casino.merylhoffmanmanagement.com Open in urlscan Pro
4.216.196.15 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://casino.merylhoffmanmanagement.com/
Submission: On December 18 via api (December 18th 2024, 12:10:28 pm UTC) from US — Scanned from JP

Summary HTTP 77 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 20 IPs in 6 countries across 18 domains to perform 77 HTTP transactions. The main IP is 4.216.196.15, located in Tokyo, Japan and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is casino.merylhoffmanmanagement.com.
TLS certificate: Issued by R11 on December 18th 2024. Valid for: 3 months.

This is the only time casino.merylhoffmanmanagement.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	4.216.196.15 4.216.196.15	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	31.13.82.7 31.13.82.7	32934 (FACEBOOK) (FACEBOOK)
1 2	3.169.5.70 3.169.5.70	() ()
2	2620:1ec:bdf::46 2620:1ec:bdf::46	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
35	172.67.21.210 172.67.21.210	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:400a:80c::200a	15169 (GOOGLE) (GOOGLE)
1	104.194.8.184 104.194.8.184	23470 (RELIABLESITE) (RELIABLESITE)
1	23.215.255.183 23.215.255.183	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6810:ff40	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	104.19.132.76 104.19.132.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	163.181.23.198 163.181.23.198	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
2	3.6.136.140 3.6.136.140	16509 (AMAZON-02) (AMAZON-02)
1	172.67.135.246 172.67.135.246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:21e... 2600:9000:21ee:a00:a:e047:754:f4a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:8041	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.68.240 172.67.68.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.65.124.58 188.65.124.58	41690 (DAILYMOTI...) (DAILYMOTION Dailymotion S.A.)
1	172.67.140.193 172.67.140.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.231.230.148 52.231.230.148	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
77	20

7 4.216.196.15 (Tokyo, Japan)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

casino.merylhoffmanmanagement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.82.7 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-nrt1.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.169.5.70 (United States) 1 redirects

ASN ()
PTR: server-3-169-5-70.nrt57.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::46 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 172.67.21.210 (United States)

ASN13335 (CLOUDFLARENET, US)

www.viva.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
data-rengine.viva.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:400a:80c::200a (Osaka, Japan)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.194.8.184 (Los Angeles, United States)

ASN23470 (RELIABLESITE, US)

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.215.255.183 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-255-183.deploy.static.akamaitechnologies.com

micro.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:ff40 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.19.132.76 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 163.181.23.198 (Tokyo, Japan)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

scripts.jixie.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.6.136.140 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-6-136-140.ap-south-1.compute.amazonaws.com

geo.dailymotion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.135.246 (United States)

ASN13335 (CLOUDFLARENET, US)

sso.thevivanetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21ee:a00:a:e047:754:f4a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8041 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.68.240 (United States)

ASN13335 (CLOUDFLARENET, US)

api-rengine-stg.viva.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.65.124.58 (Paris, France)

ASN41690 (DAILYMOTION Dailymotion S.A., FR)
PTR: ebed1.dm.gg

pebed.dm-event.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.140.193 (United States)

ASN13335 (CLOUDFLARENET, US)

js.content-rec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.231.230.148 (Busan, Korea, Republic Of) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	viva.co.id www.viva.co.id — Cisco Umbrella Rank: 128129 Failed data-rengine.viva.co.id — Cisco Umbrella Rank: 397426	221 KB
7	merylhoffmanmanagement.com casino.merylhoffmanmanagement.com	23 KB
5	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 9340 c.mgid.com — Cisco Umbrella Rank: 7409 cdn.mgid.com — Cisco Umbrella Rank: 11787 servicer.mgid.com — Cisco Umbrella Rank: 9455	167 KB
4	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 625 c.clarity.ms — Cisco Umbrella Rank: 1269	30 KB
3	izooto.com cdn.izooto.com — Cisco Umbrella Rank: 18409	93 KB
2	dailymotion.com geo.dailymotion.com — Cisco Umbrella Rank: 8348	13 KB
2	jixie.media scripts.jixie.media — Cisco Umbrella Rank: 26935	14 KB
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 186	638 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	75 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 205	772 B
1	content-rec.com js.content-rec.com — Cisco Umbrella Rank: 143666	6 KB
1	dm-event.net pebed.dm-event.net — Cisco Umbrella Rank: 10199	363 B
1	viva.id api-rengine-stg.viva.id — Cisco Umbrella Rank: 394077	706 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 4220	25 KB
1	thevivanetworks.com sso.thevivanetworks.com — Cisco Umbrella Rank: 362708	870 B
1	rubiconproject.com micro.rubiconproject.com — Cisco Umbrella Rank: 3385	120 KB
1	ibb.co i.ibb.co — Cisco Umbrella Rank: 14048	127 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 415	31 KB
77	18

	Domain	Requested by
34	www.viva.co.id	casino.merylhoffmanmanagement.com www.viva.co.id
7	casino.merylhoffmanmanagement.com
3	cdn.izooto.com	casino.merylhoffmanmanagement.com cdn.izooto.com
2	c.clarity.ms	1 redirects
2	cdn.mgid.com	casino.merylhoffmanmanagement.com
2	geo.dailymotion.com	casino.merylhoffmanmanagement.com
2	scripts.jixie.media	casino.merylhoffmanmanagement.com
2	www.clarity.ms	casino.merylhoffmanmanagement.com
2	sb.scorecardresearch.com	1 redirects casino.merylhoffmanmanagement.com
2	connect.facebook.net	casino.merylhoffmanmanagement.com
1	c.bing.com	1 redirects
1	servicer.mgid.com	jsc.mgid.com
1	js.content-rec.com	jsc.mgid.com
1	pebed.dm-event.net	geo.dailymotion.com
1	api-rengine-stg.viva.id	ajax.googleapis.com
1	c.mgid.com	casino.merylhoffmanmanagement.com
1	data-rengine.viva.co.id	casino.merylhoffmanmanagement.com
1	cdn.prod.uidapi.com	casino.merylhoffmanmanagement.com
1	sso.thevivanetworks.com	casino.merylhoffmanmanagement.com
1	jsc.mgid.com	casino.merylhoffmanmanagement.com
1	micro.rubiconproject.com	casino.merylhoffmanmanagement.com
1	i.ibb.co	casino.merylhoffmanmanagement.com
1	ajax.googleapis.com	casino.merylhoffmanmanagement.com
77	23

This site contains links to these domains. Also see Links.

Domain
adomselfrecigency.com
www.papibola39.com
i.ibb.co
5396u.com

Subject Issuer	Validity	Valid
casino.merylhoffmanmanagement.com R11	`2024-12-18` - `2025-03-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-26` - `2024-12-25`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
*.viva.co.id Sectigo RSA Domain Validation Secure Server CA	`2024-08-01` - `2025-08-23`	a year	crt.sh
upload.video.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
ibb.co E6	`2024-10-21` - `2025-01-19`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-04-03`	8 months	crt.sh
izooto.com WE1	`2024-12-05` - `2025-03-05`	3 months	crt.sh
mgid.com WE1	`2024-11-02` - `2025-01-31`	3 months	crt.sh
*.jixie.media Sectigo RSA Organization Validation Secure Server CA	`2024-08-15` - `2025-08-15`	a year	crt.sh
geo.dailymotion.com ZeroSSL ECC Domain Secure Site CA	`2024-11-30` - `2025-02-28`	3 months	crt.sh
thevivanetworks.com WE1	`2024-11-28` - `2025-02-26`	3 months	crt.sh
cdn.prod.uidapi.com Amazon RSA 2048 M03	`2024-11-20` - `2025-12-20`	a year	crt.sh
viva.id WE1	`2024-11-20` - `2025-02-18`	3 months	crt.sh
*.dm-event.net ZeroSSL RSA Domain Secure Site CA	`2024-12-18` - `2025-03-18`	3 months	crt.sh
content-rec.com WE1	`2024-12-17` - `2025-03-17`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://casino.merylhoffmanmanagement.com/
Frame ID: 8346FA776B9DF42B65EE5CB79EA14A38
Requests: 74 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: 4A3F42F0CA520080F740FAFAB31217CE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PAPIBOLA LOGIN | MESIN SLOT PENCETAK UANG INSTAN

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Izooto (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.izooto\.\w+

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

77
Requests

86 %
HTTPS

30 %
IPv6

18
Domains

23
Subdomains

20
IPs

6
Countries

947 kB
Transfer

3033 kB
Size

14
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://adomselfrecigency.com/0607dfc7-cc6c-4b6d-a0da-4206c04c7554
Title:  Halaman Utama

Search URL Search Domain Scan URL

URL: https://www.papibola39.com/

Search URL Search Domain Scan URL

URL: https://i.ibb.co/8YhvsC5/papibolaslotlogin10.jpg
Title: 

Search URL Search Domain Scan URL

URL: https://5396u.com/amppapibola9/
Title: PAPIBOLA ALTERNATIF

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://sb.scorecardresearch.com/c2/8429568/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 69

