Submitted URL: http://8xbe493.app/
Effective URL: https://8xbe493.app/
Submission: On September 18 via manual from VN — Scanned from US

Summary

This website contacted 13 IPs in 2 countries across 11 domains to perform 424 HTTP transactions. The main IP is 43.198.114.34, located in Hong Kong and belongs to AMAZON-02, US. The main domain is 8xbe493.app.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 31st 2024. Valid for: a year.
This is the only time 8xbe493.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
131 29hxa5qjxxye001-fluid.8xdfd3t6f.com 8xbe493.app
29hxa5qjxxye001-fluid.8xdfd3t6f.com
70 001eqvscmhs017ondjp-api.8xdfd3t6f.com 29hxa5qjxxye001-fluid.8xdfd3t6f.com
36 www.facebook.com 8xbe493.app
22 qvjyxrjte001-be-source.8xdfd3t6f.com 8xbe493.app
19 connect.facebook.net 8xbe493.app
connect.facebook.net
11 analytics.tiktok.com 8xbe493.app
analytics.tiktok.com
4 i18n-001fxh9.jiezhixinjituan.com 29hxa5qjxxye001-fluid.8xdfd3t6f.com
4 www.google-analytics.com www.googletagmanager.com
4 www.googletagmanager.com 8xbe493.app
www.googletagmanager.com
3 analytics.google.com www.googletagmanager.com
2 kq2v379m73nkp9b001-fe-source.8xdfd3t6f.com 29hxa5qjxxye001-fluid.8xdfd3t6f.com
2 8xbe493.app
1 en-001fxh9-sports-stream.articqq123.blog 29hxa5qjxxye001-fluid.8xdfd3t6f.com
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
424 15

This site contains links to these domains. Also see Links.

Domain
8xbet-facebook.com
8xbet-tiktok.com
8xbet-ig.com
8xbet-youtube.com
8xbet-x.com
Subject Issuer Validity Valid
8xbe493.app
Go Daddy Secure Certificate Authority - G2
2024-05-31 -
2025-05-31
a year crt.sh
8xdfd3t6f.com
WE1
2024-08-24 -
2024-11-22
3 months crt.sh
*.google-analytics.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-06-28 -
2024-09-26
3 months crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1
2024-07-15 -
2025-07-15
a year crt.sh
jiezhixinjituan.com
R10
2024-07-29 -
2024-10-27
3 months crt.sh
*.google.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.g.doubleclick.net
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.doubleclick.net
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
articqq123.blog
R10
2024-09-02 -
2024-12-01
3 months crt.sh

This page contains 3 frames:

Primary Page: https://8xbe493.app/
Frame ID: 52A22F478064AA013A2C63381F393106
Requests: 385 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-FH93J8TSNS&gacid=1889026432.1726645332&gtm=45je4990v873231969z89103934971za200zb9103934971&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1188635843
Frame ID: 957DB7121749DE596D9B09CA07758E94
Requests: 1 HTTP requests in this frame

Frame: https://en-001fxh9-sports-stream.articqq123.blog/?liveUrl=https://live.chengyangkaisuo.com/live/263269_4bbc7763c07a7680fc3d0a4c8185b8c2_autoChange.m3u8?auth_key=1726659391-0-0-e8eead7af8ebc763eaa33060536d70e6&type=videoJs&isPc=true&vendorId=vd001
Frame ID: 78EE5CBB67D75CA7CE6BA0B0CC32AB88
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

8Xbet - Official Betting Partner of Manchester City FC

Page URL History Show full URLs

  1. http://8xbe493.app/ HTTP 307
    https://8xbe493.app/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js

Page Statistics

424
Requests

73 %
HTTPS

67 %
IPv6

11
Domains

15
Subdomains

13
IPs

2
Countries

2755 kB
Transfer

10902 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://8xbe493.app/ HTTP 307
    https://8xbe493.app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

424 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
8xbe493.app/
Redirect Chain
  • http://8xbe493.app/
  • https://8xbe493.app/
66 KB
22 KB
Document
General
Full URL
https://8xbe493.app/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
43.198.114.34 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-198-114-34.ap-east-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
30381964bbfa3b0a446a73718e85e92f46d9afd9e285f7fe30a2e514619af7c4
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 18 Sep 2024 07:42:10 GMT
etag
W/"10673-m0lVNsu17xgRDIsU+LhsXIKpepk"
server
nginx
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
x-envoy-upstream-service-time
75
x-frame-options
DENY
x-powered-by
Express

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://8xbe493.app/
Non-Authoritative-Reason
HSTS
index-1c732274.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
2 MB
650 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6859835df7debbc131132e615403f3026f77d00e327dff04366286a6549cdc6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://8xbe493.app/

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
HIT
etag
W/"67a708b7bbefcb4e07c66ab47ae55a7b"
age
144549
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:11 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:50 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2a69c53191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index-abd82e79.css
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
242 KB
32 KB
Stylesheet
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-abd82e79.css
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abd82e795b692c920409925e3e6e07caffd97562edd63fb9aa5c67a3ef49ee82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://8xbe493.app/

