length
38035
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
xz3X4CX-ySMb25dKxYAZSjfFBx0w1xyyJqHU5yNbAXjz1RHTD6u0jQ==
expires
Fri, 06 Aug 2021 13:46:22 GMT
sbt.js
js.w2script.com/sports/ Frame C986
4 KB
5 KB
Script
General
Full URL
https://js.w2script.com/sports/sbt.js
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.89.20.98 , Taiwan, ASN136462 (MOOTECHASIA-AS-AP Mootech Asia, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
27818e1b7cabc0805920bd57c19496f05c2699afaee78482e99026169872be24

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

svr
04
Date
Tue, 13 Jul 2021 02:45:12 GMT
Last-Modified
Tue, 11 Aug 2020 10:48:49 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"803ea1fecc6fd61:0"
Content-Type
application/javascript
Cache-control
private
Accept-Ranges
bytes
Content-Length
4278
sb-responsive-pulse-bet-blocks.js
cdnjs.santisem.com/rj/sb-responsive-pulse-bet-blocks/3.9.1/ Frame C986
83 KB
17 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-responsive-pulse-bet-blocks/3.9.1/sb-responsive-pulse-bet-blocks.js
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
2e83256a8afd34bddf3b1516da5f39aa85b37856eb114a54413ce630fc936ea7

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:14 GMT
content-encoding
gzip
x-mly-id
644fb31e85d08708192c43177760dfa4
x-guploader-uploadid
ADPycdtO6OyYNSljb0_UsGR4WH4fWhVGJtllQr8tBnOO5Q05Pwrzko0_m_1OC4GF9ffR_b_n-a4H-gPRpMNz9xFEyDznQfurvw
x-cache
RefreshHit from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
16491
access-control-allow-origin
*
last-modified
Mon, 08 Jul 2019 15:42:07 GMT
server
nginx
etag
"785bbf63a44182a0780adfa9b2ebdd65"
vary
accept-encoding
x-goog-hash
crc32c=HPF/sA==, md5=eFu/Y6RBgqB4Ct+psuvdZQ==
x-goog-generation
1562600527227299
via
mly, 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
cache-control
private
x-goog-stored-content-length
16491
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
TQvM8WD2TC6Hciv4zk5iiwu29f_kOJxxzmoQSGgC6Dm54PC2XbEBlA==
expires
Sun, 08 Aug 2021 17:15:23 GMT
pulsebetmarkets.js
cdnjs.santisem.com/rj/sb-responsive-pulse-bet-blocks/3.9.1/ Frame C986
20 KB
5 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-responsive-pulse-bet-blocks/3.9.1/pulsebetmarkets.js
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
f6693145fdf1fda108e2720210f5a035e675449ea721e10e58ac9b1a6eabcca6

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:14 GMT
content-encoding
gzip
x-mly-id
d51c7b625b6333c08a3e8ddc0b616666
x-guploader-uploadid
ADPycdvS_Q0UcChedDFNt1vEkUMPLzp4GbQ15js8W2PVNPPFmP_WhLH6gSeTmOV5kIPGdWItJw1q1H5OT_nfBKXV9UiZ2dsQsg
x-cache
RefreshHit from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
4774
access-control-allow-origin
*
last-modified
Mon, 08 Jul 2019 15:42:07 GMT
server
nginx
etag
"4012141dd951f7a1f9c25e5fb00520f5"
vary
accept-encoding
x-goog-hash
crc32c=BupTRA==, md5=QBIUHdlR96H5wl5fsAUg9Q==
x-goog-generation
1562600527247026
via
mly, 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
cache-control
private
x-goog-stored-content-length
4774
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
wL3WlSodxG9khJBK_aKcjn6j49CCsD5R0uZnukSP36WGPn9E0dK1zg==
expires
Sat, 07 Aug 2021 08:10:25 GMT
mypulsebets.js
cdnjs.santisem.com/rj/sb-responsive-pulse-bet-blocks/3.9.1/ Frame C986
38 KB
8 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-responsive-pulse-bet-blocks/3.9.1/mypulsebets.js
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
8320a27c1ba11b3324315bdb8b869ea39cc2ae4d1fbd5fd19d65a1489a7643a0

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:14 GMT
content-encoding
gzip
x-mly-id
84909c7a96b20dd9ac456edf0555f241
x-guploader-uploadid
ADPycdtfIJRbWPnEbUEDcD9pnw3BoiOiDCxYwOcN7KvaYJAYDbvlZKjTWrgVLsnjzmK9e6eYMCtGJfNSODNaqMnz0XV42VvcYA
x-cache
RefreshHit from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
7861
access-control-allow-origin
*
last-modified
Mon, 08 Jul 2019 15:42:07 GMT
server
nginx
etag
"a38cec9f2cde1a5dd160ae6200189d0e"
vary
accept-encoding
x-goog-hash
crc32c=awdleg==, md5=o4zsnyzeGl3RYK5iABidDg==
x-goog-generation
1562600527201948
via
mly, 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
cache-control
private
x-goog-stored-content-length
7861
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
xAUl8QI4vVLUl8NG_1zAX_degE2yDfQ1TJHLBwkAeUAyi0P3x5rLxw==
expires
Thu, 05 Aug 2021 05:13:59 GMT
scoreboard.js
cdnjs.santisem.com/rj/sb-responsive-scoreboard-block/3.9.1/ Frame C986
25 KB
6 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-responsive-scoreboard-block/3.9.1/scoreboard.js
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
fef39bd55372a3adba905c77b32fd9c843dddfe0c0929535d8081ab30b314e6b

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:14 GMT
content-encoding
gzip
x-mly-id
910cd631bb6ff4341efd6bc5d949c7f1
x-guploader-uploadid
ADPycduoC0KE2HXleeFZllYSY5A14a0NbPdQB5BedqyXgwu3-w-9uFsrFu_RGQ5bt8hLcYBP9iIgBI0y7jC8xwWC72RaYRLHdA
x-cache
RefreshHit from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
4895
access-control-allow-origin
*
last-modified
Thu, 05 Sep 2019 08:45:09 GMT
server
nginx
etag
"a754bbfb6095e43d71ee3cb7565a3a46"
vary
accept-encoding
x-goog-hash
crc32c=Gp14Lg==, md5=p1S7+2CV5D1x7jy3Vlo6Rg==
x-goog-generation
1567673109312372
via
mly, 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
cache-control
private
x-goog-stored-content-length
4895
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
0sZVfmCUEHYZPP4xMM4vJgOzgNf58Ux5UUH-h1IDESN74qCp0To9OA==
expires
Fri, 06 Aug 2021 12:49:48 GMT
_getsettings.aspx
ls.masamiab.com/ Frame C986
149 B
734 B
Script
General
Full URL
https://ls.masamiab.com/_getsettings.aspx
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
119.13.89.234 Fuzhou, China, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
9a2d9b483ef09fc8ea9aa4e2e28623515f9ba49ed08104c4458e0f16a93a4255

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:14 GMT
content-encoding
gzip
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-remote-addr
185.236.42.15
http-geo-ipcountry
SE
content-length
208
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private
accept-ranges
bytes
access-control-allow-headers
Access-Control-Allow-Origin
access-control-request-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers,Access-Control-Allow-Origin
stream.js
ls.masamiab.com/ Frame C986
5 KB
2 KB
Script
General
Full URL
https://ls.masamiab.com/stream.js
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
119.13.89.234 Fuzhou, China, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
f557f900f62afdeb7a8b0de31cb3a138cfd8bc1a83f52e3b3a94cf1f4600dbea