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=EE6B5E86AF114E8D881D886D671130BC&RedC=c.clarity.ms&MXFR=24E97D27839F66CB3614687E879F6858 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=EE6B5E86AF114E8D881D886D671130BC&MUID=3BAA4EB406E76F0510495BED077E6E5A

77 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
casino.merylhoffmanmanagement.com/ 87 KB
21 KB 286ms
11ms Document
text/html 4.216.196.15
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://casino.merylhoffmanmanagement.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 4.216.196.15 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: a740fef95eb0da3925d3c61b46e958b464091c202b77a8b7dae1f02a88f8928d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 21108
content-type: text/html
date: Wed, 18 Dec 2024 12:10:22 GMT
etag: "15c5a-62989c657788d-gzip"
last-modified: Wed, 18 Dec 2024 11:32:55 GMT
server: Apache
vary: Accept-Encoding

GET
H3 200 sdk.js Show response
connect.facebook.net/en_GB/ 248 KB
74 KB 16ms
5ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js?hash=068280bf550e56cd7b951de8a8871e90

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

afa07a5e4910d3b1c4f8dece00f072fbebf70bfb4f4b071b2c3df6df4daa613f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://casino.merylhoffmanmanagement.com
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

content-md5: rCCZu1xO2ylHSByO0bP8Og==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "242a77b7153f812c500bb9798bfc22e4"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Tue, 16 Dec 2025 13:34:15 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 18 Dec 2024 12:10:22 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: 53036f89285d7736e10edf34f8c35d00
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=23, mss=1232, tbw=4530, tp=9, tpl=0, uplat=1, ullat=-1
x-fb-debug: ibeycDRBZ1JEQupgSuWtlv2Ul0xLKwBYMJ7ejEgYUz0uy42fI3BJyoyqba9HSAK7jy6raif1Rx6GtbRWl0iPbw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 75157
origin-agent-cluster: ?1

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/8429568/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
377 B

5ms
4ms

Script
text/javascript

3.169.5.70

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Requested by: Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/
Protocol: H2
Server: 3.169.5.70 , United States, ASN (),
Reverse DNS: server-3-169-5-70.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

vary: accept-encoding
cache-control: max-age=86400
etag: "d41d8cd98f00b204e9800998ecf8427e"
age: 44207
via: 1.1 e292c224849a607e978cd5583ec40350.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 0
x-amz-cf-id: VwEYfcBxMYir6M4u4KpKYdOubSq64QFfxx373XpbVaIKAocmiAQGsQ==
date: Wed, 18 Dec 2024 11:01:51 GMT
content-type: text/javascript
last-modified: Thu, 10 Oct 2024 18:18:19 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P6
x-amz-server-side-encryption: AES256

Redirect headers

location: /internal-c2/default/cs.js
accept-ch: UA, Platform, Arch, Model, Mobile
via: 1.1 e292c224849a607e978cd5583ec40350.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: Kru0VMCPErCnE0E34T27OnyS1O80NrviCOCyKfSEeLEoCtO-2xKUVw==
date: Wed, 18 Dec 2024 12:10:22 GMT
x-amz-cf-pop: NRT57-P6

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.58/ 67 KB
28 KB 27ms
6ms Script
application/javascript 2620:1ec:bdf::46
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.58/clarity.js
Requested by: Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e57f584dc164284e3994776f7ddd7de42d54921a30f096ca971f676b2f5942c7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

x-azure-ref: 20241218T121023Z-15fd77bf5844f5vvhC1TYO3nts00000005x0000000017hf1
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DD19E020F35B96"
x-fd-int-roxy-purgeid: 79034942
x-ms-request-id: 0b078d97-101e-0028-78e6-4b4f73000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 11 Dec 2024 12:34:17 GMT

GET
H2 200 ifo0f39r58 Show response
www.clarity.ms/tag/ 915 B
1 KB 186ms
165ms Script
application/x-javascript 2620:1ec:bdf::46
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/ifo0f39r58?ref=gtm2
Requested by: Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 861bebb8eadcc542bea1b815d3880d76f018ec57dcdc4edf426a7a3e5477aad6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 915
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: application/x-javascript
x-azure-ref: 20241218T121023Z-15fd77bf5844f5vvhC1TYO3nts00000005x0000000017hf0

GET 7cHqv4kjgoGqM7E3_-gs51os.woff2
www.viva.co.id/asset-viva/responsive-web/fonts/barlow/ 0
0

GET 7cHqv4kjgoGqM7E3t-4s51os.woff2
www.viva.co.id/asset-viva/responsive-web/fonts/barlow/ 0
0

GET 7cHqv4kjgoGqM7E3j-ws51os.woff2
www.viva.co.id/asset-viva/responsive-web/fonts/barlow/ 0
0

GET
H3 200 logo.webp
www.viva.co.id/asset-viva/responsive-web/img/ 5 KB
5 KB 22ms
20ms Image
image/webp 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/logo.webp?v=2.85

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8d673259d0bfc678aacef4e63f8ea06ec4b8694faa22927ec51e4a79ee5976c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

cf-cache-status: HIT
etag: "6760ee99-12c4"
age: 78422
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: image/webp
last-modified: Tue, 17 Dec 2024 03:23:05 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8f3f0ca84c925bfa-NRT
accept-ranges: bytes
content-length: 4804
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 rancak.css
www.viva.co.id/asset-viva/responsive-web/css/ 12 KB
4 KB 48ms
26ms Stylesheet
text/css 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/rancak.css?v=2.85

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e893d5c40cffe5bee397cb116e53a3ad2d29c6446343023f18fe15b6a2a99591

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6760ee99-3030"
age: 101621
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:22 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2024 03:23:05 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8f3f0ca4d9a15bfa-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 84ms
17ms Script
text/javascript 2404:6800:400a:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80c::200a Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

content-encoding: gzip
age: 399762
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Sat, 13 Dec 2025 21:07:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Dec 2024 21:07:40 GMT
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31017
x-xss-protection: 0
server: sffe

GET
H3 200 detail.css
www.viva.co.id/asset-viva/responsive-web/css/ 9 KB
2 KB 51ms
30ms Stylesheet
text/css 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/detail.css?v=2.85

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7966671af6c472e1dc31dcc00fe3ca2540abe73ae35dd5c6c32114277baaba59

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6760ee99-2243"
age: 101621
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:22 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2024 03:23:05 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8f3f0ca4d99d5bfa-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 papibolaslotlogin10.jpg
i.ibb.co/8YhvsC5/ 127 KB
127 KB 663ms
149ms Image
image/jpeg 104.194.8.184
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/8YhvsC5/papibolaslotlogin10.jpg
Requested by: Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.194.8.184 Los Angeles, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 889a78e9b350a89343138edfa9aa29aae42eb2db57c94da5d3c039c5d4eba55e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

cache-control: max-age=315360000, public
access-control-allow-methods: GET, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 129624
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: image/jpeg
last-modified: Wed, 18 Dec 2024 11:23:47 GMT
server: nginx

GET
H2 200 25756.js Show response
micro.rubiconproject.com/prebid/dynamic/ 375 KB
120 KB 30ms
12ms Script
text/javascript 23.215.255.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://micro.rubiconproject.com/prebid/dynamic/25756.js
Requested by: Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.255.183 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-255-183.deploy.static.akamaitechnologies.com
Software: Apache/2.4.62 (Debian) PHP/8.3.13 OpenSSL/3.0.15 /
Resource Hash: c265b510f1b44db4cea0a55eded494459ca6f03eb21f2c939380371a5293b17c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

edge-cache-tag: prod-prebid-25756_catch_all.js
cache-control: public, must-revalidate, max-age=14400
content-encoding: gzip
expires: Thu, 19 Dec 2024 05:33:12 GMT
content-length: 122411
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: text/javascript;charset=UTF-8
vary: accept-encoding, referer
server: Apache/2.4.62 (Debian) PHP/8.3.13 OpenSSL/3.0.15

GET
H2 200 8c8e12aa600a1d6a06ebd1d766597fa36eb01526.js Show response
cdn.izooto.com/scripts/ 2 KB
1 KB 30ms
22ms Script
application/javascript 2606:4700::6810:ff40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/8c8e12aa600a1d6a06ebd1d766597fa36eb01526.js

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ff40 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2af13d01e84f02dbf639ade1e6fe16464763b30660aadb5d89525cd3066c8546

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

cache-control: public, max-age=86400
content-encoding: br
cf-bgj: minify
etag: W/"66436e56-775"
age: 554060
cf-cache-status: HIT
cf-ray: 8f3f0ca84b155eb4-NRT
expires: Thu, 19 Dec 2024 12:10:23 GMT
access-control-allow-origin: *
date: Wed, 18 Dec 2024 12:10:23 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript
last-modified: Tue, 14 May 2024 13:59:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 524861.js Show response
jsc.mgid.com/site/ 1 MB
164 KB 113ms
97ms Script
text/javascript 104.19.132.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/site/524861.js

