urlscan.io logo urlscan.io
SecurityTrails logo

ninecasino.com Open in urlscan Pro
104.22.14.198  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://gamingvhsgame.com/
Effective URL: https://ninecasino.com/?cxd=36648_1868601_%7Cafp1%3A2qj7hbsa0li70%7Cafp10%3A&af_dev_key=BDREFvBLEZQKVYEhZafc85&af_id=&a...
Submission: On October 08 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 11 domains to perform 51 HTTP transactions. The main IP is 104.22.14.198, located in and belongs to CLOUDFLARENET, US. The main domain is ninecasino.com.
TLS certificate: Issued by WE1 on September 14th 2024. Valid for: 3 months.
This is the only time ninecasino.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 23 5.75.187.14 24940 (HETZNER-AS)
1 5.181.161.181 205282 (TILDA-IE-1)
4 157.240.229.1 32934 (FACEBOOK)
6 2a03:2880:f10... 32934 (FACEBOOK)
6 157.240.229.35 32934 (FACEBOOK)
1 1 104.18.21.142 13335 (CLOUDFLAR...)
1 1 35.234.86.61 396982 (GOOGLE-CL...)
1 1 172.67.173.1 13335 (CLOUDFLAR...)
6 104.22.14.198 13335 (CLOUDFLAR...)
1 193.3.17.199 210753 (TILDAPUBL...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.18.95.41 13335 (CLOUDFLAR...)
1 104.18.94.41 13335 (CLOUDFLAR...)
51 11
23    5.75.187.14 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.14.187.75.5.clients.your-server.de
gamingvhsgame.com
gameforlifechange.com
1    5.181.161.181 (Ashburn, United States)

ASN205282 (TILDA-IE-1, IE)
PTR: 181-161.addr.tildacdn.net
neo.tildacdn.com
4    157.240.229.1 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-iad3.fbcdn.net
connect.facebook.net
6    2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    157.240.229.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-iad3.facebook.com
www.facebook.com
1    104.18.21.142 (None, )

ASN13335 (CLOUDFLARENET, US)
beniluuxen.com
1    35.234.86.61 (Frankfurt am Main, Germany)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.86.234.35.bc.googleusercontent.com
track.chillipartners.com
1    172.67.173.1 (United States)

ASN13335 (CLOUDFLARENET, US)
gocasinonine.com
6    104.22.14.198 (None, )

ASN13335 (CLOUDFLARENET, US)
ninecasino.com
1    193.3.17.199 (Russian Federation)

ASN210753 (TILDAPUBLISHING-RU-1, RU)
PTR: 199-17.addr.tildacdn.net
stat.tildacdn.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    104.18.95.41 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
1    104.18.94.41 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
Apex Domain
Subdomains		 Transfer
22 gameforlifechange.com
gameforlifechange.com
294 KB
12 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
5 KB
6 ninecasino.com
ninecasino.com
91 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
77 KB
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3443
16 KB
2 tildacdn.com
neo.tildacdn.com — Cisco Umbrella Rank: 82208
stat.tildacdn.com — Cisco Umbrella Rank: 83254
1 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 683
7 KB
1 gocasinonine.com
gocasinonine.com
1 KB
1 chillipartners.com
track.chillipartners.com
872 B
1 beniluuxen.com
beniluuxen.com — Cisco Umbrella Rank: 453303
1 KB
1 gamingvhsgame.com
gamingvhsgame.com
146 B
51 11
Domain Requested by
22 gameforlifechange.com gameforlifechange.com
12 www.facebook.com gameforlifechange.com
6 ninecasino.com gameforlifechange.com
ninecasino.com
static.cloudflareinsights.com
4 connect.facebook.net gameforlifechange.com
connect.facebook.net
2 challenges.cloudflare.com ninecasino.com
challenges.cloudflare.com
1 static.cloudflareinsights.com ninecasino.com
1 stat.tildacdn.com gameforlifechange.com
1 gocasinonine.com 1 redirects
1 track.chillipartners.com 1 redirects
1 beniluuxen.com 1 redirects
1 neo.tildacdn.com gameforlifechange.com
1 gamingvhsgame.com 1 redirects
51 12

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
gameforlifechange.com
E6		 2024-09-15 -
2024-12-14		 3 months crt.sh
*.tildacdn.com
GlobeSSL DV CA		 2024-02-07 -
2025-02-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-07-17 -
2024-10-15		 3 months crt.sh
ninecasino.com
WE1		 2024-09-14 -
2024-12-13		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-09-03 -
2024-12-02		 3 months crt.sh
challenges.cloudflare.com
WE1		 2024-09-05 -
2024-12-04		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://ninecasino.com/?cxd=36648_1868601_%7Cafp1%3A2qj7hbsa0li70%7Cafp10%3A&af_dev_key=BDREFvBLEZQKVYEhZafc85&af_id=&af_sub1=&af_sub2=&af_sub3=&af_sub4=&af_sub5=&afp1=2qj7hbsa0li70&afp10=&brand=ninecasino&bta=36648&click_id=2qj7hbsa0li70&keitaro_country=US&keitaro_platform=GNU%2FLinux&keitaro_stream_id=575140&store_id=&rotatorId=baa9234cb5bf822660b2bc6cf3601149f01651319de68ad857d55c39d5a084fe&rotatorRouter=gocasinonine.com&_rd=eyJjeGQiOiIzNjY0OF8xODY4NjAxX3xhZnAxOjJxajdoYnNhMGxpNzB8YWZwMTA6IiwiYWZfZGV2X2tleSI6IkJEUkVGdkJMRVpRS1ZZRWhaYWZjODUiLCJhZl9pZCI6IiIsImFmX3N1YjEiOiIiLCJhZl9zdWIyIjoiIiwiYWZfc3ViMyI6IiIsImFmX3N1YjQiOiIiLCJhZl9zdWI1IjoiIiwiYWZwMSI6IjJxajdoYnNhMGxpNzAiLCJhZnAxMCI6IiIsImJyYW5kIjoibmluZWNhc2lubyIsImJ0YSI6IjM2NjQ4IiwiY2xpY2tfaWQiOiIycWo3aGJzYTBsaTcwIiwia2VpdGFyb19jb3VudHJ5IjoiVVMiLCJrZWl0YXJvX3BsYXRmb3JtIjoiR05VXC9MaW51eCIsImtlaXRhcm9fc3RyZWFtX2lkIjoiNTc1MTQwIiwic3RvcmVfaWQiOiIiLCJyb3RhdG9ySWQiOiJiYWE5MjM0Y2I1YmY4MjI2NjBiMmJjNmNmMzYwMTE0OWYwMTY1MTMxOWRlNjhhZDg1N2Q1NWMzOWQ1YTA4NGZlIiwicm90YXRvclJvdXRlciI6ImdvY2FzaW5vbmluZS5jb20ifQ%253D%253D
Frame ID: 757DDDC4CDE957872F4A0C953E9EB47F
Requests: 48 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/p428q/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Frame ID: B3F8DAB97BA1542CC62B93FA373E9464
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. https://gamingvhsgame.com/ HTTP 302
    https://gameforlifechange.com/index.html Page URL
  2. https://beniluuxen.com/yC52xbmY?&sub_id_6=gameforlifechange.com&sub_id_7=null&sub_id_8=undefined&su... HTTP 302
    https://track.chillipartners.com/visit/?bta=36648&brand=ninecasino&afp1=2qj7hbsa0li70&afp10=&store_id=&af_id=... HTTP 302
    https://gocasinonine.com/?cxd=36648_1868601_|afp1:2qj7hbsa0li70|afp10:&af_dev_key=BDREFvBLEZQKVYEhZaf... HTTP 302
    https://ninecasino.com/?cxd=36648_1868601_%7Cafp1%3A2qj7hbsa0li70%7Cafp10%3A&af_dev_key=BDREFvBLEZQ... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • tilda(?:cdn|\.ws|-blocks)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • hammer(?:\.min)?\.js