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:14 GMT
content-encoding
gzip
x-powered-by
ASP.NET
x-remote-addr
185.236.42.15
http-geo-ipcountry
SE
last-modified
Wed, 03 Mar 2021 11:23:12 GMT
server
nginx
etag
W/"e29bc8981f10d71:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 13 Jul 2021 03:45:14 GMT
cache-control
max-age=3600
x-forwarded-port
443
access-control-allow-headers
Access-Control-Allow-Origin
x-proxy-cache
HIT
access-control-request-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers,Access-Control-Allow-Origin
streamIconJS.js
ls.masamiab.com/ Frame C986
6 KB
2 KB
Script
General
Full URL
https://ls.masamiab.com/streamIconJS.js
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
119.13.89.234 Fuzhou, China, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
045cd6720377282ab525f4634d12a02ef2c7bcb984991b09d6ff3691df36c1b7

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:14 GMT
content-encoding
gzip
x-powered-by
ASP.NET
x-remote-addr
185.236.42.15
http-geo-ipcountry
SE
last-modified
Sun, 27 Sep 2020 11:45:44 GMT
server
nginx
etag
W/"4b7ac0bbc394d61:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 13 Jul 2021 03:45:14 GMT
cache-control
max-age=3600
x-forwarded-port
443
access-control-allow-headers
Access-Control-Allow-Origin
x-proxy-cache
HIT
access-control-request-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers,Access-Control-Allow-Origin
bui.min.js
contents.masamiab.com/bui/ Frame C986
3 KB
1 KB
Script
General
Full URL
https://contents.masamiab.com/bui/bui.min.js
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
119.13.89.234 Fuzhou, China, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
4f481d78a1dcc4eb5d25ac20d829ab107a70e04420e42dd50d16d7f1d880c4c5

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:14 GMT
content-encoding
gzip
x-powered-by
ASP.NET
x-remote-addr
185.236.42.15
http-geo-ipcountry
SE
last-modified
Thu, 30 Jul 2020 06:47:02 GMT
server
nginx
etag
W/"0b7d33a3d66d61:0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 13 Jul 2021 02:55:14 GMT
cache-control
max-age=600
x-forwarded-port
443
access-control-allow-headers
Access-Control-Allow-Origin
x-proxy-cache
HIT
access-control-request-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers,Access-Control-Allow-Origin
announcement.js
announcements.masamiab.com/ Frame C986
2 KB
1 KB
Script
General
Full URL
https://announcements.masamiab.com/announcement.js
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.46.153.17 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
8100eced22e7bba712a8db44a2539fdbd8330fdcfce338316d02fd502d13b4b2

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:14 GMT
content-encoding
gzip
last-modified
Wed, 02 Dec 2020 05:56:03 GMT
server
nginx
x-powered-by
ASP.NET
etag
W/"48325ad16fc8d61:0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-remote-addr
185.236.42.15
expires
Tue, 13 Jul 2021 02:55:14 GMT
cache-control
max-age=600
http-geo-ipcountry
SE
x-forwarded-port
443
x-proxy-cache
HIT
hamburgernavigationsettingsbuttonblock.js
cdnjs.santisem.com/rj/sb-responsive-hamburger-navigation-blocks/3.9.2/ Frame C986
6 KB
2 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-responsive-hamburger-navigation-blocks/3.9.2/hamburgernavigationsettingsbuttonblock.js
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
b548bcd50c5a99cfe97f842748da8916387ba6673dcd55dadb58e6abbe18917e

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:14 GMT
content-encoding
gzip
x-mly-id
ad25c1c9e3821101f1c1a0e37311118c
x-guploader-uploadid
ADPycdvJe44d-RsZvI3PltDHDvj379j8_wzkWB4dzMEDR1mGZkFZK5FskzrIpTQCa5c3L9Wo8GTEJM-YmpH4goGnHy4
x-cache
RefreshHit from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
1686
access-control-allow-origin
*
last-modified
Thu, 18 Jul 2019 07:02:22 GMT
server
nginx
etag
"c7db2b2fdbc82ffb6641201be131c606"
vary
accept-encoding
x-goog-hash
crc32c=i8L7ww==, md5=x9srL9vIL/tmQSAb4THGBg==
x-goog-generation
1563433342012203
via
mly, 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
cache-control
private
x-goog-stored-content-length
1686
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
gbgPiokeVmRUkJi6FladZk3G4OnDnRVws3qGF2yquqwHCt_rKkdtRg==
expires
Wed, 11 Aug 2021 00:33:02 GMT
sb-user-lib.js
cdnjs.santisem.com/rj/sb-user-lib/3.9.0/ Frame C986
29 KB
8 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-user-lib/3.9.0/sb-user-lib.js?version=58418710
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
ccf5e3c2e32d058e36d0c6ba18c8e6a063d692438079a700e8aa5802254bfb8a

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:14 GMT
content-encoding
gzip
x-mly-id
39f74cd9f6fb57870cfa7c1fe781aa43
x-guploader-uploadid
ADPycdt3v_jpOZA3fP_j6iQ9_MUZRHDo3VlmjZwNsP-4mwP0llwDFEQ7XhMEp4Xwycv_gudX4lSx92JR2D2Mune_5pA
x-cache
RefreshHit from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
7307
access-control-allow-origin
*
last-modified
Wed, 26 Jun 2019 19:07:01 GMT
server
nginx
etag
"c3abb9a9920cc64a17ba88f6daebaa58"
vary
accept-encoding
x-goog-hash
crc32c=DFcROQ==, md5=w6u5qZIMxkoXuoj22uuqWA==
x-goog-generation
1561576021624150
via
mly, 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
cache-control
private
x-goog-stored-content-length
7307
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
HsoOecyiZHakqyz48ILeOvIDmGGX3Jc5bG8dQSNShO0kJwvMYrpE_w==
expires
Mon, 09 Aug 2021 23:43:29 GMT
sb-betslip-lib.js
cdnjs.santisem.com/rj/sb-betslip-lib/3.9.42/ Frame C986
615 KB
130 KB
Script
General
Full URL
https://cdnjs.santisem.com/rj/sb-betslip-lib/3.9.42/sb-betslip-lib.js?version=58418710
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.99.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-99-19.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
d7282962004e3841c0ef0537ba431b29ca770cb4c67027af372edfce5489df32

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:14 GMT
content-encoding
gzip
x-mly-id
a6130aea0c326657aff856c879be435c
x-guploader-uploadid
ADPycdv8mS3HFRiLuHmzS5a0SAPBdIcJicwDu1Z0sixWo_WjsYN2GnPF7X_0_9waAIsEca5lvSjNF1pWJtWu7Y1mF2dDQwWpag
x-cache
RefreshHit from cloudfront
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
132033
access-control-allow-origin
*
last-modified
Wed, 18 Sep 2019 14:20:08 GMT
server
nginx
etag
"86478123126aa595e36c4106b3ce20cc"
vary
accept-encoding
x-goog-hash
crc32c=jyZQ0w==, md5=hkeBIxJqpZXjbEEGs84gzA==
x-goog-generation
1568816408377924
via
mly, 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
cache-control
private
x-goog-stored-content-length
132033
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
VH3oh45R4yhAsOpLCSnHfJPSZkbVSvU6eK_3kEhC1A4VsZWCo5m2Cg==
expires
Mon, 09 Aug 2021 23:47:12 GMT
GetServerTime
rvn88cdn.agent1818.com/pagemethods_ros.aspx/ Frame C986
33 B
965 B
XHR
General
Full URL
https://rvn88cdn.agent1818.com/pagemethods_ros.aspx/GetServerTime?
Requested by
Host: cdnjs.santisem.com
URL: https://cdnjs.santisem.com/rj/sb-common-lib/3.9.9/sbCommonLib.js?version=58418710
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
1f17e1a1236c6587dd2ed80e8bd9c32198654992af2c7a144283f2dd5869c43a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

