96ccd.com Open in urlscan Pro
34.49.148.218 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://whoagnukrin.com/4/8247215
Effective URL:
https://96ccd.com/?ma_token=neqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk&channel_id=60008360&s2s.req_id=KUvgWmZuvkZ2sP6DhWayX8
Submission: On December 20 via manual (December 20th 2024, 9:08:46 pm UTC) from IN — Scanned from CH

Summary HTTP 101 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 15 domains to perform 101 HTTP transactions. The main IP is 34.49.148.218, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is 96ccd.com.
TLS certificate: Issued by WR3 on December 18th 2024. Valid for: 3 months.

This is the only time 96ccd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 14	104.18.22.222 104.18.22.222	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a05:d014:286... 2a05:d014:286:3501:5716:13c8:5f21:474	16509 (AMAZON-02) (AMAZON-02)
1 1	104.18.189.136 104.18.189.136	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	34.49.148.218 34.49.148.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.111.76.58 34.111.76.58	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
12	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
1	18.66.102.53 18.66.102.53	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:6600:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
10	23.212.110.74 23.212.110.74	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
2	172.67.175.82 172.67.175.82	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.222.236.74 52.222.236.74	16509 (AMAZON-02) (AMAZON-02)
5	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
22	157.240.253.35 157.240.253.35	32934 (FACEBOOK) (FACEBOOK)
1	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
101	16

14 104.18.22.222 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

whoagnukrin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d014:286:3501:5716:13c8:5f21:474 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

www.brgdtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.189.136 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

record.96.partners	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 34.49.148.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.148.49.34.bc.googleusercontent.com

96ccd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.76.58 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 58.76.111.34.bc.googleusercontent.com

api.dpbms5h.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:6600:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.212.110.74 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-212-110-74.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.175.82 (United States)

ASN13335 (CLOUDFLARENET, US)

adscool.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.236.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-74.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)

20861020p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	96ccd.com 96ccd.com	1 MB
22	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	2 KB
14	whoagnukrin.com 2 redirects whoagnukrin.com	33 KB
12	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	106 KB
10	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 799	244 KB
5	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3353
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	299 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 888 script.hotjar.com — Cisco Umbrella Rank: 1185	63 KB
2	adscool.net adscool.net — Cisco Umbrella Rank: 163894	5 KB
2	dpbms5h.club api.dpbms5h.club	5 KB
2	brgdtracking.com www.brgdtracking.com	1 KB
2	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 10565	2 KB
1	rfihub.com 20861020p.rfihub.com
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 4931	6 KB
1	96.partners 1 redirects record.96.partners	530 B
101	15

	Domain	Requested by
23	96ccd.com	96ccd.com
22	www.facebook.com
14	whoagnukrin.com	2 redirects whoagnukrin.com
12	connect.facebook.net	whoagnukrin.com connect.facebook.net
10	analytics.tiktok.com	whoagnukrin.com analytics.tiktok.com
5	region1.google-analytics.com	www.googletagmanager.com
4	www.googletagmanager.com	96ccd.com www.googletagmanager.com
2	script.hotjar.com	static.hotjar.com script.hotjar.com
2	adscool.net	whoagnukrin.com adscool.net
2	api.dpbms5h.club	96ccd.com
2	www.brgdtracking.com
2	my.rtmark.net	whoagnukrin.com
1	20861020p.rfihub.com	c1.rfihub.net
1	c1.rfihub.net	whoagnukrin.com
1	static.hotjar.com	whoagnukrin.com
1	record.96.partners	1 redirects
101	16

This site contains no links.

Subject Issuer	Validity	Valid
whoagnukrin.com WE1	`2024-11-01` - `2025-01-30`	3 months	crt.sh
my.rtmark.net WE1	`2024-11-06` - `2025-02-04`	3 months	crt.sh
www.brgdtracking.com R11	`2024-10-22` - `2025-01-20`	3 months	crt.sh
96ccd.com WR3	`2024-12-18` - `2025-03-18`	3 months	crt.sh
api.dpbms5h.club Sectigo RSA Domain Validation Secure Server CA	`2024-07-10` - `2025-07-10`	a year	crt.sh
*.google-analytics.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-29` - `2024-12-28`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.rfihub.net Amazon RSA 2048 M03	`2024-09-30` - `2025-10-29`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
adscool.net WE1	`2024-12-13` - `2025-03-13`	3 months	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2024-04-08` - `2025-04-27`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://96ccd.com/?ma_token=neqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk&channel_id=60008360&s2s.req_id=KUvgWmZuvkZ2sP6DhWayX8
Frame ID: 31C8754AFA524CA7A61F7EB8B6D26074
Requests: 88 HTTP requests in this frame

Frame: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56
Frame ID: B04804B33D506800BDCF2E87EA1E6451
Requests: 13 HTTP requests in this frame

Frame: https://20861020p.rfihub.com/ca.html?ver=9&rb=52593&ca=20861020&_o=52593&_t=20861020&pe=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DneqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DKUvgWmZuvkZ2sP6DhWayX8%23%2F&pf=https%3A%2F%2Fwww.brgdtracking.com%2F&ra=8240385108257242
Frame ID: 287E443185399EBB0C9FC93E449FBAC1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Landing

Page URL History Show full URLs

https://whoagnukrin.com/4/8247215 Page URL
https://whoagnukrin.com/?z=8247215&syncedCookie=true&rhd=false HTTP 302
https://whoagnukrin.com/4/6118780?var=8247215&btz=Europe/Zurich&bto=-60&bar=x Page URL
https://whoagnukrin.com/?z=6118780&syncedCookie=true&rhd=false HTTP 302
https://www.brgdtracking.com/go/9cf7cd92-61dc-4c5b-966a-4dccf5660d31?cost=0.001920&visitor_id=89408048772... Page URL
https://record.96.partners/_Eg4yvmL2GO-l43LEo86vh2Nd7ZgqdRLk/1/?channel_id=60008360&s2s.req_id=KUvgWmZu... HTTP 301
https://96ccd.com/?ma_token=neqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk&channel_id=60008360&s2s.req_id=KU... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

101
Requests

100 %
HTTPS

25 %
IPv6

15
Domains

16
Subdomains

16
IPs

5
Countries

1983 kB
Transfer

6099 kB
Size

43
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://whoagnukrin.com/4/8247215 Page URL
https://whoagnukrin.com/?z=8247215&syncedCookie=true&rhd=false HTTP 302
https://whoagnukrin.com/4/6118780?var=8247215&btz=Europe/Zurich&bto=-60&bar=x Page URL
https://whoagnukrin.com/?z=6118780&syncedCookie=true&rhd=false HTTP 302
https://www.brgdtracking.com/go/9cf7cd92-61dc-4c5b-966a-4dccf5660d31?cost=0.001920&visitor_id=894080487721808806&zoneid=6118780&bannerid=22762146&country=CH&os=linux&user_activity=high&campaignid=8954303 Page URL
https://record.96.partners/_Eg4yvmL2GO-l43LEo86vh2Nd7ZgqdRLk/1/?channel_id=60008360&s2s.req_id=KUvgWmZuvkZ2sP6DhWayX8 HTTP 301
https://96ccd.com/?ma_token=neqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk&channel_id=60008360&s2s.req_id=KUvgWmZuvkZ2sP6DhWayX8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://whoagnukrin.com/?z=8247215&syncedCookie=true&rhd=false HTTP 302
https://whoagnukrin.com/4/6118780?var=8247215&btz=Europe/Zurich&bto=-60&bar=x

Request Chain 13

https://whoagnukrin.com/?z=6118780&syncedCookie=true&rhd=false HTTP 302
https://www.brgdtracking.com/go/9cf7cd92-61dc-4c5b-966a-4dccf5660d31?cost=0.001920&visitor_id=894080487721808806&zoneid=6118780&bannerid=22762146&country=CH&os=linux&user_activity=high&campaignid=8954303

101 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 8247215 Show response
whoagnukrin.com/4/ 31 KB
14 KB 82ms
47ms Document
text/html 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whoagnukrin.com/4/8247215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b10339ffc434aa18f4193f3b14898702bc48a471307d111facd66a31480bb314

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8f529bddbd110200-ZRH
content-encoding: gzip
content-type: text/html; charset=utf8
date: Fri, 20 Dec 2024 21:08:38 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff

GET
H3 200 img.gif
my.rtmark.net/ 43 B
876 B 60ms
35ms Image
image/gif 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=008138ea044c4e14ee3945446f509848&z=8247215&p_rid=d166a38d-c8e5-4a32-b235-7dd53770a4b5&p_src=sf

Requested by

Host: whoagnukrin.com
URL: https://whoagnukrin.com/4/8247215

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://whoagnukrin.com/

Response headers

access-control-expose-headers: Authorization
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mUF37tRpMdf%2FMGAEzmcAvLDUzw2GFtnio2DMybH3BbiIZtKpkkuDIsWt3lXf%2BHZrVpcpwuTl2Q81qmlILDbF2Fxn3X0A2hxJDv2mKZZ5XETxuhXmV93YUoKNJAAdDv%2FJ"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=10900&min_rtt=10750&rtt_var=2420&sent=10&recv=9&lost=0&retrans=0&sent_bytes=4096&recv_bytes=4479&delivery_rate=54227&cwnd=12000&unsent_bytes=0&cid=c265e177dc0e31cf&ts=38&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 20 Dec 2024 21:08:38 GMT
content-type: image/gif
priority: u=1,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security: max-age=1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *, *
access-control-allow-credentials: true
cf-ray: 8f529bde3803be5f-ZRH
access-control-allow-origin: *
content-length: 43
server: cloudflare

GET
H2 200 sftouch
whoagnukrin.com/ 43 B
152 B 36ms
36ms Image
image/gif 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://whoagnukrin.com/sftouch?userId=008138ea044c4e14ee3945446f509848&z=8247215&p_rid=d166a38d-c8e5-4a32-b235-7dd53770a4b5&p_src=sf&branchId=0&rb=eKlzK5upeXs81q0KHlJKGO2OIF0OeN9OzKRq-HiOpFSFhQe5q77gReAsjeNa9wUEi9nhJ21urNeXgPqZqBa15u17bxCtPKC1NCnCW9h1xxzVJeoY8V_LOwciWQY5QHGFbJz9dszUBAhEUXTsWQ1uXH2JOXzU0kZQdOO6gXlZWMJp_4BCCooKzoRBm6ZbIvrv72x0mGrgbqm39Dxu9RCqgXcQK7krJBllhe9HcoUwGl8zv1Ypq4aI7guzkwisVu7wneNceidt6YAZqnugrp0jAL_bmn4q1P1NHrvEgs3l3Ko=&w_img=1

Requested by

Host: whoagnukrin.com
URL: https://whoagnukrin.com/4/8247215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://whoagnukrin.com/4/8247215

Response headers

access-control-max-age: 86400
cf-cache-status: DYNAMIC
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Tue, 11 Jan 1994 10:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Dec 2024 21:08:38 GMT
content-type: image/gif
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security: max-age=1
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *, *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
x-trace-id: 20c23d041a64207861696465674d07e6
cf-ray: 8f529bde1da40200-ZRH
access-control-allow-origin: *
content-length: 43
server: cloudflare

POST
H3 200 add Show response
whoagnukrin.com/log/ 12 B
372 B 37ms
36ms XHR
application/json 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whoagnukrin.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=d166a38d-c8e5-4a32-b235-7dd53770a4b5

Requested by

Host: whoagnukrin.com
URL: https://whoagnukrin.com/4/8247215

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://whoagnukrin.com/4/8247215

Response headers

cf-cache-status: DYNAMIC
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 20 Dec 2024 21:08:38 GMT
content-type: application/json; charset=utf-8
priority: u=1,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
strict-transport-security: max-age=1
timing-allow-origin: *
access-control-allow-credentials: true
cf-ray: 8f529bde49382397-ZRH
access-control-allow-origin: https://whoagnukrin.com
content-length: 12
server: cloudflare

POST
H3 200 add Show response
whoagnukrin.com/async_log/ 0
291 B 37ms
36ms XHR
text/plain 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whoagnukrin.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=d166a38d-c8e5-4a32-b235-7dd53770a4b5

Requested by

Host: whoagnukrin.com
URL: https://whoagnukrin.com/4/8247215

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://whoagnukrin.com/4/8247215