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
HIT
etag
W/"97725bedad69d4041da61e8f23bae93f"
age
144549
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:11 GMT
content-type
text/css
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Fri, 13 Sep 2024 12:12:31 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2a69c52191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
registerSW.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/
134 B
657 B
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/registerSW.js
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9742073ef7fc795e7673d98f272992843298426a0ffd8cb3507784df5143608b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"1872c500de691dce40960bb85481de07"
x-amz-version-id
null
age
4221
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 11:42:10 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:10 GMT
content-type
application/javascript
last-modified
Fri, 13 Sep 2024 12:12:57 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-amz-id-2
+GNAaXD2NoVXyZY6UWQmZdToKz6V2ee844L74oSTwYsmi7J+gSYpSBCyqUg0gB1umyBqRSV0ceg=
cache-control
public, max-age=14400
x-js-verification
false
referrer-policy
same-origin
x-amz-request-id
2WTJWD9VN8GDNJXW
cf-ray
8c4fb2a69a1b422b-EWR
x-xss-protection
1; mode=block
server
cloudflare
js
www.googletagmanager.com/gtag/
309 KB
103 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XK42L1XPP5
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2621935862c0d736ffc1fe34b261eaf2c10240a61e2db4767f98fcedc0fe483c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
br
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Wed, 18 Sep 2024 07:42:11 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104635
date
Wed, 18 Sep 2024 07:42:11 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
gtm.js
www.googletagmanager.com/
213 KB
71 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KLND2S8
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
654e0654da03f226a1c4eb67568b2f2de5b25497c52592ac65324df44170f078
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
br
expires
Wed, 18 Sep 2024 07:42:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Sep 2024 07:42:11 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 18 Sep 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
72772
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/
225 KB
58 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:11 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
GOOD; q=0.7, rtt=91, rtx=0, c=23, mss=1232, tbw=5773, tp=12, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
L9AMLVJuBLx7yLcwufTTiWZ+HN/1shMDfZmMpNNta0Q2Kn3aEhzyVBDWRq+iTPCmX/4GJfFGHxNf4CYGS77PJw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
58953
x-xss-protection
0
1788894901579396
connect.facebook.net/signals/config/
66 KB
13 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1788894901579396?v=2.9.167&r=stable&domain=8xbe493.app&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6f04c627121bbdc77c52f48bad832829342902c14780fe41f56cb7258bec3c7c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:11 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
GOOD; q=0.7, rtt=76, rtx=0, c=67, mss=1232, tbw=68381, tp=65, tpl=0, uplat=41, ullat=0
pragma
public
x-fb-debug
FJrxkkxLj4hrSnNPIllpvRQ5BGsW5jQbaFXYR6YPZeO0Qo7pGMAQk6/Y+gTYo1h4+IEKL8Rz5mn9uj4L4DQ5dg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-XK42L1XPP5&gtm=45je4990v9188334131za200&_p=1726645331220&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1889026432.1726645332&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1726645332&sct=1&seg=0&dl=https%3A%2F%2F8xbe493.app%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3005
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XK42L1XPP5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 18 Sep 2024 07:42:12 GMT
content-type
text/plain
server
Golfe2
td
www.googletagmanager.com/
0
130 B
Image
General
Full URL
https://www.googletagmanager.com/td?id=G-XK42L1XPP5&v=3&t=t&pid=467720441&dl=8xbe493.app%2F&tdp=G-XK42L1XPP5;188334131;0;0;0&frm=0&rtg=188334131&rlo=2&slo=1&hlo=14&lst=3&z=0
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 18 Sep 2024 07:42:12 GMT
content-type
text/plain
server
Golfe2
js
www.googletagmanager.com/gtag/
310 KB
104 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FH93J8TSNS&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KLND2S8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e272dd8ae10fd7ad0a25d7ae345b54e1e00d983c219f094090e08e22f7294dcc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
br
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Wed, 18 Sep 2024 07:42:12 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106334
date
Wed, 18 Sep 2024 07:42:12 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
events.js
analytics.tiktok.com/i18n/pixel/
5 KB
2 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CLR9LNRC77U7BR4C6SIG&lib=ttq
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.111.30 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-111-30.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c66c18c7207fb62a2c0ba7e8c4ef6e0d372141667932301f64edede539073844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
gzip
expires
Wed, 18 Sep 2024 07:42:12 GMT
server-timing
inner; dur=2, cdn-cache; desc=MISS, edge; dur=0, origin; dur=12
x-cache
TCP_MISS from a23-44-200-156.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
date
Wed, 18 Sep 2024 07:42:12 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
1bbdf95c
x-tt-trace-host
01c40aed925e54e905c7abacbb1779f8d85403659f19bd03b3f7cc12054f0de6aa82a18a859fd4d44e3d32f6fd941b4697d6e7e47580e450080d0c042e6e741aad4567c7bb8bd2768888c5b172b2a7002eb6c3cdbe45e1d6cfdf98d6f3fdd37a48
x-origin-response-time
12,23.44.200.156
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240918074212B150CD015455634EA676-179FD1C75CDDBC21-00
x-tt-logid
20240918074212B150CD015455634EA676
server
nginx
events.js
analytics.tiktok.com/i18n/pixel/
6 KB
3 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CPGOMSRC77UFEMG26950&lib=ttq
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.111.30 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-111-30.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
95601228596ad7ec43885eb2312936dfa59a01a8f4df1bbbe3d275152ea3c30c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
gzip
x-cache-remote
TCP_MISS from a23-32-16-92.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
expires
Wed, 18 Sep 2024 07:42:12 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=8, origin; dur=7, inner; dur=3
x-cache
TCP_MISS from a23-44-200-156.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
date
Wed, 18 Sep 2024 07:42:12 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
c83971ad.1bbdf95d
x-tt-trace-host
01c40aed925e54e905c7abacbb1779f8d89192591232274f45851bb15aeae40fe0c3d6a5026d336b1bbaa453840cea09c796795180ce6ecec6e2f52e4bb4e143300d4defcc351d36181cc4bc97ae6d60d10a59c7e5fa43132966378d413724db7765eaf6ef76147eb1245c4fbd36392ce6
x-origin-response-time
7,23.32.16.92
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2409180742125CFBB1BD88983C5DBF7E-6B8DB5AF9A956ED1-00
x-parent-response-time
15,23.44.200.156
x-tt-logid
202409180742125CFBB1BD88983C5DBF7E
server
nginx
ua-parser-df2a0f2b.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
17 KB
8 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/ua-parser-df2a0f2b.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cc5e37d63342a0309a4f288f840a5b92fa99c738a9d274da916eaa5e0662c3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
HIT
etag
W/"528c9ee076905410d7fa7224ad6248de"
age
144550
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:12 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:46:11 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2aecf61191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
fp.esm-44372d67.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
38 KB
16 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/fp.esm-44372d67.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
645a3ad2baa6983e984113378434219d3319c15757b92d0ae915e67dd2254c38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
HIT
etag
W/"66de759b3fe7afcd65cb1b3ce78bc02d"
age
144550
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:12 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:34 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2af0f70191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index-871cf80a.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
5 KB
3 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-871cf80a.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e28df832e8d46fca4740dee05e9d307eb097a1980b55857f60b8a18f556c7191
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
HIT
etag
W/"24cd0e73fec7f6244b9b0d149ce9cc77"
age
144550
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:12 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:52 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2b0e81b191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index-f97ee642.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
2 KB
2 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-f97ee642.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5042a492610f318ceddeb8993b799dd200172f374db65673298e6be4e2f9daf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"569e8c9dd7e4479aabad3203f080be70"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:12 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:53 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2b0e81c191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index-60e65d1e.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
1 KB
1 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-60e65d1e.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5799c0c4f9da6bcba5447d89f0385b1f5744b78729d4920bc505fcaf6162e8da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
HIT
etag
W/"7503d0253c1a8a319ea6b59965dc0967"
age
144550
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:12 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:51 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2b0e81d191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index-64512d7c.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
2 KB
2 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-64512d7c.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecf2b1fb67af53780e398912d235d7ae2e1333f6f576a666bc9c8cf66113b0e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
HIT
etag
W/"6cb6210347ed2812bad6e43fa9f7081a"
age
144550
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:12 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:51 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2b0e81e191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index-296a8061.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
4 KB
3 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-296a8061.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
191633ec5f4b865fe070298101c0a0112062e4fefb8f7a8ab3fe08c83f4452a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
HIT
etag
W/"5a826ec37641788ac36e265c3e97072a"
age
144550
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:12 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:51 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2b0f820191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index-1c3ff6c8.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
919 B
1 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c3ff6c8.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23ee36536b34ca7687c6f41193aa7b8a3657405155ae77d80d102cf35653c57e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
HIT
etag
W/"7fa19c4527d95b81d47ace767a9665a4"
age
144550
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:12 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:50 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2b0f822191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index-0d0f614b.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
27 KB
10 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-0d0f614b.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9576b3e2712faeeb8d6ad2f6c9011203651e5282952bc426ffa32cbadfc830d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
HIT
etag
W/"ef33fec76caf15f877f9668dc1a18c34"
age
144550
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:12 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:50 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2b0f823191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index-a9718eeb.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
935 B
1 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-a9718eeb.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
601ba5de6f9ed22f73c0fd6685213eeda5bd66af289123b48ca8390010f23eec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"3e09eb962f023d9f26e0164b5e5ddb71"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:12 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:52 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2b0f828191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index-959c6f48.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
1 KB
1 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-959c6f48.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cedfc9fbde93457bd9c4aac757837d787aca4d5048ff0150d330f107f767715c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
HIT
etag
W/"cec9579eec906279ec41ef828dae6c1f"
age
144550
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:12 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:52 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2b10829191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-XK42L1XPP5&gtm=45je4990v9188334131za200&_p=1726645331220&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1889026432.1726645332&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1726645332&sct=1&seg=0&dl=https%3A%2F%2F8xbe493.app%2F&dt=&en=scroll&epn.percent_scrolled=90&_et=86&tfd=3550
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XK42L1XPP5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 18 Sep 2024 07:42:12 GMT
content-type
text/plain
server
Golfe2
index-9cb03905.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
2 KB
1 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-9cb03905.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23f1406d64d4d518d777d3ec71841203ffb8cca88e25379978021e4ad15aa28f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
HIT
etag
W/"35d31908641e5c28adc0153240352011"
age
144550
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:12 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:52 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2b1383b191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index-9e0bbdeb.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
16 KB
7 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-9e0bbdeb.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16ba0d67faf5e86fee3e8e3efe9a2d532887fef9747569cbad0e8a80608da8bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
HIT
etag
W/"2f833d0a925b809bd27d6f44a7843007"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:12 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:52 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2b1383c191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index-cfaeab75.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
81 KB
25 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-cfaeab75.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f106190bca26bd35269be8de87b6002ae13c5010910a715202a65a57089ef51c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
HIT
etag
W/"44027115ba8cbccf61d65d5739bd8736"
age
144550
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:12 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:53 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2b14845191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
im-6f79c9d3.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
11 KB
3 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/im-6f79c9d3.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea512b3d0a8ca78151d2122302ce315f63379bda6a4901cc07101b35a06a1f1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
HIT
etag
W/"bc4338ab903facc48d75e4e8bbc002ac"
age
144550
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:12 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:50 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2b14846191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
en_US-1135f6e5.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
580 KB
161 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/en_US-1135f6e5.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5dd3c29062cdd05d073f7d35f9f708a256579bd19e3dcefc25169e5ba0d7e80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
HIT
etag
W/"530c1c9c5a673f8dc573a9c986929fa9"
age
144550
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:12 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:32 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2b14847191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
market-property-setting-0358c5ea.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
2 KB
1 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/market-property-setting-0358c5ea.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
975a4fccca4ff575ed94a448f774d628c2047d45b187d64d0a9ee8cbb62c8e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
HIT
etag
W/"a9ed90ea04c9c76573d83d221cd573d1"
age
144550
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:12 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:46:00 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2b1584c191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
fluid
i18n-001fxh9.jiezhixinjituan.com/api/v2/i18n/PROD/version/
54 B
811 B
XHR
General
Full URL
https://i18n-001fxh9.jiezhixinjituan.com/api/v2/i18n/PROD/version/fluid
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-116.ewr53.r.cloudfront.net
Software
nginx/1.14.1 /
Resource Hash
33652d66c1ea1481a7d5d9aa4054c061caad4bd607d777f56c0275735f71f195
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
Referer
https://8xbe493.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