Page Statistics

51
Requests

96 %
HTTPS

15 %
IPv6

11
Domains

12
Subdomains

11
IPs

4
Countries

492 kB
Transfer

1516 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://gamingvhsgame.com/ HTTP 302
    https://gameforlifechange.com/index.html Page URL
  2. https://beniluuxen.com/yC52xbmY?&sub_id_6=gameforlifechange.com&sub_id_7=null&sub_id_8=undefined&sub_id_9=fb.1.1728397157269.94929023437000244 HTTP 302
    https://track.chillipartners.com/visit/?bta=36648&brand=ninecasino&afp1=2qj7hbsa0li70&afp10=&store_id=&af_id=&af_dev_key=BDREFvBLEZQKVYEhZafc85&keitaro_stream_id=575140&keitaro_country=US&keitaro_platform=GNU%2FLinux&click_id=2qj7hbsa0li70&af_sub1=&af_sub2=&af_sub3=&af_sub4=&af_sub5= HTTP 302
    https://gocasinonine.com/?cxd=36648_1868601_|afp1:2qj7hbsa0li70|afp10:&af_dev_key=BDREFvBLEZQKVYEhZafc85&af_id=&af_sub1=&af_sub2=&af_sub3=&af_sub4=&af_sub5=&afp1=2qj7hbsa0li70&afp10=&brand=ninecasino&bta=36648&click_id=2qj7hbsa0li70&keitaro_country=US&keitaro_platform=GNU%2FLinux&keitaro_stream_id=575140&store_id= HTTP 302
    https://ninecasino.com/?cxd=36648_1868601_%7Cafp1%3A2qj7hbsa0li70%7Cafp10%3A&af_dev_key=BDREFvBLEZQKVYEhZafc85&af_id=&af_sub1=&af_sub2=&af_sub3=&af_sub4=&af_sub5=&afp1=2qj7hbsa0li70&afp10=&brand=ninecasino&bta=36648&click_id=2qj7hbsa0li70&keitaro_country=US&keitaro_platform=GNU%2FLinux&keitaro_stream_id=575140&store_id=&rotatorId=baa9234cb5bf822660b2bc6cf3601149f01651319de68ad857d55c39d5a084fe&rotatorRouter=gocasinonine.com&_rd=eyJjeGQiOiIzNjY0OF8xODY4NjAxX3xhZnAxOjJxajdoYnNhMGxpNzB8YWZwMTA6IiwiYWZfZGV2X2tleSI6IkJEUkVGdkJMRVpRS1ZZRWhaYWZjODUiLCJhZl9pZCI6IiIsImFmX3N1YjEiOiIiLCJhZl9zdWIyIjoiIiwiYWZfc3ViMyI6IiIsImFmX3N1YjQiOiIiLCJhZl9zdWI1IjoiIiwiYWZwMSI6IjJxajdoYnNhMGxpNzAiLCJhZnAxMCI6IiIsImJyYW5kIjoibmluZWNhc2lubyIsImJ0YSI6IjM2NjQ4IiwiY2xpY2tfaWQiOiIycWo3aGJzYTBsaTcwIiwia2VpdGFyb19jb3VudHJ5IjoiVVMiLCJrZWl0YXJvX3BsYXRmb3JtIjoiR05VXC9MaW51eCIsImtlaXRhcm9fc3RyZWFtX2lkIjoiNTc1MTQwIiwic3RvcmVfaWQiOiIiLCJyb3RhdG9ySWQiOiJiYWE5MjM0Y2I1YmY4MjI2NjBiMmJjNmNmMzYwMTE0OWYwMTY1MTMxOWRlNjhhZDg1N2Q1NWMzOWQ1YTA4NGZlIiwicm90YXRvclJvdXRlciI6ImdvY2FzaW5vbmluZS5jb20ifQ%253D%253D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://gamingvhsgame.com/ HTTP 302
  • https://gameforlifechange.com/index.html

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
index.html
gameforlifechange.com/
Redirect Chain
  • https://gamingvhsgame.com/
  • https://gameforlifechange.com/index.html
69 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gameforlifechange.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.75.187.14 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.14.187.75.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ad08da121b31f2885b6e5cc3caa13572d73dd006fd808db8b89639813617efb1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-transform
content-encoding
gzip
content-type
text/html
date
Tue, 08 Oct 2024 14:19:16 GMT
etag
W/"66e76ee0-113a9"
last-modified
Sun, 15 Sep 2024 23:33:52 GMT
server
nginx/1.18.0 (Ubuntu)

Redirect headers

cache-control
no-transform
content-type
text/html; charset=UTF-8
date
Tue, 08 Oct 2024 14:19:15 GMT
location
https://gameforlifechange.com/index.html
server
nginx/1.18.0 (Ubuntu)
tilda-fallback-1.0.min.js
neo.tildacdn.com/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://neo.tildacdn.com/js/tilda-fallback-1.0.min.js
Requested by
Host: gameforlifechange.com
URL: https://gameforlifechange.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.181.161.181 Ashburn, United States, ASN205282 (TILDA-IE-1, IE),
Reverse DNS
181-161.addr.tildacdn.net
Software
/
Resource Hash
cdf65e26b905a653bce60df182886b032b606940391badb1e3a655f434ca446c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/

Response headers

x-tilda-server
12
content-encoding
gzip
etag
W/"66f2bc2d-77e"
access-control-allow-methods
GET
access-control-allow-origin
*
date
Tue, 08 Oct 2024 14:19:16 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 13:18:37 GMT
tilda-grid-3.0.min.css
gameforlifechange.com/css/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gameforlifechange.com/css/tilda-grid-3.0.min.css
Requested by
Host: gameforlifechange.com
URL: https://gameforlifechange.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.75.187.14 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.14.187.75.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f5c301b8769579afae9deb4eda7659df32661229039c6b7a37cfabd1827317ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/index.html

Response headers

cache-control
no-transform
etag
"62065bb0-1010"
accept-ranges
bytes
content-length
4112
date
Tue, 08 Oct 2024 14:19:16 GMT
content-type
text/css
last-modified
Fri, 11 Feb 2022 12:50:56 GMT
server
nginx/1.18.0 (Ubuntu)
tilda-blocks-page37090328.min.css
gameforlifechange.com/css/ 		69 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gameforlifechange.com/css/tilda-blocks-page37090328.min.css?t=1685697169
Requested by
Host: gameforlifechange.com
URL: https://gameforlifechange.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.75.187.14 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.14.187.75.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
51d49a2e8c7888072180aaf3283d34e2e1f21a4aaa4b6eab3058721a46a8fea7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/index.html

Response headers

cache-control
no-transform
content-encoding
gzip
date
Tue, 08 Oct 2024 14:19:16 GMT
etag
W/"66e76ee0-113a9"
content-type
text/html
last-modified
Sun, 15 Sep 2024 23:33:52 GMT
server
nginx/1.18.0 (Ubuntu)
tilda-animation-2.0.min.css
gameforlifechange.com/css/ 		69 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gameforlifechange.com/css/tilda-animation-2.0.min.css
Requested by
Host: gameforlifechange.com
URL: https://gameforlifechange.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.75.187.14 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.14.187.75.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
51d49a2e8c7888072180aaf3283d34e2e1f21a4aaa4b6eab3058721a46a8fea7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/index.html

Response headers

cache-control
no-transform
content-encoding
gzip
date
Tue, 08 Oct 2024 14:19:16 GMT
etag
W/"66e76ee0-113a9"
content-type
text/html
last-modified
Sun, 15 Sep 2024 23:33:52 GMT
server
nginx/1.18.0 (Ubuntu)
tilda-zero-gallery-1.0.min.css
gameforlifechange.com/css/ 		69 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gameforlifechange.com/css/tilda-zero-gallery-1.0.min.css
Requested by
Host: gameforlifechange.com
URL: https://gameforlifechange.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.75.187.14 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.14.187.75.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
51d49a2e8c7888072180aaf3283d34e2e1f21a4aaa4b6eab3058721a46a8fea7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/index.html

Response headers

cache-control
no-transform
content-encoding
gzip
date
Tue, 08 Oct 2024 14:19:16 GMT
etag
W/"66e76ee0-113a9"
content-type
text/html
last-modified
Sun, 15 Sep 2024 23:33:52 GMT
server
nginx/1.18.0 (Ubuntu)
fonts-tildasans.css
gameforlifechange.com/css/ 		69 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gameforlifechange.com/css/fonts-tildasans.css
Requested by
Host: gameforlifechange.com
URL: https://gameforlifechange.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.75.187.14 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.14.187.75.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
51d49a2e8c7888072180aaf3283d34e2e1f21a4aaa4b6eab3058721a46a8fea7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/index.html

Response headers

cache-control
no-transform
content-encoding
gzip
date
Tue, 08 Oct 2024 14:19:16 GMT
etag
W/"66e76ee0-113a9"
content-type
text/html
last-modified
Sun, 15 Sep 2024 23:33:52 GMT
server
nginx/1.18.0 (Ubuntu)
tilda-scripts-3.0.min.js
gameforlifechange.com/js/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gameforlifechange.com/js/tilda-scripts-3.0.min.js
Requested by
Host: gameforlifechange.com
URL: https://gameforlifechange.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.75.187.14 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.14.187.75.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2a9852fb0d2190597bafb35bef368725f803b47ff6bc0e6b804f6637d89695fd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/index.html

Response headers

cache-control
no-transform
etag
"62065bb0-2f8a"
accept-ranges
bytes
content-length
12170
date
Tue, 08 Oct 2024 14:19:16 GMT
content-type
application/javascript
last-modified
Fri, 11 Feb 2022 12:50:56 GMT
server
nginx/1.18.0 (Ubuntu)
tilda-blocks-page37090328.min.js
gameforlifechange.com/js/ 		69 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gameforlifechange.com/js/tilda-blocks-page37090328.min.js?t=1685697169
Requested by
Host: gameforlifechange.com
URL: https://gameforlifechange.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.75.187.14 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.14.187.75.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ad08da121b31f2885b6e5cc3caa13572d73dd006fd808db8b89639813617efb1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/index.html

Response headers

cache-control
no-transform
content-encoding
gzip
date
Tue, 08 Oct 2024 14:19:16 GMT
etag
W/"66e76ee0-113a9"
content-type
text/html
last-modified
Sun, 15 Sep 2024 23:33:52 GMT
server
nginx/1.18.0 (Ubuntu)
lazyload-1.3.min.js
gameforlifechange.com/js/ 		69 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gameforlifechange.com/js/lazyload-1.3.min.js
Requested by
Host: gameforlifechange.com
URL: https://gameforlifechange.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.75.187.14 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.14.187.75.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ad08da121b31f2885b6e5cc3caa13572d73dd006fd808db8b89639813617efb1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/index.html

Response headers

cache-control
no-transform
content-encoding
gzip
date
Tue, 08 Oct 2024 14:19:16 GMT
etag
W/"66e76ee0-113a9"
content-type
text/html
last-modified
Sun, 15 Sep 2024 23:33:52 GMT
server
nginx/1.18.0 (Ubuntu)
tilda-animation-2.0.min.js
gameforlifechange.com/js/ 		69 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gameforlifechange.com/js/tilda-animation-2.0.min.js
Requested by
Host: gameforlifechange.com
URL: https://gameforlifechange.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.75.187.14 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.14.187.75.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ad08da121b31f2885b6e5cc3caa13572d73dd006fd808db8b89639813617efb1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/index.html