RequestTarget
AJAXService
Referer
https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
X-JWToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTZXNzaW9uSUQiOiJ0djBybXVocHVzNGdmdnF0M3owemJ2Z2oiLCJTaXRlSUQiOiI0MSIsIm5iZiI6MTYyNjE0NDMxMSwiZXhwIjoxNjI2NzQ5MTExLCJpYXQiOjE2MjYxNDQzMTF9.fD1xE5xu2YwCGx1XjsXaCAh9lW4G5itLd7zqEYl51J0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 13 Jul 2021 02:45:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
PWS/8.3.1.0.8
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
Via
1.1 PSxgHKG8oa90:8 (W), 1.1 PS-FRA-014cL39:2 (W)
Cache-Control
private
X-Px
ms PS-FRA-014cL39FRA,ms PSxgHKG8oa90000(origin)
Connection
keep-alive
X-Ws-Request-Id
60ecfe3a_kf41_122560-39141
X-XSS-Protection
1; mode=block
Expires
Tue, 13 Jul 2021 02:35:14 GMT
jsprofile.js
rvn88cdn.agent1818.com/ Frame C986
2 MB
312 KB
XHR
General
Full URL
https://rvn88cdn.agent1818.com/jsprofile.js?version=58418710&deviceType=IsDesktop
Requested by
Host: cdnjs.santisem.com
URL: https://cdnjs.santisem.com/rj/sb-common-lib/3.9.9/sbCommonLib.js?version=58418710
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
ca7bbf85c972c2ea1a48015725be2c0ece2a7c9cd2c2f2f781565edd91e497b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

RequestTarget
XmlService
Referer
https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Jul 2021 02:45:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 12 Jul 2021 07:21:51 GMT
Server
PWS/8.3.1.0.8
ETag
"-1332077910"
X-Ws-Request-Id
60ecfe3a_kf41_122833-25759
Content-Type
application/x-javascript
Via
1.1 PS-TPE-01qXz223:10 (W), 1.1 PSrbdjTYO3oi46:7 (W), 1.1 PS-FRA-014cL39:2 (W)
Cache-Control
max-age=86400
X-Px
ms PS-FRA-014cL39FRA,ht PSrbdjTYO3oi46HND
Connection
keep-alive
Content-Length
318469
X-XSS-Protection
1; mode=block
Expires
Tue, 13 Jul 2021 07:24:11 GMT
GetLeagues
rvn88cdn.agent1818.com/methods/sportscontent.ashx/ Frame C986
36 KB
10 KB
XHR
General
Full URL
https://rvn88cdn.agent1818.com/methods/sportscontent.ashx/GetLeagues?
Requested by
Host: cdnjs.santisem.com
URL: https://cdnjs.santisem.com/rj/sb-common-lib/3.9.9/sbCommonLib.js?version=58418710
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
760a14c5acf8f493219d7ab78b8b0c8c1239651319bffff8940e2a9ebf60d57c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

RequestTarget
AJAXService
Referer
https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
X-JWToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTZXNzaW9uSUQiOiJ0djBybXVocHVzNGdmdnF0M3owemJ2Z2oiLCJTaXRlSUQiOiI0MSIsIm5iZiI6MTYyNjE0NDMxMSwiZXhwIjoxNjI2NzQ5MTExLCJpYXQiOjE2MjYxNDQzMTF9.fD1xE5xu2YwCGx1XjsXaCAh9lW4G5itLd7zqEYl51J0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 13 Jul 2021 02:45:16 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
PWS/8.3.1.0.8
Transfer-Encoding
chunked
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Via
1.1 PSxgHKG8oa90:8 (W), 1.1 PS-FRA-014cL39:2 (W)
Cache-Control
private
X-Px
ms PS-FRA-014cL39FRA,ms PSxgHKG8oa90000(origin)
Connection
keep-alive
Content-Type
application/json; charset=utf-8
X-Ws-Request-Id
60ecfe3b_kf41_122833-25789
X-XSS-Protection
1; mode=block
Expires
Tue, 13 Jul 2021 02:35:16 GMT
GetPartialLiveContent
rvn88cdn.agent1818.com/methods/sportscontent.ashx/ Frame C986
4 KB
2 KB
XHR
General
Full URL
https://rvn88cdn.agent1818.com/methods/sportscontent.ashx/GetPartialLiveContent?
Requested by
Host: cdnjs.santisem.com
URL: https://cdnjs.santisem.com/rj/sb-common-lib/3.9.9/sbCommonLib.js?version=58418710
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
41ddb78a2a72a7c6e0f6dc0e8d392061b601e49545c28c9f5494af668cbd8d62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

RequestTarget
AJAXService
Referer
https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
X-JWToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTZXNzaW9uSUQiOiJ0djBybXVocHVzNGdmdnF0M3owemJ2Z2oiLCJTaXRlSUQiOiI0MSIsIm5iZiI6MTYyNjE0NDMxMSwiZXhwIjoxNjI2NzQ5MTExLCJpYXQiOjE2MjYxNDQzMTF9.fD1xE5xu2YwCGx1XjsXaCAh9lW4G5itLd7zqEYl51J0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 13 Jul 2021 02:45:16 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
PWS/8.3.1.0.8
Transfer-Encoding
chunked
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Via
1.1 PSxgHKG8oa90:8 (W), 1.1 PS-FRA-014cL39:2 (W)
Cache-Control
private
X-Px
ms PS-FRA-014cL39FRA,ms PSxgHKG8oa90000(origin)
Connection
keep-alive
Content-Type
application/json; charset=utf-8
X-Ws-Request-Id
60ecfe3b_kf41_122560-39171
X-XSS-Protection
1; mode=block
Expires
Tue, 13 Jul 2021 02:35:16 GMT
splash.png
rvn88cdn.agent1818.com/imgs/ Frame 3FD1
567 B
1 KB
Document
General
Full URL
https://rvn88cdn.agent1818.com/imgs/splash.png
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
3127547b37eb862b3870692edb50889bf3404ac51db6e5f1c63869b309940a59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
rvn88cdn.agent1818.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
lb_sess=18b25ed7137b264f1ccfe7e001bbeb88; sbtssid=35i2b1lhwzhjbz3z2z3n0uxf; firstrequest=aHR0cDovL3J2bjg4Y2RuLmFnZW50MTgxOC5jb20vcGFnZW1ldGhvZHNfcm9zLmFzcHgvR2V0U2VydmVyVGltZQ__; externaltoken=x
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1