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.132.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63ef3d7eed2e56372ddec512a09f1b3414125a49579c62eb64177a95eeefbc23

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

x-robots-tag: noindex
access-control-expose-headers: X-cntry
content-encoding: gzip
cf-cache-status: HIT
etag: "65a203c6f9e7ce09bfdcdd963cb5803a"
x-amz-version-id: 9asz1Rijfc7dO.hVmubo2_mgXPboiHq6
expires: Wed, 18 Dec 2024 15:10:23 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: text/javascript
last-modified: Mon, 16 Dec 2024 15:25:22 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-amz-id-2: pQ6OwTlvYEeSO+McEh71+9QHoJnLfmblv5Qx+STbaQwMhpvOcNhf328yp2646y6SIzK9qggJbUw=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=10800
x-cntry: JP
x-amz-request-id: V5KS79DJ3N0DC34G
cf-ray: 8f3f0ca85d55afd5-NRT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 167412
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 jx-Vi266245UOhdV.min.js Show response
scripts.jixie.media/onescript/Vi245MSErQ/ 1 KB
1 KB 82ms
39ms Script
application/javascript 163.181.23.198
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.jixie.media/onescript/Vi245MSErQ/jx-Vi266245UOhdV.min.js
Requested by: Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 163.181.23.198 Tokyo, Japan, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: cc572e35bf38de1f32a49b3c7037db837c19a9f8649fb9de3fe9c96a5a76009e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

content-encoding: gzip
x-amz-version-id: u4g19cPKTAOv2abGDRkuomx8hJT_7hTC
etag: W/"aff8e35d39c07b030ed203ecc466bc53"
age: 1720825
x-cache: HIT TCP_HIT dirn:10:152004690
date: Thu, 28 Nov 2024 14:09:54 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 12 Oct 2024 02:58:39 GMT
x-amz-id-2: RJDgC0FOoXpU6OhvK85149UvDbMUfw6Oh8K3A2adA0gcQ/3LzeelOg6EGEYF2hnMSxxfXfIvopjjHZC5AYYMAE7zskeLeP/aKQ8uHFQJVsc=
x-swift-cachetime: 2591201
timing-allow-origin: *
x-amz-meta-x-amz-meta-createdat: 2024-07-12T05:03:10Z
via: cache27.l2sg5[0,0,304-0,H], cache14.l2sg5[1,0], cache14.l2sg5[2,0], ens-cache11.jp7[0,0,200-0,H], ens-cache13.jp7[30,0]
x-amz-request-id: NW399CSVAX5JWXYF
x-amz-meta-x-amz-meta-updatedat: 2024-10-12T02:58:37Z
x-swift-savetime: Thu, 28 Nov 2024 14:23:17 GMT
ali-swift-global-savetime: 1732802998
eagleid: a3b517a117345238234523046e
server: Tengine
x-amz-server-side-encryption: AES256

GET
H2 200 jxpublisher_3_1.nb.min.js Show response
scripts.jixie.media/ 35 KB
13 KB 56ms
13ms Script
application/javascript 163.181.23.198
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.jixie.media/jxpublisher_3_1.nb.min.js
Requested by: Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 163.181.23.198 Tokyo, Japan, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 30116cde2669653a67274caf3afa4717fa7074aa6c8b9db7f4048723f98f2b38

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

content-encoding: gzip
x-amz-version-id: XkLoLRVZuw94llsLDRBcL0dh9FTp86P6
etag: W/"208c0ac544a4016f812d8e59885335c1"
age: 46412
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
date: Tue, 17 Dec 2024 23:16:50 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sun, 17 Nov 2024 23:14:50 GMT
x-amz-id-2: jjjSaVMVgyLjJQEro1pHDx9HRTgvMsDyONkygSGvNZ/54s0RrrhRA2tSah8GfTu7DdZIDaitYej3Kjzjo1gO3PrD5TSEEdbA4/oulwCj3nQ=
x-swift-cachetime: 2591914
timing-allow-origin: *
via: cache3.l2sg5[0,0,304-0,H], cache40.l2sg5[1,0], cache40.l2sg5[1,0], ens-cache15.jp7[0,0,200-0,H], ens-cache13.jp7[5,0]
x-amz-request-id: G0YNJAGN9DZTNV3H
ali-swift-global-savetime: 1734477411
x-swift-savetime: Tue, 17 Dec 2024 23:18:17 GMT
eagleid: a3b517a117345238234523051e
server: Tengine
x-amz-server-side-encryption: AES256

GET
H2 200 cookie.js Show response
geo.dailymotion.com/ 39 B
306 B 569ms
131ms Script
application/javascript 3.6.136.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.dailymotion.com/cookie.js

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.6.136.140 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-6-136-140.ap-south-1.compute.amazonaws.com

Software

Resource Hash

1cd9396d5168a107731760e10db796f6a7aa3d24ca386e6895cbdac7abf052cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
link: <https://static-origin.dmcdn.net>; rel="preconnect"; crossorigin, <https://www.dailymotion.com>; rel="preconnect"; crossorigin
cache-control: no-cache, no-store
content-encoding: br
content-length: 28
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: application/javascript; charset=utf-8

GET
H3 200 rancak-desktop.css
www.viva.co.id/asset-viva/responsive-web/css/ 5 KB
2 KB 43ms
23ms Stylesheet
text/css 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/rancak-desktop.css?v=2.85

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f00b08538614510d41fec3872c91947a76ab417c7e40bf352df2392d544d1841

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6760ee99-121f"
age: 101621
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:22 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2024 03:23:05 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8f3f0ca4d99f5bfa-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 icon-profile-small.jpg
www.viva.co.id/asset-viva/responsive-web/img/ 558 B
874 B 23ms
23ms Image
image/jpeg 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/icon-profile-small.jpg?v=2.85

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

679200d4f85b43c2bb416009d7af328f911bf6f55ec077baea8c2a5e7fb166bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "6760ee99-254"
age: 78421
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
cf-polished: origSize=596
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:22 GMT
content-type: image/jpeg
last-modified: Tue, 17 Dec 2024 03:23:05 GMT
vary: Accept-Encoding
priority: u=2,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8f3f0ca4f9c45bfa-NRT
accept-ranges: bytes
content-length: 558
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 portalpilkada-logo.png
www.viva.co.id/asset-viva/responsive-web/img/ 14 KB
15 KB 42ms
38ms Image
image/webp 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/portalpilkada-logo.png?v=2.85

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57791b16a202f661684de6f2653dcdbc564caa178d9bfcc3d8555118b6269760

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "6760ee99-9755"
age: 78421
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
cf-polished: origFmt=png, origSize=38741
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: image/webp
content-disposition: inline; filename="portalpilkada-logo.webp"
vary: Accept
last-modified: Tue, 17 Dec 2024 03:23:05 GMT
priority: u=3,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8f3f0ca84c985bfa-NRT
accept-ranges: bytes
content-length: 14552
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 indonesia-maju.svg
www.viva.co.id/asset-viva/responsive-web/img/ 158 KB
119 KB 33ms
28ms Image
image/svg+xml 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/indonesia-maju.svg?v=2.85

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e3242e4d38c7e2679cb0b2c107a03be5bcaefbc6a12df662d9cda1e182600dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6760ee99-277e3"
age: 78421
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: image/svg+xml
last-modified: Tue, 17 Dec 2024 03:23:05 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8f3f0ca84c9a5bfa-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 logo-kemnaker.png
www.viva.co.id/asset-viva/responsive-web/img/ 9 KB
9 KB 25ms
20ms Image
image/webp 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/logo-kemnaker.png?v=2.85

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d50241eb01f1a558d4291b0a3b576a2904fe8f6add1599a4c9172ab8897c1033

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "6760ee99-440b"
age: 78421
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
cf-polished: origFmt=png, origSize=17419
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: image/webp
content-disposition: inline; filename="logo-kemnaker.webp"
vary: Accept
last-modified: Tue, 17 Dec 2024 03:23:05 GMT
priority: u=3,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8f3f0ca84c9b5bfa-NRT
accept-ranges: bytes
content-length: 9138
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 logo-pupr.png
www.viva.co.id/asset-viva/responsive-web/img/ 5 KB
5 KB 23ms
17ms Image
image/webp 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/logo-pupr.png?v=2.85

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c42526f8a9ad1fd7555b693e73b0e257d10244f41fa34303b47db3c5d8ef8d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "6760ee99-1d76"
age: 78421
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
cf-polished: origFmt=png, origSize=7542
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: image/webp
content-disposition: inline; filename="logo-pupr.webp"
vary: Accept
last-modified: Tue, 17 Dec 2024 03:23:05 GMT
priority: u=3,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8f3f0ca84c9c5bfa-NRT
accept-ranges: bytes
content-length: 5254
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 logo-viu.png
www.viva.co.id/asset-viva/responsive-web/img/ 2 KB
2 KB 35ms
30ms Image
image/webp 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/logo-viu.png?v=2.85