Response headers

cache-control
no-transform
content-encoding
gzip
date
Tue, 08 Oct 2024 14:19:16 GMT
etag
W/"66e76ee0-113a9"
content-type
text/html
last-modified
Sun, 15 Sep 2024 23:33:52 GMT
server
nginx/1.18.0 (Ubuntu)
tilda-zero-1.1.min.js
gameforlifechange.com/js/ 		69 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gameforlifechange.com/js/tilda-zero-1.1.min.js
Requested by
Host: gameforlifechange.com
URL: https://gameforlifechange.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.75.187.14 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.14.187.75.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ad08da121b31f2885b6e5cc3caa13572d73dd006fd808db8b89639813617efb1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/index.html

Response headers

cache-control
no-transform
content-encoding
gzip
date
Tue, 08 Oct 2024 14:19:16 GMT
etag
W/"66e76ee0-113a9"
content-type
text/html
last-modified
Sun, 15 Sep 2024 23:33:52 GMT
server
nginx/1.18.0 (Ubuntu)
tilda-slds-1.4.min.js
gameforlifechange.com/js/ 		25 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gameforlifechange.com/js/tilda-slds-1.4.min.js
Requested by
Host: gameforlifechange.com
URL: https://gameforlifechange.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.75.187.14 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.14.187.75.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8848f750da24e72a8aae111bd8e9ad41d76f33a54f7a611d3873650a553cc56d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/index.html

Response headers

cache-control
no-transform
etag
"62065bb0-62bb"
accept-ranges
bytes
content-length
25275
date
Tue, 08 Oct 2024 14:19:16 GMT
content-type
application/javascript
last-modified
Fri, 11 Feb 2022 12:50:56 GMT
server
nginx/1.18.0 (Ubuntu)
tilda-zero-gallery-1.0.min.js
gameforlifechange.com/js/ 		69 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gameforlifechange.com/js/tilda-zero-gallery-1.0.min.js
Requested by
Host: gameforlifechange.com
URL: https://gameforlifechange.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.75.187.14 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.14.187.75.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ad08da121b31f2885b6e5cc3caa13572d73dd006fd808db8b89639813617efb1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/index.html

Response headers

cache-control
no-transform
content-encoding
gzip
date
Tue, 08 Oct 2024 14:19:16 GMT
etag
W/"66e76ee0-113a9"
content-type
text/html
last-modified
Sun, 15 Sep 2024 23:33:52 GMT
server
nginx/1.18.0 (Ubuntu)
hammer.min.js
gameforlifechange.com/js/ 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gameforlifechange.com/js/hammer.min.js
Requested by
Host: gameforlifechange.com
URL: https://gameforlifechange.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.75.187.14 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.14.187.75.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
090a7068a2209545279f858c6f41ff7ae42815e11c3d69463a2a2ea835282bd9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/index.html

Response headers

cache-control
no-transform
etag
"62065bb0-50f6"
accept-ranges
bytes
content-length
20726
date
Tue, 08 Oct 2024 14:19:16 GMT
content-type
application/javascript
last-modified
Fri, 11 Feb 2022 12:50:56 GMT
server
nginx/1.18.0 (Ubuntu)
tilda-animation-sbs-1.0.min.js
gameforlifechange.com/js/ 		24 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gameforlifechange.com/js/tilda-animation-sbs-1.0.min.js
Requested by
Host: gameforlifechange.com
URL: https://gameforlifechange.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.75.187.14 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.14.187.75.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
94c5fb5fefb9633bb92c7801ecc13a6370fad4b6fb84733784843808e944a6d1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/index.html

Response headers

cache-control
no-transform
etag
"62065bb0-5fde"
accept-ranges
bytes
content-length
24542
date
Tue, 08 Oct 2024 14:19:16 GMT
content-type
application/javascript
last-modified
Fri, 11 Feb 2022 12:50:56 GMT
server
nginx/1.18.0 (Ubuntu)
tilda-zero-scale-1.0.min.js
gameforlifechange.com/js/ 		69 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gameforlifechange.com/js/tilda-zero-scale-1.0.min.js
Requested by
Host: gameforlifechange.com
URL: https://gameforlifechange.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.75.187.14 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.14.187.75.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ad08da121b31f2885b6e5cc3caa13572d73dd006fd808db8b89639813617efb1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/index.html

Response headers

cache-control
no-transform
content-encoding
gzip
date
Tue, 08 Oct 2024 14:19:16 GMT
etag
W/"66e76ee0-113a9"
content-type
text/html
last-modified
Sun, 15 Sep 2024 23:33:52 GMT
server
nginx/1.18.0 (Ubuntu)
tilda-events-1.0.min.js
gameforlifechange.com/js/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gameforlifechange.com/js/tilda-events-1.0.min.js
Requested by
Host: gameforlifechange.com
URL: https://gameforlifechange.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.75.187.14 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.14.187.75.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f0ce20fc1dd605ff20a1f19e623cdc7498f1f5156e3602e4085523f6edea6c00

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/index.html

Response headers

cache-control
no-transform
etag
"62065bb0-328f"
accept-ranges
bytes
content-length
12943
date
Tue, 08 Oct 2024 14:19:16 GMT
content-type
application/javascript
last-modified
Fri, 11 Feb 2022 12:50:56 GMT
server
nginx/1.18.0 (Ubuntu)
tildacopy.png
gameforlifechange.com/images/ 		819 B
984 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gameforlifechange.com/images/tildacopy.png
Requested by
Host: gameforlifechange.com
URL: https://gameforlifechange.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.75.187.14 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.14.187.75.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
feaa79fd393600ae251d35df414fc9c5633674b6104a52cdfdfe1b449f2aa15a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/index.html

Response headers

cache-control
no-transform
etag
"62065bb0-333"
accept-ranges
bytes
content-length
819
date
Tue, 08 Oct 2024 14:19:16 GMT
content-type
image/png
last-modified
Fri, 11 Feb 2022 12:50:56 GMT
server
nginx/1.18.0 (Ubuntu)
fbevents.js
connect.facebook.net/en_US/ 		226 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: gameforlifechange.com
URL: https://gameforlifechange.com/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 08 Oct 2024 14:19:16 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=54, rtx=0, c=23, mss=1232, tbw=4437, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
pcTtZy3IcOwIx8L/Q0rEE/asgCzah+s76urq/uyAiNJE2bSUA3pLAkp8h/LHZ0COObPdyO274+edcEFfEJmgLA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59131
x-xss-protection
0
origin-agent-cluster
?1
tilda-slds-1.4.min.css
gameforlifechange.com/css/ 		11 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gameforlifechange.com/css/tilda-slds-1.4.min.css
Requested by
Host: gameforlifechange.com
URL: https://gameforlifechange.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.75.187.14 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.14.187.75.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
cf2c58c07b25eedb7ac08c2e3c54a2a65e264979862a51a448ee81d96b8c1601

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/index.html

Response headers

cache-control
no-transform
etag
"62065bb0-2bc7"
accept-ranges
bytes
content-length
11207
date
Tue, 08 Oct 2024 14:19:17 GMT
content-type
text/css
last-modified
Fri, 11 Feb 2022 12:50:56 GMT
server
nginx/1.18.0 (Ubuntu)
tild6330-3737-4336-b131-313065643163__decstop.jpg
gameforlifechange.com/images/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gameforlifechange.com/images/tild6330-3737-4336-b131-313065643163__decstop.jpg
Requested by
Host: gameforlifechange.com
URL: https://gameforlifechange.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.75.187.14 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.14.187.75.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/index.html