Response headers

Date
Tue, 13 Jul 2021 02:45:15 GMT
Content-Type
image/png
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Wed, 11 Aug 2021 22:58:52 GMT
Server
PWS/8.3.1.0.8
Cache-Control
public, max-age=2592000
Last-Modified
Mon, 16 Nov 2020 05:05:00 GMT
ETag
"595599655"
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Age
13584
Via
1.1 PS-TPE-01qXz223:0 (W), 1.1 PSrbdjTYO3sh60:5 (W), 1.1 PS-FRA-014cL39:2 (W)
X-Px
ht PS-FRA-014cL39FRA
X-Ws-Request-Id
60ecfe3b_kf41_122806-48249
arrow-up.svg
rvn88cdn.agent1818.com/imgs/i-v2/o/generic/alt/ Frame C986
343 B
968 B
Image
General
Full URL
https://rvn88cdn.agent1818.com/imgs/i-v2/o/generic/alt/arrow-up.svg
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/css/app.css?version=637616695263364414
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
0be1a415d7ebca00d716f6b3a259fd3c7e6770bb8ac10162de5a228be162129d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rvn88cdn.agent1818.com/css/app.css?version=637616695263364414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Jul 2021 02:45:16 GMT
Via
1.1 PSxgHKG8oa90:8 (W), 1.1 PS-FRA-014cL39:2 (W)
X-Content-Type-Options
nosniff
Last-Modified
Mon, 16 Nov 2020 05:05:15 GMT
Server
PWS/8.3.1.0.8
ETag
"1017787335"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
public, max-age=2592000
X-Px
ms PS-FRA-014cL39FRA,ms PSxgHKG8oa90000(origin)
Connection
keep-alive
X-Ws-Request-Id
60ecfe3c_kf41_122806-48250
X-XSS-Protection
1; mode=block
Expires
Thu, 12 Aug 2021 02:45:16 GMT
Oswald-Regular.woff2
rvn88cdn.agent1818.com/css/shared/fonts/ Frame C986
34 KB
35 KB
Font
General
Full URL
https://rvn88cdn.agent1818.com/css/shared/fonts/Oswald-Regular.woff2
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/css/app.css?version=637616695263364414
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
1e71313cedac2e409b994408e0f13fe2da38d474470c3b55493115cb3026777a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://rvn88cdn.agent1818.com
Referer
https://rvn88cdn.agent1818.com/css/app.css?version=637616695263364414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Jul 2021 02:45:16 GMT
Via
1.1 PSxgHKG8oa90:8 (W), 1.1 PS-FRA-014cL39:2 (W)
X-Content-Type-Options
nosniff
Last-Modified
Mon, 16 Nov 2020 05:05:00 GMT
Server
PWS/8.3.1.0.8
ETag
"588250583"
Transfer-Encoding
chunked
Content-Type
application/font-woff2
Cache-Control
public
X-Px
ms PS-FRA-014cL39FRA,ms PSxgHKG8oa90000(origin)
Connection
keep-alive
X-Ws-Request-Id
60ecfe3c_kf41_122669-23260
X-XSS-Protection
1; mode=block
Expires
Thu, 12 Aug 2021 02:45:16 GMT
_blank.htm
ls.99k.info/ Frame 3FD1
18 B
828 B
Document
General
Full URL
https://ls.99k.info/_blank.htm
Requested by
Host: ls.masamiab.com
URL: https://ls.masamiab.com/stream.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.92.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5a2ac931301d8e2c0e118db5387e5ab02472fc16b3a2fe1759e6932cdf5bb841

Request headers

:method
GET
:authority
ls.99k.info
:scheme
https
:path
/_blank.htm
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rvn88cdn.agent1818.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rvn88cdn.agent1818.com/

Response headers

date
Tue, 13 Jul 2021 02:45:16 GMT
content-type
text/html
last-modified
Fri, 19 Feb 2021 02:46:45 GMT
vary
Accept-Encoding
x-powered-by
ASP.NET
access-control-allow-origin
*
access-control-allow-headers
Access-Control-Allow-Origin
access-control-allow-methods
GET
access-control-request-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers,Access-Control-Allow-Origin
cache-control
max-age=86400
cf-cache-status
HIT
age
2175
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Kg%2BsFyEHLS5egeO8q5JlladysB6Xv3nDhFvqiTIQQITwOUKgnk65p7di794uIPsroDIGPIwcJsA0iydBGW7obTEyKkcT18V2hfStF9Y7BYQ%2BeqC1oPt21LQ%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
66df2c981ea11695-ARN
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
bui.min.css
contents.masamiab.com/bui/ Frame C986
3 KB
1 KB
Stylesheet
General
Full URL
https://contents.masamiab.com/bui/bui.min.css
Requested by
Host: contents.masamiab.com
URL: https://contents.masamiab.com/bui/bui.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
119.13.89.234 Fuzhou, China, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
071a95856a2c49ce02c7459999ecffdac8708d26faa0d212c7abc1a4792d882b

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:16 GMT
content-encoding
gzip
x-powered-by
ASP.NET
x-remote-addr
185.236.42.15
http-geo-ipcountry
SE
last-modified
Thu, 30 Jul 2020 06:47:02 GMT
server
nginx
etag
W/"0b7d33a3d66d61:0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Tue, 13 Jul 2021 02:55:16 GMT
cache-control
max-age=600
x-forwarded-port
443
access-control-allow-headers
Access-Control-Allow-Origin
x-proxy-cache
HIT
access-control-request-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers,Access-Control-Allow-Origin
ConfigSetting.json
contents.masamiab.com/bui/ Frame C986
10 KB
2 KB
Fetch
General
Full URL
https://contents.masamiab.com/bui/ConfigSetting.json
Requested by
Host: contents.masamiab.com
URL: https://contents.masamiab.com/bui/bui.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
119.13.89.234 Fuzhou, China, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
fc43421161b96e5333a4f7a0714de7955eb1faf7179c581ad03d870ca8122048

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:16 GMT
content-encoding
gzip
last-modified
Tue, 06 Apr 2021 03:38:41 GMT
server
nginx
x-powered-by
ASP.NET
etag
W/"a388f56962ad71:0"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-remote-addr
185.236.42.15
http-geo-ipcountry
SE
access-control-allow-headers
Access-Control-Allow-Origin
access-control-request-headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers,Access-Control-Allow-Origin
GetAllLiveContent
rvn88cdn.agent1818.com/methods/sportscontent.ashx/ Frame C986
4 KB
2 KB
XHR
General
Full URL
https://rvn88cdn.agent1818.com/methods/sportscontent.ashx/GetAllLiveContent?
Requested by
Host: cdnjs.santisem.com
URL: https://cdnjs.santisem.com/rj/sb-common-lib/3.9.9/sbCommonLib.js?version=58418710
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
8b0ff14ad5ae602e9cef56e39b28e5be3150cd4c251b2b506caa6419d6d42c15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

RequestTarget
AJAXService
Referer
https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
X-JWToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTZXNzaW9uSUQiOiJ0djBybXVocHVzNGdmdnF0M3owemJ2Z2oiLCJTaXRlSUQiOiI0MSIsIm5iZiI6MTYyNjE0NDMxMSwiZXhwIjoxNjI2NzQ5MTExLCJpYXQiOjE2MjYxNDQzMTF9.fD1xE5xu2YwCGx1XjsXaCAh9lW4G5itLd7zqEYl51J0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 13 Jul 2021 02:45:16 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
PWS/8.3.1.0.8
Transfer-Encoding
chunked
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Via
1.1 PSxgHKG8oa90:8 (W), 1.1 PS-FRA-014cL39:2 (W)
Cache-Control
private
X-Px
ms PS-FRA-014cL39FRA,ms PSxgHKG8oa90000(origin)
Connection
keep-alive
Content-Type
application/json; charset=utf-8
X-Ws-Request-Id
60ecfe3c_kf41_122560-39172
X-XSS-Protection
1; mode=block
Expires
Tue, 13 Jul 2021 02:35:17 GMT
settings.svg
rvn88cdn.agent1818.com/imgs/i-v2/o/hamburger/ Frame C986
2 KB
2 KB
Image
General
Full URL
https://rvn88cdn.agent1818.com/imgs/i-v2/o/hamburger/settings.svg
Requested by
Host: rvn88cdn.agent1818.com
URL: https://rvn88cdn.agent1818.com/css/app.css?version=637616695263364414
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
131d2d96e990b9dc54c165250f136cd86d27e2b779b3344ccccba0494662721d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rvn88cdn.agent1818.com/css/app.css?version=637616695263364414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Jul 2021 02:45:16 GMT
Via
1.1 PSxgHKG8oa90:8 (W), 1.1 PS-FRA-014cL39:2 (W)
X-Content-Type-Options
nosniff
Last-Modified
Mon, 16 Nov 2020 05:05:15 GMT
Server
PWS/8.3.1.0.8
ETag
"1017148873"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
public, max-age=2592000
X-Px
ms PS-FRA-014cL39FRA,ms PSxgHKG8oa90000(origin)
Connection
keep-alive
X-Ws-Request-Id
60ecfe3c_kf41_122806-48256
X-XSS-Protection
1; mode=block
Expires
Thu, 12 Aug 2021 02:45:17 GMT
sodar
pagead2.googlesyndication.com/getconfig/
11 KB
9 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210708&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210708/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3478514043172783&plah=www.xemkeoonline.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f4a89deb731b136d2c28bb25f7521c843dec9ddf165f0142b1642673826cacb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 13 Jul 2021 02:45:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8626
x-xss-protection
0
GetCurrentUserTags
rvn88cdn.agent1818.com/pagemethods_ros.aspx/ Frame C986
101 B
803 B
XHR
General
Full URL
https://rvn88cdn.agent1818.com/pagemethods_ros.aspx/GetCurrentUserTags
Requested by
Host: cdnjs.santisem.com
URL: https://cdnjs.santisem.com/rj/sb-common-lib/3.9.9/sbCommonLib.js?version=58418710
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
7e629e95742eef5b52e8d16d01ca73b83c6ad458931eb41a4aee66b9a59f383a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