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5fdf55811d35f693f9b36cb154943ebed52a607dba3e47b7841092d3c2ac92a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "6760ee99-af0"
age: 78421
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
cf-polished: origFmt=png, origSize=2800
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: image/webp
content-disposition: inline; filename="logo-viu.webp"
vary: Accept
last-modified: Tue, 17 Dec 2024 03:23:05 GMT
priority: u=3,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8f3f0ca84c9d5bfa-NRT
accept-ranges: bytes
content-length: 1634
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 logo-siapa.svg
www.viva.co.id/asset-viva/responsive-web/img/ 5 KB
2 KB 31ms
25ms Image
image/svg+xml 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/logo-siapa.svg?v=2.85

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4dd9a4397ee301f4bf6edf04482a581c583536b2d1fa82dc70600598b4755f10

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6760ee99-1220"
age: 78421
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: image/svg+xml
last-modified: Tue, 17 Dec 2024 03:23:05 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8f3f0ca84c9f5bfa-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 nextpage.svg
www.viva.co.id/asset-viva/responsive-web/img/ 6 KB
2 KB 39ms
34ms Image
image/svg+xml 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/nextpage.svg?v=2.85

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93a76af5cb87f5216b1fa248250798c37db8e30dfe25631ac4dd92180c763fbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6760ee99-169b"
age: 75541
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: image/svg+xml
last-modified: Tue, 17 Dec 2024 03:23:05 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8f3f0ca84ca05bfa-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 izooto.js Show response
cdn.izooto.com/scripts/sdk/ 368 KB
92 KB 47ms
31ms Script
application/javascript 2606:4700::6810:ff40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sdk/izooto.js

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ff40 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88d6c42edae71124c03eedce57b1b7c32148ff1aca77bab22175ab7323726519

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

cache-control: public, max-age=1382400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"675a8fe9-5c0c7"
age: 535455
cf-ray: 8f3f0ca53fa25eb4-NRT
expires: Fri, 03 Jan 2025 12:10:22 GMT
access-control-allow-origin: *
date: Wed, 18 Dec 2024 12:10:22 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript
last-modified: Thu, 12 Dec 2024 07:25:29 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 widget-vlix.css
www.viva.co.id/asset-viva/responsive-web/css/ 1 KB
865 B 22ms
22ms Stylesheet
text/css 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/widget-vlix.css?v=2.85

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffac4899fc5c42bba17d1c421df980b836c1c53872104c7438258b4e4fb5374a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6760ee99-4ae"
age: 75541
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:22 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2024 03:23:05 GMT
vary: Accept-Encoding
priority: u=2,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8f3f0ca58a3e5bfa-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 logo-vivacoid.png
www.viva.co.id/asset-viva/responsive-web/img/ 3 KB
4 KB 40ms
34ms Image
image/webp 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/logo-vivacoid.png?v=2.85

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3723dbd5db50ef5b2304a07b2012f7af1259d813f30c29714ef6fe4781e7a531

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "6760ee99-10fc"
age: 78421
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
cf-polished: origFmt=png, origSize=4348
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: image/webp
content-disposition: inline; filename="logo-vivacoid.webp"
vary: Accept
last-modified: Tue, 17 Dec 2024 03:23:05 GMT
priority: u=3,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8f3f0ca84ca15bfa-NRT
accept-ranges: bytes
content-length: 3518
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 logo-vlix.png
www.viva.co.id/asset-viva/responsive-web/img/ 15 KB
15 KB 40ms
35ms Image
image/webp 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/logo-vlix.png?v=2.85

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52aba0a0ae3870e9dfb83eb4017c1b2eaa853dea094e9961cb99d0e1a188bc2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "6760ee99-99c9"
age: 78421
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
cf-polished: origFmt=png, origSize=39369
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: image/webp
content-disposition: inline; filename="logo-vlix.webp"
vary: Accept
last-modified: Tue, 17 Dec 2024 03:23:05 GMT
priority: u=3,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8f3f0ca84ca25bfa-NRT
accept-ranges: bytes
content-length: 15234
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 tvone.png
www.viva.co.id/asset-viva/responsive-web/img/ 2 KB
3 KB 41ms
36ms Image
image/webp 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/tvone.png?v=2.85

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b8e6dbb3d4656f18c5b50c7da8f863ce8677bcf66ef7e4032178e4f90c603a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "6760ee99-b3f"
age: 78421
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
cf-polished: origFmt=png, origSize=2879
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: image/webp
content-disposition: inline; filename="tvone.webp"
vary: Accept
last-modified: Tue, 17 Dec 2024 03:23:05 GMT
priority: u=3,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8f3f0ca84ca35bfa-NRT
accept-ranges: bytes
content-length: 2450
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 logo-antvklik.png
www.viva.co.id/asset-viva/responsive-web/img/ 2 KB
3 KB 31ms
26ms Image
image/webp 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/logo-antvklik.png?v=2.85

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7762cdba021a747f751b3e765df1828eebbaa96b5c7fd6b950bd39ee582c363

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "6760ee99-eb6"
age: 78421
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
cf-polished: origFmt=png, origSize=3766
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: image/webp
content-disposition: inline; filename="logo-antvklik.webp"
vary: Accept
last-modified: Tue, 17 Dec 2024 03:23:05 GMT
priority: u=3,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8f3f0ca84ca45bfa-NRT
accept-ranges: bytes
content-length: 2298
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 logo-intipseleb.png
www.viva.co.id/asset-viva/responsive-web/img/ 3 KB
3 KB 24ms
19ms Image
image/webp 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/logo-intipseleb.png?v=2.85

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d86937a158a8feae1eb3e3a71f66e16c245f74467b765464b1b782a290687f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "6760ee99-bb9"
age: 78421
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
cf-polished: origFmt=png, origSize=3001
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: image/webp
content-disposition: inline; filename="logo-intipseleb.webp"
vary: Accept
last-modified: Tue, 17 Dec 2024 03:23:05 GMT
priority: u=3,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8f3f0ca84ca65bfa-NRT
accept-ranges: bytes
content-length: 2636
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 logo-jagodangdut.png
www.viva.co.id/asset-viva/responsive-web/img/ 2 KB
3 KB 35ms
30ms Image
image/webp 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.viva.co.id/asset-viva/responsive-web/img/logo-jagodangdut.png?v=2.85

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8cd0945166d683e390b543c8c5c8ecce33f7119ff5835bc2446b36bd10b74a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "6760ee99-bd9"
age: 78421
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
cf-polished: origFmt=png, origSize=3033
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: image/webp
content-disposition: inline; filename="logo-jagodangdut.webp"
vary: Accept
last-modified: Tue, 17 Dec 2024 03:23:05 GMT
priority: u=3,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8f3f0ca84ca75bfa-NRT
accept-ranges: bytes
content-length: 2438
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 lazysizes.min.js Show response
www.viva.co.id/asset-viva/responsive-web/js/ 8 KB
4 KB 30ms
25ms Script
application/javascript 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/js/lazysizes.min.js?v=2.85

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9b0999f439d6fc07e37171f45a1cef5a75c419dcfcc28321ec6f2ce12011b07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6760ee99-1ebb"
age: 78421
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2024 03:23:05 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8f3f0ca84cab5bfa-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 base.js Show response
www.viva.co.id/asset-viva/responsive-web/js/ 4 KB
1 KB 31ms
26ms Script
application/javascript 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/js/base.js?v=2.85

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8eb8d561b2af70e27b34fc94cfdf0bd734ac464fd245267c305c75d5dcbc2c1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6760ee99-118a"
age: 78421
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2024 03:23:05 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8f3f0ca84cac5bfa-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 detail-copy.js Show response
www.viva.co.id/asset-viva/responsive-web/js/ 711 B
701 B 41ms
37ms Script
application/javascript 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/js/detail-copy.js?v=2.85

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b5c8da3805d9d11c3d3c7bfe3aa7906285fdb7ef1a7f18a11ed5953e6baa66a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6760ee99-2c7"
age: 78421
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2024 03:23:05 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8f3f0ca84cad5bfa-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 cook.php Show response
sso.thevivanetworks.com/ 236 B
870 B 369ms
333ms Script
application/javascript 172.67.135.246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.thevivanetworks.com/cook.php