access-control-max-age
1728000
access-control-expose-headers
Content-Length,Content-Range
content-encoding
gzip
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
Miss from cloudfront
x-amz-cf-id
bicFndVjWXGuaWOa4UJJshLBVw-ZJoEeLYE0hptZtp5LnZUf4koIZg==
date
Wed, 18 Sep 2024 07:42:13 GMT
content-type
application/json
vary
Accept-Encoding
access-control-allow-headers
DNT,X-Requested-With,If-Modified-Since,Cache-Control,Range,x-checksum,accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,appType,currency
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-credentials
true
via
1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
78
x-amz-cf-pop
EWR53-C2
server
nginx/1.14.1
fluid
i18n-001fxh9.jiezhixinjituan.com/api/v2/i18n/PROD/version/ Frame
0
0
Preflight
General
Full URL
https://i18n-001fxh9.jiezhixinjituan.com/api/v2/i18n/PROD/version/fluid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-116.ewr53.r.cloudfront.net
Software
nginx/1.14.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-checksum
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Requested-With,If-Modified-Since,Cache-Control,Range,x-checksum,accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,appType,currency
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-max-age
1728000
date
Wed, 18 Sep 2024 07:42:12 GMT
server
nginx/1.14.1
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-amz-cf-id
47mu1GG028coamzqgQ2xbFz1P9Bj6zpg2px-jGRNXoaICFcfOleVWA==
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
777827634088724
connect.facebook.net/signals/config/
24 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/777827634088724?v=2.9.167&r=stable&domain=8xbe493.app&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C196%2C195%2C197%2C202%2C203%2C204%2C200%2C192%2C128%2C159%2C191%2C193%2C119%2C153%2C141%2C147%2C185%2C186%2C125%2C228%2C113%2C124%2C229%2C161%2C116%2C231%2C162%2C132%2C120%2C150%2C144%2C111
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ceff03adfc4fad17fd06b741bc78199c6845bca371a1fac97d97940b8d49236f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:12 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=48, rtx=0, c=67, mss=1232, tbw=82205, tp=79, tpl=0, uplat=45, ullat=0
pragma
public
x-fb-debug
DFsgpmI2YB68WYbYUoClX+84CHpH5s2Hr8qNxpNe+75jn9Glhqg79/HnrbcIXs6RAiGg6q0l74MuiA3LaPL/fw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/
0
273 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1788894901579396&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2F&rl=&if=false&ts=1726645332728&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=GET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=10, mss=1392, tbw=2772, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Sep 2024 07:42:12 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
3 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1788894901579396&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2F&rl=&if=false&ts=1726645332728&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=FGET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7415885233383840230"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:12 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
boP0Syt5IpVwZV3PUvRl8HtGjrf8MCFOtiEMmSj3XnVyg0Rd6LN7g1HpUlv4/Q7UT3GMlEZ6MXfT8pwG3RZwiA==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7415885233383840230", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=10, mss=1392, tbw=3089, tp=-1, tpl=-1, uplat=52, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-FH93J8TSNS&gtm=45je4990v873231969z89103934971za200zb9103934971&_p=1726645331220&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1889026432.1726645332&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1726645332&sct=1&seg=0&dl=https%3A%2F%2F8xbe493.app%2F&dt=&en=page_view&_fv=1&_ss=1&tfd=3692
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FH93J8TSNS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 18 Sep 2024 07:42:13 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
251 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FH93J8TSNS&cid=1889026432.1726645332&gtm=45je4990v873231969z89103934971za200zb9103934971&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FH93J8TSNS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 18 Sep 2024 07:42:13 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 957D
0
0
Document
General
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-FH93J8TSNS&gacid=1889026432.1726645332&gtm=45je4990v873231969z89103934971za200zb9103934971&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1188635843
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FH93J8TSNS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8xbe493.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Sep 2024 07:42:13 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-FH93J8TSNS&gtm=45je4990v873231969z89103934971za200zb9103934971&_p=1726645331220&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1889026432.1726645332&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AAAC&sid=1726645332&sct=1&seg=1&dl=https%3A%2F%2F8xbe493.app%2F&dt=&_s=2&tfd=3792
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FH93J8TSNS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://8xbe493.app/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 18 Sep 2024 07:42:13 GMT
content-type
text/plain
server
Golfe2
main.MTcyYmY3Y2UyMA.js
analytics.tiktok.com/i18n/pixel/static/
335 KB
93 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTcyYmY3Y2UyMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CLR9LNRC77U7BR4C6SIG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.111.30 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-111-30.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6eade210358ca6b41631cf5c309c6b1a3fa1c043133ef84d5fc6b173ac1c9928