RequestTarget
AJAXService
Referer
https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
X-JWToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTZXNzaW9uSUQiOiJ0djBybXVocHVzNGdmdnF0M3owemJ2Z2oiLCJTaXRlSUQiOiI0MSIsIm5iZiI6MTYyNjE0NDMxMSwiZXhwIjoxNjI2NzQ5MTExLCJpYXQiOjE2MjYxNDQzMTF9.fD1xE5xu2YwCGx1XjsXaCAh9lW4G5itLd7zqEYl51J0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 13 Jul 2021 02:45:16 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
PWS/8.3.1.0.8
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
Via
1.1 PSxgHKG8oa90:8 (W), 1.1 PS-FRA-014cL39:2 (W)
Cache-Control
private
X-Px
ms PS-FRA-014cL39FRA,ms PSxgHKG8oa90000(origin)
Connection
keep-alive
X-Ws-Request-Id
60ecfe3c_kf41_122833-25791
X-XSS-Protection
1; mode=block
Expires
Tue, 13 Jul 2021 02:35:17 GMT
getUserOpenBetsData
rvn88cdn.agent1818.com/methods/userinfo.ashx/ Frame C986
0
635 B
XHR
General
Full URL
https://rvn88cdn.agent1818.com/methods/userinfo.ashx/getUserOpenBetsData?
Requested by
Host: cdnjs.santisem.com
URL: https://cdnjs.santisem.com/rj/sb-common-lib/3.9.9/sbCommonLib.js?version=58418710
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

RequestTarget
AJAXService
Referer
https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
X-JWToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTZXNzaW9uSUQiOiJ0djBybXVocHVzNGdmdnF0M3owemJ2Z2oiLCJTaXRlSUQiOiI0MSIsIm5iZiI6MTYyNjE0NDMxMSwiZXhwIjoxNjI2NzQ5MTExLCJpYXQiOjE2MjYxNDQzMTF9.fD1xE5xu2YwCGx1XjsXaCAh9lW4G5itLd7zqEYl51J0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 13 Jul 2021 02:45:16 GMT
Via
1.1 PSxgHKG8oa90:8 (W), 1.1 PS-FRA-014cL39:2 (W)
X-Content-Type-Options
nosniff
Server
PWS/8.3.1.0.8
X-Ws-Request-Id
60ecfe3c_kf41_122669-23264
Content-Type
application/json
Cache-Control
private
X-Px
ms PS-FRA-014cL39FRA,ms PSxgHKG8oa90000(origin)
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Tue, 13 Jul 2021 02:35:17 GMT
getUserInfo
rvn88cdn.agent1818.com/methods/userinfo.ashx/ Frame C986
2 B
652 B
XHR
General
Full URL
https://rvn88cdn.agent1818.com/methods/userinfo.ashx/getUserInfo?
Requested by
Host: cdnjs.santisem.com
URL: https://cdnjs.santisem.com/rj/sb-common-lib/3.9.9/sbCommonLib.js?version=58418710
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
1bad6b8cf97131fceab8543e81f7757195fbb1d36b376ee994ad1cf17699c464
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

RequestTarget
AJAXService
Referer
https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
X-JWToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTZXNzaW9uSUQiOiJ0djBybXVocHVzNGdmdnF0M3owemJ2Z2oiLCJTaXRlSUQiOiI0MSIsIm5iZiI6MTYyNjE0NDMxMSwiZXhwIjoxNjI2NzQ5MTExLCJpYXQiOjE2MjYxNDQzMTF9.fD1xE5xu2YwCGx1XjsXaCAh9lW4G5itLd7zqEYl51J0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 13 Jul 2021 02:45:16 GMT
Via
1.1 PSxgHKG8oa90:8 (W), 1.1 PS-FRA-014cL39:2 (W)
X-Content-Type-Options
nosniff
Server
PWS/8.3.1.0.8
X-Ws-Request-Id
60ecfe3c_kf41_122560-39175
Content-Type
application/json; charset=utf-8
Cache-Control
private
X-Px
ms PS-FRA-014cL39FRA,ms PSxgHKG8oa90000(origin)
Connection
keep-alive
Content-Length
2
X-XSS-Protection
1; mode=block
Expires
Tue, 13 Jul 2021 02:35:17 GMT
verifytoken
esports.w88api.com/ Frame C986
0
377 B
Script
General
Full URL
https://esports.w88api.com/verifytoken?v=1626144316720&token=x&_=1626144316721
Requested by
Host:
URL: /jscomponents/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
209.9.48.83 , United States, ASN3491 (BTN-ASN, US),
Reverse DNS
209-9-48-83.static.pccwglobal.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Jul 2021 02:45:17 GMT
svr
01
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Cache-Control
private
X-Forwarded-Proto
https
Content-Length
0
getWaitingBetsSP
rvn88cdn.agent1818.com/pagemethods.aspx/ Frame C986
2 B
651 B
XHR
General
Full URL
https://rvn88cdn.agent1818.com/pagemethods.aspx/getWaitingBetsSP?
Requested by
Host: cdnjs.santisem.com
URL: https://cdnjs.santisem.com/rj/sb-common-lib/3.9.9/sbCommonLib.js?version=58418710
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

RequestTarget
AJAXService
Referer
https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
X-JWToken
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTZXNzaW9uSUQiOiJ0djBybXVocHVzNGdmdnF0M3owemJ2Z2oiLCJTaXRlSUQiOiI0MSIsIm5iZiI6MTYyNjE0NDMxMSwiZXhwIjoxNjI2NzQ5MTExLCJpYXQiOjE2MjYxNDQzMTF9.fD1xE5xu2YwCGx1XjsXaCAh9lW4G5itLd7zqEYl51J0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 13 Jul 2021 02:45:17 GMT
Via
1.1 PSxgHKG8oa90:8 (W), 1.1 PS-FRA-014cL39:2 (W)
X-Content-Type-Options
nosniff
Server
PWS/8.3.1.0.8
X-Ws-Request-Id
60ecfe3c_kf41_122753-6726
Content-Type
application/json; charset=utf-8
Cache-Control
private
X-Px
ms PS-FRA-014cL39FRA,ms PSxgHKG8oa90000(origin)
Connection
keep-alive
Content-Length
2
X-XSS-Protection
1; mode=block
Expires
Tue, 13 Jul 2021 02:35:17 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210708/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3478514043172783&plah=www.xemkeoonline.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Tue, 13 Jul 2021 02:45:16 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 0693
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.xemkeoonline.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.xemkeoonline.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Tue, 13 Jul 2021 01:11:28 GMT
expires
Wed, 13 Jul 2022 01:11:28 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
5628
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame CE3F
783 B
532 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
924c74e63b896de6beacce3b8d708e7e04a0454d089125fb1eefc0f24f41ddc5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Kikh3QVi8J/s0xvh5IEdUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.xemkeoonline.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.xemkeoonline.com/