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.135.246 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbf0af2030686af9c2b66c8db72742c57530aae9b91b7ae8e3700a24e32578b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pvqNQpPRGj%2FZVopH%2FROh8yFFzcGZpJEhbIwdh3I%2FeGihPJl7ZPAfwEpq63mSL48V8OzPa7fopA78EcbJ7ppSP3pOJ7%2BJKh3AgmpUbcLhMgXgfUX3gbVrITszqigb%2BtaORNuYapc6RYfhkg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3433&min_rtt=2757&rtt_var=1253&sent=15&recv=13&lost=0&retrans=0&sent_bytes=4321&recv_bytes=6933&delivery_rate=985&cwnd=12000&unsent_bytes=0&cid=1cc3fe296e4c945b&ts=350&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3f0ca889aa6872-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H/1.1 200
OK uid2-sdk-3.2.0.js Show response
cdn.prod.uidapi.com/ 24 KB
25 KB 25ms
6ms Script
text/javascript 2600:9000:21ee:a00:a:e047:754:f4a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2-sdk-3.2.0.js
Requested by: Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ee:a00:a:e047:754:f4a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a89306d44791afa482b05eca81136304a9b63e0b2be0967b2cda0a3f64af5df0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

x-amz-version-id: Ig1D8Iwz1EDgtYSS0rWi.KiVAlDG_cbj
ETag: "de7d05e12b7d11fa22ad4b16481f1925"
Age: 45680
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: arJ7638CssMCtk1NYxdsoCQkSYIfBb-VLLTTQktprrJeZxSJyz0j0A==
Date: Tue, 17 Dec 2024 23:29:03 GMT
Content-Type: text/javascript
Last-Modified: Mon, 09 Oct 2023 04:44:24 GMT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Via: 1.1 853dab48fd1de187261c15f5b98cd2a0.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 24594
X-Amz-Cf-Pop: NRT20-C4
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 viva-app.js Show response
www.viva.co.id/asset-viva/responsive-web/js/ 2 KB
866 B 29ms
25ms Script
application/javascript 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/js/viva-app.js?v=2.85

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8a1366618012b338623a64297e330fc920a50c59d17776758341ed9e52f13b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6760ee99-919"
age: 78421
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2024 03:23:05 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8f3f0ca84cae5bfa-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 vre-stg.js Show response
data-rengine.viva.co.id/ 698 B
698 B 308ms
298ms Script
application/javascript 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://data-rengine.viva.co.id/vre-stg.js

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f50921b4bb2395bd54fead36e59b0178fa9a670908b62d0dd6c42e93ccd817b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
content-encoding: br
cf-cache-status: HIT
etag: W/"0b09d2a3e5a06a0bc8ef506b0c8c1362"
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: application/javascript
x-obs-request-id: 00000193D2B39177B019B86827B24793
vary: Accept-Encoding
last-modified: Fri, 01 Mar 2024 07:49:06 GMT
priority: u=3,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=300
cf-ray: 8f3f0ca85cb15bfa-NRT
server: cloudflare

GET
H3 200 footer-style.css
www.viva.co.id/asset-viva/responsive-web/css/ 2 KB
959 B 20ms
20ms Stylesheet
text/css 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/footer-style.css?v=2.85

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68eddbbff991ffd69e34b13be4778876b1d62ba4be4d0a6b46816e7691b75132

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6760ee99-6da"
age: 78420
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2024 03:23:05 GMT
vary: Accept-Encoding
priority: u=2,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8f3f0ca5aa695bfa-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 color-light.css
www.viva.co.id/asset-viva/responsive-web/css/ 3 KB
1 KB 19ms
18ms Stylesheet
text/css 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/color-light.css?v=2.85

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb797f6a1bf5afea405b836d26ed891f66331cd929db748fd6590f31c9646a27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6760ee99-c01"
age: 78421
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2024 03:23:05 GMT
vary: Accept-Encoding
priority: u=2,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8f3f0ca5ca915bfa-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 color-light-desktop.css
www.viva.co.id/asset-viva/responsive-web/css/ 357 B
511 B 24ms
24ms Stylesheet
text/css 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/color-light-desktop.css?v=2.85

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcd770e2cb9546ed1ab2b570a67ce45ba388bee12ab2f031c1824353cbefd3e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6760ee99-165"
age: 78421
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2024 03:23:05 GMT
vary: Accept-Encoding
priority: u=2,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8f3f0ca5eaaa5bfa-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 color-dark.css
www.viva.co.id/asset-viva/responsive-web/css/ 3 KB
1 KB 18ms
18ms Stylesheet
text/css 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/color-dark.css?v=2.85

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb8a18c337c3710d459aef28c0d4942069eab765bf4fe8e5f0e3a8a9530c97fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6760ee99-d9a"
age: 78421
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2024 03:23:05 GMT
vary: Accept-Encoding
priority: u=2,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8f3f0ca60ac75bfa-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 color-dark-desktop.css
www.viva.co.id/asset-viva/responsive-web/css/ 401 B
522 B 29ms
29ms Stylesheet
text/css 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/color-dark-desktop.css?v=2.85

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

083c6b672b316f3a046bde98a0c176f0cb3584534b3e74904cb32b0ca1f226df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6760ee99-191"
age: 78421
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2024 03:23:05 GMT
vary: Accept-Encoding
priority: u=2,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8f3f0ca62ae75bfa-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 hold.css
www.viva.co.id/asset-viva/responsive-web/css/ 22 KB
5 KB 20ms
20ms Stylesheet
text/css 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/hold.css?v=2.85

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5bbb3c17ffb7194605029b236250ec85a0d0c17c52ba912e1756b4d4e108477

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6760ee99-59f3"
age: 78421
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2024 03:23:05 GMT
vary: Accept-Encoding
priority: u=2,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8f3f0ca65b085bfa-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 hold-desktop.css
www.viva.co.id/asset-viva/responsive-web/css/ 3 KB
1 KB 22ms
21ms Stylesheet
text/css 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/hold-desktop.css?v=2.85

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f6ee0f7bf816084278b1799fbf5a1916cc3054785ea76d7e8c2dde88db44c0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6760ee99-adc"
age: 78421
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2024 03:23:05 GMT
vary: Accept-Encoding
priority: u=2,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8f3f0ca67b295bfa-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 iosfix.css
www.viva.co.id/asset-viva/responsive-web/css/ 182 B
414 B 20ms
20ms Stylesheet
text/css 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/iosfix.css?v=2.85

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c25763c777e259235f4e23bd621cc39dedc55faaeba4444f7d7711cc9da36a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6760ee99-b6"
age: 78421
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2024 03:23:05 GMT
vary: Accept-Encoding
priority: u=2,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8f3f0ca6ab475bfa-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 partner.css
www.viva.co.id/asset-viva/responsive-web/css/ 2 KB
833 B 33ms
32ms Stylesheet
text/css 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/partner.css?v=2.85

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

985496f781954e1985667a898f82e0247faafc3e50e2ff473fed7603e38694aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6760ee99-6ad"
age: 75542
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2024 03:23:05 GMT
vary: Accept-Encoding
priority: u=2,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8f3f0ca6cb605bfa-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 fontawesome5.css
www.viva.co.id/asset-viva/responsive-web/css/ 2 KB
667 B 19ms
19ms Stylesheet
text/css 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/fontawesome5.css?v=2.85

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85fc9d5de7a76ff51e5561182705a1896af5a561fb3b99dfe2f3ceda7707d125

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6760ee99-6c3"
age: 78421
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2024 03:23:05 GMT
vary: Accept-Encoding
priority: u=2,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8f3f0ca6fb9b5bfa-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 sdk.js Show response
connect.facebook.net/en_GB/ 3 KB
2 KB 5ms
4ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

d18b2b9fb51c1a3d34435eb77cd5cd87d4bb4e43d00c51df8d4be8030c5e03fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

content-md5: 68Ub1qYw+SB0+0EBy3MLUg==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "acb8f45d79237b68d5f6669354360120"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Wed, 18 Dec 2024 12:10:49 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=2
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: 28c189fa1ce252975a04976663f39745
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: UNKNOWN; q=-1, rtt=-1, rtx=0, c=20, mss=1232, tbw=1888, tp=5, tpl=0, uplat=0, ullat=-1
x-fb-debug: 8MtnIIcTwp0WVKGJYhhVWR2KgxIMlydHFn6MvtSUWStfXIZ3IM/NnNPIkg33Vlv+ma2EcE291SSzU3HQ+N8fHg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 1688
origin-agent-cluster: ?1

GET
H2 200 x4kuw.js Show response
geo.dailymotion.com/libs/player/ 41 KB
12 KB 186ms
183ms Script
text/javascript 3.6.136.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.dailymotion.com/libs/player/x4kuw.js

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.6.136.140 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-6-136-140.ap-south-1.compute.amazonaws.com

Software

Resource Hash

0983ca3b89695860355a87023ca465ec2392b157a44c2f8b9df306776f34ce71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
link: <https://static-origin.dmcdn.net>; rel="preconnect"; crossorigin, <https://www.dailymotion.com>; rel="preconnect"; crossorigin
cache-control: no-cache, no-store
content-encoding: br
content-length: 12207
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: text/javascript; charset=utf-8

GET
H3 200 hold-mobile.css
www.viva.co.id/asset-viva/responsive-web/css/ 4 KB
1 KB 19ms
19ms Stylesheet
text/css 172.67.21.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.viva.co.id/asset-viva/responsive-web/css/hold-mobile.css?v=2.85

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.21.210 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