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

x-cache
TCP_HIT from a23-44-200-156.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=16
x-tt-trace-id
00-240914171717E366D20A57316AE05D27-5C4AD66AED5317A2-00
content-length
95027
date
Wed, 18 Sep 2024 07:42:12 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
20240914171717E366D20A57316AE05D27
server
nginx
x-akamai-request-id
1bbdfb81
x-tt-trace-host
017014dba21ef1cea0909e805a8d531e0a3a7a78c51404af2b80b158010a644ca654feed53a726304ed829e7d5c449ffa46e08f6ef6cd8cfa53ba4e55ff54b44511262707c398aa4755084c9021c0553ccc69b7f9bcf47b5d15f1af836fc1139f0
main.MTcyYmY3Y2UyMQ.js
analytics.tiktok.com/i18n/pixel/static/
340 KB
95 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTcyYmY3Y2UyMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CPGOMSRC77UFEMG26950&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.111.30 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-111-30.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
864072a3229468b4abd5debaf97f3ed17b77f098513c523746cb825ee183e68f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

x-cache
TCP_HIT from a23-44-200-156.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=19
x-tt-trace-id
00-2409141717168FAD13B929F5C2B09ADA-770C526B5B241CE2-00
content-length
96677
date
Wed, 18 Sep 2024 07:42:12 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
202409141717168FAD13B929F5C2B09ADA
server
nginx
x-akamai-request-id
1bbdfb82
x-tt-trace-host
01e70ca96dae6816b2d17a6b66a2acd43b7e62f222606ba65336bd992cafd9da71ef145a841bd6caa9db7d3ffa31d15bc738574035bce8e6dfc9a99d8bcd57b6caf6bb9d7edb4ea8abe1bd1a7bad477ebbfa85d127df81821ae1fbded3af5f4f36
use-received-coupon-ea302694.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
5 KB
3 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/use-received-coupon-ea302694.js
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a396206307a55e6fdff224fd32c5de2335015f7ae69beef6e75f1b90da057ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-871cf80a.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
HIT
etag
W/"85f93ee4c0dd493de6f519c3254cf817"
age
144549
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:12 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:46:12 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2b2c8b3191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index-c7c64166.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
14 KB
5 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-c7c64166.js
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b83f6cd9c904785f2d56d7b0bb302159e260d7997631a39ec36a3a00f0c565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-871cf80a.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
HIT
etag
W/"8991a08a30c8328d5bf74f1b72689190"
age
144549
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:12 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:52 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2b2c8b4191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
use-red-envelope-80de673a.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
5 KB
3 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/use-red-envelope-80de673a.js
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92424af8d0bea162d915fb671bac8eca52068706b3fe72674ffc0f2c48a13253
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-0d0f614b.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
HIT
etag
W/"a298e376bd443c659badf4cd9dfc1034"
age
144549
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:12 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:46:12 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2b2c8b5191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index-043918fb.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
1022 B
1 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-043918fb.js
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dc65eada0b69879523b852762fdde5255cceb9d91a8a85b010366b1c1acbb69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-0d0f614b.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
HIT
etag
W/"04ddaabbae83ca9fb5162c2474a7c69c"
age
144549
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:12 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:50 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2b2c8b6191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
device-list-fbb1edd1.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
83 KB
23 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/device-list-fbb1edd1.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5b1af5afa0acb4cf9e99c30dedd3b440fbf06439dba46d78812475e05465f04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
HIT
etag
W/"3a4f62d1beb3c38f04cc2b21f17ab039"
age
144551
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:13 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:31 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2b388f8191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
en-us-ec5e28ff.json
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
1 MB
40 KB
XHR
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/en-us-ec5e28ff.json
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec5e28ff645af171e6a7ec90b6c01689d0d96ec4dec448d7b0419a93c5bad09d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://8xbe493.app/

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
HIT
etag
W/"1e72671e2c2b3555d23221662b388be4"
age
144551
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:13 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Fri, 13 Sep 2024 12:12:09 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2b3a903191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index-a1fddaa0.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
2 KB
2 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-a1fddaa0.js
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a56c8ba24832c0ee4b8c3a78324f945f05a79b2652edd7f0a3ccac9ec1b88e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-9e0bbdeb.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
HIT
etag
W/"af06b894bc34f170a85adcc35fead2bc"
age
144550
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:13 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:52 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2b3b907191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
temp_video-171d08a4.mp4
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
6 KB
6 KB
Media
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/temp_video-171d08a4.mp4
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
171d08a4273625dea9657553180e46645df43f2b14ced5e29b470bd8132dda47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://8xbe493.app/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

cf-cache-status
HIT
etag
"d4275dbe32ed8f49a4fbfa98c47537eb"
age
1655487
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:13 GMT
content-type
video/mp4
last-modified
Thu, 29 Aug 2024 05:50:00 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
Content-Range
bytes 0-6237/6238
referrer-policy
same-origin
cf-ray
8c4fb2b3baf9422b-EWR
Content-Length
6238
x-xss-protection
1; mode=block
server
cloudflare
284095821111767
connect.facebook.net/signals/config/
23 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/284095821111767?v=2.9.167&r=stable&domain=8xbe493.app&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C196%2C195%2C197%2C202%2C203%2C204%2C200%2C192%2C128%2C159%2C191%2C193%2C119%2C153%2C141%2C147%2C185%2C186%2C125%2C228%2C113%2C124%2C229%2C161%2C116%2C231%2C162%2C132%2C120%2C150%2C144%2C111
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e90f51f0872bcb799fffe8ed80822b9e169cd259dd3471b5c018f6837fcee281
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:13 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
GOOD; q=0.7, rtt=51, rtx=0, c=67, mss=1232, tbw=85549, tp=84, tpl=0, uplat=38, ullat=0
pragma
public
x-fb-debug
acwu3nSotclgb8hFKAUEjVjHCvdoCMCAk0Cfbp04vYuEMl2su1vSgA1TeFgqMRs0nZQznJtt1RYfkeE0co9WXQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/
0
125 B
Image
General
Full URL
https://www.facebook.com/tr/?id=777827634088724&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2F&rl=&if=false&ts=1726645333079&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=GET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1392, tbw=6382, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Sep 2024 07:42:13 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
847 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=777827634088724&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2F&rl=&if=false&ts=1726645333079&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=FGET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7415885237299777416"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:13 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
PidRubpzJFx1x5ip0aXWZtuL0D4OrQaPV22bU/PtHZxP0UEtqLqVNTPFmnUzOobsXDML9Vrpf89NpcQ/VeBE0w==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7415885237299777416", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1392, tbw=6551, tp=-1, tpl=-1, uplat=48, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
identify_7bf75739.js
analytics.tiktok.com/i18n/pixel/static/
146 KB
39 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcyYmY3Y2UyMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.111.30 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-111-30.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

x-cache
TCP_MEM_HIT from a23-44-200-156.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=11
x-tt-trace-id
00-2408300225247191E1B46E3CA2659920-6980FBE3FDD4116B-00
content-length
39551
date
Wed, 18 Sep 2024 07:42:13 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
202408300225247191E1B46E3CA2659920
server
nginx
x-akamai-request-id
1bbdfc9b
x-tt-trace-host
01b8984c511c26376dc0fc45f78ebe9a41c2fd65eebebca84879db3023830106eaa375a54172cbc919d360ae7a5928dc940faf0928b144bde7fb20ac260166e6e7347199ade633aaf56bbe5c0192137bf4b162f883b3c93d66f9bfca032841da1f
pixel
analytics.tiktok.com/api/v2/
0
717 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcyYmY3Y2UyMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.111.30 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-111-30.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://8xbe493.app/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Wed, 18 Sep 2024 07:42:13 GMT
server-timing
inner; dur=57, cdn-cache; desc=MISS, edge; dur=8, origin; dur=66
x-cache
TCP_MISS from a23-44-200-156.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
date
Wed, 18 Sep 2024 07:42:13 GMT
x-akamai-request-id
1bbdfcc4
access-control-allow-headers
Authorization,*
x-tt-trace-host
01c40aed925e54e905c7abacbb1779f8d85403659f19bd03b3f7cc12054f0de6aa87e5fc4fc686093ea49c4fca77fb2db208951e1e5221f309554484050ef5153a15dbeb52d100c6fd8e160a69f66cee238668b0a425df10742d33ae2bf1adac25
x-origin-response-time
66,23.44.200.156
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-240918074213CF6F9F040D1DB75A3811-69012CBB4F970759-00
content-length
0
x-tt-logid
20240918074213CF6F9F040D1DB75A3811
server
nginx
pixel
analytics.tiktok.com/api/v2/
0
875 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcyYmY3Y2UyMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.111.30 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-111-30.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://8xbe493.app/