Response headers

expires
Tue, 13 Jul 2021 02:45:16 GMT
date
Tue, 13 Jul 2021 02:45:16 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-Kikh3QVi8J/s0xvh5IEdUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
b2gEWd4q8RfC2rkV4tdKCipW-yVpxc52qP_nX5010Jw.js
pagead2.googlesyndication.com/bg/ Frame 0693
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/b2gEWd4q8RfC2rkV4tdKCipW-yVpxc52qP_nX5010Jw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f680459de2af117c2dab915e2d74a0a2a56fb2569c5ce76a8ffe75f9d35d09c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 16:01:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
384221
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13336
x-xss-protection
0
last-modified
Tue, 06 Jul 2021 09:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Jul 2022 16:01:35 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210708&jk=2845476238654714&bg=!V1SlVBDNAAZjFomlYxY7ACkAdvg8WmdU7vTpu9UvnDAH3s-gvgt_9VZJ48U3w9hG4RcsmkBIxdJP4gIAAABeUgAAAAxoAQeZAm7IjV82qk6jWKV6wFh19uw8TYgt0olenCfHZ7YuvGUscmaG4tPLhif75-Cs9SB2ne5EonuVFni0jUNZT3FBmaXWsm2DWLjUu_gckSw6jLEzvo6eb7elA5T8n0biLLqSr8L30Cppoka6zFLMWNlcFG2BPGvbc5Qn6MW8NteZuGY3a7VfFRZbAzLSqo8c-qWUtSX7MFYKqNnmRmFPO9BofnJ6e7M2mNTqn3puNPZyVxmXOK6Vo_ViGEn88A6SaDI_Jr_KkQ5btJklTnWbdvzPwlGTjLV2syx4zisxygrBOIFn1K3HbfpMF_upXMQVJHRb7byLr12ZTEID57BsyeCu5rvbq7LWJnrkrg9bShQHInGXvyeoCZNcWQH_dVKbLEZgmHNoOUYsDNwOk2IPXRnQ0jJM8cNzVdXR3fOzgdclDJ_M8XmtVE7k5S96_jKosB6rcaDFOLXY5uEH23VcGkmx9MX1WHg-jPnRvPWHTHnfMKVY5TKiAYnNdNY9BZeQ_Kr07TSC2hcdBta_pa_hUKrZ5KJmFUIy8cLtuzlT49n5MwhV3wC0p6IjI1CoLEcJBA40ZsJdM0FYugLBv9YugNn5fLUACvLYdO_gRYoCFdHk1AldtoxK0uGs2HAhtXFuXXZdIH5iKIcIXi5OXpCN63dUi7sl4jwst4hjgQIDZIygke7QjILkOa4J8I1oa11vpGYCjS84Cqr27LhxBAuOS0QUsa6CWVQZ4ZPZKzmSbnFISjZQRcxxhsL486067vlEOu5DElHv602p9R-Mt1nXpGXWZNTCoihfOTTvJdRlY3SkSQ1IcJJDXf-G5wXhn1J-OMs9
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Jul 2021 02:45:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-3478514043172783&su=www.xemkeoonline.com&doc=complete&pg_h=5250&pg_w=1600&pg_hs=5250&c=0&aa_c=0&d=0&all_d=0&ard=0&all_ard=0&dt=d
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xemkeoonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Jul 2021 02:45:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
announcement.aspx
announcements.masamiab.com/ Frame C986
449 B
866 B
Script
General
Full URL
https://announcements.masamiab.com/announcement.aspx?lang=en
Requested by
Host: announcements.masamiab.com
URL: https://announcements.masamiab.com/announcement.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.46.153.17 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
901456e9685d726a18b031311944e99d8e6095d9db51be836cdd3dc6b8c55419

Request headers

Referer
https://rvn88cdn.agent1818.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 02:45:18 GMT
content-encoding
gzip
server
nginx
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/html; charset=utf-8
x-remote-addr
185.236.42.15
cache-control
private
http-geo-ipcountry
SE
accept-ranges
bytes
content-length
577
hshandler.ashx
rvn88cdn.agent1818.com/async/ Frame C986
54 B
871 B
XHR
General
Full URL
https://rvn88cdn.agent1818.com/async/hshandler.ashx?version=1626144314293
Requested by
Host: cdnjs.santisem.com
URL: https://cdnjs.santisem.com/rj/sb-common-lib/3.9.9/sbCommonLib.js?version=58418710
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
f494c3bc5c78c73273df161b3332423e009aba27fe502fa592208f76edd9434f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

RequestTarget
XmlService
Referer
https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Jul 2021 02:45:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
PWS/8.3.1.0.8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Via
1.1 PSxgHKG8oa90:8 (W), 1.1 PS-FRA-014cL39:2 (W)
Cache-Control
private
X-Px
ms PS-FRA-014cL39FRA,ms PSxgHKG8oa90000(origin)
Access-Control-Allow-Headers
RequestTarget, Content-Type
Connection
keep-alive
X-Ws-Request-Id
60ecfe3f_kf41_122753-6729
X-XSS-Protection
1; mode=block
Access-Control-Request-Headers
RequestTarget, Content-Type
achan.ashx
rvn88cdn.agent1818.com/async/ Frame C986
194 B
690 B
XHR
General
Full URL
https://rvn88cdn.agent1818.com/async/achan.ashx?version=1626144314293
Requested by
Host: cdnjs.santisem.com
URL: https://cdnjs.santisem.com/rj/sb-common-lib/3.9.9/sbCommonLib.js?version=58418710
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
90f04af47c309a9db9512c5c8aae2fbd488623f1d5ac4971bb3a6f1200ae6da9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

RequestTarget
XmlService
Referer
https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Jul 2021 02:45:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
PWS/8.3.1.0.8
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Via
1.1 PSxgHKG8oa90:8 (W), 1.1 PS-FRA-014cL39:2 (W)
Cache-Control
private
X-Px
ms PS-FRA-014cL39FRA,ms PSxgHKG8oa90000(origin)
Connection
keep-alive
X-Ws-Request-Id
60ecfe3f_kf41_122753-6730
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async string| google_user_agent_client_hint undefined| $ function| jQuery function| hide_float_right function| google_spfd number| google_unique_id object| google_sv_map function| hide_float_left function| hide_float_right1 object| __lc object| LiveChatWidget function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| astra function| astraGetParents function| getParents function| astraToggleClass function| toggleClass function| astraTriggerEvent function| popupTriggerClick function| AstraToggleSubMenu function| AstraNavigationMenu function| AstraToggleMenu function| AstraToggleSetup function| astraNavMenuToggle boolean| __lc_inited object| LC_API object| Fat object| smilies function| sac_apply_filters function| filter_smilies function| make_links object| myBox function| scroll_to_position number| get_timeout undefined| sac_loadtimes undefined| httpReceiveChat undefined| httpSendChat number| sac_timeout string| GetChaturl string| SendChaturl function| initJavaScript function| receiveChatText function| handlehHttpReceiveChat function| sendComment function| insertNewContent function| pressedEnter function| checkStatus function| sac_getCookie function| checkName function| checkUrl function| getHTTPObject function| isNewNotificationSupported function| sacCustomNotify object| localize function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry boolean| isEditMode object| ea object| lazySizes object| astraAddon function| display_mega_menu_on_load object| items function| apply_megamenu_width_styles string| sticky_header_on_devices string| site_layout_box_width string| hook_sticky_footer string| sticky_footer_on_devices object| wp object| webpackChunkelementor object| __core-js_shared__ object| core object| elementorModules function| Waypoint function| Swiper function| ShareLink object| DialogsManager object| elementorFrontendConfig object| regeneratorRuntime object| elementorFrontend function| astScrollToTop object| twemoji number| link number| len object| GoogleGcLKhOms