918ab98299ed3e657af5f5d5d625f8480d1592ae2bc9d05bc623c5dc27332411

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6760ee99-f27"
age: 78420
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2024 03:23:05 GMT
vary: Accept-Encoding
priority: u=4,i=?0
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=31536000
cf-ray: 8f3f0ca8acea5bfa-NRT
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 iz_setcid.html
cdn.izooto.com/scripts/sak/ Frame 4A3F 0
0 34ms
28ms Document
text/html 2606:4700::6810:8041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8041 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://casino.merylhoffmanmanagement.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 1412243
cache-control: public, max-age=2678400
cf-cache-status: HIT
cf-ray: 8f3f0ca8ede1d528-NRT
content-encoding: br
content-type: text/html
date: Wed, 18 Dec 2024 12:10:23 GMT
expires: Sat, 18 Jan 2025 12:10:23 GMT
last-modified: Tue, 14 May 2024 14:09:56 GMT
server: cloudflare
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET fa-solid-900.woff2
www.viva.co.id/asset-viva/responsive-web/fonts/awesome5/ 0
0

GET 1c62ec8b-21bc-49ca-bd65-d16988ed3952
https://casino.merylhoffmanmanagement.com/ Frame 0
0

GET d980e1e2-23f9-4731-acc1-9409e3e58e26
https://casino.merylhoffmanmanagement.com/ Frame 0
0

GET
BLOB 206
Partial Content 5c0821e2-b949-4ef5-a7b6-3c2d4f1c0968
https://casino.merylhoffmanmanagement.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://casino.merylhoffmanmanagement.com/5c0821e2-b949-4ef5-a7b6-3c2d4f1c0968
Requested by: Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

Content-Type: video/mp4
Content-Range: bytes 0-1492/1493
Content-Length: 1493

GET
H3 200 /
c.mgid.com/pv/ 43 B
236 B 165ms
158ms Image
image/gif 104.19.132.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.mgid.com/pv/?lu=https%3A%2F%2Fcasino.merylhoffmanmanagement.com%2F&cbuster=1734523823629168934000&pvid=193d9ad260da2d21cb3&implVersion=17&cxurl=https%3A%2F%2Fwww.papibola39.com%2F&site=524861&cid=1530068&i=1&scum=%3F0&scuw=%3F0

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.132.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
cf-ray: 8f3f0ca9bf1fafd5-NRT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 43
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: image/gif
server: cloudflare
priority: u=3,i

GET fa-solid-900.woff
www.viva.co.id/asset-viva/responsive-web/fonts/awesome5/ 0
0

POST
H3 200 hit Show response
api-rengine-stg.viva.id/ 7 B
706 B 390ms
319ms XHR
application/json 172.67.68.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-rengine-stg.viva.id/hit

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.68.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://casino.merylhoffmanmanagement.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-expose-headers: Content-Length
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BXfuyBmJwe3YaASMJfljmqXGipCO0jyzGjABlI5hk2LfAPfmrxGVuylaEZdc2ojJcnqCsWEAN8a%2B7nLpl0QAKR3EcAhgph0WQPpxoTUhcdVtTlzdAcrNWB6ogcOxUA2aaZKHcjDYfbRo"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2218&min_rtt=1541&rtt_var=934&sent=13&recv=13&lost=0&retrans=0&sent_bytes=4288&recv_bytes=6203&delivery_rate=977&cwnd=12000&unsent_bytes=0&cid=c5effc3aac652285&ts=330&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 18 Dec 2024 12:10:24 GMT
content-type: application/json
vary: Accept-Encoding
priority: u=1,i
strict-transport-security: max-age=31536000
cache-control: no-cache, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f3f0caaac11f675-NRT
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

POST
H/1.1 200
OK / Show response
pebed.dm-event.net/ 15 B
363 B 1057ms
232ms Fetch
application/json 188.65.124.58
DAILYMOTION Daily...

General

Check archive.org

Show headers Download Go to

Full URL: https://pebed.dm-event.net/
Requested by: Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/libs/player/x4kuw.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.124.58 Paris, France, ASN41690 (DAILYMOTION Dailymotion S.A., FR),
Reverse DNS: ebed1.dm.gg
Software: edward-ed/2.2.1 /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain; charset=UTF-8
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

Access-Control-Max-Age: 604800
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Content-Length: 15
Date: Wed, 18 Dec 2024 12:10:24 GMT
Content-Type: application/json
Server: edward-ed/2.2.1
Access-Control-Allow-Headers: Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration

GET fa-solid-900.ttf
www.viva.co.id/asset-viva/responsive-web/fonts/awesome5/ 0
0

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 23ms
16ms Image
image/svg+xml 104.19.132.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.mgid.com/images/mgid/mgid_ua.svg

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.132.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

x-robots-tag: noindex
content-encoding: br
cf-cache-status: HIT
x-amz-version-id: null
etag: W/"617c205137825561208ef7c1a2d8f319"
age: 4232
expires: Thu, 19 Dec 2024 12:10:23 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: image/svg+xml
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: uOwSaGbj+62KLhCA3yJ3Cheu7naWAfGc/Pe8YerdzrxhsTtsSa8Grr+j+lKWRpRo9BPFGQoI6zE=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=86400
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
x-amz-request-id: 6S2N95EXV4HYDZ0R
cf-ray: 8f3f0caab90dafd5-NRT
access-control-allow-origin: *
server: cloudflare

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1 KB 30ms
23ms Image
image/svg+xml 104.19.132.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.mgid.com/images/logos/Adchoices.svg

Requested by

Host: casino.merylhoffmanmanagement.com
URL: https://casino.merylhoffmanmanagement.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.132.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

x-robots-tag: noindex
content-encoding: br
cf-cache-status: HIT
x-amz-version-id: null
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
age: 4232
expires: Thu, 19 Dec 2024 12:10:23 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: image/svg+xml
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: FSqIoG/7SjYdgpyuCkikt3GTHVS0rEkD1yMTp42slkX1f3xsE3i8IVkTZJoYwC81WIkQn/EZC6yyfTNGhBq/64gZke8EDVi3
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=86400
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
x-amz-request-id: GP53WATKWJC4FD07
cf-ray: 8f3f0caab90aafd5-NRT
access-control-allow-origin: *
server: cloudflare

GET
H3 200 viva.co.id.13.js Show response
js.content-rec.com/ 22 KB
6 KB 37ms
14ms Script
text/javascript 172.67.140.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.content-rec.com/viva.co.id.13.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/site/524861.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.140.193 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db787c2c73ad2f3be8bffc511bae84670c56adf3dfed13bd33c3a03624b365bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "ef68df7838443454af2868fd9a4e03e2"
x-amz-version-id: QwMo9ac5aG6FjytmSA3ujoo6ADHp0Vz0
age: 4135
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R%2Bf1RkN%2F6nBw7hPBKelyhYZR%2BwhoR61wwoMJyOd4SGiZwlfwgRDubdqAxiR7T9KRH5m9sASD3mCHCZxj7NWr5ANZKv2M21SF267YzCWSepsha9GotvSznhlulTuxJdzs96sCsLE%3D"}],"group":"cf-nel","max_age":604800}
traceparent: 00-53a21bfec976204d7276cca67307be1c-edb318bee7d4c9ce-01
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1558&min_rtt=1481&rtt_var=387&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4219&recv_bytes=5591&delivery_rate=392512&cwnd=12000&unsent_bytes=0&cid=c97247b822fde1f0&ts=19&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: text/javascript
last-modified: Fri, 24 Mar 2023 07:10:56 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-amz-id-2: Vvh4W6g+QgQioHB3x/ZqmdYdtpRS3eTVGPqR0w7JGXJULNqGOrjm1LbTIuFQwGynsUfcUr5hatf9pAU/ORxAtg==
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-id: cc1-hw-edge-gc12
x-id-fe: cc1-hw-edge-gc22
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 0BM4DFFY5Z5X1MBW
cf-ray: 8f3f0cab88c0e3b3-NRT
accept-ranges: bytes
content-length: 5337
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 4 Show response
servicer.mgid.com/1530068/ 87 B
338 B 103ms
96ms Script
application/x-javascript 104.19.132.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicer.mgid.com/1530068/4?nocmp=1&scale_metric_1=64.00&scale_metric_2=320.00&scale_metric_3=100.00&w=640&h=438&sz=150x184&szp=1,2,3,4,5,6,7,8&szl=1,2,3,4;5,6,7,8&sessionId=6762bbb0-01142&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fcasino.merylhoffmanmanagement.com%2F&cbuster=1734523823897690414682&pvid=193d9ad260da2d21cb3&implVersion=17&cxurl=https%3A%2F%2Fwww.papibola39.com%2F&scum=%3F0&scuw=%3F0&mp4=1&ap=1&consentStrLen=0&uniqId=142d8&childs=1578445&gptbid=1537450&niet=4g&nisd=false&jsp=head&pv=5&lct=1734362700&jsv=es6&pageView=1&dpr=1&ref=&hashCommit=0a144deb&apt=2024-12-15T07%3A34%3A36%2B07%3A00&tfre=1074

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/site/524861.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.132.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e147a75b08439cda03886851d5de1d5b5d7163b13ae8f638697f2dc4489cf572