Response headers

strict-transport-security: max-age=1
timing-allow-origin: *
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
cf-ray: 8f529bde493a2397-ZRH
access-control-allow-origin: https://whoagnukrin.com
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfExtPri
date: Fri, 20 Dec 2024 21:08:38 GMT
server: cloudflare
priority: u=1,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

GET
H3 204 favicon.ico
whoagnukrin.com/ 0
213 B 22ms
22ms Other
text/plain 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whoagnukrin.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://whoagnukrin.com/4/8247215

Response headers

cache-control: public, max-age=315360000
cf-cache-status: HIT
pragma: public
age: 1742288
cf-ray: 8f529bde79842397-ZRH
expires: Mon, 18 Dec 2034 21:08:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 20 Dec 2024 21:08:38 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET
H3

200

6118780 Show response
whoagnukrin.com/4/
Redirect Chain

https://whoagnukrin.com/?z=8247215&syncedCookie=true&rhd=false
https://whoagnukrin.com/4/6118780?var=8247215&btz=Europe/Zurich&bto=-60&bar=x

31 KB
14 KB

65ms
65ms

Document
text/html

104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whoagnukrin.com/4/6118780?var=8247215&btz=Europe/Zurich&bto=-60&bar=x

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52e3cccc40006bceca771f5e22d2605c523e62d63996013306058154acdbe026

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://whoagnukrin.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8f529bdee9fe2397-ZRH
content-encoding: gzip
content-type: text/html; charset=utf8
date: Fri, 20 Dec 2024 21:08:38 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
pragma: no-cache
priority: u=0,i
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://whoagnukrin.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8f529bdea9be2397-ZRH
content-length: 0
date: Fri, 20 Dec 2024 21:08:38 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://whoagnukrin.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location: https://whoagnukrin.com/4/6118780?var=8247215&btz=Europe/Zurich&bto=-60&bar=x
pragma: no-cache
priority: u=0,i
referrer-policy: no-referrer
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 12e9fa2d6f044b30e9299ff6e5fbd3c3

GET
H3 204 favicon.ico
whoagnukrin.com/ 0
0 0ms
0ms Other
text/plain 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whoagnukrin.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://whoagnukrin.com/afu.php?zoneid=8247215&var=8247215&rid=t1eCDm1Kj0NxRQhdnxrJqw%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

cache-control: public, max-age=315360000
cf-cache-status: HIT
pragma: public
age: 1742288
cf-ray: 8f529bde79842397-ZRH
expires: Mon, 18 Dec 2034 21:08:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 20 Dec 2024 21:08:38 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET
H3 200 sftouch
whoagnukrin.com/ 43 B
562 B 38ms
38ms Image
image/gif 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://whoagnukrin.com/sftouch?userId=008138eebb6c4fecf27f387fdd79be08&z=6118780&p_rid=b5045901-c627-42e4-a21d-67b3e6e9fe88&p_src=sf&branchId=0&rb=TLx0jW3yMtmluw9xboSLzKFTSD3uhkluXXwRgotm2DxDC-8t8p3LDi8SjmEfhfKgaPtmGcESm8P3KlM52uOLlh-rGyJcBllh-xwxfW_ozvRVxr0o3yqTiG1uBmwmLJJ9r15t-0phKN6foq3ZxqnuMnbNv2SVn5G3v8x-o16vuXfF1cNtavIPmN8Bk5rJg2O66WvNY4MFxS9oMLhFT_eXRrGDpQbHbuBw0_i_LL6alIpa448ZZmOmVFqftOhFiLoToREkk0w9TYegu_ND0Yz2J6ETHvDAPX2PdIuChzU5q7WiE9Fq3_kafg==&w_img=1

Requested by

Host: whoagnukrin.com
URL: https://whoagnukrin.com/4/6118780?var=8247215&btz=Europe/Zurich&bto=-60&bar=x

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://whoagnukrin.com/4/6118780?var=8247215&btz=Europe/Zurich&bto=-60&bar=x

Response headers

access-control-max-age: 86400
cf-cache-status: DYNAMIC
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Tue, 11 Jan 1994 10:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 20 Dec 2024 21:08:38 GMT
content-type: image/gif
priority: u=3,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security: max-age=1
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *, *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
x-trace-id: a51a2511e9f947188fb1eb87803b7db1
cf-ray: 8f529bdf7aa72397-ZRH
access-control-allow-origin: *
content-length: 43
server: cloudflare

POST
H3 200 add Show response
whoagnukrin.com/log/ 12 B
335 B 41ms
40ms XHR
application/json 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whoagnukrin.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=b5045901-c627-42e4-a21d-67b3e6e9fe88

Requested by

Host: whoagnukrin.com
URL: https://whoagnukrin.com/4/6118780?var=8247215&btz=Europe/Zurich&bto=-60&bar=x

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://whoagnukrin.com/4/6118780?var=8247215&btz=Europe/Zurich&bto=-60&bar=x

Response headers

cf-cache-status: DYNAMIC
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 20 Dec 2024 21:08:39 GMT
content-type: application/json; charset=utf-8
priority: u=1,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
strict-transport-security: max-age=1
timing-allow-origin: *
access-control-allow-credentials: true
cf-ray: 8f529bdfbafc2397-ZRH
access-control-allow-origin: https://whoagnukrin.com
content-length: 12
server: cloudflare

GET
H3 200 img.gif
my.rtmark.net/ 43 B
844 B 33ms
33ms Image
image/gif 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=008138eebb6c4fecf27f387fdd79be08&z=6118780&p_rid=b5045901-c627-42e4-a21d-67b3e6e9fe88&p_src=sf

Requested by

Host: whoagnukrin.com
URL: https://whoagnukrin.com/4/6118780?var=8247215&btz=Europe/Zurich&bto=-60&bar=x

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://whoagnukrin.com/

Response headers

access-control-expose-headers: Authorization
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bi5zyQTgFxgYdVvfvB2SQXUm%2FFvJRpm10wCPPDLNpeeJ%2BzDY6vA36SZtMR2KWrLz0bhAqDCu4ygF0Oka57aHzY%2FeW8bPiMms7mdhdJ8sk3FoQi4sVjdbV%2BZD8F%2FDXGDb"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=10880&min_rtt=10741&rtt_var=1855&sent=12&recv=11&lost=0&retrans=0&sent_bytes=5019&recv_bytes=4959&delivery_rate=42014&cwnd=12000&unsent_bytes=0&cid=c265e177dc0e31cf&ts=272&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 20 Dec 2024 21:08:39 GMT
content-type: image/gif
priority: u=3,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security: max-age=1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *, *
access-control-allow-credentials: true
cf-ray: 8f529bdfba04be5f-ZRH
access-control-allow-origin: *
content-length: 43
server: cloudflare

POST
H3 200 add
whoagnukrin.com/async_log/ 0
292 B 57ms
56ms XHR
text/plain 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whoagnukrin.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=b5045901-c627-42e4-a21d-67b3e6e9fe88

Requested by

Host: whoagnukrin.com
URL: https://whoagnukrin.com/4/6118780?var=8247215&btz=Europe/Zurich&bto=-60&bar=x

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://whoagnukrin.com/4/6118780?var=8247215&btz=Europe/Zurich&bto=-60&bar=x

Response headers

strict-transport-security: max-age=1
timing-allow-origin: *
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
cf-ray: 8f529bdfbb032397-ZRH
access-control-allow-origin: https://whoagnukrin.com
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfExtPri
date: Fri, 20 Dec 2024 21:08:39 GMT
server: cloudflare
priority: u=1,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

GET
H3 204 favicon.ico
whoagnukrin.com/ 0
0 0ms
0ms Other
text/plain 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whoagnukrin.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://whoagnukrin.com/4/6118780?var=8247215&btz=Europe/Zurich&bto=-60&bar=x

Response headers

cache-control: public, max-age=315360000
cf-cache-status: HIT
pragma: public
age: 1742288
cf-ray: 8f529bde79842397-ZRH
expires: Mon, 18 Dec 2034 21:08:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 20 Dec 2024 21:08:38 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET
H2

200

9cf7cd92-61dc-4c5b-966a-4dccf5660d31 Show response
www.brgdtracking.com/go/
Redirect Chain

https://whoagnukrin.com/?z=6118780&syncedCookie=true&rhd=false
https://www.brgdtracking.com/go/9cf7cd92-61dc-4c5b-966a-4dccf5660d31?cost=0.001920&visitor_id=894080487721808806&zoneid=6118780&bannerid=22762146&country=CH&os=linux&user_activity=high&campaignid=8...

256 B
1 KB

125ms
49ms

Document
text/html

2a05:d014:286:3501:5716:13c8:5f21:474
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brgdtracking.com/go/9cf7cd92-61dc-4c5b-966a-4dccf5660d31?cost=0.001920&visitor_id=894080487721808806&zoneid=6118780&bannerid=22762146&country=CH&os=linux&user_activity=high&campaignid=8954303
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a05:d014:286:3501:5716:13c8:5f21:474 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 946554c967ea75c5d471fa9f02666a37d35fb4538049bb9158d22ff07b25d200

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://whoagnukrin.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 20 Dec 2024 21:08:39 GMT
etag: W/"100-KBVmMr+mEcepQbCJqtCZGf+RCn0"
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: openresty
vary: Accept-Encoding
x-response-time: 27.418ms

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://whoagnukrin.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8f529be02b662397-ZRH
content-length: 0
date: Fri, 20 Dec 2024 21:08:39 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://www.brgdtracking.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location: https://www.brgdtracking.com/go/9cf7cd92-61dc-4c5b-966a-4dccf5660d31?cost=0.001920&visitor_id=894080487721808806&zoneid=6118780&bannerid=22762146&country=CH&os=linux&user_activity=high&campaignid=8954303
pragma: no-cache
priority: u=0,i
referrer-policy: no-referrer
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 84f65d13d691c50fb04f8cc96f8b9cbe

GET
H3 204 favicon.ico
whoagnukrin.com/ 0
0 0ms
0ms Other
text/plain 104.18.22.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whoagnukrin.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://whoagnukrin.com/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

cache-control: public, max-age=315360000
cf-cache-status: HIT
pragma: public
age: 1742288
cf-ray: 8f529bde79842397-ZRH
expires: Mon, 18 Dec 2034 21:08:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 20 Dec 2024 21:08:38 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET
H2

200

Primary Request / Show response
96ccd.com/
Redirect Chain

https://record.96.partners/_Eg4yvmL2GO-l43LEo86vh2Nd7ZgqdRLk/1/?channel_id=60008360&s2s.req_id=KUvgWmZuvkZ2sP6DhWayX8
https://96ccd.com/?ma_token=neqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk&channel_id=60008360&s2s.req_id=KUvgWmZuvkZ2sP6DhWayX8

2 KB
957 B

367ms
311ms

Document
text/html

34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/?ma_token=neqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk&channel_id=60008360&s2s.req_id=KUvgWmZuvkZ2sP6DhWayX8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: 70d2dec9e651c3c0567646233efb31192b52e6f24d39a863ac8e33cae7e812c2

Request headers

Referer: https://www.brgdtracking.com/go/9cf7cd92-61dc-4c5b-966a-4dccf5660d31?cost=0.001920&visitor_id=894080487721808806&zoneid=6118780&bannerid=22762146&country=CH&os=linux&user_activity=high&campaignid=8954303
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: none
access-control-allow-credentials: true
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
content-encoding: br
content-type: text/html
date: Fri, 20 Dec 2024 21:08:39 GMT
etag: W/"66ce92ce-79e"
last-modified: Wed, 28 Aug 2024 03:00:30 GMT
server: Microsoft-IIS
vary: Accept-Encoding,Accept-Encoding
via: 1.1 google

Redirect headers

access-control-allow-origin: *
cache-control: private, no-cache, must-revalidate
cf-cache-status: BYPASS
cf-ray: 8f529be25c6ebc50-ZRH
content-type: text/html; charset=utf-8
date: Fri, 20 Dec 2024 21:08:39 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
location: https://96ccd.com/?ma_token=neqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk&channel_id=60008360&s2s.req_id=KUvgWmZuvkZ2sP6DhWayX8
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-powered-by: ZBan

GET
H2 404 favicon.ico
www.brgdtracking.com/ 552 B
260 B 20ms
20ms Other
text/html 2a05:d014:286:3501:5716:13c8:5f21:474
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brgdtracking.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a05:d014:286:3501:5716:13c8:5f21:474 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.brgdtracking.com/go/9cf7cd92-61dc-4c5b-966a-4dccf5660d31?cost=0.001920&visitor_id=894080487721808806&zoneid=6118780&bannerid=22762146&country=CH&os=linux&user_activity=high&campaignid=8954303