Response headers

cache-control
no-transform
content-encoding
gzip
date
Tue, 08 Oct 2024 14:19:17 GMT
etag
W/"66e76ee0-113a9"
content-type
text/html
last-modified
Sun, 15 Sep 2024 23:33:52 GMT
server
nginx/1.18.0 (Ubuntu)
1155103928889261
connect.facebook.net/signals/config/ 		68 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1155103928889261?v=2.9.170&r=stable&domain=gameforlifechange.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
d140fb54dcee559109164684010109302cf9234f5bdd8d527fc63d67e24eb91c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 08 Oct 2024 14:19:17 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=54, rtx=0, c=74, mss=1232, tbw=67299, tp=63, tpl=0, uplat=108, ullat=0
pragma
public
x-fb-debug
XRh6NSGoieE1KM1C3lXNR77RibWgWI/2RVQHlUI5UowgPLQU5L6+C3h3WOjD1keCk+mP0++03YpzUQjIbnVR0Q==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
1462066234452258
connect.facebook.net/signals/config/ 		25 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1462066234452258?v=2.9.170&r=stable&domain=gameforlifechange.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112%2C199%2C198%2C200%2C205%2C206%2C207%2C203%2C195%2C131%2C162%2C194%2C196%2C121%2C156%2C144%2C150%2C188%2C189%2C128%2C231%2C115%2C126%2C232%2C164%2C118%2C234%2C165%2C135%2C122%2C153%2C147%2C113%2C127
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
121117e3de0d39abaf269008746267d7ede9df42325151c54a8553b4d27baad8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 08 Oct 2024 14:19:17 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
GOOD; q=0.7, rtt=54, rtx=0, c=86, mss=1232, tbw=81795, tp=77, tpl=0, uplat=114, ullat=0
pragma
public
x-fb-debug
xBIBV4yy4YFTiY4RbcgvRP15kLfxH26GONj2VVWuBuGqji7lgrMfWVxLFIo7hkSeU6FGFV1DJcQmWU0kRjYn3A==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1155103928889261&ev=PageView&dl=https%3A%2F%2Fgameforlifechange.com%2Findex.html&rl=&if=false&ts=1728397157271&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=4126&fbp=fb.1.1728397157269.94929023437000244&ler=empty&cdl=API_unavailable&it=1728397157068&coo=false&rqm=GET
Requested by
Host: gameforlifechange.com
URL: https://gameforlifechange.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=55, rtx=0, c=10, mss=1297, tbw=2897, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 08 Oct 2024 14:19:17 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1155103928889261&ev=PageView&dl=https%3A%2F%2Fgameforlifechange.com%2Findex.html&rl=&if=false&ts=1728397157271&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=4126&fbp=fb.1.1728397157269.94929023437000244&ler=empty&cdl=API_unavailable&it=1728397157068&coo=false&rqm=FGET
Requested by
Host: gameforlifechange.com
URL: https://gameforlifechange.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7423409264120094949"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 08 Oct 2024 14:19:17 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
pUCOzNGWIfs3LD522ZOrYRFB1N0KwZhz5oGuyjdADV8clsbTzJPKG+l+dGolHdLuP3libn1TlTWbWLjMHPnIzg==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7423409264120094949", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=55, rtx=0, c=17, mss=1297, tbw=3402, tp=-1, tpl=-1, uplat=82, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
1580920259123721
connect.facebook.net/signals/config/ 		25 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1580920259123721?v=2.9.170&r=stable&domain=gameforlifechange.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112%2C199%2C198%2C200%2C205%2C206%2C207%2C203%2C195%2C131%2C162%2C194%2C196%2C121%2C156%2C144%2C150%2C188%2C189%2C128%2C231%2C115%2C126%2C232%2C164%2C118%2C234%2C165%2C135%2C122%2C153%2C147%2C113%2C127
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
23c5b6fc1c2c069a91c7505a133d7f5e9b5801fa5a8a8096b8545887940e742a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 08 Oct 2024 14:19:17 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=54, rtx=0, c=89, mss=1232, tbw=85155, tp=81, tpl=0, uplat=160, ullat=0
pragma
public
x-fb-debug
QCSJBOHEV0JLwTdptDbWZsjk+UePsCXwsFqMyi7W6nlx+uNCPaCXb40tU3tB5WPvmByzzW8pJo+FbkOjMfrVfw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1462066234452258&ev=PageView&dl=https%3A%2F%2Fgameforlifechange.com%2Findex.html&rl=&if=false&ts=1728397157451&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=4126&fbp=fb.1.1728397157269.94929023437000244&ler=empty&cdl=API_unavailable&it=1728397157068&coo=false&rqm=GET
Requested by
Host: gameforlifechange.com
URL: https://gameforlifechange.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=55, rtx=0, c=10, mss=1297, tbw=3259, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 08 Oct 2024 14:19:17 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
852 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1462066234452258&ev=PageView&dl=https%3A%2F%2Fgameforlifechange.com%2Findex.html&rl=&if=false&ts=1728397157451&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=4126&fbp=fb.1.1728397157269.94929023437000244&ler=empty&cdl=API_unavailable&it=1728397157068&coo=false&rqm=FGET
Requested by
Host: gameforlifechange.com
URL: https://gameforlifechange.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7423409265336443227"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 08 Oct 2024 14:19:17 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
HXL0DPSBFFwaTy77J7eklQ0mQnKBrJCCs2QpfNjOBDfnEAfwIqOWnCVQAD2VQm1Nkq/p51UQJY53giwiYaA+XA==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7423409265336443227", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=55, rtx=0, c=17, mss=1297, tbw=6195, tp=-1, tpl=-1, uplat=89, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1580920259123721&ev=PageView&dl=https%3A%2F%2Fgameforlifechange.com%2Findex.html&rl=&if=false&ts=1728397157675&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=4126&fbp=fb.1.1728397157269.94929023437000244&ler=empty&cdl=API_unavailable&it=1728397157068&coo=false&rqm=GET
Requested by
Host: gameforlifechange.com
URL: https://gameforlifechange.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=58, rtx=0, c=17, mss=1297, tbw=7161, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 08 Oct 2024 14:19:17 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1580920259123721&ev=PageView&dl=https%3A%2F%2Fgameforlifechange.com%2Findex.html&rl=&if=false&ts=1728397157675&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=4126&fbp=fb.1.1728397157269.94929023437000244&ler=empty&cdl=API_unavailable&it=1728397157068&coo=false&rqm=FGET
Requested by
Host: gameforlifechange.com
URL: https://gameforlifechange.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7423409265850768432"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 08 Oct 2024 14:19:17 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
a/eAXTJsGE7ln8A2EeusgK/Vpuk0YvwHR/7Gm2i2E3jerdnvUBbGIx0kofgCItCD2yt3blP+fePc69AVcG/Dqw==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7423409265850768432", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=57, rtx=0, c=17, mss=1297, tbw=7303, tp=-1, tpl=-1, uplat=132, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1155103928889261&ev=Lead&dl=https%3A%2F%2Fgameforlifechange.com%2Findex.html&rl=&if=false&ts=1728397157872&sw=1600&sh=1200&v=2.9.170&r=stable&ec=1&o=4126&fbp=fb.1.1728397157269.94929023437000244&ler=empty&cdl=API_unavailable&it=1728397157068&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=23, mss=1232, tbw=4436, tp=9, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 08 Oct 2024 14:19:17 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1155103928889261&ev=Lead&dl=https%3A%2F%2Fgameforlifechange.com%2Findex.html&rl=&if=false&ts=1728397157872&sw=1600&sh=1200&v=2.9.170&r=stable&ec=1&o=4126&fbp=fb.1.1728397157269.94929023437000244&ler=empty&cdl=API_unavailable&it=1728397157068&coo=false&rqm=FGET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7423409264658867909"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 08 Oct 2024 14:19:18 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
PcPrfAGwUFjFAvRj2XRhMX7FFOI1COHt+SnltapSltWznU3zGICV7JlY86xA0bZw01tYV1l+jXUQfLuI+SJKUw==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7423409264658867909", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=27, mss=1232, tbw=9700, tp=24, tpl=0, uplat=237, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1462066234452258&ev=Lead&dl=https%3A%2F%2Fgameforlifechange.com%2Findex.html&rl=&if=false&ts=1728397157874&sw=1600&sh=1200&v=2.9.170&r=stable&ec=1&o=4126&fbp=fb.1.1728397157269.94929023437000244&ler=empty&cdl=API_unavailable&it=1728397157068&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=23, mss=1232, tbw=4900, tp=14, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 08 Oct 2024 14:19:17 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1462066234452258&ev=Lead&dl=https%3A%2F%2Fgameforlifechange.com%2Findex.html&rl=&if=false&ts=1728397157874&sw=1600&sh=1200&v=2.9.170&r=stable&ec=1&o=4126&fbp=fb.1.1728397157269.94929023437000244&ler=empty&cdl=API_unavailable&it=1728397157068&coo=false&rqm=FGET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7423409265118640965"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 08 Oct 2024 14:19:18 GMT
content-type
image/png
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7423409265118640965", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-debug
1ZgaTukMnaRE/2v0rwOlmay3I+Q65prdo5CZMU9+Y3Gs/OvDJWeUVO/xqw+PMmhm/MvvRBbF/nq4vCV9SQwatg==
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=24, mss=1232, tbw=5316, tp=20, tpl=0, uplat=173, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1580920259123721&ev=Lead&dl=https%3A%2F%2Fgameforlifechange.com%2Findex.html&rl=&if=false&ts=1728397157875&sw=1600&sh=1200&v=2.9.170&r=stable&ec=1&o=4126&fbp=fb.1.1728397157269.94929023437000244&ler=empty&cdl=API_unavailable&it=1728397157068&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=23, mss=1232, tbw=5108, tp=17, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 08 Oct 2024 14:19:17 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1580920259123721&ev=Lead&dl=https%3A%2F%2Fgameforlifechange.com%2Findex.html&rl=&if=false&ts=1728397157875&sw=1600&sh=1200&v=2.9.170&r=stable&ec=1&o=4126&fbp=fb.1.1728397157269.94929023437000244&ler=empty&cdl=API_unavailable&it=1728397157068&coo=false&rqm=FGET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7423409265338567979"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 08 Oct 2024 14:19:18 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
/3nk8Ske2FzH+UdunnQdm3VYeS55fC5h6ijnFzGVHYlGAs7xqR0y+Sz8zWmOHtsyCuQo1fTzTCUVt+reGUQnFw==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7423409265338567979", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=24, mss=1232, tbw=8788, tp=23, tpl=0, uplat=177, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
tildafavicon.ico
gameforlifechange.com/images/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://gameforlifechange.com/images/tildafavicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.75.187.14 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.14.187.75.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9c41ad6c9283238f7c984d799ee3434e898a32ab9f0a6ef5fd46815e7597924d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/index.html