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
content-encoding: gzip
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
x-content-type-options: nosniff
cf-ray: 8f3f0cab69e2afd5-NRT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=EE6B5E86AF114E8D881D886D671130BC&RedC=c.clarity.ms&MXFR=24E97D27839F66CB3614687E879F6858
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=EE6B5E86AF114E8D881D886D671130BC&MUID=3BAA4EB406E76F0510495BED077E6E5A

42 B
441 B

19ms
19ms

Image
image/gif

52.231.230.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=EE6B5E86AF114E8D881D886D671130BC&MUID=3BAA4EB406E76F0510495BED077E6E5A
Protocol: H2
Server: 52.231.230.148 Busan, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
etag: "2afd913604adb1:0"
accept-ranges: bytes
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 42
date: Wed, 18 Dec 2024 12:10:23 GMT
content-type: image/gif
last-modified: Mon, 09 Dec 2024 17:30:44 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

Redirect headers

cache-control: private, no-cache, proxy-revalidate, no-store
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=EE6B5E86AF114E8D881D886D671130BC&MUID=3BAA4EB406E76F0510495BED077E6E5A
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 59AC932ED06A4EA0A35CBCB9E311AE8D Ref B: TYO01EDGE2415 Ref C: 2024-12-18T12:10:24Z
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 0
date: Wed, 18 Dec 2024 12:10:23 GMT
x-powered-by: ASP.NET

GET
H2 404 favicon-32x32.png
casino.merylhoffmanmanagement.com/ 280 B
352 B 4ms
3ms Other
text/html 4.216.196.15
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://casino.merylhoffmanmanagement.com/favicon-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 4.216.196.15 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 7c5fcad9d5e273d0971ca85134ec490adb093039115499b171239f40383ca2f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

content-length: 280
date: Wed, 18 Dec 2024 12:10:24 GMT
content-type: text/html; charset=iso-8859-1
server: Apache

GET
H2 404 favicon-16x16.png
casino.merylhoffmanmanagement.com/ 280 B
307 B 3ms
3ms Other
text/html 4.216.196.15
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://casino.merylhoffmanmanagement.com/favicon-16x16.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 4.216.196.15 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 7c5fcad9d5e273d0971ca85134ec490adb093039115499b171239f40383ca2f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

content-length: 280
date: Wed, 18 Dec 2024 12:10:24 GMT
content-type: text/html; charset=iso-8859-1
server: Apache

GET
H2 404 favicon-48x48.png
casino.merylhoffmanmanagement.com/ 280 B
307 B 3ms
3ms Other
text/html 4.216.196.15
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://casino.merylhoffmanmanagement.com/favicon-48x48.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 4.216.196.15 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 7c5fcad9d5e273d0971ca85134ec490adb093039115499b171239f40383ca2f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

content-length: 280
date: Wed, 18 Dec 2024 12:10:24 GMT
content-type: text/html; charset=iso-8859-1
server: Apache

GET
H2 404 favicon-96x96.png
casino.merylhoffmanmanagement.com/ 280 B
307 B 5ms
4ms Other
text/html 4.216.196.15
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://casino.merylhoffmanmanagement.com/favicon-96x96.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 4.216.196.15 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 7c5fcad9d5e273d0971ca85134ec490adb093039115499b171239f40383ca2f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

content-length: 280
date: Wed, 18 Dec 2024 12:10:24 GMT
content-type: text/html; charset=iso-8859-1
server: Apache

GET
H2 404 favicon-144x144.png
casino.merylhoffmanmanagement.com/ 280 B
307 B 4ms
4ms Other
text/html 4.216.196.15
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://casino.merylhoffmanmanagement.com/favicon-144x144.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 4.216.196.15 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 7c5fcad9d5e273d0971ca85134ec490adb093039115499b171239f40383ca2f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

content-length: 280
date: Wed, 18 Dec 2024 12:10:24 GMT
content-type: text/html; charset=iso-8859-1
server: Apache

GET
H2 404 favicon-192x192.png
casino.merylhoffmanmanagement.com/ 280 B
307 B 4ms
4ms Other
text/html 4.216.196.15
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://casino.merylhoffmanmanagement.com/favicon-192x192.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 4.216.196.15 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 7c5fcad9d5e273d0971ca85134ec490adb093039115499b171239f40383ca2f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://casino.merylhoffmanmanagement.com/

Response headers

content-length: 280
date: Wed, 18 Dec 2024 12:10:24 GMT
content-type: text/html; charset=iso-8859-1
server: Apache

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.viva.co.id
URL: https://www.viva.co.id/asset-viva/responsive-web/fonts/barlow/7cHqv4kjgoGqM7E3_-gs51os.woff2?v=2.85

Domain: www.viva.co.id
URL: https://www.viva.co.id/asset-viva/responsive-web/fonts/barlow/7cHqv4kjgoGqM7E3t-4s51os.woff2?v=2.85

Domain: www.viva.co.id
URL: https://www.viva.co.id/asset-viva/responsive-web/fonts/barlow/7cHqv4kjgoGqM7E3j-ws51os.woff2?v=2.85

Domain: www.viva.co.id
URL: https://www.viva.co.id/asset-viva/responsive-web/fonts/awesome5/fa-solid-900.woff2

Domain: casino.merylhoffmanmanagement.com
URL: blob:https://casino.merylhoffmanmanagement.com/1c62ec8b-21bc-49ca-bd65-d16988ed3952

Domain: casino.merylhoffmanmanagement.com
URL: blob:https://casino.merylhoffmanmanagement.com/d980e1e2-23f9-4731-acc1-9409e3e58e26

Domain: www.viva.co.id
URL: https://www.viva.co.id/asset-viva/responsive-web/fonts/awesome5/fa-solid-900.woff

Domain: www.viva.co.id
URL: https://www.viva.co.id/asset-viva/responsive-web/fonts/awesome5/fa-solid-900.ttf

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mgid.com/	1970-01-21 01:48:45	Name: __cf_bm Value: L9mFs55su5z0rjQXel08Ewq22LASAccXRbpUFW5fgjk-1734523823-1.0.1.1-IwFMttYCFJw7JeiVczzFGxSEASCAluCO.44YGHBre9MyE__4FmKmGRQe_aWHzM3qTSgzvLfKw7fDuQuYIEGp7g
.izooto.com/	1970-01-21 11:24:43	Name: IZCID Value: 69b0111a-5987-43c5-9fa5-04feaeb79a26
www.clarity.ms/	1970-01-21 10:34:19	Name: CLID Value: b2809b4846ee4ca4ac62f520136f219a.20241218.20251218
.dailymotion.com/	1970-01-21 11:17:31	Name: ts Value: 478207
.dailymotion.com/	1970-01-21 11:17:31	Name: v1st Value: b6db92f0-e5f7-9145-6909-7bf7c6aec55a
.dailymotion.com/	1969-12-31 23:59:59	Name: _TEST_ Value: 1
casino.merylhoffmanmanagement.com/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%7D
.bing.com/	1970-01-21 11:10:19	Name: MUID Value: 3BAA4EB406E76F0510495BED077E6E5A
.c.bing.com/	1970-01-21 01:58:48	Name: MR Value: 0
.c.bing.com/	1970-01-21 11:10:19	Name: SRM_B Value: 3BAA4EB406E76F0510495BED077E6E5A
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 11:10:19	Name: MUID Value: 3BAA4EB406E76F0510495BED077E6E5A
.c.clarity.ms/	1970-01-21 01:58:48	Name: MR Value: 0
.c.clarity.ms/	1970-01-21 01:48:44	Name: ANONCHK Value: 0