Response headers

content-encoding: gzip
date: Fri, 20 Dec 2024 21:08:39 GMT
content-type: text/html
vary: Accept-Encoding
server: openresty

GET
H2 200 puremvc.min.js Show response
96ccd.com/libs/puremvc/ 9 KB
2 KB 59ms
58ms Script
application/javascript 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/libs/puremvc/puremvc.min.js
Requested by: Host: 96ccd.com
URL: https://96ccd.com/?ma_token=neqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk&channel_id=60008360&s2s.req_id=KUvgWmZuvkZ2sP6DhWayX8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: e966ae4e462d62393b40a76b5fb5252672638fdb706173de35a04c37f7e684f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/?ma_token=neqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk&channel_id=60008360&s2s.req_id=KUvgWmZuvkZ2sP6DhWayX8

Response headers

cache-control: public,max-age=86400
content-encoding: br
etag: W/"642c1867-22aa"
age: 43957
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: none
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1832
date: Fri, 20 Dec 2024 08:56:02 GMT
last-modified: Tue, 04 Apr 2023 12:30:31 GMT
content-type: application/javascript
server: Microsoft-IIS
vary: Accept-Encoding

GET
H2 200 core.min.js Show response
96ccd.com/libs/core/ 146 KB
16 KB 52ms
51ms Script
application/javascript 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/libs/core/core.min.js?2024-08-28%2002:56
Requested by: Host: 96ccd.com
URL: https://96ccd.com/?ma_token=neqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk&channel_id=60008360&s2s.req_id=KUvgWmZuvkZ2sP6DhWayX8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: baa84fca69d1fee91c2cb0ac064020904d8a4898e31cf108fcb1cd57d813f95b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/?ma_token=neqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk&channel_id=60008360&s2s.req_id=KUvgWmZuvkZ2sP6DhWayX8

Response headers

cache-control: public,max-age=86400
content-encoding: br
etag: W/"66b4314a-2464f"
age: 43807
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: none
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15782
date: Fri, 20 Dec 2024 08:58:32 GMT
last-modified: Thu, 08 Aug 2024 02:45:30 GMT
content-type: application/javascript
server: Microsoft-IIS
vary: Accept-Encoding

GET
H2 200 chunk-vendors.a2babcb0.css
96ccd.com/css/ 683 KB
54 KB 24ms
23ms Stylesheet
text/css 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/css/chunk-vendors.a2babcb0.css
Requested by: Host: 96ccd.com
URL: https://96ccd.com/?ma_token=neqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk&channel_id=60008360&s2s.req_id=KUvgWmZuvkZ2sP6DhWayX8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: 8a6597a24fa67d5ba2f49b99389d221489567863c1aa6f65b7bd04f0061c35e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/?ma_token=neqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk&channel_id=60008360&s2s.req_id=KUvgWmZuvkZ2sP6DhWayX8

Response headers

cache-control: public,max-age=86400
content-encoding: br
etag: W/"64f2dd8f-aada7"
age: 43807
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: none
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55653
date: Fri, 20 Dec 2024 08:58:32 GMT
last-modified: Sat, 02 Sep 2023 07:00:31 GMT
content-type: text/css
server: Microsoft-IIS
vary: Accept-Encoding,Accept-Encoding

GET
H2 200 landing.38faaea5.css
96ccd.com/css/ 72 B
153 B 44ms
43ms Stylesheet
text/css 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/css/landing.38faaea5.css
Requested by: Host: 96ccd.com
URL: https://96ccd.com/?ma_token=neqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk&channel_id=60008360&s2s.req_id=KUvgWmZuvkZ2sP6DhWayX8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: 99531d6d624ddea03006bcaef319bf4f7473332dd75adcc59bfa58da16a9b753

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/?ma_token=neqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk&channel_id=60008360&s2s.req_id=KUvgWmZuvkZ2sP6DhWayX8

Response headers

cache-control: public,max-age=86400
etag: "64f2dd8f-48"
age: 44010
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72
date: Fri, 20 Dec 2024 08:55:09 GMT
last-modified: Sat, 02 Sep 2023 07:00:31 GMT
content-type: text/css
server: Microsoft-IIS

GET
H2 200 chunk-vendors.88f2213f.js Show response
96ccd.com/js/ 2 MB
273 KB 58ms
58ms Script
application/javascript 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/js/chunk-vendors.88f2213f.js
Requested by: Host: 96ccd.com
URL: https://96ccd.com/?ma_token=neqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk&channel_id=60008360&s2s.req_id=KUvgWmZuvkZ2sP6DhWayX8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: 5b4393c6fc659782788dec8167bb00cf8189bacf3eecb149fc7fdc51f6fefdd5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/?ma_token=neqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk&channel_id=60008360&s2s.req_id=KUvgWmZuvkZ2sP6DhWayX8

Response headers

cache-control: public,max-age=86400
content-encoding: br
etag: W/"66ce92ce-193bba"
age: 43881
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: none
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 08:57:18 GMT
last-modified: Wed, 28 Aug 2024 03:00:30 GMT
content-type: application/javascript
server: Microsoft-IIS
vary: Accept-Encoding

GET
H2 200 landing.f20b9fe9.js Show response
96ccd.com/js/ 35 KB
13 KB 68ms
68ms Script
application/javascript 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/js/landing.f20b9fe9.js
Requested by: Host: 96ccd.com
URL: https://96ccd.com/?ma_token=neqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk&channel_id=60008360&s2s.req_id=KUvgWmZuvkZ2sP6DhWayX8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: 37ae7919d75abcb53ddf21b402361c943f724cd02622de2181906ab100df26f9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/?ma_token=neqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk&channel_id=60008360&s2s.req_id=KUvgWmZuvkZ2sP6DhWayX8

Response headers

cache-control: public,max-age=86400
content-encoding: br
etag: W/"66ce92ce-8c8d"
age: 43881
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: none
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13732
date: Fri, 20 Dec 2024 08:57:18 GMT
last-modified: Wed, 28 Aug 2024 03:00:30 GMT
content-type: application/javascript
server: Microsoft-IIS
vary: Accept-Encoding

GET
H3 200 d104fd86ef48111a40dd653fbc0103c5.json Show response
96ccd.com/config/ 154 B
175 B 23ms
23ms XHR
application/json 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/config/d104fd86ef48111a40dd653fbc0103c5.json?4818690
Requested by: Host: 96ccd.com
URL: https://96ccd.com/js/chunk-vendors.88f2213f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: 20732019f332406573f06d35c28ebceb3df2ee15e1585d6c9e2569a4b0f92cad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://96ccd.com/?ma_token=neqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk&channel_id=60008360&s2s.req_id=KUvgWmZuvkZ2sP6DhWayX8

Response headers

cache-control: public,max-age=86400
etag: "6719f39e-9a"
age: 606
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 154
date: Fri, 20 Dec 2024 20:58:34 GMT
last-modified: Thu, 24 Oct 2024 07:13:34 GMT
content-type: application/json
server: Microsoft-IIS

GET
H3 200 60008.json Show response
96ccd.com/config/ 264 B
285 B 22ms
22ms XHR
application/json 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/config/60008.json?4818690
Requested by: Host: 96ccd.com
URL: https://96ccd.com/js/chunk-vendors.88f2213f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: 717f0e0b2d2050e3a00485db646cb973c6abc2775214460f37b31a30f874a04e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://96ccd.com/?ma_token=neqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk&channel_id=60008360&s2s.req_id=KUvgWmZuvkZ2sP6DhWayX8

Response headers

cache-control: public,max-age=86400
etag: "6710dbb6-108"
age: 606
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 264
date: Fri, 20 Dec 2024 20:58:34 GMT
last-modified: Thu, 17 Oct 2024 09:41:10 GMT
content-type: application/json
server: Microsoft-IIS

GET
H3 404 favicon.ico
96ccd.com/ 556 B
572 B 24ms
23ms Other
text/html 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: 3f78207f071d486a2957dac496f6c3c80800bdf809ef22ef140caf4d9f73ad47

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/?ma_token=neqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk&channel_id=60008360&s2s.req_id=KUvgWmZuvkZ2sP6DhWayX8

Response headers

cache-control: public,max-age=60
age: 39
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 556
date: Fri, 20 Dec 2024 21:08:01 GMT
content-type: text/html
server: Microsoft-IIS

GET
H3 200 index.html Show response
96ccd.com/template/60008025/178/1729753974/ Frame B048 11 KB
2 KB 16ms
16ms Document
text/html 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56
Requested by: Host: 96ccd.com
URL: https://96ccd.com/js/landing.f20b9fe9.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: 160fccfe88de59a8756ae3a5c8fe56fe585b338a73f3f798e1fec83660800113

Request headers

Referer: https://96ccd.com/?ma_token=neqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk&channel_id=60008360&s2s.req_id=KUvgWmZuvkZ2sP6DhWayX8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: none
access-control-allow-credentials: true
access-control-allow-origin: *
age: 109674
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
content-encoding: br
content-length: 2280
content-type: text/html
date: Thu, 19 Dec 2024 14:40:46 GMT
etag: W/"6719f37d-2c4a"
last-modified: Thu, 24 Oct 2024 07:13:01 GMT
server: Microsoft-IIS
vary: Accept-Encoding,Accept-Encoding
via: 1.1 google

GET
H3 200 favicon.ico
96ccd.com/template/60008025/178/1729753974/ 5 KB
4 KB 16ms
16ms Other
image/x-icon 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/template/60008025/178/1729753974/favicon.ico?v=2024-08-28%2002:56
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: b1753030316553e3e984f51db690bda7d082b64604900920e51034c89810defe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/?ma_token=neqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk&channel_id=60008360&s2s.req_id=KUvgWmZuvkZ2sP6DhWayX8

Response headers

cache-control: public,max-age=86400
content-encoding: br
etag: W/"6719f384-130c"
age: 109675
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: none
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4200
date: Thu, 19 Dec 2024 14:40:45 GMT
last-modified: Thu, 24 Oct 2024 07:13:08 GMT
content-type: image/x-icon
server: Microsoft-IIS
vary: Accept-Encoding

GET
H3 200 index.css
96ccd.com/template/60008025/178/1729753974/style/ Frame B048 8 KB
2 KB 17ms
17ms Stylesheet
text/css 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/template/60008025/178/1729753974/style/index.css?v=1.3.11
Requested by: Host: 96ccd.com
URL: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: 6be1a104e09946516a4f429665dc27cf12f6cd07f98a1215ab972f73354606ba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56

Response headers

cache-control: public,max-age=86400
content-encoding: br
etag: W/"6719f37e-2029"
age: 109674
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: none
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1690
date: Thu, 19 Dec 2024 14:40:46 GMT
last-modified: Thu, 24 Oct 2024 07:13:02 GMT
content-type: text/css
server: Microsoft-IIS
vary: Accept-Encoding,Accept-Encoding

GET
H3 200 logo.png
96ccd.com/template/60008025/178/1729753974/assets/ Frame B048 4 KB
4 KB 20ms
20ms Image
image/png 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://96ccd.com/template/60008025/178/1729753974/assets/logo.png?v=1.1
Requested by: Host: 96ccd.com
URL: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: 1a617e01a1cf518ce7415891455d332c5929c12f2873c455757ca6b2a1852168

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56

Response headers

cache-control: public,max-age=86400
etag: "6719f37c-edc"
age: 109674
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3804
date: Thu, 19 Dec 2024 14:40:46 GMT
last-modified: Thu, 24 Oct 2024 07:13:00 GMT
content-type: image/png
server: Microsoft-IIS
vary: Accept-Encoding

GET
H3 200 loading.gif
96ccd.com/template/60008025/178/1729753974/assets/ Frame B048 117 KB
117 KB 37ms
37ms Image
image/gif 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://96ccd.com/template/60008025/178/1729753974/assets/loading.gif
Requested by: Host: 96ccd.com
URL: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: bd7e6745a4133374c3132109992c0482ace276042eed482bca718990c64cc091

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56

Response headers

cache-control: public,max-age=86400
etag: "6719f37c-1d42b"
age: 109674
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119851
date: Thu, 19 Dec 2024 14:40:46 GMT
last-modified: Thu, 24 Oct 2024 07:13:00 GMT
content-type: image/gif
server: Microsoft-IIS
vary: Accept-Encoding