Response headers

x-cache-remote
TCP_MISS from a23-218-222-75.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Wed, 18 Sep 2024 07:42:13 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=14, origin; dur=22, inner; dur=20
x-cache
TCP_MISS from a23-44-200-156.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
date
Wed, 18 Sep 2024 07:42:13 GMT
x-akamai-request-id
69890edf.1bbdfcca
access-control-allow-headers
Authorization,*
x-tt-trace-host
01c40aed925e54e905c7abacbb1779f8d89192591232274f45851bb15aeae40fe0c9accd1f20cbb24ca9a7f88ca380a25f4c7023c281c2d43c78a3ab7e970bbd5631d2c0c7f4aff13961305cb6d1b281a198ddf28edfd0ca24ee27ca6fc5c7edb4488eac2b834409cd0bf5664444bd5580
x-origin-response-time
22,23.218.222.75
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-240918074213FDCF65218DA15251B607-77017C7042CB8C1C-00
content-length
0
x-parent-response-time
30,23.44.200.156
x-tt-logid
20240918074213FDCF65218DA15251B607
server
nginx
act
analytics.tiktok.com/api/v2/pixel/
0
876 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcyYmY3Y2UyMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.111.30 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-111-30.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://8xbe493.app/

Response headers

x-cache-remote
TCP_MISS from a23-218-222-88.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Wed, 18 Sep 2024 07:42:13 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=86, origin; dur=24, inner; dur=21
x-cache
TCP_MISS from a23-44-200-156.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
date
Wed, 18 Sep 2024 07:42:13 GMT
x-akamai-request-id
86330d6e.1bbdfe0e
access-control-allow-headers
Authorization,*
x-tt-trace-host
01c40aed925e54e905c7abacbb1779f8d89192591232274f45851bb15aeae40fe0ba1331baae9ad3b591f092a7b6750e568901e73cfa4296a83f5b9a1c8c5914ec682139add209c962cd8fd577bd08dc25e1d0899ec9a03cce50650656cde7cb87de1375143d0fa6f7141effd78ea6c8ec
x-origin-response-time
24,23.218.222.88
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-240918074213CB8B5FC55C51AF56C221-47A13830D83EB282-00
content-length
0
x-parent-response-time
63,23.44.200.156
x-tt-logid
20240918074213CB8B5FC55C51AF56C221
server
nginx
1049161216101108
connect.facebook.net/signals/config/
23 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1049161216101108?v=2.9.167&r=stable&domain=8xbe493.app&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C196%2C195%2C197%2C202%2C203%2C204%2C200%2C192%2C128%2C159%2C191%2C193%2C119%2C153%2C141%2C147%2C185%2C186%2C125%2C228%2C113%2C124%2C229%2C161%2C116%2C231%2C162%2C132%2C120%2C150%2C144%2C111
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5199f006420f41558489156d742c81cf71d3743a8f635dd32a273a8912936c70
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:13 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
GOOD; q=0.7, rtt=56, rtx=0, c=67, mss=1232, tbw=88893, tp=89, tpl=0, uplat=41, ullat=0
pragma
public
x-fb-debug
Xe6ba4bubaPerL2hP35vfokU6062Aec7me9948LhcIEVSrGn3tFbmpyn+LxgCLD2JhMGGv4yhwEwFnx2oFSF0Q==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/
0
19 B
Image
General
Full URL
https://www.facebook.com/tr/?id=284095821111767&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2F&rl=&if=false&ts=1726645333713&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=GET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=23, mss=1232, tbw=5594, tp=11, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Sep 2024 07:42:13 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
192 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=284095821111767&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2F&rl=&if=false&ts=1726645333713&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=FGET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7415885238882246582"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:13 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
57FiwliHWUbzoba6JUJH/msO8i/fScf3yddZc74cmuTb9mvlcGBdQqP/Cd6TaQq+UuCmux1GQuAaugMdNVeK+A==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7415885238882246582", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=23, mss=1232, tbw=5914, tp=13, tpl=0, uplat=17, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
en_US
i18n-001fxh9.jiezhixinjituan.com/api/v2/i18n/PROD/diff/fluid/114/122/ Frame
0
0
Preflight
General
Full URL
https://i18n-001fxh9.jiezhixinjituan.com/api/v2/i18n/PROD/diff/fluid/114/122/en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-116.ewr53.r.cloudfront.net
Software
nginx/1.14.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-checksum
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Requested-With,If-Modified-Since,Cache-Control,Range,x-checksum,accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,appType,currency
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-max-age
1728000
date
Wed, 18 Sep 2024 07:42:13 GMT
server
nginx/1.14.1
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-amz-cf-id
7-_JH4QBYMMLbDag7O_YM1LW_0j93owKmC3QtwZdlSBJWrpQl1kRcQ==
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
en_US
i18n-001fxh9.jiezhixinjituan.com/api/v2/i18n/PROD/diff/fluid/114/122/
4 KB
2 KB
XHR
General
Full URL
https://i18n-001fxh9.jiezhixinjituan.com/api/v2/i18n/PROD/diff/fluid/114/122/en_US
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-116.ewr53.r.cloudfront.net
Software
nginx/1.14.1 /
Resource Hash
2f966b58f66198c6cdc8ae9867c304f6dc092f24c63b61cca8ffa2c9c9f2dc94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
Referer
https://8xbe493.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