5 Cookies

Domain/Path Name / Value
rvn88cdn.agent1818.com/ Name: externaltoken
Value: x
.agent1818.com/ Name: lng
Value: 236
.agent1818.com/ Name: firstrequest
Value: aHR0cDovL3J2bjg4Y2RuLmFnZW50MTgxOC5jb20vcGFnZW1ldGhvZHNfcm9zLmFzcHgvR2V0U2VydmVyVGltZQ__
.agent1818.com/ Name: sbtssid
Value: 35i2b1lhwzhjbz3z2z3n0uxf
rvn88cdn.agent1818.com/ Name: lb_sess
Value: 18b25ed7137b264f1ccfe7e001bbeb88

8 Console Messages

Source Level URL
Text
console-api log URL: https://www.xemkeoonline.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2
console-api log URL: https://announcements.masamiab.com/announcement.js(Line 48)
Message:
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
console-api warning URL: https://rvn88cdn.agent1818.com/vi/sports/?ExternalToken=x&oddsstyleid=3&random=1(Line 8)
Message:
/JSComponents/Data/UniSlip/Modes/TeaserSPSlipMode.ext.js is not registered
console-api log URL: https://ls.masamiab.com/stream.js(Line 114)
Message:
[LS] LS HOST not found!!!
console-api log URL: https://ls.masamiab.com/stream.js(Line 115)
Message:
[LS] stream op found...
console-api log URL: https://ls.masamiab.com/streamIconJS.js(Line 106)
Message:
[LS] streamicon op found...
console-api log URL: https://contents.masamiab.com/bui/bui.min.js(Line 1)
Message:
[object Object]
console-api log URL: https://announcements.masamiab.com/announcement.js(Line 24)
Message:
displayMarquee