GET
H3 200 str.js Show response
96ccd.com/template/60008025/178/1729753974/js/ Frame B048 713 B
734 B 19ms
18ms Script
application/javascript 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/template/60008025/178/1729753974/js/str.js?v=1.3.1
Requested by: Host: 96ccd.com
URL: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: 16df724b6ce9e67ddb93e2f4ef0a04802a871c0a78ce282da9916925aefa825b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56

Response headers

cache-control: public,max-age=86400
etag: "6719f381-2c9"
age: 109674
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 713
date: Thu, 19 Dec 2024 14:40:46 GMT
last-modified: Thu, 24 Oct 2024 07:13:05 GMT
content-type: application/javascript
server: Microsoft-IIS

GET
H3 200 utils.js Show response
96ccd.com/template/60008025/178/1729753974/js/ Frame B048 909 B
930 B 30ms
30ms Script
application/javascript 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/template/60008025/178/1729753974/js/utils.js?v=1.3.1
Requested by: Host: 96ccd.com
URL: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: ed632b9e988afb6efa6f4d1188faa39516409a19e6095689071a03bfbb2e1b2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56

Response headers

cache-control: public,max-age=86400
etag: "6719f382-38d"
age: 109674
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 909
date: Thu, 19 Dec 2024 14:40:46 GMT
last-modified: Thu, 24 Oct 2024 07:13:06 GMT
content-type: application/javascript
server: Microsoft-IIS

GET
H3 200 jquery.js Show response
96ccd.com/template/60008025/178/1729753974/js/ Frame B048 88 KB
32 KB 21ms
21ms Script
application/javascript 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/template/60008025/178/1729753974/js/jquery.js?v=1.3.1
Requested by: Host: 96ccd.com
URL: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: 4da87c258eca460d39cdb0f6158cbf69af539d05a1d14f1bc011518511d02228

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56

Response headers

cache-control: public,max-age=86400
content-encoding: br
etag: W/"6719f383-15ec5"
age: 109673
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: none
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32275
date: Thu, 19 Dec 2024 14:40:47 GMT
last-modified: Thu, 24 Oct 2024 07:13:07 GMT
content-type: application/javascript
server: Microsoft-IIS
vary: Accept-Encoding

GET
H3 200 net.js Show response
96ccd.com/template/60008025/178/1729753974/js/ Frame B048 2 KB
571 B 21ms
21ms Script
application/javascript 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/template/60008025/178/1729753974/js/net.js?v=1.3.6
Requested by: Host: 96ccd.com
URL: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: e28c256943d251f6ac87324b39fcb022a9862e264fb62f755b12adadff31d159

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56

Response headers

cache-control: public,max-age=86400
content-encoding: br
etag: W/"6719f380-78f"
age: 109673
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: none
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 548
date: Thu, 19 Dec 2024 14:40:47 GMT
last-modified: Thu, 24 Oct 2024 07:13:04 GMT
content-type: application/javascript
server: Microsoft-IIS
vary: Accept-Encoding

GET
H3 200 index.js Show response
96ccd.com/template/60008025/178/1729753974/js/ Frame B048 9 KB
2 KB 31ms
31ms Script
application/javascript 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/template/60008025/178/1729753974/js/index.js?v=1.3.14
Requested by: Host: 96ccd.com
URL: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: b93d863cf176ae6744f603ff4601d7fecbae3ee3fb2a35ecf63f4b09c4063694

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56

Response headers

cache-control: public,max-age=86400
content-encoding: br
etag: W/"6719f381-25e3"
age: 109672
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: none
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1670
date: Thu, 19 Dec 2024 14:40:48 GMT
last-modified: Thu, 24 Oct 2024 07:13:05 GMT
content-type: application/javascript
server: Microsoft-IIS
vary: Accept-Encoding

GET
H3 200 click.js Show response
96ccd.com/template/60008025/178/1729753974/js/ Frame B048 8 KB
1 KB 31ms
31ms Script
application/javascript 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/template/60008025/178/1729753974/js/click.js?v=1.3.10
Requested by: Host: 96ccd.com
URL: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: 82b6716f188a2c4d23a17b41cba2b728b1f4b9339dc5e18d2348879da1a3da34

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56

Response headers

cache-control: public,max-age=86400
content-encoding: br
etag: W/"6719f380-202c"
age: 109672
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: none
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1324
date: Thu, 19 Dec 2024 14:40:48 GMT
last-modified: Thu, 24 Oct 2024 07:13:04 GMT
content-type: application/javascript
server: Microsoft-IIS
vary: Accept-Encoding

GET
H3 200 001.jpg
96ccd.com/template/60008025/178/1729753974/assets/ Frame B048 581 KB
581 KB 44ms
44ms Image
image/jpeg 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://96ccd.com/template/60008025/178/1729753974/assets/001.jpg?v=1.3.2
Requested by: Host: 96ccd.com
URL: https://96ccd.com/template/60008025/178/1729753974/style/index.css?v=1.3.11
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: c77770ad3bbf5be5bad727596fc9a4ee55bd309b1e4b4b5eb278dd8bae756570

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/template/60008025/178/1729753974/style/index.css?v=1.3.11

Response headers

cache-control: public,max-age=86400
etag: "6719f37b-91333"
age: 109672
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 594739
date: Thu, 19 Dec 2024 14:40:48 GMT
last-modified: Thu, 24 Oct 2024 07:12:59 GMT
content-type: image/jpeg
server: Microsoft-IIS
vary: Accept-Encoding

GET
H3 200 font.ttf
96ccd.com/template/60008025/178/1729753974/fonts/ Frame B048 112 KB
112 KB 18ms
17ms Font
application/octet-stream 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/template/60008025/178/1729753974/fonts/font.ttf
Requested by: Host: 96ccd.com
URL: https://96ccd.com/template/60008025/178/1729753974/style/index.css?v=1.3.11
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: f745b91d6345c24243e0e08362ba3b9c82382e12a2c97d3bad4baf1b0f887bc0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://96ccd.com
Referer: https://96ccd.com/template/60008025/178/1729753974/style/index.css?v=1.3.11

Response headers

cache-control: public,max-age=86400
etag: "6719f386-1bfa4"
age: 109672
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114596
date: Thu, 19 Dec 2024 14:40:48 GMT
last-modified: Thu, 24 Oct 2024 07:13:10 GMT
content-type: application/octet-stream
server: Microsoft-IIS

POST
H2 200 auth_code Show response
api.dpbms5h.club/api/public/ 5 KB
4 KB 399ms
341ms XHR
application/json 34.111.76.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dpbms5h.club/api/public/auth_code

Requested by

Host: 96ccd.com
URL: https://96ccd.com/js/landing.f20b9fe9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.76.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

58.76.111.34.bc.googleusercontent.com

Software

Microsoft-IIS /

Resource Hash

6f0e6ce9d8dab7ca8ef273adac1885b36b7a3b87c93cdac44bf8aade37f257ca

Security Headers

Name	Value
X-Frame-Options	sameorigin, sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarys2Wlg4Cfhmw7GBIP
Referer: https://96ccd.com/

Response headers

access-control-allow-headers: content-type,token,sign
content-encoding: gzip
via: 1.1 google
access-control-request-method: GET,POST
access-control-allow-origin: *
alt-svc: clear
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: application/json
vary: Accept-Encoding
server: Microsoft-IIS
x-frame-options: sameorigin, sameorigin

POST
H2 200 area_code Show response
api.dpbms5h.club/api/public/ 2 KB
724 B 379ms
320ms XHR
application/json 34.111.76.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dpbms5h.club/api/public/area_code

Requested by

Host: 96ccd.com
URL: https://96ccd.com/js/landing.f20b9fe9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.76.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

58.76.111.34.bc.googleusercontent.com

Software

Microsoft-IIS /

Resource Hash

57a60cef3bf023e7f23fc68f5fd66c971c783c2440aae33536e1f9e251905b64

Security Headers

Name	Value
X-Frame-Options	sameorigin, sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryINxfouS2jWZOmDuA
Referer: https://96ccd.com/

Response headers

access-control-allow-headers: content-type,token,sign
content-encoding: gzip
via: 1.1 google
access-control-request-method: GET,POST
access-control-allow-origin: *
alt-svc: clear
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: application/json
vary: Accept-Encoding
server: Microsoft-IIS
x-frame-options: sameorigin, sameorigin

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 252 KB
83 KB 92ms
42ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K3PWVTS2

Requested by

Host: 96ccd.com
URL: https://96ccd.com/?ma_token=neqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk&channel_id=60008360&s2s.req_id=KUvgWmZuvkZ2sP6DhWayX8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2a984d67977ad621649bf051baeb94ed86666fbe467ad99748c2190ec416f34d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 20 Dec 2024 21:08:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 84733
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 41ms
20ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: whoagnukrin.com
URL: https://whoagnukrin.com/4/8247215

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-LJKK07l0' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-LJKK07l0' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=23, mss=1232, tbw=4496, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: t48bqZxhLxkEsQXAiNRIEFRtMteTMUgxIQIivwt4hqdDm2NiUQ3Ajbbb/YLzBLoTposGWAXY/2yZrMNKqfuZjA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62282
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 323 KB
108 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D1MREPZMK9&l=dataLayer&cx=c&gtm=45He4cc1v9173077786za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3PWVTS2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e2ca7c6e98bc6be14d87ed9c5b42abe1f7580d3b322a683fa76211f387b04698

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 20 Dec 2024 21:08:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109852
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 323 KB
107 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q4XV74EN3M&l=dataLayer&cx=c&gtm=45He4cc1v9173077786za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3PWVTS2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9b3015fba073305c1bba9e8896260f816054b5a36db0382d00cc04c07e08fd7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 20 Dec 2024 21:08:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109836
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 hotjar-5163049.js Show response
static.hotjar.com/c/ 13 KB
6 KB 67ms
23ms Script
application/javascript 18.66.102.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-5163049.js?sv=6

Requested by

Host: whoagnukrin.com
URL: https://whoagnukrin.com/4/8247215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-53.fra56.r.cloudfront.net

Software

Resource Hash

0514fa30b202d316338412ee252f4def90df7468d9d094db92ac452fe76f9bc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: br
etag: W/4129fbbb01d13f396671def690e2db30
age: 43
x-content-type-options: nosniff
x-cache-hit: 1
x-cache: Hit from cloudfront
x-amz-cf-id: d5b-wO8nNTcP09m7Y4M-p3cz-Mt92sjBxk72MjFVxnPoBLtp5GNUYw==
date: Fri, 20 Dec 2024 21:08:00 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P2

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 104ms
21ms Script
application/x-javascript 2600:9000:214f:6600:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: whoagnukrin.com
URL: https://whoagnukrin.com/4/8247215
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6600:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

x-amz-cf-id: iFz2tqcKsBaqw1Fh0o9eKlBg6UD8pXBN0jn4olUyVbwUcjI1PElMrw==
cache-control: public, max-age=3600
content-encoding: gzip
age: 1159
via: 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
expires: Fri, 20 Dec 2024 21:49:21 GMT
x-cache: Hit from cloudfront
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 6162
date: Fri, 20 Dec 2024 20:49:21 GMT
content-type: application/x-javascript
last-modified: Fri, 20 Dec 2024 20:49:11 GMT
server: Jetty(9.4.51.v20230217)
x-amz-cf-pop: FRA53-C1

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 227ms
150ms Script
application/javascript 23.212.110.74
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CTDC483C77UF4VSQMLHG&lib=ttq
Requested by: Host: whoagnukrin.com
URL: https://whoagnukrin.com/4/8247215
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.110.74 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-212-110-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a7796e8ff807f9f694711e8627e9cd8fd3e69586da422dcd159cfa05367e77b7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: gzip
x-cache-remote: TCP_MISS from a72-247-190-62.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
expires: Fri, 20 Dec 2024 21:08:40 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=6, inner; dur=3
x-cache: TCP_MISS from a23-212-110-5.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: d38a356.30ded7a
x-tt-trace-host: 016d9a7efe9a5936a39b1daa43f2e595aa4438df06e2fede2964abe7c0a0bd9631dacbf0f07d953e4aaa7e4bf70b894153b56c72fa62b862fc77a1018c8fb96dba170a21033dff687c9324efe512faf98645338556edc24f76d45f123615b95e1cb7091899ff68d7ac4db46b4c2068abda
x-origin-response-time: 7,72.247.190.62
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-241220210840E2AB6A3852A5B5097AB5-681E819B5F66C966-00
x-parent-response-time: 104,23.212.110.5
x-tt-logid: 20241220210840E2AB6A3852A5B5097AB5
server: nginx