access-control-max-age
1728000
access-control-expose-headers
Content-Length,Content-Range
content-encoding
gzip
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
Miss from cloudfront
x-amz-cf-id
H_uQ07zUbQyD8wPVLTPWr91O5QN5KDB5vD_mgvyx19guH4istxt6Nw==
date
Wed, 18 Sep 2024 07:42:14 GMT
content-type
application/json
vary
Accept-Encoding
access-control-allow-headers
DNT,X-Requested-With,If-Modified-Since,Cache-Control,Range,x-checksum,accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,appType,currency
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-credentials
true
via
1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
1687
x-amz-cf-pop
EWR53-C2
server
nginx/1.14.1
mapping
001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/thirdparty/game/currency/ Frame
0
0
Preflight
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/thirdparty/game/currency/mapping?isLogin=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
apptype,browser,device,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,x-checksum,pc
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2ba2f518cb9-EWR
content-length
0
date
Wed, 18 Sep 2024 07:42:14 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-content-type-options
nosniff
x-csv
false
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
config
001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/user/tiger-system/ Frame
0
0
Preflight
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/user/tiger-system/config?terminal=1&isLogin=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
apptype,browser,device,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,x-checksum,pc
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2ba2f548cb9-EWR
content-length
0
date
Wed, 18 Sep 2024 07:42:14 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-content-type-options
nosniff
x-csv
false
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
language
001eqvscmhs017ondjp-api.8xdfd3t6f.com/im/api-gateway/v1/anchor/web-anchor/ Frame
0
0
Preflight
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/im/api-gateway/v1/anchor/web-anchor/language
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
accept-language,apptype,browser,device,pvd,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,x-checksum,sport-token,pvd
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2ba2f558cb9-EWR
content-length
0
date
Wed, 18 Sep 2024 07:42:14 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-content-type-options
nosniff
x-csv
false
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
constants
001eqvscmhs017ondjp-api.8xdfd3t6f.com/im/api-gateway/v1/anchor/web-anchor/language/ Frame
0
0
Preflight
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/im/api-gateway/v1/anchor/web-anchor/language/constants
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
accept-language,apptype,browser,device,pvd,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,x-checksum,sport-token,pvd
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2ba2f4f8cb9-EWR
content-length
0
date
Wed, 18 Sep 2024 07:42:14 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-content-type-options
nosniff
x-csv
false
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
customerService
001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/sysmaintenance/ Frame
0
0
Preflight
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/sysmaintenance/customerService
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
apptype,browser,device,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,x-checksum,pc
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2ba2f588cb9-EWR
content-length
0
date
Wed, 18 Sep 2024 07:42:14 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-content-type-options
nosniff
x-csv
false
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
menu
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/v2/sport/index/ Frame
0
0
Preflight
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/v2/sport/index/menu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
apptype,browser,device,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,x-checksum,region
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2ba2f4a8cb9-EWR
content-length
0
date
Wed, 18 Sep 2024 07:42:14 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-content-type-options
nosniff
x-csv
false
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
market_property_setting
001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/systatus/proxy/sports/prod/Java/json/en-us/ Frame
0
0
Preflight
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/systatus/proxy/sports/prod/Java/json/en-us/market_property_setting
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
apptype,browser,device,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,x-checksum,pc
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2ba2f4b8cb9-EWR
content-length
0
date
Wed, 18 Sep 2024 07:42:14 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-content-type-options
nosniff
x-csv
false
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
market_property_setting_group.json
kq2v379m73nkp9b001-fe-source.8xdfd3t6f.com/frontend/prod/fe-lib/sports/ Frame
0
0
Preflight
General
Full URL
https://kq2v379m73nkp9b001-fe-source.8xdfd3t6f.com/frontend/prod/fe-lib/sports/market_property_setting_group.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
browser,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
browser,currency,devicemode,phonebrand,screen,time-zone,x-uuid,x-checksum
access-control-allow-methods
GET, HEAD, OPTIONS
access-control-allow-origin
*
access-control-max-age
0
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2b91af5191b-EWR
date
Wed, 18 Sep 2024 07:42:14 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
market-option
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/bets/ Frame
0
0
Preflight
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/bets/market-option?pvd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
apptype,browser,device,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,x-checksum,region
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2ba2f4c8cb9-EWR
content-length
0
date
Wed, 18 Sep 2024 07:42:14 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-content-type-options
nosniff
x-csv
false
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
tour-level
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/bets/ Frame
0
0
Preflight
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/bets/tour-level?pvd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
apptype,browser,device,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,x-checksum,region
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2ba2f4d8cb9-EWR
content-length
0
date
Wed, 18 Sep 2024 07:42:14 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-content-type-options
nosniff
x-csv
false
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
mapping
001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/thirdparty/game/currency/
3 KB
915 B
XHR
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/thirdparty/game/currency/mapping?isLogin=false
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cad72a1e03907ba19d15d22a63b86d07a7153f10c1bb95bd4486f779637e12b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en-us
screen
1600x1200
device
mobile
appType
2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:14 GMT
content-type
application/json;charset=UTF-8
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-csv
false
x-frame-options
SAMEORIGIN
x-envoy-upstream-service-time
46
x-js-verification
false
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8c4fb2bbe8a38cb9-EWR
access-control-allow-origin
https://8xbe493.app
x-xss-protection
1; mode=block
server
cloudflare
config
001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/user/tiger-system/
721 B
865 B
XHR
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/user/tiger-system/config?terminal=1&isLogin=false
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f9a452ddf2ce663910737d7113476315f9e556de87af4dc41bd03035fe9dd2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en-us
screen
1600x1200
device
mobile
appType
2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

content-encoding
br
cf-cache-status
MISS
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 07:47:14 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:14 GMT
content-type
application/json;charset=UTF-8
last-modified
Wed, 18 Sep 2024 07:42:14 GMT
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-csv
false
x-frame-options
SAMEORIGIN
cache-control
public, max-age=300
x-envoy-upstream-service-time
8
x-js-verification
false
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8c4fb2bd09ac8cb9-EWR
access-control-allow-origin
https://8xbe493.app
x-xss-protection
1; mode=block
server
cloudflare
language
001eqvscmhs017ondjp-api.8xdfd3t6f.com/im/api-gateway/v1/anchor/web-anchor/
3 KB
2 KB
XHR
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/im/api-gateway/v1/anchor/web-anchor/language
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d17e761bf8fb409e48d54260b27601c9f254a1c5fbb41215d494e483f45b7cee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en_US
screen
1600x1200
pvd
1
device
mobile
appType
2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

content-encoding
br
cf-cache-status
MISS
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
access-control-allow-methods
POST, OPTIONS, GET, PUT, DELETE, PATCH
expires
Wed, 18 Sep 2024 07:52:14 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:14 GMT
content-type
application/json; charset=utf-8
last-modified
Wed, 18 Sep 2024 07:42:14 GMT
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-csv
false
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
x-frame-options
SAMEORIGIN
cache-control
public, max-age=600
x-envoy-upstream-service-time
1
x-js-verification
false
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8c4fb2bc08ad8cb9-EWR
access-control-allow-origin
https://8xbe493.app
x-xss-protection
1; mode=block
server
cloudflare
constants
001eqvscmhs017ondjp-api.8xdfd3t6f.com/im/api-gateway/v1/anchor/web-anchor/language/
508 B
860 B
XHR
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/im/api-gateway/v1/anchor/web-anchor/language/constants
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3d43bcc1eef8926d858242a3cb0beac4d6a213b31bc904f6ea5002244df444d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en_US
screen
1600x1200
pvd
1
device
mobile
appType
2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

content-encoding
br
cf-cache-status
MISS
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
access-control-allow-methods
POST, OPTIONS, GET, PUT, DELETE, PATCH
expires
Wed, 18 Sep 2024 07:52:14 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:14 GMT
content-type
application/json; charset=utf-8
last-modified
Wed, 18 Sep 2024 07:42:14 GMT
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-csv
false
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
x-frame-options
SAMEORIGIN
cache-control
public, max-age=600
x-envoy-upstream-service-time
1
x-js-verification
false
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8c4fb2bc38cf8cb9-EWR
access-control-allow-origin
https://8xbe493.app
x-xss-protection
1; mode=block
server
cloudflare
customerService
001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/sysmaintenance/
434 B
630 B
XHR
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/sysmaintenance/customerService
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9dfe201636fcff850f5c263c5b60b0d8371069b61978ec961af54b9b289f968
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en-us
screen
1600x1200
device
mobile
appType
2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:14 GMT
content-type
application/json;charset=UTF-8
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-csv
false
x-frame-options
SAMEORIGIN
x-envoy-upstream-service-time
13
x-js-verification
false
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8c4fb2bc38d28cb9-EWR
access-control-allow-origin
https://8xbe493.app
x-xss-protection
1; mode=block
server
cloudflare
menu
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/v2/sport/index/
872 B
835 B
XHR
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/v2/sport/index/menu
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daaff45223f93b1714fd283ec8497f5ee78cdb71f36dc3587099dbe713e7a677
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en-us
screen
1600x1200
device
mobile
appType
2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