Response headers

cache-control
no-transform
etag
"62065bb0-6b6"
accept-ranges
bytes
content-length
1718
date
Tue, 08 Oct 2024 14:19:17 GMT
content-type
image/x-icon
last-modified
Fri, 11 Feb 2022 12:50:56 GMT
server
nginx/1.18.0 (Ubuntu)
Primary Request /
ninecasino.com/
Redirect Chain
  • https://beniluuxen.com/yC52xbmY?&sub_id_6=gameforlifechange.com&sub_id_7=null&sub_id_8=undefined&sub_id_9=fb.1.1728397157269.94929023437000244
  • https://track.chillipartners.com/visit/?bta=36648&brand=ninecasino&afp1=2qj7hbsa0li70&afp10=&store_id=&af_id=&af_dev_key=BDREFvBLEZQKVYEhZafc85&keitaro_stream_id=575140&keitaro_country=US&keitaro_p...
  • https://gocasinonine.com/?cxd=36648_1868601_|afp1:2qj7hbsa0li70|afp10:&af_dev_key=BDREFvBLEZQKVYEhZafc85&af_id=&af_sub1=&af_sub2=&af_sub3=&af_sub4=&af_sub5=&afp1=2qj7hbsa0li70&afp10=&brand=ninecasi...
  • https://ninecasino.com/?cxd=36648_1868601_%7Cafp1%3A2qj7hbsa0li70%7Cafp10%3A&af_dev_key=BDREFvBLEZQKVYEhZafc85&af_id=&af_sub1=&af_sub2=&af_sub3=&af_sub4=&af_sub5=&afp1=2qj7hbsa0li70&afp10=&brand=ni...
19 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ninecasino.com/?cxd=36648_1868601_%7Cafp1%3A2qj7hbsa0li70%7Cafp10%3A&af_dev_key=BDREFvBLEZQKVYEhZafc85&af_id=&af_sub1=&af_sub2=&af_sub3=&af_sub4=&af_sub5=&afp1=2qj7hbsa0li70&afp10=&brand=ninecasino&bta=36648&click_id=2qj7hbsa0li70&keitaro_country=US&keitaro_platform=GNU%2FLinux&keitaro_stream_id=575140&store_id=&rotatorId=baa9234cb5bf822660b2bc6cf3601149f01651319de68ad857d55c39d5a084fe&rotatorRouter=gocasinonine.com&_rd=eyJjeGQiOiIzNjY0OF8xODY4NjAxX3xhZnAxOjJxajdoYnNhMGxpNzB8YWZwMTA6IiwiYWZfZGV2X2tleSI6IkJEUkVGdkJMRVpRS1ZZRWhaYWZjODUiLCJhZl9pZCI6IiIsImFmX3N1YjEiOiIiLCJhZl9zdWIyIjoiIiwiYWZfc3ViMyI6IiIsImFmX3N1YjQiOiIiLCJhZl9zdWI1IjoiIiwiYWZwMSI6IjJxajdoYnNhMGxpNzAiLCJhZnAxMCI6IiIsImJyYW5kIjoibmluZWNhc2lubyIsImJ0YSI6IjM2NjQ4IiwiY2xpY2tfaWQiOiIycWo3aGJzYTBsaTcwIiwia2VpdGFyb19jb3VudHJ5IjoiVVMiLCJrZWl0YXJvX3BsYXRmb3JtIjoiR05VXC9MaW51eCIsImtlaXRhcm9fc3RyZWFtX2lkIjoiNTc1MTQwIiwic3RvcmVfaWQiOiIiLCJyb3RhdG9ySWQiOiJiYWE5MjM0Y2I1YmY4MjI2NjBiMmJjNmNmMzYwMTE0OWYwMTY1MTMxOWRlNjhhZDg1N2Q1NWMzOWQ1YTA4NGZlIiwicm90YXRvclJvdXRlciI6ImdvY2FzaW5vbmluZS5jb20ifQ%253D%253D
Requested by
Host: gameforlifechange.com
URL: https://gameforlifechange.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.14.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cab6bce840f593d775ac039e9e70096d558e3da539dddf9c20b62cdfa9443d1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://gameforlifechange.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
rQeIhaoRK3NeeEZ8twgr+Y402bnxb4sgQCYDpuiXAefnugqhfB4me5Q7jsxwjM3FIRXC/bbny2XJzZe6eG4wtM7irvgdIOsfa/ii/RXoeroahoK+5OzXI1KMSUrhGIv0rUe7iu15nobXnFNkkLOrSw==$bAR7EHgmeMrnozYWRmgvsQ==
cf-mitigated
challenge
cf-ray
8cf6c3eb7b686dc2-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Tue, 08 Oct 2024 14:19:20 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

access-control-allow-headers
Authorization, Content-Type, X-Auth-Token, cache-control, x-requested-with
access-control-allow-methods
*
access-control-allow-origin
*
access-control-expose-headers
x-meta-count
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8cf6c3e83a4f0a0e-MIA
content-type
text/html; charset=UTF-8
date
Tue, 08 Oct 2024 14:19:19 GMT
location
https://ninecasino.com/?cxd=36648_1868601_%7Cafp1%3A2qj7hbsa0li70%7Cafp10%3A&af_dev_key=BDREFvBLEZQKVYEhZafc85&af_id=&af_sub1=&af_sub2=&af_sub3=&af_sub4=&af_sub5=&afp1=2qj7hbsa0li70&afp10=&brand=ninecasino&bta=36648&click_id=2qj7hbsa0li70&keitaro_country=US&keitaro_platform=GNU%2FLinux&keitaro_stream_id=575140&store_id=&rotatorId=baa9234cb5bf822660b2bc6cf3601149f01651319de68ad857d55c39d5a084fe&rotatorRouter=gocasinonine.com&_rd=eyJjeGQiOiIzNjY0OF8xODY4NjAxX3xhZnAxOjJxajdoYnNhMGxpNzB8YWZwMTA6IiwiYWZfZGV2X2tleSI6IkJEUkVGdkJMRVpRS1ZZRWhaYWZjODUiLCJhZl9pZCI6IiIsImFmX3N1YjEiOiIiLCJhZl9zdWIyIjoiIiwiYWZfc3ViMyI6IiIsImFmX3N1YjQiOiIiLCJhZl9zdWI1IjoiIiwiYWZwMSI6IjJxajdoYnNhMGxpNzAiLCJhZnAxMCI6IiIsImJyYW5kIjoibmluZWNhc2lubyIsImJ0YSI6IjM2NjQ4IiwiY2xpY2tfaWQiOiIycWo3aGJzYTBsaTcwIiwia2VpdGFyb19jb3VudHJ5IjoiVVMiLCJrZWl0YXJvX3BsYXRmb3JtIjoiR05VXC9MaW51eCIsImtlaXRhcm9fc3RyZWFtX2lkIjoiNTc1MTQwIiwic3RvcmVfaWQiOiIiLCJyb3RhdG9ySWQiOiJiYWE5MjM0Y2I1YmY4MjI2NjBiMmJjNmNmMzYwMTE0OWYwMTY1MTMxOWRlNjhhZDg1N2Q1NWMzOWQ1YTA4NGZlIiwicm90YXRvclJvdXRlciI6ImdvY2FzaW5vbmluZS5jb20ifQ%253D%253D
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YhEQJsH%2FN3wf%2BHJVjNSko2sszguSicJ0WA83Jl1m9H0fyDLW%2FXmjHZzRs9EMvZRn1KFxUmIxpBazVpAiaZqUN89zCIKvpjgkMlqSrCdUkr9FwQKEHyP%2BYh1xzx%2FEpO%2FUmU7k"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
tilda-stat-1.0.min.js
gameforlifechange.com/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gameforlifechange.com/js/tilda-stat-1.0.min.js
Requested by
Host: gameforlifechange.com
URL: https://gameforlifechange.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.75.187.14 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.14.187.75.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gameforlifechange.com/index.html

Response headers

cache-control
no-transform
etag
"62065bb0-1f08"
accept-ranges
bytes
content-length
7944
date
Tue, 08 Oct 2024 14:19:18 GMT
content-type
application/javascript
last-modified
Fri, 11 Feb 2022 12:50:56 GMT
server
nginx/1.18.0 (Ubuntu)
/
stat.tildacdn.com/event/ 		16 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stat.tildacdn.com/event/
Requested by
Host: gameforlifechange.com
URL: https://gameforlifechange.com/js/tilda-stat-1.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.3.17.199 , Russian Federation, ASN210753 (TILDAPUBLISHING-RU-1, RU),
Reverse DNS
199-17.addr.tildacdn.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Referer
https://gameforlifechange.com/

Response headers

x-tilda-server
12
access-control-allow-origin
https://gameforlifechange.com
date
Tue, 08 Oct 2024 14:19:19 GMT
content-type
application/json;charset=utf-8
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: ninecasino.com
URL: https://ninecasino.com/?cxd=36648_1868601_%7Cafp1%3A2qj7hbsa0li70%7Cafp10%3A&af_dev_key=BDREFvBLEZQKVYEhZafc85&af_id=&af_sub1=&af_sub2=&af_sub3=&af_sub4=&af_sub5=&afp1=2qj7hbsa0li70&afp10=&brand=ninecasino&bta=36648&click_id=2qj7hbsa0li70&keitaro_country=US&keitaro_platform=GNU%2FLinux&keitaro_stream_id=575140&store_id=&rotatorId=baa9234cb5bf822660b2bc6cf3601149f01651319de68ad857d55c39d5a084fe&rotatorRouter=gocasinonine.com&_rd=eyJjeGQiOiIzNjY0OF8xODY4NjAxX3xhZnAxOjJxajdoYnNhMGxpNzB8YWZwMTA6IiwiYWZfZGV2X2tleSI6IkJEUkVGdkJMRVpRS1ZZRWhaYWZjODUiLCJhZl9pZCI6IiIsImFmX3N1YjEiOiIiLCJhZl9zdWIyIjoiIiwiYWZfc3ViMyI6IiIsImFmX3N1YjQiOiIiLCJhZl9zdWI1IjoiIiwiYWZwMSI6IjJxajdoYnNhMGxpNzAiLCJhZnAxMCI6IiIsImJyYW5kIjoibmluZWNhc2lubyIsImJ0YSI6IjM2NjQ4IiwiY2xpY2tfaWQiOiIycWo3aGJzYTBsaTcwIiwia2VpdGFyb19jb3VudHJ5IjoiVVMiLCJrZWl0YXJvX3BsYXRmb3JtIjoiR05VXC9MaW51eCIsImtlaXRhcm9fc3RyZWFtX2lkIjoiNTc1MTQwIiwic3RvcmVfaWQiOiIiLCJyb3RhdG9ySWQiOiJiYWE5MjM0Y2I1YmY4MjI2NjBiMmJjNmNmMzYwMTE0OWYwMTY1MTMxOWRlNjhhZDg1N2Q1NWMzOWQ1YTA4NGZlIiwicm90YXRvclJvdXRlciI6ImdvY2FzaW5vbmluZS5jb20ifQ%253D%253D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ninecasino.com
Referer