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://casino.merylhoffmanmanagement.com/ Message: Access to font at 'https://www.viva.co.id/asset-viva/responsive-web/fonts/barlow/7cHqv4kjgoGqM7E3j-ws51os.woff2?v=2.85' from origin 'https://casino.merylhoffmanmanagement.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.viva.co.id/asset-viva/responsive-web/fonts/barlow/7cHqv4kjgoGqM7E3j-ws51os.woff2?v=2.85 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://casino.merylhoffmanmanagement.com/ Message: Access to font at 'https://www.viva.co.id/asset-viva/responsive-web/fonts/barlow/7cHqv4kjgoGqM7E3_-gs51os.woff2?v=2.85' from origin 'https://casino.merylhoffmanmanagement.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.viva.co.id/asset-viva/responsive-web/fonts/barlow/7cHqv4kjgoGqM7E3_-gs51os.woff2?v=2.85 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://casino.merylhoffmanmanagement.com/ Message: Access to font at 'https://www.viva.co.id/asset-viva/responsive-web/fonts/barlow/7cHqv4kjgoGqM7E3t-4s51os.woff2?v=2.85' from origin 'https://casino.merylhoffmanmanagement.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.viva.co.id/asset-viva/responsive-web/fonts/barlow/7cHqv4kjgoGqM7E3t-4s51os.woff2?v=2.85 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://casino.merylhoffmanmanagement.com/ Message: Access to font at 'https://www.viva.co.id/asset-viva/responsive-web/fonts/awesome5/fa-solid-900.woff2' from origin 'https://casino.merylhoffmanmanagement.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.viva.co.id/asset-viva/responsive-web/fonts/awesome5/fa-solid-900.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://casino.merylhoffmanmanagement.com/ Message: Access to font at 'https://www.viva.co.id/asset-viva/responsive-web/fonts/awesome5/fa-solid-900.woff' from origin 'https://casino.merylhoffmanmanagement.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.viva.co.id/asset-viva/responsive-web/fonts/awesome5/fa-solid-900.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://casino.merylhoffmanmanagement.com/ Message: Access to font at 'https://www.viva.co.id/asset-viva/responsive-web/fonts/awesome5/fa-solid-900.ttf' from origin 'https://casino.merylhoffmanmanagement.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.viva.co.id/asset-viva/responsive-web/fonts/awesome5/fa-solid-900.ttf Message: Failed to load resource: net::ERR_FAILED
rendering	warning	URL: https://casino.merylhoffmanmanagement.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0E01C00142C0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network	error	URL: https://casino.merylhoffmanmanagement.com/favicon-32x32.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://casino.merylhoffmanmanagement.com/favicon-16x16.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://casino.merylhoffmanmanagement.com/favicon-48x48.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://casino.merylhoffmanmanagement.com/favicon-96x96.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://casino.merylhoffmanmanagement.com/favicon-144x144.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://casino.merylhoffmanmanagement.com/favicon-192x192.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api-rengine-stg.viva.id
c.bing.com
c.clarity.ms
c.mgid.com
casino.merylhoffmanmanagement.com
cdn.izooto.com
cdn.mgid.com
cdn.prod.uidapi.com
connect.facebook.net
data-rengine.viva.co.id
geo.dailymotion.com
i.ibb.co
js.content-rec.com
jsc.mgid.com
micro.rubiconproject.com
pebed.dm-event.net
sb.scorecardresearch.com
scripts.jixie.media
servicer.mgid.com
sso.thevivanetworks.com
www.clarity.ms
www.viva.co.id
casino.merylhoffmanmanagement.com
www.viva.co.id
104.19.132.76
104.194.8.184
163.181.23.198
172.67.135.246
172.67.140.193
172.67.21.210
172.67.68.240
188.65.124.58
23.215.255.183
2404:6800:400a:80c::200a
2600:9000:21ee:a00:a:e047:754:f4a1
2606:4700::6810:8041
2606:4700::6810:ff40
2620:1ec:bdf::46
2620:1ec:c11::237
3.169.5.70
3.6.136.140
31.13.82.7
4.216.196.15
52.231.230.148
083c6b672b316f3a046bde98a0c176f0cb3584534b3e74904cb32b0ca1f226df
0983ca3b89695860355a87023ca465ec2392b157a44c2f8b9df306776f34ce71
1b8e6dbb3d4656f18c5b50c7da8f863ce8677bcf66ef7e4032178e4f90c603a9
1cd9396d5168a107731760e10db796f6a7aa3d24ca386e6895cbdac7abf052cf
2af13d01e84f02dbf639ade1e6fe16464763b30660aadb5d89525cd3066c8546
30116cde2669653a67274caf3afa4717fa7074aa6c8b9db7f4048723f98f2b38
3723dbd5db50ef5b2304a07b2012f7af1259d813f30c29714ef6fe4781e7a531
4c25763c777e259235f4e23bd621cc39dedc55faaeba4444f7d7711cc9da36a2
4c42526f8a9ad1fd7555b693e73b0e257d10244f41fa34303b47db3c5d8ef8d9
4dd9a4397ee301f4bf6edf04482a581c583536b2d1fa82dc70600598b4755f10
4f6ee0f7bf816084278b1799fbf5a1916cc3054785ea76d7e8c2dde88db44c0e
52aba0a0ae3870e9dfb83eb4017c1b2eaa853dea094e9961cb99d0e1a188bc2e
57791b16a202f661684de6f2653dcdbc564caa178d9bfcc3d8555118b6269760
5b5c8da3805d9d11c3d3c7bfe3aa7906285fdb7ef1a7f18a11ed5953e6baa66a
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
63ef3d7eed2e56372ddec512a09f1b3414125a49579c62eb64177a95eeefbc23
679200d4f85b43c2bb416009d7af328f911bf6f55ec077baea8c2a5e7fb166bf
68eddbbff991ffd69e34b13be4778876b1d62ba4be4d0a6b46816e7691b75132
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
7966671af6c472e1dc31dcc00fe3ca2540abe73ae35dd5c6c32114277baaba59
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7c5fcad9d5e273d0971ca85134ec490adb093039115499b171239f40383ca2f7
7d86937a158a8feae1eb3e3a71f66e16c245f74467b765464b1b782a290687f7
85fc9d5de7a76ff51e5561182705a1896af5a561fb3b99dfe2f3ceda7707d125
861bebb8eadcc542bea1b815d3880d76f018ec57dcdc4edf426a7a3e5477aad6
889a78e9b350a89343138edfa9aa29aae42eb2db57c94da5d3c039c5d4eba55e
88d6c42edae71124c03eedce57b1b7c32148ff1aca77bab22175ab7323726519
8e3242e4d38c7e2679cb0b2c107a03be5bcaefbc6a12df662d9cda1e182600dc
8eb8d561b2af70e27b34fc94cfdf0bd734ac464fd245267c305c75d5dcbc2c1d
918ab98299ed3e657af5f5d5d625f8480d1592ae2bc9d05bc623c5dc27332411
93a76af5cb87f5216b1fa248250798c37db8e30dfe25631ac4dd92180c763fbf
985496f781954e1985667a898f82e0247faafc3e50e2ff473fed7603e38694aa
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a740fef95eb0da3925d3c61b46e958b464091c202b77a8b7dae1f02a88f8928d
a89306d44791afa482b05eca81136304a9b63e0b2be0967b2cda0a3f64af5df0
a9b0999f439d6fc07e37171f45a1cef5a75c419dcfcc28321ec6f2ce12011b07
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
afa07a5e4910d3b1c4f8dece00f072fbebf70bfb4f4b071b2c3df6df4daa613f
b5bbb3c17ffb7194605029b236250ec85a0d0c17c52ba912e1756b4d4e108477
b8d673259d0bfc678aacef4e63f8ea06ec4b8694faa22927ec51e4a79ee5976c
c265b510f1b44db4cea0a55eded494459ca6f03eb21f2c939380371a5293b17c
c8cd0945166d683e390b543c8c5c8ecce33f7119ff5835bc2446b36bd10b74a6
cc572e35bf38de1f32a49b3c7037db837c19a9f8649fb9de3fe9c96a5a76009e
d18b2b9fb51c1a3d34435eb77cd5cd87d4bb4e43d00c51df8d4be8030c5e03fe
d50241eb01f1a558d4291b0a3b576a2904fe8f6add1599a4c9172ab8897c1033
db787c2c73ad2f3be8bffc511bae84670c56adf3dfed13bd33c3a03624b365bc
e147a75b08439cda03886851d5de1d5b5d7163b13ae8f638697f2dc4489cf572
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57f584dc164284e3994776f7ddd7de42d54921a30f096ca971f676b2f5942c7
e5fdf55811d35f693f9b36cb154943ebed52a607dba3e47b7841092d3c2ac92a
e893d5c40cffe5bee397cb116e53a3ad2d29c6446343023f18fe15b6a2a99591
e8a1366618012b338623a64297e330fc920a50c59d17776758341ed9e52f13b3
eb8a18c337c3710d459aef28c0d4942069eab765bf4fe8e5f0e3a8a9530c97fc
f00b08538614510d41fec3872c91947a76ab417c7e40bf352df2392d544d1841
f50921b4bb2395bd54fead36e59b0178fa9a670908b62d0dd6c42e93ccd817b8
f7762cdba021a747f751b3e765df1828eebbaa96b5c7fd6b950bd39ee582c363
fb797f6a1bf5afea405b836d26ed891f66331cd929db748fd6590f31c9646a27
fbf0af2030686af9c2b66c8db72742c57530aae9b91b7ae8e3700a24e32578b0
fcd770e2cb9546ed1ab2b570a67ce45ba388bee12ab2f031c1824353cbefd3e1
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffac4899fc5c42bba17d1c421df980b836c1c53872104c7438258b4e4fb5374a

casino.merylhoffmanmanagement.com Open in urlscan Pro 4.216.196.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

77 Requests

86 %HTTPS

30 %IPv6

18 Domains

23 Subdomains

20 IPs

6 Countries

947 kBTransfer

3033 kBSize

14 Cookies

4 Outgoing links

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

casino.merylhoffmanmanagement.com Open in urlscan Pro
4.216.196.15 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

86 %
HTTPS

30 %
IPv6

18
Domains

23
Subdomains

20
IPs

6
Countries

947 kB
Transfer

3033 kB
Size

14
Cookies

77 HTTP transactions
0 data transactions