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 229ms
152ms Script
application/javascript 23.212.110.74
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CTGJBO3C77U22OFG0JQ0&lib=ttq
Requested by: Host: whoagnukrin.com
URL: https://whoagnukrin.com/4/8247215
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.110.74 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-212-110-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1918891d7c9b72bca099cabadf2b71474b5eb5bb7ec125376348b372115f5ad0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: gzip
x-cache-remote: TCP_MISS from a72-247-190-61.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
expires: Fri, 20 Dec 2024 21:08:40 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=97, origin; dur=10, inner; dur=4
x-cache: TCP_MISS from a23-212-110-5.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: 217b89cb.30ded79
x-tt-trace-host: 016d9a7efe9a5936a39b1daa43f2e595aa4438df06e2fede2964abe7c0a0bd963157b6fac076e2dc345f01797f9dae74b10c53cef8e5efc67f739d7d2c3a34d8edc9550b73e79493fa71747b689e4bfb81b8bb2668afb8f9d56d052d73a5349eb3c13938ed1502d7983338ad9743140814
x-origin-response-time: 11,72.247.190.61
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24122021084069EB1264739FFB1BA98B-488CBE92531F941E-00
content-length: 2040
x-parent-response-time: 107,23.212.110.5
x-tt-logid: 2024122021084069EB1264739FFB1BA98B
server: nginx

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
2 KB 228ms
152ms Script
application/javascript 23.212.110.74
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=null&lib=ttq
Requested by: Host: whoagnukrin.com
URL: https://whoagnukrin.com/4/8247215
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.110.74 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-212-110-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: dcf9ec3e67d91bd452ba5ce4e336dcaac24c22ef8cabaf6d91b9510ef5bd93e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: gzip
expires: Fri, 20 Dec 2024 21:08:40 GMT
server-timing: inner; dur=6, cdn-cache; desc=MISS, edge; dur=2, origin; dur=106
x-cache: TCP_MISS from a23-212-110-5.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: 30ded7b
x-tt-trace-host: 016d9a7efe9a5936a39b1daa43f2e595aae367b5a702acba3dbe222e71ac84ef99be375d98579b729e295a9cfaf040af865a1f936e10e97a75a91432d4f6706c29bde74860a77ca1881f5488657bf61305874baa34cdf54e862e1e6c19553ea5ff
x-origin-response-time: 107,23.212.110.5
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-241220210840FB135094C5256278EF9F-3B6E069774F06AB2-00
content-length: 1590
x-tt-logid: 20241220210840FB135094C5256278EF9F
server: nginx

GET
H3 200 96com.js Show response
adscool.net/resources/content/ 9 KB
4 KB 164ms
139ms Script
text/javascript 172.67.175.82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adscool.net/resources/content/96com.js

Requested by

Host: whoagnukrin.com
URL: https://whoagnukrin.com/4/8247215

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.175.82 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df055b5940ce90d969f6bf709c9b35e117f8a1b6fee2e2b1d3441fd645a58336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

x-request-id: b00d31fd-b467-4cbd-8fb4-9a951c0abefe
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"df055b5940ce90d969f6bf709c9b35e1"
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B1ooSJWvQ%2BZiXSh5dH5R7IISfvU7j4KiAIsdIAuyToR%2FszLo6HyNQq3mGrwzMKvTt6zzg%2B%2Bd6zYbK91IVJjY3KLEpkOUwu4sLLIlNaGd6EEk3vtFuQHIwBEaV4eAzg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
status: 200 OK
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11334&min_rtt=10894&rtt_var=2107&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4143&recv_bytes=4371&delivery_rate=758&cwnd=12000&unsent_bytes=0&cid=b5f5cf095ecef475&ts=143&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-runtime: 0.002644
priority: u=3,i=?0
cache-control: no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8f529be90a31be64-ZRH
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 a
www.googletagmanager.com/ 0
261 B 42ms
42ms Image
text/html 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?v=3&t=l&pid=488744115&rv=4cc1&tag_exp=101925629~102067555~102067808~102081485~102198178&u=AAAAAAAAAAAAAACA&h=Ag&gtm=45He4cc1v9173077786za200&ccid=173077786&cid=GTM-K3PWVTS2&l=L943.S2.Y1.B9.E10.I753.EC5.TC13.HTC6~gtm.init.S0.V0.TS6paused.TI68.TE0.TS6paused.TI96.TE0.TS5html.TI112.TE0.TS6paused.TI163.TE0~gtm.js.S0.V0.TS6paused.TI90.TE0.TS5googtag.TI99.TE1.TS5html.TI120.TE0.TS5googtag.TI133.TE0.TS5html.TI135.TE0.TS5html.TI139.TE0.TS5html.TI151.TE0.TS6paused.TI164.TE0.TS5html.TI184.TE0~gtm.dom.S0.V0.E1~gtm.load.S0.V0.E0~gtm.init_consent.S1.V1.E10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Fri, 20 Dec 2024 21:08:40 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H3 200 493229386862469 Show response
connect.facebook.net/signals/config/ 69 KB
14 KB 20ms
20ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/493229386862469?v=2.9.179&r=stable&domain=96ccd.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

ebe3a9b0e9c561389a42cb0f7d287c163710172b510261a454737672a53e1da1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-a9CD9AOE' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-a9CD9AOE' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=77, mss=1232, tbw=70512, tp=65, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: mkcDbQQXp7LQ5Bal9rupjWoLIc0/RDumP5Jhrgv8PRscjnJK/fCjkXzpUYzbrfRJ9ohD24BRtZdOjcHYHBIM7Q==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 14124
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 modules.60031afbf51fb3e88a5b.js Show response
script.hotjar.com/ 223 KB
56 KB 63ms
22ms Script
application/javascript 52.222.236.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.60031afbf51fb3e88a5b.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-5163049.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-74.fra56.r.cloudfront.net

Software

Resource Hash

e38338484d969872e570a554c807dab4a79233b82d64a7cb7028fb459123d44a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

x-robots-tag: none
content-encoding: br
etag: "b4a1a7933e55e780894c3f39b1aca0b4"
age: 206253
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: CmDHJfwwzlL07adCwpvIGVYTQu03eqfUEUAVqe9Gnkg4oVc0YzCWew==
date: Wed, 18 Dec 2024 11:51:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 18 Dec 2024 11:50:24 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56408
x-amz-cf-pop: FRA56-P4

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 81ms
30ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-D1MREPZMK9&gtm=45je4cc1v9173005657z89173077786za200zb9173077786&_p=1734728920297&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=725624588.1734728921&ul=de-ch&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734728920&sct=1&seg=0&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DneqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DKUvgWmZuvkZ2sP6DhWayX8&dr=https%3A%2F%2Fwww.brgdtracking.com%2F&dt=Landing&en=page_view&_fv=1&_nsi=1&_ss=1&up.undefined=&tfd=1193
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D1MREPZMK9&l=dataLayer&cx=c&gtm=45He4cc1v9173077786za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://96ccd.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 66ms
32ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Q4XV74EN3M&gtm=45je4cc1v9189217623z89173077786za200zb9173077786&_p=1734728920297&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=725624588.1734728921&ul=de-ch&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734728920&sct=1&seg=0&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DneqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DKUvgWmZuvkZ2sP6DhWayX8&dr=https%3A%2F%2Fwww.brgdtracking.com%2F&dt=Landing&en=page_view&_fv=1&_ss=1&tfd=1210
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q4XV74EN3M&l=dataLayer&cx=c&gtm=45He4cc1v9173077786za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://96ccd.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 26782498068061504 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 21ms
21ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/26782498068061504?v=2.9.179&r=stable&domain=96ccd.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

998454c7d2c095c55d3e5fc5cedc780b1dc4ee763bf36004dc38d921d9da332a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-poXfEm34' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-poXfEm34' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=89, mss=1232, tbw=85696, tp=80, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: 7ReYBs4tYiRXNTqGLV58kE9uyDgXdNiOA8nLDnxgOSjKORQIs4k+kSjDlFcQ3ddQ4aokNzjEM22YP52zKHXpEw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 3056
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 41ms
20ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=493229386862469&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DneqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DKUvgWmZuvkZ2sP6DhWayX8%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1734728920584&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734728920582.763471063104805410&ler=other&cdl=API_unavailable&it=1734728920526&coo=false&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=23, mss=1232, tbw=4543, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
192 B 184ms
163ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=493229386862469&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DneqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DKUvgWmZuvkZ2sP6DhWayX8%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1734728920584&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734728920582.763471063104805410&ler=other&cdl=API_unavailable&it=1734728920526&coo=false&tm=1&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7450603980768770659"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: heqUASK7sCO0dgq895rpK8Xth6fyhKEJEsYR/PDyCbDiGl/CwlYbGRV/xwOplfsHwJtx6EfOHjQPa/dojhIPSg==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7450603980768770659", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=25, mss=1232, tbw=10687, tp=40, tpl=0, uplat=143, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H/1.1 200
OK ca.html
20861020p.rfihub.com/ Frame 287E 0
0 149ms
33ms Document
text/html 193.0.160.130
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20861020p.rfihub.com/ca.html?ver=9&rb=52593&ca=20861020&_o=52593&_t=20861020&pe=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DneqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DKUvgWmZuvkZ2sP6DhWayX8%23%2F&pf=https%3A%2F%2Fwww.brgdtracking.com%2F&ra=8240385108257242
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash

Request headers

Referer: https://96ccd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache
Content-Length: 4813
Content-Type: text/html;charset=utf-8
Date: Fri, 20 Dec 2024 21:08:40 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 39ms
30ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Q4XV74EN3M&gtm=45je4cc1v9189217623za200zb9173077786&_p=1734728920297&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=725624588.1734728921&ul=de-ch&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1734728920&sct=1&seg=0&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DneqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DKUvgWmZuvkZ2sP6DhWayX8&dr=https%3A%2F%2Fwww.brgdtracking.com%2F&dt=Landing&en=scroll&epn.percent_scrolled=90&_et=8&tfd=1236
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q4XV74EN3M&l=dataLayer&cx=c&gtm=45He4cc1v9173077786za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://96ccd.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 805296468443854 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 21ms
21ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/805296468443854?v=2.9.179&r=stable&domain=96ccd.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

f47949a0ae5a27b32be31138c9d6c75961e03c3629b7100e44a29ae8ac660bcd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-uffQekUN' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-uffQekUN' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=92, mss=1232, tbw=89616, tp=85, tpl=0, uplat=2, ullat=-1
pragma: public
x-fb-debug: Zg0nKAgirgo+DuGyypJTsLFT1xCywDXIzT0votZnyPJjHG7DzjM1oUfoSbEncA6V6q+ri5QhDbpCLEgNilGq+Q==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 3030
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 20ms
20ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=26782498068061504&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DneqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DKUvgWmZuvkZ2sP6DhWayX8%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1734728920610&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734728920582.763471063104805410&ler=other&cdl=API_unavailable&it=1734728920526&coo=false&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=23, mss=1232, tbw=4959, tp=14, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
192 B 153ms
153ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=26782498068061504&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DneqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DKUvgWmZuvkZ2sP6DhWayX8%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1734728920610&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734728920582.763471063104805410&ler=other&cdl=API_unavailable&it=1734728920526&coo=false&tm=1&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7450603979875640519"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: tsPT/N2aDKS0ZmS602nnGW1UaCbKwmwZ8MzHpNYkz9iWtnxeWmaIiB/QrcHyyNvvX5L0uT4xwwbT9J8sSIK8EA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7450603979875640519", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=25, mss=1232, tbw=9487, tp=35, tpl=0, uplat=132, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 browser-perf.8417c6bba72228fa2e29.js Show response
script.hotjar.com/ 5 KB
2 KB 20ms
20ms Script
application/javascript 52.222.236.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/browser-perf.8417c6bba72228fa2e29.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.60031afbf51fb3e88a5b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-74.fra56.r.cloudfront.net

Software

Resource Hash

70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

x-robots-tag: none
content-encoding: br
etag: "b83b61bc5871e9a23a0434e2c539f4f3"
age: 7667393
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: Ss5CCmA12SV7dzfJnDyC9rAn5C2dqPulqZmDr8Yxz5jLhFgnCidEXA==
date: Mon, 23 Sep 2024 03:18:47 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 19 Sep 2024 13:21:34 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1782
x-amz-cf-pop: FRA56-P4