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8cf6c3ef99629af1-MIA
access-control-allow-origin
*
date
Tue, 08 Oct 2024 14:19:20 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
v1
ninecasino.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 		148 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ninecasino.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8cf6c3eb7b686dc2
Requested by
Host: ninecasino.com
URL: https://ninecasino.com/?cxd=36648_1868601_%7Cafp1%3A2qj7hbsa0li70%7Cafp10%3A&af_dev_key=BDREFvBLEZQKVYEhZafc85&af_id=&af_sub1=&af_sub2=&af_sub3=&af_sub4=&af_sub5=&afp1=2qj7hbsa0li70&afp10=&brand=ninecasino&bta=36648&click_id=2qj7hbsa0li70&keitaro_country=US&keitaro_platform=GNU%2FLinux&keitaro_stream_id=575140&store_id=&rotatorId=baa9234cb5bf822660b2bc6cf3601149f01651319de68ad857d55c39d5a084fe&rotatorRouter=gocasinonine.com&_rd=eyJjeGQiOiIzNjY0OF8xODY4NjAxX3xhZnAxOjJxajdoYnNhMGxpNzB8YWZwMTA6IiwiYWZfZGV2X2tleSI6IkJEUkVGdkJMRVpRS1ZZRWhaYWZjODUiLCJhZl9pZCI6IiIsImFmX3N1YjEiOiIiLCJhZl9zdWIyIjoiIiwiYWZfc3ViMyI6IiIsImFmX3N1YjQiOiIiLCJhZl9zdWI1IjoiIiwiYWZwMSI6IjJxajdoYnNhMGxpNzAiLCJhZnAxMCI6IiIsImJyYW5kIjoibmluZWNhc2lubyIsImJ0YSI6IjM2NjQ4IiwiY2xpY2tfaWQiOiIycWo3aGJzYTBsaTcwIiwia2VpdGFyb19jb3VudHJ5IjoiVVMiLCJrZWl0YXJvX3BsYXRmb3JtIjoiR05VXC9MaW51eCIsImtlaXRhcm9fc3RyZWFtX2lkIjoiNTc1MTQwIiwic3RvcmVfaWQiOiIiLCJyb3RhdG9ySWQiOiJiYWE5MjM0Y2I1YmY4MjI2NjBiMmJjNmNmMzYwMTE0OWYwMTY1MTMxOWRlNjhhZDg1N2Q1NWMzOWQ1YTA4NGZlIiwicm90YXRvclJvdXRlciI6ImdvY2FzaW5vbmluZS5jb20ifQ%253D%253D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.14.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5e7730d3b76ee4678f01d89ccc9b01b7cfb7016764ee2b05e2e1a90ca2f9088

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ninecasino.com/?cxd=36648_1868601_%7Cafp1%3A2qj7hbsa0li70%7Cafp10%3A&af_dev_key=BDREFvBLEZQKVYEhZafc85&af_id=&af_sub1=&af_sub2=&af_sub3=&af_sub4=&af_sub5=&afp1=2qj7hbsa0li70&afp10=&brand=ninecasino&bta=36648&click_id=2qj7hbsa0li70&keitaro_country=US&keitaro_platform=GNU%2FLinux&keitaro_stream_id=575140&store_id=&rotatorId=baa9234cb5bf822660b2bc6cf3601149f01651319de68ad857d55c39d5a084fe&rotatorRouter=gocasinonine.com&_rd=eyJjeGQiOiIzNjY0OF8xODY4NjAxX3xhZnAxOjJxajdoYnNhMGxpNzB8YWZwMTA6IiwiYWZfZGV2X2tleSI6IkJEUkVGdkJMRVpRS1ZZRWhaYWZjODUiLCJhZl9pZCI6IiIsImFmX3N1YjEiOiIiLCJhZl9zdWIyIjoiIiwiYWZfc3ViMyI6IiIsImFmX3N1YjQiOiIiLCJhZl9zdWI1IjoiIiwiYWZwMSI6IjJxajdoYnNhMGxpNzAiLCJhZnAxMCI6IiIsImJyYW5kIjoibmluZWNhc2lubyIsImJ0YSI6IjM2NjQ4IiwiY2xpY2tfaWQiOiIycWo3aGJzYTBsaTcwIiwia2VpdGFyb19jb3VudHJ5IjoiVVMiLCJrZWl0YXJvX3BsYXRmb3JtIjoiR05VXC9MaW51eCIsImtlaXRhcm9fc3RyZWFtX2lkIjoiNTc1MTQwIiwic3RvcmVfaWQiOiIiLCJyb3RhdG9ySWQiOiJiYWE5MjM0Y2I1YmY4MjI2NjBiMmJjNmNmMzYwMTE0OWYwMTY1MTMxOWRlNjhhZDg1N2Q1NWMzOWQ1YTA4NGZlIiwicm90YXRvclJvdXRlciI6ImdvY2FzaW5vbmluZS5jb20ifQ%253D%253D&__cf_chl_rt_tk=NmLKhO09vlo_KDbdnxC7eL0.VXyJML55.8PX7kWneDM-1728397160-0.0.1.1-10004

Response headers

cf-ray
8cf6c3ec2bfb6dc2-MIA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
br
date
Tue, 08 Oct 2024 14:19:20 GMT
content-type
application/javascript; charset=UTF-8
server
cloudflare
api.js
challenges.cloudflare.com/turnstile/v0/g/ec4b873d446c/ 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/ec4b873d446c/api.js?onload=Jeuhg1&render=explicit
Requested by
Host: ninecasino.com
URL: https://ninecasino.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8cf6c3eb7b686dc2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96bd1c81d59d6ac2ec9f8ebe4937a315e85443667c5728a7cd9053848dd8d3d7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ninecasino.com
Referer

Response headers

cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8cf6c3efed64127f-MIA
access-control-allow-origin
*
date
Tue, 08 Oct 2024 14:19:20 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 17 Sep 2024 16:06:37 GMT
server
cloudflare
vary
Accept-Encoding
favicon.ico
ninecasino.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ninecasino.com/favicon.ico
Requested by
Host: ninecasino.com
URL: https://ninecasino.com/?cxd=36648_1868601_%7Cafp1%3A2qj7hbsa0li70%7Cafp10%3A&af_dev_key=BDREFvBLEZQKVYEhZafc85&af_id=&af_sub1=&af_sub2=&af_sub3=&af_sub4=&af_sub5=&afp1=2qj7hbsa0li70&afp10=&brand=ninecasino&bta=36648&click_id=2qj7hbsa0li70&keitaro_country=US&keitaro_platform=GNU%2FLinux&keitaro_stream_id=575140&store_id=&rotatorId=baa9234cb5bf822660b2bc6cf3601149f01651319de68ad857d55c39d5a084fe&rotatorRouter=gocasinonine.com&_rd=eyJjeGQiOiIzNjY0OF8xODY4NjAxX3xhZnAxOjJxajdoYnNhMGxpNzB8YWZwMTA6IiwiYWZfZGV2X2tleSI6IkJEUkVGdkJMRVpRS1ZZRWhaYWZjODUiLCJhZl9pZCI6IiIsImFmX3N1YjEiOiIiLCJhZl9zdWIyIjoiIiwiYWZfc3ViMyI6IiIsImFmX3N1YjQiOiIiLCJhZl9zdWI1IjoiIiwiYWZwMSI6IjJxajdoYnNhMGxpNzAiLCJhZnAxMCI6IiIsImJyYW5kIjoibmluZWNhc2lubyIsImJ0YSI6IjM2NjQ4IiwiY2xpY2tfaWQiOiIycWo3aGJzYTBsaTcwIiwia2VpdGFyb19jb3VudHJ5IjoiVVMiLCJrZWl0YXJvX3BsYXRmb3JtIjoiR05VXC9MaW51eCIsImtlaXRhcm9fc3RyZWFtX2lkIjoiNTc1MTQwIiwic3RvcmVfaWQiOiIiLCJyb3RhdG9ySWQiOiJiYWE5MjM0Y2I1YmY4MjI2NjBiMmJjNmNmMzYwMTE0OWYwMTY1MTMxOWRlNjhhZDg1N2Q1NWMzOWQ1YTA4NGZlIiwicm90YXRvclJvdXRlciI6ImdvY2FzaW5vbmluZS5jb20ifQ%253D%253D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.14.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b32709616a61f85bd793dc839a039fe10c685b00a32e17456d16809eb5ab2fbe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ninecasino.com/?cxd=36648_1868601_%7Cafp1%3A2qj7hbsa0li70%7Cafp10%3A&af_dev_key=BDREFvBLEZQKVYEhZafc85&af_id=&af_sub1=&af_sub2=&af_sub3=&af_sub4=&af_sub5=&afp1=2qj7hbsa0li70&afp10=&brand=ninecasino&bta=36648&click_id=2qj7hbsa0li70&keitaro_country=US&keitaro_platform=GNU%2FLinux&keitaro_stream_id=575140&store_id=&rotatorId=baa9234cb5bf822660b2bc6cf3601149f01651319de68ad857d55c39d5a084fe&rotatorRouter=gocasinonine.com&_rd=eyJjeGQiOiIzNjY0OF8xODY4NjAxX3xhZnAxOjJxajdoYnNhMGxpNzB8YWZwMTA6IiwiYWZfZGV2X2tleSI6IkJEUkVGdkJMRVpRS1ZZRWhaYWZjODUiLCJhZl9pZCI6IiIsImFmX3N1YjEiOiIiLCJhZl9zdWIyIjoiIiwiYWZfc3ViMyI6IiIsImFmX3N1YjQiOiIiLCJhZl9zdWI1IjoiIiwiYWZwMSI6IjJxajdoYnNhMGxpNzAiLCJhZnAxMCI6IiIsImJyYW5kIjoibmluZWNhc2lubyIsImJ0YSI6IjM2NjQ4IiwiY2xpY2tfaWQiOiIycWo3aGJzYTBsaTcwIiwia2VpdGFyb19jb3VudHJ5IjoiVVMiLCJrZWl0YXJvX3BsYXRmb3JtIjoiR05VXC9MaW51eCIsImtlaXRhcm9fc3RyZWFtX2lkIjoiNTc1MTQwIiwic3RvcmVfaWQiOiIiLCJyb3RhdG9ySWQiOiJiYWE5MjM0Y2I1YmY4MjI2NjBiMmJjNmNmMzYwMTE0OWYwMTY1MTMxOWRlNjhhZDg1N2Q1NWMzOWQ1YTA4NGZlIiwicm90YXRvclJvdXRlciI6ImdvY2FzaW5vbmluZS5jb20ifQ%253D%253D