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.livechatinc.com
adservice.google.com
adservice.google.de
announcements.masamiab.com
api.livechatinc.com
cdn.livechatinc.com
cdnjs.santisem.com
contents.masamiab.com
esports.w88api.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.w2script.com
ls.99k.info
ls.masamiab.com
m.vn88hn.live
pagead2.googlesyndication.com
partner.googleadservices.com
redeliver5r9p.com
rvn88.w2sports.com
rvn88cdn.agent1818.com
s.w.org
secure.livechatinc.com
tpc.googlesyndication.com
vietsode.net
www.google-analytics.com
www.google.com
www.googletagservices.com
www.xemkeoonline.com
103.89.20.98
104.21.92.9
107.154.199.84
111.90.148.73
119.13.89.234
13.224.99.19
192.0.77.48
2.16.186.211
207.46.153.17
209.9.48.83
216.58.212.130
220.242.170.82
2606:4700:3030::6815:28b6
2606:4700:3033::ac43:8b4a
2a00:1450:4001:800::2002
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:808::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:827::2001
2a00:1450:4001:828::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
045cd6720377282ab525f4634d12a02ef2c7bcb984991b09d6ff3691df36c1b7
071a95856a2c49ce02c7459999ecffdac8708d26faa0d212c7abc1a4792d882b
0be1a415d7ebca00d716f6b3a259fd3c7e6770bb8ac10162de5a228be162129d
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
0ce1d7dbbf86a00c587e87e67f93f638c5184c5801d241bf5de7dfff0eaf8d9a
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
119b2522ae491ae9bdc831255cbd184f83746403d91ed27b074f63f1b960db82
131d2d96e990b9dc54c165250f136cd86d27e2b779b3344ccccba0494662721d
17f076500dca787c42b1dd6238ce50a0752771eafd040e8512c713a7ec947c65
18c9255efa5830e5d14614bdd0f3e05001674c05da1d4149ad90a14823b6809f
1ada5259a5ac61a7d68315f7efa6b98d61d2d0478df0545869c880afeaa67dcd
1bad6b8cf97131fceab8543e81f7757195fbb1d36b376ee994ad1cf17699c464
1cdb6df8107e75d4aaf5591cbec5f1f31038186d7179154c96b3ba420b5d9d7d
1e5aeaa58ab4c2345953f77e07fbc20578326076a259ed702eea64e077fde675
1e71313cedac2e409b994408e0f13fe2da38d474470c3b55493115cb3026777a
1e81e2aab71ba2f9cd54090aedcbfe6d2447c1f66918bcafb708d7c3086c7b0e
1f17e1a1236c6587dd2ed80e8bd9c32198654992af2c7a144283f2dd5869c43a
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
27818e1b7cabc0805920bd57c19496f05c2699afaee78482e99026169872be24
2989e0b9e836cb9de3274d641ec6a58c2052f039e790ddd59b22303930bfdeeb
299f002a908a15968be878534247c58b43b6204eb9b9100b91225b54986fe40c
2be6b6e5eac6433ad1cd45c1da385fd6be8061ec353c29b6984a3f7ffddc2d2e
2c5b024ac47363f4d7bb9f9ba156f11847254f45d37783068345e1217ce3fd25
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2d2c6f5ec4686e7cb2373fcd2cc49970220227ac721b21e297f90981e74a2fc1
2e83256a8afd34bddf3b1516da5f39aa85b37856eb114a54413ce630fc936ea7
30a949187cdd1c73e43b3bdee9398a9ae27f403a9481999fc9f5f946d8af0079
3127547b37eb862b3870692edb50889bf3404ac51db6e5f1c63869b309940a59
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
37fa40e483b873056df8057f5fc06d08389b3741f1b97ff774595d940e81d009
3f2296fc1af54692bd56501bf9156cae1da8028424f9dbf8b00e5f40b6c3a4d9
3f9c38934fc41ee2a85f1a6e1ad59e96f7f1e73b9b4e653394708715d5ab32c5
41ddb78a2a72a7c6e0f6dc0e8d392061b601e49545c28c9f5494af668cbd8d62
4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
4f481d78a1dcc4eb5d25ac20d829ab107a70e04420e42dd50d16d7f1d880c4c5
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fa646a4dbc10513ddeb70561789483638faf456e15186f4eb7291c5c455cbb6
51025c11b35699936388814726cc4d808f3b3506d44665c6c6aaac79cbdc471a
551707f405323967c876f683bad8a28ab94ee48024fb61eaa3ec3b39be5b4f05
567bcde204e2912b755f5beb16a136d75118e09b6d354604a1da9234df6e1914
5a2ac931301d8e2c0e118db5387e5ab02472fc16b3a2fe1759e6932cdf5bb841
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5db00cc0aaaef4c68ce7be752bd8794cc0b67469cedfed7f4bb493c328cd5611
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
65d607a2713e2a567dcf1db9f11b8427a1d4efcc48b2178940c1ae0b2f089bf5
6895060642b0fb711a3f89e2b0b31ee1041ad8a7c8dfb1f93379ca9316efa682
6ac62ad133b177d67c52cfd6b1fa821b3566637b15c3637335036aae03cf972a
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6d1b0abead4afbcc2e58204a0d787973b9ed656ec66809bfa4038503ec44783a
6f680459de2af117c2dab915e2d74a0a2a56fb2569c5ce76a8ffe75f9d35d09c
70ea929cc11e816ee21815a2a07b5c6d8d4271ca87fa22a821afbc53db7481fe
70eef99f016276772a27a6176e60dd2565d7acd70c3850e9cc9f8d240abe814d
72b1a8a85556ee3ea2c9b50d12cf92c487082f14a58da9616ee5f09789533b69
74b4a28729201fae2dbb53b42592ee518a7343ed8bbb6508ee0844d4d1e0030b
75db663f63c3505c2d1d2c41b82da41465bcd39b390516728f7fd323f95f644e
760a14c5acf8f493219d7ab78b8b0c8c1239651319bffff8940e2a9ebf60d57c
7cb6c118ec3898ea3cf8db6f9d26f49cbe1ed8475e269b78d8162307b648b1ae
7d7731cd19278dd8d68435b1df5709fd2e12e8f13e43d86409ccc26f3354ea52
7e629e95742eef5b52e8d16d01ca73b83c6ad458931eb41a4aee66b9a59f383a
7f8fc2a8f340314b8c37cf2e52c17df22e0b6e756625c61dd87f650ee28fdb37
8100eced22e7bba712a8db44a2539fdbd8330fdcfce338316d02fd502d13b4b2
8320a27c1ba11b3324315bdb8b869ea39cc2ae4d1fbd5fd19d65a1489a7643a0
851047f3d0df2c5511d31f2ee2d6b81d4266e55bd402fa823586e91ca341dee8
893678a05aea064715789c2002b776939d31b2a75ac82fd21549654e43827fc5
8b0ff14ad5ae602e9cef56e39b28e5be3150cd4c251b2b506caa6419d6d42c15
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
901456e9685d726a18b031311944e99d8e6095d9db51be836cdd3dc6b8c55419
90f04af47c309a9db9512c5c8aae2fbd488623f1d5ac4971bb3a6f1200ae6da9
90f3d044989dd24e2c3ae4b741979aa42d627a6979d5682b24b35ef98a490958
924c74e63b896de6beacce3b8d708e7e04a0454d089125fb1eefc0f24f41ddc5
9615492622f7c0cf75625707073408fc5a733b60124c65f17eac9041c19d4c4f
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
9855c5142a9b459a083bea4c47ab52f96685c7233664243581062dbdc1d70a1f
9a2d9b483ef09fc8ea9aa4e2e28623515f9ba49ed08104c4458e0f16a93a4255
9f797a163645a8d6308f5c6ee5c7c96cdf26c20d28a5c608fa488a0fac45f6df
9fd71499be740db3b5066c33ba442501aae6418f758432667ff956b887b84c0d
a3f97de5268375e39a7d3b9158899148f835a334f064bd20c0110f81f4757db6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b03fe5f82241e38e98ce1b5987e432c21b3f88957bac9a9a566cf44ecfd489
a59b154d69f616520a00b883621fc796400c9ef6e3148154771a9fa1c77b858b
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a9afafd03001404329b0871e17c22112067e61c6e2c3e85a6e1389423ecf13e8
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
b03ef4b198588654c13a7eacbf4b45a6a42b5d250019c8a6c16dc475e4e97fba
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
b30169a38c7ecd17eefc119177c0c61337b17a8f1abfd337ac37284d1a04a65b
b4060f918f12bcc8dc11069732cb9f2bc32a59f04d7f91e05ae04b661f43f298
b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738
b548bcd50c5a99cfe97f842748da8916387ba6673dcd55dadb58e6abbe18917e
b5641645c15c48b3ff5ce52e718563e1d04d18492e552eb126862768327e2855
b8c32ed1dffc7730c3c4742eb2c7e152056c8ef22a360399f130002ba1454bba
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bfee97408d02a4ae6084406b0fc6a17249f76144e1ab2218c66218703ebe592e
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c8733b99c1638090d758de2e1e55f23c53115da5e702a7d51c3a84727cc8a8ed
ca7bbf85c972c2ea1a48015725be2c0ece2a7c9cd2c2f2f781565edd91e497b6
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc7b137e42cc03c622f9791be5303a3a37ecca800d36b53e240dc587c04aad76
ccf5e3c2e32d058e36d0c6ba18c8e6a063d692438079a700e8aa5802254bfb8a
cf3d17563947bb679f33f02c7a099f3e5ef7f934f3639a50d7dd8f8b09679f6e
d3ba919da871374ec11e13b7360b191981e5936e2d30aaca123a01cde9a59298
d59771829b640eb8e2109dd4199b2e7e48dbffd81bf351ad1ee909ac2f419a6c
d7282962004e3841c0ef0537ba431b29ca770cb4c67027af372edfce5489df32
d882dbd828af87ed3434862bf608a2dee6d347817ae547421c9b2051ce29a905
d8e1bb6afaee4a9709470e6bc6712a4288aab63eff4a430e75935d0095648bb6
db52f8cd89bc79466c3a38395a327e89fd194b80e62ba0ef7099454d1c765414
e097f0071264fdeaecaeced46cdf28762ffa5bc3694aefc95197353ef0bdf03f
e1f1603e01f51047a2ce9e57f32d29ca5ac7613c861be9a6ad1d20dcce4a8496
e36eaa6e7cebbd4138dfb008ee3d53ab8195f45953b0f4f27d0d8156ab059021
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec7ef7aa5fd1e019f1c26193e95e46d481d4983673936a9dda086705ada6e3d5
ed6659edd6031b871799dacd6ece7702502f8e749af40426d5a3013dd9eb1a25
ee0d2c4b510212a0bbc5a2f32a2cec0fd4f420946835bec87dd1d2231786b96b
f0fd6cbfbf2a4baec0ea585b8073df94193ba59132f7f3bded7769474d3486ee
f47d60ba6aa372dde626714bb04e43f25775ed8986f37a83c2c5281a3faafa92
f494c3bc5c78c73273df161b3332423e009aba27fe502fa592208f76edd9434f
f4a89deb731b136d2c28bb25f7521c843dec9ddf165f0142b1642673826cacb8
f533f1b930a04aef032a5fb9ddbfb85a14fc1ec2b7631cbc0ff87531bfce7120
f557f900f62afdeb7a8b0de31cb3a138cfd8bc1a83f52e3b3a94cf1f4600dbea
f6693145fdf1fda108e2720210f5a035e675449ea721e10e58ac9b1a6eabcca6
f76e4b52a3cecca6e57f6ee8dc6777a20a26ba7a87b02c8789f4ea3f0d2accdd
f8d00356859998784bda26e1d14f2d981515921b96ded50d5d6f6f0e75bac15c
f9b3507981d5ddcfbf64e7a082ef828e678917cd92d6ec700ac9d8ce0e0e9730
fa8c160947edf98ff75f41c665729612fd111ce0bc5c5bea3adc4d10d92f35f7
fb56f0e08adb026eb4e4b28c2fc33b35ce3ddf30a075f9906ec14caff095fa3c
fc43421161b96e5333a4f7a0714de7955eb1faf7179c581ad03d870ca8122048
fda3035030d3843c2751dc0da65fb802230ec00a4008aeed83ddddc7b97cbc93
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
fef39bd55372a3adba905c77b32fd9c843dddfe0c0929535d8081ab30b314e6b
ff43600c228c39295ac3c0768717186ef6d68e1358a325b310a757bf53d265b3