GET
H3 200 96com Show response
adscool.net/pageview/ 0
822 B 139ms
138ms Script
text/javascript 172.67.175.82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adscool.net/pageview/96com?usr=v1.0%3A17197763459%3A1734728920638%3A1734728920638&scr=1600x1200%7C1600x1200&scv=1600x1200%7C0&pgh=96ccd.com&pgl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DneqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DKUvgWmZuvkZ2sP6DhWayX8%23%2F&pgr=https%3A%2F%2Fwww.brgdtracking.com%2F

Requested by

Host: adscool.net
URL: https://adscool.net/resources/content/96com.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.175.82 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

x-request-id: 88eafa35-d77d-495c-8146-2b4888f6a6d2
content-encoding: gzip
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7gJNlCzXfhFva%2BkFZlDEG6aEj2jMfRVxAu9QbZJWrc0fab3ocN1A0pGNby8bYVLeh2z5JaFxAZZJZFCrAZvNbnF5PrYk3bSQC7OhfrGn98S4WfjQOloTT7ZzG6NISg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
status: 200 OK
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11513&min_rtt=10894&rtt_var=1352&sent=18&recv=14&lost=0&retrans=0&sent_bytes=8796&recv_bytes=4981&delivery_rate=424411&cwnd=12000&unsent_bytes=0&cid=b5f5cf095ecef475&ts=304&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding,Accept
x-runtime: 0.006243
priority: u=3,i=?0
cache-control: no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8f529bea0c4abe64-ZRH
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 910149207653208 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 21ms
21ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/910149207653208?v=2.9.179&r=stable&domain=96ccd.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

5e80534095f28f98b5fc97dc2cd55c64c12e293e12380229e80f4b4047b87c7d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-cZZNYDtN' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-cZZNYDtN' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=95, mss=1232, tbw=93472, tp=90, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: Ai5xBTszVATVDSpihH2C20buA7VcdPDupLZHmGNYkCiVkaYm0GGgJAoWZQuNKgN9q+zTc3gVPr3hQ1bSpSG/gw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 3029
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 19ms
19ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=805296468443854&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DneqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DKUvgWmZuvkZ2sP6DhWayX8%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1734728920639&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734728920582.763471063104805410&ler=other&cdl=API_unavailable&it=1734728920526&coo=false&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=24, mss=1232, tbw=5247, tp=18, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
193 B 123ms
123ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=805296468443854&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DneqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DKUvgWmZuvkZ2sP6DhWayX8%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1734728920639&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734728920582.763471063104805410&ler=other&cdl=API_unavailable&it=1734728920526&coo=false&tm=1&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7450603980759510399"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: a9G/NZqZuoig2G5H6LtmJOqxLKAkgu9kapB2j71FzrWkGvY5ByGlEs22bRoHmOFtJOHcrarq5vRXQAf+omtOkw==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7450603980759510399", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=25, mss=1232, tbw=6303, tp=32, tpl=0, uplat=103, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 3050918968381160 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 22ms
22ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3050918968381160?v=2.9.179&r=stable&domain=96ccd.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

837bd5165ce282e140b0a91e6f6b3ff98dab2ec27d4573ee21aa646e70967544

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-BE7FUmCf' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-BE7FUmCf' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=98, mss=1232, tbw=97328, tp=95, tpl=0, uplat=2, ullat=-1
pragma: public
x-fb-debug: oxj2V50C1iqYV2s412SDv3nZt6atgiZOglEHG8tleHK+3cV8Y9VWLfz9qyYBBqEGffMSkjXKOtN16uxJYZyOtQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 3030
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 20ms
19ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=910149207653208&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DneqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DKUvgWmZuvkZ2sP6DhWayX8%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1734728920664&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734728920582.763471063104805410&ler=other&cdl=API_unavailable&it=1734728920526&coo=false&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=24, mss=1232, tbw=5535, tp=22, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
193 B 119ms
119ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=910149207653208&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DneqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DKUvgWmZuvkZ2sP6DhWayX8%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1734728920664&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734728920582.763471063104805410&ler=other&cdl=API_unavailable&it=1734728920526&coo=false&tm=1&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7450603980504336541"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: pHgP0xWR5KmZBKx8MRexYQvUGQYz6m1flkE1aPJBaM8GrqUOYdOZAgn5Dbbcg6sHb37lPHmjpxjUSDjDNfOcuQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7450603980504336541", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=28, mss=1232, tbw=11567, tp=41, tpl=0, uplat=99, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 main.MWE1OTI4NzI4MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 347 KB
96 KB 41ms
41ms Script
application/javascript 23.212.110.74
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=null&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.110.74 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-212-110-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ecf6e5354373fa78e0539f812ecc35f949250f81c4146c419b6208a4166c0005

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

x-cache: TCP_HIT from a23-212-110-5.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=14
x-tt-trace-id: 00-241219132428B9E392BC4D499BE6C3F0-1EA745972CEB8BC3-00
content-length: 97613
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20241219132428B9E392BC4D499BE6C3F0
server: nginx
x-akamai-request-id: 30dedea
x-tt-trace-host: 01e5143b6d28c88c99f23a047fa013a3d846f4ad5a5d442986123d7f391c8d5994560ed16a588b1858e0df55f62c79b4c83531023ab603e346f1798e3362044a285681862aceb3e08d3b5fa183c6086e514a0f947ef3ffc6485a27b449c19d5f18

GET
H2 200 main.MWE1OTI4NzI4MQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 352 KB
97 KB 85ms
85ms Script
application/javascript 23.212.110.74
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CTGJBO3C77U22OFG0JQ0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.110.74 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-212-110-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ba3710ffb62361879a717271253bcda8d3a4d1c61f22abc95e00181ca2fea228

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

x-cache: TCP_HIT from a23-212-110-5.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
x-tt-trace-id: 00-2412191324282B5165C643824FD8DD71-00902DDF6686B1F1-00
content-length: 98984
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202412191324282B5165C643824FD8DD71
server: nginx
x-akamai-request-id: 30dedeb
x-tt-trace-host: 012767cc578f836ec86a26f63e640f1954ba3ac2e47c5c9a9a1bbf8b6d1f8251d9f946a41f789d69e624b8bfc8e53b6662a2d81e2b41ab84069bbdd1bee8935b014ca1a42dca81bd11a909099da7bc8a4f584c59b5653fe67f6c4e7ca145a06c3b

GET
H3 200 8489556127800875 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 20ms
20ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/8489556127800875?v=2.9.179&r=stable&domain=96ccd.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

afc0bf7a34a8285792933cb258404d8e72b4fea3314e02867480b410241f891d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-Nrr6bmw6' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-Nrr6bmw6' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=101, mss=1232, tbw=101184, tp=100, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: uUh7SaR6Kbf/woaXlRxxIv+vE8ON+eEc7yiRcVopeAabeCIaNt4hx0fU0BvkaWecBdSPQeWLhjAcPfQRw5S3ZQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 3098
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 22ms
22ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3050918968381160&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DneqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DKUvgWmZuvkZ2sP6DhWayX8%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1734728920689&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734728920582.763471063104805410&ler=other&cdl=API_unavailable&it=1734728920526&coo=false&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=24, mss=1232, tbw=5823, tp=26, tpl=0, uplat=1, ullat=1
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
192 B 125ms
125ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=3050918968381160&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DneqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DKUvgWmZuvkZ2sP6DhWayX8%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1734728920689&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734728920582.763471063104805410&ler=other&cdl=API_unavailable&it=1734728920526&coo=false&tm=1&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7450603980876305222"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: E7RMxbEo5xCcNNy9rWuVabbA7kmyyBzRcgTxqPxQKq9vxciZb4awGZWas7PHr4tiLkLfNDHSwmOaL9X5a/85KQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7450603980876305222", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=30, mss=1232, tbw=12735, tp=46, tpl=0, uplat=105, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
DATA 200
OK truncated
/ Frame B048 4 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af361bae532120fec26f1ab62a6c7702ae0dc51878ce6d9a61be342b4fe16298

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpeg

GET
H3 200 9485012911551124 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 24ms
24ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/9485012911551124?v=2.9.179&r=stable&domain=96ccd.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

461f25b6b885144d00c9b633755e95e731a95fdee7a415d8c0ad790863ee2c44

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-OESvNuaK' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-OESvNuaK' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=101, mss=1232, tbw=105104, tp=105, tpl=0, uplat=3, ullat=-1
pragma: public
x-fb-debug: kf0FB0sLWp2qUxi0wM8iDTul8kFnHFeZYuJ7qnJ0Quvp6YposOjOy13ILghXjcb8RdRRHH0pLbHAve/mdWQyaw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 3030
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 19ms
19ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=8489556127800875&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DneqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DKUvgWmZuvkZ2sP6DhWayX8%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1734728920715&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734728920582.763471063104805410&ler=other&cdl=API_unavailable&it=1734728920526&coo=false&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=24, mss=1232, tbw=6111, tp=30, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
195 B 125ms
125ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=8489556127800875&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DneqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DKUvgWmZuvkZ2sP6DhWayX8%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1734728920715&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734728920582.763471063104805410&ler=other&cdl=API_unavailable&it=1734728920526&coo=false&tm=1&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7450603980863426181"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 2I+ZdJFstH2+80gkjzSOauAMz6cKW4Nb/k9uyqqlg8ccR+JjJP32wUTKZ2Br6BXqvuy8MBq/VW9DE9cqH8ztrw==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7450603980863426181", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=30, mss=1232, tbw=13903, tp=51, tpl=0, uplat=104, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 595766396257728 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 23ms
21ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/595766396257728?v=2.9.179&r=stable&domain=96ccd.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

22cbd6624dbe2f79211784ebeaddbe362f8f323316ecfc7a4878988292206e22

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-RShR0UBH' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-RShR0UBH' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=101, mss=1232, tbw=108960, tp=110, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: gl8v+C4WU0T3fEw6QeCREhNIjzM2xnIpcZ2F+Rg8V6FVI1QHzKNO9SydMl4KdGP8PNRFnYC4vSL1PE7bePy0xA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 3030
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 23ms
21ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=9485012911551124&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DneqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DKUvgWmZuvkZ2sP6DhWayX8%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1734728920743&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734728920582.763471063104805410&ler=other&cdl=API_unavailable&it=1734728920526&coo=false&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=25, mss=1232, tbw=10495, tp=38, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
193 B 122ms
119ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=9485012911551124&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DneqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DKUvgWmZuvkZ2sP6DhWayX8%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1734728920743&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734728920582.763471063104805410&ler=other&cdl=API_unavailable&it=1734728920526&coo=false&tm=1&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7450603979334487725"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: rZaXjf2Yw5zSR2JxW6kLrpwgvapp/iCVNqDNq9KkuF/MCBTzdyQWLarxw2stzPV/u37S/z/1/kFSckeM4+71+w==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7450603979334487725", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=31, mss=1232, tbw=15135, tp=56, tpl=0, uplat=99, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 952808073432966 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 22ms
22ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/952808073432966?v=2.9.179&r=stable&domain=96ccd.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

c179d10985bd0cbbba81c5a56591e6935e7688a941aa350c55e3f760a4c8988f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-1SWmBGjx' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-1SWmBGjx' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=101, mss=1232, tbw=112816, tp=115, tpl=0, uplat=3, ullat=-1
pragma: public
x-fb-debug: xQlQRa8MbjmXfxNZYWq9B69FDcFEU+nUFz0B37B/EPeRUhtXQSFXheGaCFLYGfGnXMf/zZPwB9p82uXNQ3QHVw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 3030
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 19ms
19ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=595766396257728&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DneqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DKUvgWmZuvkZ2sP6DhWayX8%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1734728920769&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734728920582.763471063104805410&ler=other&cdl=API_unavailable&it=1734728920526&coo=false&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=28, mss=1232, tbw=12543, tp=44, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 119ms
119ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=595766396257728&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DneqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DKUvgWmZuvkZ2sP6DhWayX8%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1734728920769&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734728920582.763471063104805410&ler=other&cdl=API_unavailable&it=1734728920526&coo=false&tm=1&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7450603980031667700"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: dW50q3F0n7BwNofGlw+rj/EHWDO61ZtBImxjNmp9TfCaFpgRK8uMJIhY/KxYpPgv6PGZT+J0p10UwT6NdQJGjA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7450603980031667700", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=32, mss=1232, tbw=16303, tp=61, tpl=0, uplat=98, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 identify_45dd5971.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 83ms
83ms Script
application/javascript 23.212.110.74
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.110.74 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-212-110-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

x-cache: TCP_MEM_HIT from a23-212-110-5.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=3
x-tt-trace-id: 00-2411150502414A586084F7162AECB4BB-3A83E9D93BB55657-00
content-length: 39540
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202411150502414A586084F7162AECB4BB
server: nginx
x-akamai-request-id: 30dee56
x-tt-trace-host: 0139545820e31550410b5d484ed598b7dc25350f0def5976853dd7134e0d5aab537d3d8dce2366e556c60138e517b4001df2686d0ef06cad15a40e4cf39c4850d4390bea0bf9d5b6a218b98a2c9f1d8289999fa193e0dc6d8ae39f0b3c6c8c7ed5