Response headers

content-encoding
br
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
x-content-options
nosniff
date
Tue, 08 Oct 2024 14:19:20 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
Cu7uWINV3wyXgKcM1Ks17YFVENaPF3TJGUAX6v61YfwApfTcx0dPxJBeV1qsCsNGfOO4QhD+31OCkngC1BjzvZDO3ouYjCdrXN+1/ZHYb4QrsjdAgmo/PX+wgTxVNJz3XPRwlNOBKADfUOTDBezVCw==$yxPzjhPF9jIAhWpAPqhayA==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8cf6c3ef4f5b6dc2-MIA
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
dde3b701-82d7-4e6f-b4a4-2f064e79126e
https://ninecasino.com/ Frame 		0
0
3ddc1c571263585
ninecasino.com/cdn-cgi/challenge-platform/h/g/flow/ov1/231543000:1728393970:kuAi8GuS2ck7yAMB1TEG8E_C6tA8ECGUY3mSu1sBfJQ/8cf6c3eb7b686dc2/ 		16 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ninecasino.com/cdn-cgi/challenge-platform/h/g/flow/ov1/231543000:1728393970:kuAi8GuS2ck7yAMB1TEG8E_C6tA8ECGUY3mSu1sBfJQ/8cf6c3eb7b686dc2/3ddc1c571263585
Requested by
Host: ninecasino.com
URL: https://ninecasino.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8cf6c3eb7b686dc2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.14.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
398303701fe39b06e71b61b1ac6e4925bfa0f93e71d1ab03bbeb83a6462a2379

Request headers

Referer
https://ninecasino.com/?cxd=36648_1868601_%7Cafp1%3A2qj7hbsa0li70%7Cafp10%3A&af_dev_key=BDREFvBLEZQKVYEhZafc85&af_id=&af_sub1=&af_sub2=&af_sub3=&af_sub4=&af_sub5=&afp1=2qj7hbsa0li70&afp10=&brand=ninecasino&bta=36648&click_id=2qj7hbsa0li70&keitaro_country=US&keitaro_platform=GNU%2FLinux&keitaro_stream_id=575140&store_id=&rotatorId=baa9234cb5bf822660b2bc6cf3601149f01651319de68ad857d55c39d5a084fe&rotatorRouter=gocasinonine.com&_rd=eyJjeGQiOiIzNjY0OF8xODY4NjAxX3xhZnAxOjJxajdoYnNhMGxpNzB8YWZwMTA6IiwiYWZfZGV2X2tleSI6IkJEUkVGdkJMRVpRS1ZZRWhaYWZjODUiLCJhZl9pZCI6IiIsImFmX3N1YjEiOiIiLCJhZl9zdWIyIjoiIiwiYWZfc3ViMyI6IiIsImFmX3N1YjQiOiIiLCJhZl9zdWI1IjoiIiwiYWZwMSI6IjJxajdoYnNhMGxpNzAiLCJhZnAxMCI6IiIsImJyYW5kIjoibmluZWNhc2lubyIsImJ0YSI6IjM2NjQ4IiwiY2xpY2tfaWQiOiIycWo3aGJzYTBsaTcwIiwia2VpdGFyb19jb3VudHJ5IjoiVVMiLCJrZWl0YXJvX3BsYXRmb3JtIjoiR05VXC9MaW51eCIsImtlaXRhcm9fc3RyZWFtX2lkIjoiNTc1MTQwIiwic3RvcmVfaWQiOiIiLCJyb3RhdG9ySWQiOiJiYWE5MjM0Y2I1YmY4MjI2NjBiMmJjNmNmMzYwMTE0OWYwMTY1MTMxOWRlNjhhZDg1N2Q1NWMzOWQ1YTA4NGZlIiwicm90YXRvclJvdXRlciI6ImdvY2FzaW5vbmluZS5jb20ifQ%253D%253D
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
3ddc1c571263585

Response headers

cf-ray
8cf6c3f038b46dc2-MIA
content-encoding
br
date
Tue, 08 Oct 2024 14:19:21 GMT
content-type
text/plain; charset=UTF-8
cf-chl-gen
oENovZxzkOlPz9EEUsWNfoHymwzax2LaYdB1nLULBWspOk4TTSxt/221WiYTZLoJKnIytJWj3A==$DroUm+62VdIRioEU
server
cloudflare
rum
ninecasino.com/cdn-cgi/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ninecasino.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.14.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer
https://ninecasino.com/?cxd=36648_1868601_%7Cafp1%3A2qj7hbsa0li70%7Cafp10%3A&af_dev_key=BDREFvBLEZQKVYEhZafc85&af_id=&af_sub1=&af_sub2=&af_sub3=&af_sub4=&af_sub5=&afp1=2qj7hbsa0li70&afp10=&brand=ninecasino&bta=36648&click_id=2qj7hbsa0li70&keitaro_country=US&keitaro_platform=GNU%2FLinux&keitaro_stream_id=575140&store_id=&rotatorId=baa9234cb5bf822660b2bc6cf3601149f01651319de68ad857d55c39d5a084fe&rotatorRouter=gocasinonine.com&_rd=eyJjeGQiOiIzNjY0OF8xODY4NjAxX3xhZnAxOjJxajdoYnNhMGxpNzB8YWZwMTA6IiwiYWZfZGV2X2tleSI6IkJEUkVGdkJMRVpRS1ZZRWhaYWZjODUiLCJhZl9pZCI6IiIsImFmX3N1YjEiOiIiLCJhZl9zdWIyIjoiIiwiYWZfc3ViMyI6IiIsImFmX3N1YjQiOiIiLCJhZl9zdWI1IjoiIiwiYWZwMSI6IjJxajdoYnNhMGxpNzAiLCJhZnAxMCI6IiIsImJyYW5kIjoibmluZWNhc2lubyIsImJ0YSI6IjM2NjQ4IiwiY2xpY2tfaWQiOiIycWo3aGJzYTBsaTcwIiwia2VpdGFyb19jb3VudHJ5IjoiVVMiLCJrZWl0YXJvX3BsYXRmb3JtIjoiR05VXC9MaW51eCIsImtlaXRhcm9fc3RyZWFtX2lkIjoiNTc1MTQwIiwic3RvcmVfaWQiOiIiLCJyb3RhdG9ySWQiOiJiYWE5MjM0Y2I1YmY4MjI2NjBiMmJjNmNmMzYwMTE0OWYwMTY1MTMxOWRlNjhhZDg1N2Q1NWMzOWQ1YTA4NGZlIiwicm90YXRvclJvdXRlciI6ImdvY2FzaW5vbmluZS5jb20ifQ%253D%253D

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8cf6c3f068dc6dc2-MIA
access-control-allow-origin
https://ninecasino.com
date
Tue, 08 Oct 2024 14:19:21 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
favicon.ico
ninecasino.com/ 		10 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ninecasino.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.14.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1184dc51ccd4e4601f146ed9c8ee74a9bcf142071069f0f5223df9147f438ff0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ninecasino.com/?cxd=36648_1868601_%7Cafp1%3A2qj7hbsa0li70%7Cafp10%3A&af_dev_key=BDREFvBLEZQKVYEhZafc85&af_id=&af_sub1=&af_sub2=&af_sub3=&af_sub4=&af_sub5=&afp1=2qj7hbsa0li70&afp10=&brand=ninecasino&bta=36648&click_id=2qj7hbsa0li70&keitaro_country=US&keitaro_platform=GNU%2FLinux&keitaro_stream_id=575140&store_id=&rotatorId=baa9234cb5bf822660b2bc6cf3601149f01651319de68ad857d55c39d5a084fe&rotatorRouter=gocasinonine.com&_rd=eyJjeGQiOiIzNjY0OF8xODY4NjAxX3xhZnAxOjJxajdoYnNhMGxpNzB8YWZwMTA6IiwiYWZfZGV2X2tleSI6IkJEUkVGdkJMRVpRS1ZZRWhaYWZjODUiLCJhZl9pZCI6IiIsImFmX3N1YjEiOiIiLCJhZl9zdWIyIjoiIiwiYWZfc3ViMyI6IiIsImFmX3N1YjQiOiIiLCJhZl9zdWI1IjoiIiwiYWZwMSI6IjJxajdoYnNhMGxpNzAiLCJhZnAxMCI6IiIsImJyYW5kIjoibmluZWNhc2lubyIsImJ0YSI6IjM2NjQ4IiwiY2xpY2tfaWQiOiIycWo3aGJzYTBsaTcwIiwia2VpdGFyb19jb3VudHJ5IjoiVVMiLCJrZWl0YXJvX3BsYXRmb3JtIjoiR05VXC9MaW51eCIsImtlaXRhcm9fc3RyZWFtX2lkIjoiNTc1MTQwIiwic3RvcmVfaWQiOiIiLCJyb3RhdG9ySWQiOiJiYWE5MjM0Y2I1YmY4MjI2NjBiMmJjNmNmMzYwMTE0OWYwMTY1MTMxOWRlNjhhZDg1N2Q1NWMzOWQ1YTA4NGZlIiwicm90YXRvclJvdXRlciI6ImdvY2FzaW5vbmluZS5jb20ifQ%253D%253D