sport-request-id
69e4261e-57a6-4e6b-8ed9-861c9a5f5f25
cf-cache-status
MISS
content-encoding
br
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 07:42:24 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:14 GMT
content-type
application/json;charset=UTF-8
last-modified
Wed, 18 Sep 2024 07:42:14 GMT
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-csv
false
x-frame-options
SAMEORIGIN
cache-control
public, max-age=10
x-envoy-upstream-service-time
4
x-js-verification
false
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8c4fb2bc38ce8cb9-EWR
access-control-allow-origin
https://8xbe493.app
x-xss-protection
1; mode=block
server
cloudflare
market_property_setting
001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/systatus/proxy/sports/prod/Java/json/en-us/
645 KB
35 KB
XHR
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/systatus/proxy/sports/prod/Java/json/en-us/market_property_setting
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e06196b57998e04e0e5cc8b78b030f8351868def039e1f419dfada1f4d443c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en-us
screen
1600x1200
device
mobile
appType
2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/json
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-csv
false
x-frame-options
SAMEORIGIN
x-envoy-upstream-service-time
73
x-js-verification
false
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8c4fb2bd09a48cb9-EWR
access-control-allow-origin
https://8xbe493.app
x-xss-protection
1; mode=block
server
cloudflare
market_property_setting_group.json
kq2v379m73nkp9b001-fe-source.8xdfd3t6f.com/frontend/prod/fe-lib/sports/
69 KB
4 KB
XHR
General
Full URL
https://kq2v379m73nkp9b001-fe-source.8xdfd3t6f.com/frontend/prod/fe-lib/sports/market_property_setting_group.json
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
713c63272e30567b0a739869da93fa1a2aef45ff3f042e959f52341fba995da3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en-us
screen
1600x1200
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"44f631001744cfcc49759d2d98ebb7f4"
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, OPTIONS
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:14 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Thu, 12 Sep 2024 03:29:49 GMT
access-control-allow-headers
browser,currency,devicemode,phonebrand,screen,time-zone,x-uuid,x-checksum
x-frame-options
SAMEORIGIN
cache-control
max-age=300
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2bb0ba0191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
market-option
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/bets/
17 KB
4 KB
XHR
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/bets/market-option?pvd=1
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3aa46babe19081e4e58a47c06247ccae40bbd3f0b4d133845627ea2e0cce2f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en-us
screen
1600x1200
device
mobile
appType
2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

sport-request-id
572276aa-d4ab-4966-9e8c-ef27bb9300e4
cf-cache-status
MISS
content-encoding
br
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 07:47:14 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:14 GMT
content-type
application/json;charset=UTF-8
last-modified
Wed, 18 Sep 2024 07:42:14 GMT
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-csv
false
x-frame-options
SAMEORIGIN
cache-control
public, max-age=300
x-envoy-upstream-service-time
9
x-js-verification
false
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8c4fb2bc28bc8cb9-EWR
access-control-allow-origin
https://8xbe493.app
x-xss-protection
1; mode=block
server
cloudflare
tour-level
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/bets/
88 KB
32 KB
XHR
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/bets/tour-level?pvd=1
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87816e8b9d0cad50f88398be843fb6afce3e63ab46a6f49a5dec23a190e4c716
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en-us
screen
1600x1200
device
mobile
appType
2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

sport-request-id
51518449-41a1-4e96-af0f-01ae6453a6fb
cf-cache-status
MISS
content-encoding
br
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 07:47:14 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:14 GMT
content-type
application/json;charset=UTF-8
last-modified
Wed, 18 Sep 2024 07:42:14 GMT
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-csv
false
x-frame-options
SAMEORIGIN
cache-control
public, max-age=300
x-envoy-upstream-service-time
18
x-js-verification
false
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8c4fb2bbe8a28cb9-EWR
access-control-allow-origin
https://8xbe493.app
x-xss-protection
1; mode=block
server
cloudflare
sysmaintenances
001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/sysmaintenance/
1 KB
894 B
XHR
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/sysmaintenance/sysmaintenances
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd027e66aa9d7df91fe6c67a2f28cad2eeebf8e6e5ab0003fa2852db4c0b9297
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en-us
screen
1600x1200
device
mobile
appType
2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

content-encoding
br
cf-cache-status
MISS
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 07:43:14 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:14 GMT
content-type
application/json;charset=UTF-8
last-modified
Wed, 18 Sep 2024 07:42:14 GMT
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-csv
false
x-frame-options
SAMEORIGIN
cache-control
public, max-age=60
x-envoy-upstream-service-time
12
x-js-verification
false
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8c4fb2bc38d18cb9-EWR
access-control-allow-origin
https://8xbe493.app
x-xss-protection
1; mode=block
server
cloudflare
switch
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sports/
266 B
653 B
XHR
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sports/switch?device=mobile
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cdc89d3a5d884fdf82af21db9ca2b9ea9f7d7c8884256c602cef1158e727126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en-us
screen
1600x1200
device
mobile
appType
2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

sport-request-id
1c1c7581-5e44-4a87-b8db-7e7d21c9d06f
cf-cache-status
MISS
content-encoding
br
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 07:47:14 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:14 GMT
content-type
application/json;charset=UTF-8
last-modified
Wed, 18 Sep 2024 07:42:14 GMT
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-csv
false
x-frame-options
SAMEORIGIN
cache-control
public, max-age=300
x-envoy-upstream-service-time
3
x-js-verification
false
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8c4fb2bc48d48cb9-EWR
access-control-allow-origin
https://8xbe493.app
x-xss-protection
1; mode=block
server
cloudflare
switch
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/euro-cup/
64 B
603 B
XHR
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/euro-cup/switch
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc750913a5a7456fcfe9a392d432bc3f34480c0864178a142d858eb55f429e2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en-us
screen
1600x1200
device
mobile
appType
2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