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
716 B 180ms
179ms Ping
text/plain 23.212.110.74
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.110.74 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-212-110-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://96ccd.com/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Fri, 20 Dec 2024 21:08:40 GMT
server-timing: inner; dur=16, cdn-cache; desc=MISS, edge; dur=7, origin; dur=114
x-cache: TCP_MISS from a23-212-110-5.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Fri, 20 Dec 2024 21:08:40 GMT
x-akamai-request-id: 30dee57
access-control-allow-headers: Authorization,*
x-tt-trace-host: 016d9a7efe9a5936a39b1daa43f2e595aae367b5a702acba3dbe222e71ac84ef99be375d98579b729e295a9cfaf040af8650918bdb9d97343cb9bc33c977efe6a368e6cc203fe6a601ece4e582d0b48a4680dffdb1aa13c7fb57a122ac6d7a2f51
x-origin-response-time: 114,23.212.110.5
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241220210840FB135094C5256278EFAF-38A7772E10EC2C8D-00
content-length: 0
x-tt-logid: 20241220210840FB135094C5256278EFAF
server: nginx

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
878 B 175ms
173ms Ping
text/plain 23.212.110.74
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.110.74 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-212-110-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://96ccd.com/

Response headers

x-cache-remote: TCP_MISS from a72-247-190-85.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Fri, 20 Dec 2024 21:08:40 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=102, origin; dur=18, inner; dur=14
x-cache: TCP_MISS from a23-212-110-5.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Fri, 20 Dec 2024 21:08:40 GMT
x-akamai-request-id: e39ef88.30dee58
access-control-allow-headers: Authorization,*
x-tt-trace-host: 016d9a7efe9a5936a39b1daa43f2e595aa4438df06e2fede2964abe7c0a0bd963181d8b4e8d494f037f7e0cfff44e1d9ff3c805e71da99de78f653178bfa0ef733ce2f81b1e0bf0ce9da408b6eb123b065ea76d7a527d07585c9d4cbb70f0c63a9df604b667bcaf2ad3b0fbd7a00189b8e
x-origin-response-time: 18,72.247.190.85
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241220210840FEE0BB744439BA0A0198-5B9C69733CBC903D-00
content-length: 0
x-parent-response-time: 113,23.212.110.5
x-tt-logid: 20241220210840FEE0BB744439BA0A0198
server: nginx

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
715 B 178ms
176ms Ping
text/plain 23.212.110.74
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.110.74 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-212-110-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://96ccd.com/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Fri, 20 Dec 2024 21:08:40 GMT
server-timing: inner; dur=17, cdn-cache; desc=MISS, edge; dur=9, origin; dur=111
x-cache: TCP_MISS from a23-212-110-5.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Fri, 20 Dec 2024 21:08:40 GMT
x-akamai-request-id: 30dee59
access-control-allow-headers: Authorization,*
x-tt-trace-host: 016d9a7efe9a5936a39b1daa43f2e595aae367b5a702acba3dbe222e71ac84ef999fc3d2a82acf121906596f61898d92daf53f9417933661b977f581afb401d7e3dc92af29ce4d576cfb23d80b2886ad50c7ddde140c1392844b081a9dbdabe9a5
x-origin-response-time: 112,23.212.110.5
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241220210840205539D02CE07B08EA1A-7E86C9D23325E1F1-00
content-length: 0
x-tt-logid: 20241220210840205539D02CE07B08EA1A
server: nginx

GET
H3 200 1130325188453930 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 20ms
20ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1130325188453930?v=2.9.179&r=stable&domain=96ccd.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

7257a519ef1a2963bd2996f825d8ba2a4acedc7fcf7aa6ee3f731124d07c74ef

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-yX4DiRX2' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-yX4DiRX2' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=101, mss=1232, tbw=116672, tp=120, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: GdGoRhUHUmXfYJjQ+NarRSZcoVdoIeuykA/ratGN+J9WtvCl779aMxJFkaeMktg9td0zav9mIFIv+Gd0jaRCQA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 3030
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 20ms
20ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=952808073432966&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DneqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DKUvgWmZuvkZ2sP6DhWayX8%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1734728920804&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734728920582.763471063104805410&ler=other&cdl=API_unavailable&it=1734728920526&coo=false&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=30, mss=1232, tbw=13711, tp=49, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
195 B 126ms
126ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=952808073432966&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DneqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DKUvgWmZuvkZ2sP6DhWayX8%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1734728920804&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734728920582.763471063104805410&ler=other&cdl=API_unavailable&it=1734728920526&coo=false&tm=1&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7450603980401624138"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: F9EUYocNJTR1FnNL2si+mJrmtzzlFGi5JzqIdXGrDlSA8HhCEZ4zjh9Y9PLRfT0ONyrN6Xg54RhYq/Lz8k/Cuw==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7450603980401624138", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=33, mss=1232, tbw=17231, tp=63, tpl=0, uplat=105, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 2329401274088336 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 20ms
20ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2329401274088336?v=2.9.179&r=stable&domain=96ccd.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

9b0fc82588b1a0e778a74500fbbbea37829256aa2932eccf892be7bd2bfd2653

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-qAVzCWmu' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-qAVzCWmu' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=101, mss=1232, tbw=120528, tp=125, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: fhet2oNGpJIHFbmDR1Ds9Ru1ftbOtadra4pqHQDKFCKdcI0OHsPb4TpEKNPGr6yHbYICIokvvRD01Ap6M3JqMA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 3031
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 22ms
22ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1130325188453930&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DneqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DKUvgWmZuvkZ2sP6DhWayX8%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1734728920829&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734728920582.763471063104805410&ler=other&cdl=API_unavailable&it=1734728920526&coo=false&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=31, mss=1232, tbw=14943, tp=54, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
192 B 124ms
124ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1130325188453930&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DneqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DKUvgWmZuvkZ2sP6DhWayX8%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1734728920829&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734728920582.763471063104805410&ler=other&cdl=API_unavailable&it=1734728920526&coo=false&tm=1&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7450603979976496688"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: a3lXpSeFuN159OaKi+C5CgIc97RV68LtdZ0mzng7PFykT0jW2r/1ktqEpwPELs8ZxUpG/ARIVg3PP+sI05wNPg==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7450603979976496688", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=34, mss=1232, tbw=18159, tp=65, tpl=0, uplat=103, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 20ms
20ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2329401274088336&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DneqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DKUvgWmZuvkZ2sP6DhWayX8%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1734728920854&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734728920582.763471063104805410&ler=other&cdl=API_unavailable&it=1734728920526&coo=false&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=32, mss=1232, tbw=16111, tp=59, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 120ms
120ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2329401274088336&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DneqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DKUvgWmZuvkZ2sP6DhWayX8%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1734728920854&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734728920582.763471063104805410&ler=other&cdl=API_unavailable&it=1734728920526&coo=false&tm=1&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7450603979359320303"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Dec 2024 21:08:40 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 6T4vvwZLahTWgRN4XbTEaJq2YXcsdvXSkyeuKJUhDRVwf/tQCPCv+mQj5Nxa6PM+hwjfREi6zdGUS5YfQn1g6Q==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7450603979359320303", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=34, mss=1232, tbw=19039, tp=66, tpl=0, uplat=99, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
717 B 178ms
177ms Ping
text/plain 23.212.110.74
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.110.74 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-212-110-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://96ccd.com/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Fri, 20 Dec 2024 21:08:41 GMT
server-timing: inner; dur=43, cdn-cache; desc=MISS, edge; dur=10, origin; dur=140
x-cache: TCP_MISS from a23-212-110-5.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Fri, 20 Dec 2024 21:08:41 GMT
x-akamai-request-id: 30def07
access-control-allow-headers: Authorization,*
x-tt-trace-host: 016d9a7efe9a5936a39b1daa43f2e595aae367b5a702acba3dbe222e71ac84ef99be375d98579b729e295a9cfaf040af867356a986a4a48217b41424247664f6ead27f26634bd08645893e1fd6929a5d456bf93845fc37c91c56eacaa52c740770
x-origin-response-time: 140,23.212.110.5
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241220210841FB135094C5256278EFB7-47314E076B378D77-00
content-length: 0
x-tt-logid: 20241220210841FB135094C5256278EFB7
server: nginx

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 30ms
29ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-D1MREPZMK9&gtm=45je4cc1v9173005657za200zb9173077786&_p=1734728920297&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=725624588.1734728921&ul=de-ch&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1734728920&sct=1&seg=0&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DneqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DKUvgWmZuvkZ2sP6DhWayX8&dr=https%3A%2F%2Fwww.brgdtracking.com%2F&dt=Landing&en=scroll&epn.percent_scrolled=90&_et=21&tfd=6216
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D1MREPZMK9&l=dataLayer&cx=c&gtm=45He4cc1v9173077786za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://96ccd.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 21:08:45 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 30ms
29ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Q4XV74EN3M&gtm=45je4cc1v9189217623z89173077786za200zb9173077786&_p=1734728920297&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=725624588.1734728921&ul=de-ch&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sid=1734728920&sct=1&seg=0&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DneqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DKUvgWmZuvkZ2sP6DhWayX8&dr=https%3A%2F%2Fwww.brgdtracking.com%2F&dt=Landing&_s=3&tfd=6236
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q4XV74EN3M&l=dataLayer&cx=c&gtm=45He4cc1v9173077786za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://96ccd.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://96ccd.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 21:08:45 GMT
content-type: text/plain
server: Golfe2