Response headers

content-encoding
br
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
x-content-options
nosniff
date
Tue, 08 Oct 2024 14:19:21 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
sEEP5g8pbETIweeOJYCzG8/ThMQYVg/alY1oGXXnYER8pQ4XsN4m8slXMbjq5z8PX4Qv/t+Zt2FZ+PZMO8VBM9GBRrbzVY419Kc0kaumG9nbcwy+/QmNT+FEQ+V3vykm/6OTNlQ13b1EwquIAe7P5Q==$43fZ6iQY8t2TuCq9ll2lqw==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8cf6c3f0991a6dc2-MIA
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
64854ce9-f0ac-4e2b-bde0-ce50a19e0ede
https://ninecasino.com/ Frame 		0
0
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/p428q/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Frame B3F8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/p428q/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/ec4b873d446c/api.js?onload=Jeuhg1&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8cf6c3f18de8034d-MIA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Tue, 08 Oct 2024 14:19:21 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ninecasino.com
URL
blob:https://ninecasino.com/dde3b701-82d7-4e6f-b4a4-2f064e79126e
Domain
ninecasino.com
URL
blob:https://ninecasino.com/64854ce9-f0ac-4e2b-bde0-ce50a19e0ede

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt function| Jeuhg1 boolean| tlLrK2 function| KUjIx3 function| mpUaL2 function| FxOnr3 object| eXDlL4 object| YvPd6 function| Vguy6 function| Hvmr3 function| TMMx5 object| iHwxM3 number| OuWT7 object| angular object| ohry1 object| __cfBeacon object| turnstile boolean| FrNBi5 string| HcTEI3 boolean| aFyRe6

11 Cookies

Domain/Path Name / Value
.gameforlifechange.com/ Name: _fbp
Value: fb.1.1728397157269.94929023437000244
beniluuxen.com/ Name: _subid
Value: 2qj7hbsa0li70
beniluuxen.com/ Name: 4d606
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjU3NTE0MFwiOjE3MjgzOTcxNTh9LFwiY2FtcGFpZ25zXCI6e1wiMTEyNDZcIjoxNzI4Mzk3MTU4fSxcInRpbWVcIjoxNzI4Mzk3MTU4fSJ9.FFrhreY0djEnJKq11H_QyYZxixfql8R2Ve3Di7XjInA
beniluuxen.com/ Name: _token
Value: uuid_2qj7hbsa0li70_2qj7hbsa0li7067053f66bbf331.36782965
.beniluuxen.com/ Name: __cf_bm
Value: cflu0MO41fEWGjg475uVOd1GMoY4ow9B1PucW9.inmE-1728397158-1.0.1.1-xSfzDEaBbaL2fwFAzTYPSsxjmdoYdWXO6oOZ080KoLt7eVhMkBuLJvWNxP9qa.f1DdhITbBXd6j0jXihVOJ.eQ
.beniluuxen.com/ Name: _cfuvid
Value: FyRiS0XYqeDgV9jel8xFxgIag8o6pjVBH1XVCJkHt8k-1728397158824-0.0.1.1-604800000
gameforlifechange.com/ Name: tildauid
Value: 1728397158987.465286
gameforlifechange.com/ Name: tildasid
Value: 1728397158987.437715
gameforlifechange.com/ Name: previousUrl
Value: gameforlifechange.com%2Findex.html
track.chillipartners.com/ Name: ninecasino-v
Value: 1868601
gocasinonine.com/ Name: rotatorId
Value: baa9234cb5bf822660b2bc6cf3601149f01651319de68ad857d55c39d5a084fe

3 Console Messages

Source Level URL
Text
network error URL: https://ninecasino.com/?cxd=36648_1868601_%7Cafp1%3A2qj7hbsa0li70%7Cafp10%3A&af_dev_key=BDREFvBLEZQKVYEhZafc85&af_id=&af_sub1=&af_sub2=&af_sub3=&af_sub4=&af_sub5=&afp1=2qj7hbsa0li70&afp10=&brand=ninecasino&bta=36648&click_id=2qj7hbsa0li70&keitaro_country=US&keitaro_platform=GNU%2FLinux&keitaro_stream_id=575140&store_id=&rotatorId=baa9234cb5bf822660b2bc6cf3601149f01651319de68ad857d55c39d5a084fe&rotatorRouter=gocasinonine.com&_rd=eyJjeGQiOiIzNjY0OF8xODY4NjAxX3xhZnAxOjJxajdoYnNhMGxpNzB8YWZwMTA6IiwiYWZfZGV2X2tleSI6IkJEUkVGdkJMRVpRS1ZZRWhaYWZjODUiLCJhZl9pZCI6IiIsImFmX3N1YjEiOiIiLCJhZl9zdWIyIjoiIiwiYWZfc3ViMyI6IiIsImFmX3N1YjQiOiIiLCJhZl9zdWI1IjoiIiwiYWZwMSI6IjJxajdoYnNhMGxpNzAiLCJhZnAxMCI6IiIsImJyYW5kIjoibmluZWNhc2lubyIsImJ0YSI6IjM2NjQ4IiwiY2xpY2tfaWQiOiIycWo3aGJzYTBsaTcwIiwia2VpdGFyb19jb3VudHJ5IjoiVVMiLCJrZWl0YXJvX3BsYXRmb3JtIjoiR05VXC9MaW51eCIsImtlaXRhcm9fc3RyZWFtX2lkIjoiNTc1MTQwIiwic3RvcmVfaWQiOiIiLCJyb3RhdG9ySWQiOiJiYWE5MjM0Y2I1YmY4MjI2NjBiMmJjNmNmMzYwMTE0OWYwMTY1MTMxOWRlNjhhZDg1N2Q1NWMzOWQ1YTA4NGZlIiwicm90YXRvclJvdXRlciI6ImdvY2FzaW5vbmluZS5jb20ifQ%253D%253D
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ninecasino.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ninecasino.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beniluuxen.com
challenges.cloudflare.com
connect.facebook.net
gameforlifechange.com
gamingvhsgame.com
gocasinonine.com
neo.tildacdn.com
ninecasino.com
stat.tildacdn.com
static.cloudflareinsights.com
track.chillipartners.com
www.facebook.com
ninecasino.com
104.18.21.142
104.18.94.41
104.18.95.41
104.22.14.198
157.240.229.1
157.240.229.35
172.67.173.1
193.3.17.199
2606:4700::6810:5049
2a03:2880:f103:181:face:b00c:0:25de
35.234.86.61
5.181.161.181
5.75.187.14
090a7068a2209545279f858c6f41ff7ae42815e11c3d69463a2a2ea835282bd9
1184dc51ccd4e4601f146ed9c8ee74a9bcf142071069f0f5223df9147f438ff0
121117e3de0d39abaf269008746267d7ede9df42325151c54a8553b4d27baad8
23c5b6fc1c2c069a91c7505a133d7f5e9b5801fa5a8a8096b8545887940e742a
2a9852fb0d2190597bafb35bef368725f803b47ff6bc0e6b804f6637d89695fd
398303701fe39b06e71b61b1ac6e4925bfa0f93e71d1ab03bbeb83a6462a2379
48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a
51d49a2e8c7888072180aaf3283d34e2e1f21a4aaa4b6eab3058721a46a8fea7
8848f750da24e72a8aae111bd8e9ad41d76f33a54f7a611d3873650a553cc56d
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
94c5fb5fefb9633bb92c7801ecc13a6370fad4b6fb84733784843808e944a6d1
96bd1c81d59d6ac2ec9f8ebe4937a315e85443667c5728a7cd9053848dd8d3d7
9c41ad6c9283238f7c984d799ee3434e898a32ab9f0a6ef5fd46815e7597924d
9cab6bce840f593d775ac039e9e70096d558e3da539dddf9c20b62cdfa9443d1
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ad08da121b31f2885b6e5cc3caa13572d73dd006fd808db8b89639813617efb1
b32709616a61f85bd793dc839a039fe10c685b00a32e17456d16809eb5ab2fbe
cdf65e26b905a653bce60df182886b032b606940391badb1e3a655f434ca446c
cf2c58c07b25eedb7ac08c2e3c54a2a65e264979862a51a448ee81d96b8c1601
d140fb54dcee559109164684010109302cf9234f5bdd8d527fc63d67e24eb91c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0ce20fc1dd605ff20a1f19e623cdc7498f1f5156e3602e4085523f6edea6c00
f5c301b8769579afae9deb4eda7659df32661229039c6b7a37cfabd1827317ce
f5e7730d3b76ee4678f01d89ccc9b01b7cfb7016764ee2b05e2e1a90ca2f9088
feaa79fd393600ae251d35df414fc9c5633674b6104a52cdfdfe1b449f2aa15a