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

43 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
my.rtmark.net/	1970-01-21 10:37:44	Name: ID Value: 008138ea044c4e14ee3945446f509848
whoagnukrin.com/	1970-01-21 10:37:44	Name: oaidts Value: 1734728918
whoagnukrin.com/	1970-01-21 10:37:44	Name: OAID Value: 008138ea044c4e14ee3945446f509848
whoagnukrin.com/	1970-01-21 02:02:13	Name: syncedCookie Value: true
.www.brgdtracking.com/	1970-01-21 10:37:44	Name: bemob-viewer-id Value: f510fb8f-8400-49d3-8076-2c569861e8a1
.www.brgdtracking.com/	1970-01-21 01:53:35	Name: bemob-uniq-visit:9cf7cd92-61dc-4c5b-966a-4dccf5660d31 Value: 1
.www.brgdtracking.com/	1970-01-21 01:53:35	Name: bemob-rotation:9cf7cd92-61dc-4c5b-966a-4dccf5660d31:random:9ffe2fd6d131e45d810e28dac7255b0e Value: 0-0-0
.www.brgdtracking.com/	1970-01-21 02:35:20	Name: bemob-click-id Value: KUvgWmZuvkZ2sP6DhWayX8
record.96.partners/	1970-01-21 10:37:44	Name: VID1 Value: Jy4zPFItUyRQLDBgYApgCg%3D%3D
.96.partners/	1970-01-21 10:37:44	Name: ZBan Value: neqYy0S5lFNFEYgYXHfKhWNd7ZgqdRLk
.96ccd.com/	1970-01-21 11:28:08	Name: _ga Value: GA1.1.725624588.1734728921
.96ccd.com/	1970-01-21 11:28:08	Name: _ga_D1MREPZMK9 Value: GS1.1.1734728920.1.0.1734728920.0.0.0
.96ccd.com/	1970-01-21 04:01:44	Name: _fbp Value: fb.1.1734728920582.763471063104805410
.96ccd.com/	1970-01-21 11:28:08	Name: _ga_Q4XV74EN3M Value: GS1.1.1734728920.1.0.1734728920.0.0.0
.96ccd.com/	1970-01-21 10:37:44	Name: _hjSessionUser_5163049 Value: eyJpZCI6IjVhY2U5NDNjLTIxNTItNTc5OS1iYjMyLWRjOTAxMDhiNTY1NyIsImNyZWF0ZWQiOjE3MzQ3Mjg5MjA2MzIsImV4aXN0aW5nIjpmYWxzZX0=
.96ccd.com/	1970-01-21 01:52:10	Name: _hjSession_5163049 Value: eyJpZCI6IjIwZjJmMjg3LTJmNzktNDhlMC1iYzhiLTdkMDE0YjczMGJhZSIsImMiOjE3MzQ3Mjg5MjA2MzMsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
96ccd.com/	1970-01-21 10:37:44	Name: rtg_usr Value: v1.0:17197763459:1734728920638:1734728920638
.tiktok.com/	1970-01-21 11:13:44	Name: _ttp Value: 2qUtKpDUiw0BsytzvOPCbIrJAKx
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0NjI0NjUxsDAwNRXiM9Q1KHIKNQ00iHSKSi0BAMyESK0lAAAA
.rfihub.com/	1970-01-21 11:13:44	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0NjI0NjUxsDAwNRXiM9Q1KHIKNQ00iHSKSi0BAMyESK0lAAAA
.96ccd.com/	1970-01-21 11:13:44	Name: _tt_enable_cookie Value: 1
.96ccd.com/	1970-01-21 11:13:44	Name: _ttp Value: hrxKKXz3o_dAlbo24HaiSxK8Gvc.tt.1
.pubmatic.com/	1970-01-21 04:01:44	Name: KRTBCOOKIE_18 Value: 22947-5140084932135408055&KRTB&23628-5140084932135408055
.pubmatic.com/	1970-01-21 02:35:20	Name: PugT Value: 1734728919
.adnxs.com/	1970-01-21 11:28:08	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 11:28:08	Name: IDE Value: AHWqTUleciJ-td2QwmACITXvN36yUc74xQf0Vpy7VbEPR4D1YtcKqqE7ijab08Y8-jM
.demdex.net/	1970-01-21 06:11:20	Name: demdex Value: 85993077508696480560127742180982191053
.media.net/	1970-01-21 10:37:44	Name: visitor-id Value: 3777305207935137000V10
.media.net/	1970-01-21 10:36:18	Name: data-rk Value: 5140084932135408055~~3
.casalemedia.com/	1970-01-21 10:37:44	Name: CMID Value: Z2Xc2FVbLSgAAHzQCEq-vAAA
.casalemedia.com/	1970-01-21 04:01:44	Name: CMPS Value: 5126
.casalemedia.com/	1970-01-21 04:01:44	Name: CMPRO Value: 5126
.rezync.com/	1970-01-21 06:11:20	Name: zync-uuid Value: c1968567-ac89-44e1-8571-7e0f8cbad145:1734728920.8789732
.eyeota.net/	1970-01-21 01:52:09	Name: SERVERID Value: 24451~DM
.dpm.demdex.net/	1970-01-21 06:11:20	Name: dpm Value: 85993077508696480560127742180982191053
.bidswitch.net/	1970-01-21 10:37:44	Name: tuuid Value: 9a958cb5-9d11-423e-b294-db6c5aa46d04
.bidswitch.net/	1970-01-21 10:37:44	Name: c Value: 1734728921
.bidswitch.net/	1970-01-21 10:37:44	Name: tuuid_lu Value: 1734728921
live.rezync.com/	1970-01-21 06:11:20	Name: sd-session-id Value: .eJwNylEOgyAMANC79FsWCq0tXMYw7BKy6RZxPzPefX6-5B0wfWxbymrrDnnfvjZAfbVLHfIBvf0We0IGRvJeKcWAkcmrZ4ZzgG69t_c6tfk6FdOoPIorVZMjMnTKgk7MP7Tey4zEGSWSBE3B31Q0SQxw_gGcmCVQ.Z2Xc2Q.6i9W2sxp0laewo7H9irNp24Gz7A
.rlcdn.com/	1970-01-21 10:37:44	Name: rlas3 Value: kUUQ8R+LAv6+YeUmdwkUyDhku9q7JIDk+07Gl5oeFew=
.rfihub.com/	1970-01-21 11:13:44	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA12dauKNKow8kgPc_GO9AzOtsjySTfzTw7iNTQ3NjE3srA0MrC0MJjFiMQ3NzLehMbfhcY_hcZ_hcb_hcZfxITKX4XG34Quz4LKv4XG38SK5j5uVP4kYfNkQ0szC1Mzc93EZAtLXROTVENdC1NzQ13zVIM0i-SkxBRDE1MrhCY9C3MLS3Njo1nCCJMMDc3NF6HyLR4Jo9o0SxKVDwCe4CVPdwEAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA12dauKNKow8kgPc_GO9AzOtsjySTfzT25iMU82tDSzMDUz101MtrDUNTFJNdS1MDU31DVPNUizSE5KTDE0MbUyNDc2MTeysDQy0LMwt7A0NzYCAMpQ-upYAAAA
.rlcdn.com/	1970-01-21 03:18:32	Name: pxrc Value: CNm5l7sGEgYItuoBEAASBgjbwh4QAA==

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://whoagnukrin.com/4/8247215 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0B08810CC360000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://whoagnukrin.com/afu.php?zoneid=8247215&var=8247215&rid=t1eCDm1Kj0NxRQhdnxrJqw%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false Message: [GroupMarkerNotSet(crbug.com/242999)!:A0E08810CC360000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://whoagnukrin.com/4/6118780?var=8247215&btz=Europe/Zurich&bto=-60&bar=x(Line 81) Message: [GroupMarkerNotSet(crbug.com/242999)!:A0B08810CC360000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://whoagnukrin.com/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false Message: [GroupMarkerNotSet(crbug.com/242999)!:A0808810CC360000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network	error	URL: https://www.brgdtracking.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://96ccd.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
recommendation	verbose	URL: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56 Message: [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56 Message: [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20861020p.rfihub.com
96ccd.com
adscool.net
analytics.tiktok.com
api.dpbms5h.club
c1.rfihub.net
connect.facebook.net
my.rtmark.net
record.96.partners
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
whoagnukrin.com
www.brgdtracking.com
www.facebook.com
www.googletagmanager.com
104.18.189.136
104.18.22.222
157.240.0.6
157.240.253.35
172.67.175.82
18.66.102.53
188.114.96.3
193.0.160.130
2001:4860:4802:32::36
23.212.110.74
2600:9000:214f:6600:1:76cf:fe80:93a1
2a00:1450:4001:82f::2008
2a05:d014:286:3501:5716:13c8:5f21:474
34.111.76.58
34.49.148.218
52.222.236.74
0514fa30b202d316338412ee252f4def90df7468d9d094db92ac452fe76f9bc6
160fccfe88de59a8756ae3a5c8fe56fe585b338a73f3f798e1fec83660800113
16df724b6ce9e67ddb93e2f4ef0a04802a871c0a78ce282da9916925aefa825b
1918891d7c9b72bca099cabadf2b71474b5eb5bb7ec125376348b372115f5ad0
1a617e01a1cf518ce7415891455d332c5929c12f2873c455757ca6b2a1852168
20732019f332406573f06d35c28ebceb3df2ee15e1585d6c9e2569a4b0f92cad
22cbd6624dbe2f79211784ebeaddbe362f8f323316ecfc7a4878988292206e22
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
2a984d67977ad621649bf051baeb94ed86666fbe467ad99748c2190ec416f34d
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4
37ae7919d75abcb53ddf21b402361c943f724cd02622de2181906ab100df26f9
3f78207f071d486a2957dac496f6c3c80800bdf809ef22ef140caf4d9f73ad47
461f25b6b885144d00c9b633755e95e731a95fdee7a415d8c0ad790863ee2c44
4da87c258eca460d39cdb0f6158cbf69af539d05a1d14f1bc011518511d02228
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52e3cccc40006bceca771f5e22d2605c523e62d63996013306058154acdbe026
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57a60cef3bf023e7f23fc68f5fd66c971c783c2440aae33536e1f9e251905b64
5b4393c6fc659782788dec8167bb00cf8189bacf3eecb149fc7fdc51f6fefdd5
5e80534095f28f98b5fc97dc2cd55c64c12e293e12380229e80f4b4047b87c7d
6be1a104e09946516a4f429665dc27cf12f6cd07f98a1215ab972f73354606ba
6f0e6ce9d8dab7ca8ef273adac1885b36b7a3b87c93cdac44bf8aade37f257ca
70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf
70d2dec9e651c3c0567646233efb31192b52e6f24d39a863ac8e33cae7e812c2
717f0e0b2d2050e3a00485db646cb973c6abc2775214460f37b31a30f874a04e
7257a519ef1a2963bd2996f825d8ba2a4acedc7fcf7aa6ee3f731124d07c74ef
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
82b6716f188a2c4d23a17b41cba2b728b1f4b9339dc5e18d2348879da1a3da34
837bd5165ce282e140b0a91e6f6b3ff98dab2ec27d4573ee21aa646e70967544
8a6597a24fa67d5ba2f49b99389d221489567863c1aa6f65b7bd04f0061c35e5
946554c967ea75c5d471fa9f02666a37d35fb4538049bb9158d22ff07b25d200
99531d6d624ddea03006bcaef319bf4f7473332dd75adcc59bfa58da16a9b753
998454c7d2c095c55d3e5fc5cedc780b1dc4ee763bf36004dc38d921d9da332a
9b0fc82588b1a0e778a74500fbbbea37829256aa2932eccf892be7bd2bfd2653
9b3015fba073305c1bba9e8896260f816054b5a36db0382d00cc04c07e08fd7c
a7796e8ff807f9f694711e8627e9cd8fd3e69586da422dcd159cfa05367e77b7
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
af361bae532120fec26f1ab62a6c7702ae0dc51878ce6d9a61be342b4fe16298
afc0bf7a34a8285792933cb258404d8e72b4fea3314e02867480b410241f891d
b10339ffc434aa18f4193f3b14898702bc48a471307d111facd66a31480bb314
b1753030316553e3e984f51db690bda7d082b64604900920e51034c89810defe
b93d863cf176ae6744f603ff4601d7fecbae3ee3fb2a35ecf63f4b09c4063694
ba3710ffb62361879a717271253bcda8d3a4d1c61f22abc95e00181ca2fea228
baa84fca69d1fee91c2cb0ac064020904d8a4898e31cf108fcb1cd57d813f95b
bd7e6745a4133374c3132109992c0482ace276042eed482bca718990c64cc091
c179d10985bd0cbbba81c5a56591e6935e7688a941aa350c55e3f760a4c8988f
c77770ad3bbf5be5bad727596fc9a4ee55bd309b1e4b4b5eb278dd8bae756570
dcf9ec3e67d91bd452ba5ce4e336dcaac24c22ef8cabaf6d91b9510ef5bd93e1
df055b5940ce90d969f6bf709c9b35e117f8a1b6fee2e2b1d3441fd645a58336
e28c256943d251f6ac87324b39fcb022a9862e264fb62f755b12adadff31d159
e2ca7c6e98bc6be14d87ed9c5b42abe1f7580d3b322a683fa76211f387b04698
e38338484d969872e570a554c807dab4a79233b82d64a7cb7028fb459123d44a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e966ae4e462d62393b40a76b5fb5252672638fdb706173de35a04c37f7e684f7
ebe3a9b0e9c561389a42cb0f7d287c163710172b510261a454737672a53e1da1
ecf6e5354373fa78e0539f812ecc35f949250f81c4146c419b6208a4166c0005
ed632b9e988afb6efa6f4d1188faa39516409a19e6095689071a03bfbb2e1b2a
f47949a0ae5a27b32be31138c9d6c75961e03c3629b7100e44a29ae8ac660bcd
f745b91d6345c24243e0e08362ba3b9c82382e12a2c97d3bad4baf1b0f887bc0
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

96ccd.com Open in urlscan Pro 34.49.148.218 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

101 Requests

100 %HTTPS

25 %IPv6

15 Domains

16 Subdomains

16 IPs

5 Countries

1983 kBTransfer

6099 kBSize

43 Cookies

0 Outgoing links

Page URL History

Redirected requests

101 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

96ccd.com Open in urlscan Pro
34.49.148.218 Public Scan

Screenshot
Live screenshot

Full Image

101
Requests

100 %
HTTPS

25 %
IPv6

15
Domains

16
Subdomains

16
IPs

5
Countries

1983 kB
Transfer

6099 kB
Size

43
Cookies

101 HTTP transactions
1 data transactions