sport-request-id
2e46fa22-5ead-48c7-9523-6383f9abf9eb
cf-cache-status
MISS
content-encoding
br
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 07:47:14 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:14 GMT
content-type
application/json;charset=UTF-8
last-modified
Wed, 18 Sep 2024 07:42:14 GMT
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-csv
false
x-frame-options
SAMEORIGIN
cache-control
public, max-age=300
x-envoy-upstream-service-time
6
x-js-verification
false
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8c4fb2bbd8948cb9-EWR
access-control-allow-origin
https://8xbe493.app
x-xss-protection
1; mode=block
server
cloudflare
downloadCheckRegion
001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/user/
161 B
569 B
XHR
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/user/downloadCheckRegion?device=undefined
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aeb7ce2d35ee4d4b5bc34067eb323e2b6d82c2f9a9c0eb56513649d9525a5dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en-us
screen
1600x1200
device
mobile
appType
2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:14 GMT
content-type
application/json;charset=UTF-8
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-csv
false
x-frame-options
SAMEORIGIN
x-envoy-upstream-service-time
10
x-js-verification
false
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8c4fb2bc28bd8cb9-EWR
access-control-allow-origin
https://8xbe493.app
x-xss-protection
1; mode=block
server
cloudflare
sysmaintenances
001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/sysmaintenance/ Frame
0
0
Preflight
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/sysmaintenance/sysmaintenances
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
apptype,browser,device,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,x-checksum,pc
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2ba2f4e8cb9-EWR
content-length
0
date
Wed, 18 Sep 2024 07:42:14 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-content-type-options
nosniff
x-csv
false
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
switch
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sports/ Frame
0
0
Preflight
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sports/switch?device=mobile
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
apptype,browser,device,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,x-checksum,region
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2ba2f478cb9-EWR
content-length
0
date
Wed, 18 Sep 2024 07:42:14 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-content-type-options
nosniff
x-csv
false
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
switch
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/euro-cup/ Frame
0
0
Preflight
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/euro-cup/switch
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
apptype,browser,device,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,x-checksum,region
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2ba2f458cb9-EWR
content-length
0
date
Wed, 18 Sep 2024 07:42:14 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-content-type-options
nosniff
x-csv
false
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
downloadCheckRegion
001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/user/ Frame
0
0
Preflight
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/user/downloadCheckRegion?device=undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
apptype,browser,device,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,x-checksum,pc
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2ba2f488cb9-EWR
content-length
0
date
Wed, 18 Sep 2024 07:42:14 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-content-type-options
nosniff
x-csv
false
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
375407261712370
connect.facebook.net/signals/config/
23 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/375407261712370?v=2.9.167&r=stable&domain=8xbe493.app&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C196%2C195%2C197%2C202%2C203%2C204%2C200%2C192%2C128%2C159%2C191%2C193%2C119%2C153%2C141%2C147%2C185%2C186%2C125%2C228%2C113%2C124%2C229%2C161%2C116%2C231%2C162%2C132%2C120%2C150%2C144%2C111
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8ed85a2c9e6944e4f20aa370bd6c4629422bddbce087175e7f8a986a11d5bf6c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:13 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
GOOD; q=0.7, rtt=77, rtx=0, c=67, mss=1232, tbw=92205, tp=94, tpl=0, uplat=36, ullat=0
pragma
public
x-fb-debug
5nOQl4ywrxuCEORX25gTOiVBXZlX4f0FnvOGxQg87p0e55BaB9S56HcFuGxJ6tbF52hdEhe3Z0J/C1Uu5c0Tiw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1049161216101108&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2F&rl=&if=false&ts=1726645333928&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=GET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=68, rtx=0, c=26, mss=1232, tbw=9274, tp=19, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Sep 2024 07:42:13 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
194 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1049161216101108&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2F&rl=&if=false&ts=1726645333928&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=FGET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7415885238059846503"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:13 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
gzDYLDN2/kITG5DHhtlS0o9fOz8Zup++PzncyVwwCC0pSnBdkzcre0dsz+co3eW+yL7eGuL+v4t3qr2JW4virw==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7415885238059846503", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=68, rtx=0, c=26, mss=1232, tbw=9482, tp=22, tpl=0, uplat=17, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
timezone-9eca21cf.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
2 KB
1 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/timezone-9eca21cf.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd7a47de9ede0eeb07f413eee335ced9bf103699f898ee36adecd8878ef2812c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
HIT
etag
W/"675a77bb40fb21bdbf3b40c2d4c5d706"
age
144550
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:13 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:46:10 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2b93af9191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
timezone_en-us-739f51bc.json
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
33 KB
6 KB
XHR
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/timezone_en-us-739f51bc.json
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
739f51bc3ab37ab91a77eccbd89f2e5179de661859caaed3c2e7cc1d12e9ed24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://8xbe493.app/

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
HIT
etag
W/"6111c0e8e2a34924ad1db32faceb2f1c"
age
144551
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:14 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Fri, 13 Sep 2024 12:12:49 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2ba2b53191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
1282028423190023
connect.facebook.net/signals/config/
24 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1282028423190023?v=2.9.167&r=stable&domain=8xbe493.app&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C196%2C195%2C197%2C202%2C203%2C204%2C200%2C192%2C128%2C159%2C191%2C193%2C119%2C153%2C141%2C147%2C185%2C186%2C125%2C228%2C113%2C124%2C229%2C161%2C116%2C231%2C162%2C132%2C120%2C150%2C144%2C111
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f8a0752295d49386e41e5eb09e04dcabab1e05cdfc8b21f17fc39e110f1a6973
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:14 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
GOOD; q=0.7, rtt=84, rtx=0, c=67, mss=1232, tbw=95469, tp=98, tpl=0, uplat=39, ullat=0
pragma
public
x-fb-debug
xNMRydHNft0/KLbfjebJnZZNXO/Vc//lLW/Kw+sT287gnKChtFp/Ei4s6Sao/LfJbsZA/pNUeiRe1mmxg2CMQg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=375407261712370&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2F&rl=&if=false&ts=1726645334106&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=GET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=82, rtx=0, c=27, mss=1232, tbw=10506, tp=26, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Sep 2024 07:42:14 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
191 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=375407261712370&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2F&rl=&if=false&ts=1726645334106&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=FGET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7415885241634915098"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:14 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
3665d4twUG2sDf9vXTl5VlTEC1CczIAp090DzjKmrLMYZzK5NcbBiqmkgC0GGxoLGZNdb321inkxeKMcXRq5TA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7415885241634915098", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=82, rtx=0, c=27, mss=1232, tbw=10698, tp=28, tpl=0, uplat=17, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
649891340412960
connect.facebook.net/signals/config/
24 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/649891340412960?v=2.9.167&r=stable&domain=8xbe493.app&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C196%2C195%2C197%2C202%2C203%2C204%2C200%2C192%2C128%2C159%2C191%2C193%2C119%2C153%2C141%2C147%2C185%2C186%2C125%2C228%2C113%2C124%2C229%2C161%2C116%2C231%2C162%2C132%2C120%2C150%2C144%2C111
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cf39967458343a39c6ecf520747f9c62216760eb46acd489cef83ea752ddee1e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:14 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
GOOD; q=0.7, rtt=81, rtx=0, c=67, mss=1232, tbw=98877, tp=103, tpl=0, uplat=38, ullat=0
pragma
public
x-fb-debug
zaZGQ9NRyRQKvH1IGW3J3GzOo+G+/qubaw9oay25zuyWChEI2YQytNOKIwIqWjgtfdZR2FM6oK/1aDXDCGCJSg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1282028423190023&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2F&rl=&if=false&ts=1726645334257&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=GET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=80, rtx=0, c=28, mss=1232, tbw=11722, tp=32, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Sep 2024 07:42:14 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
192 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1282028423190023&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2F&rl=&if=false&ts=1726645334257&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=FGET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7415885241781717357"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:14 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
YdqHpCixHRFnHOZXfaXUlb7VEPV5NAlyW96ovG1kI9O2h0lsz3XGteI2y/oyhv7MjM9FBR1W+iiac6HQNRWlNg==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7415885241781717357", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=80, rtx=0, c=28, mss=1232, tbw=11882, tp=34, tpl=0, uplat=16, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
7227341910643335
connect.facebook.net/signals/config/
23 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/7227341910643335?v=2.9.167&r=stable&domain=8xbe493.app&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C196%2C195%2C197%2C202%2C203%2C204%2C200%2C192%2C128%2C159%2C191%2C193%2C119%2C153%2C141%2C147%2C185%2C186%2C125%2C228%2C113%2C124%2C229%2C161%2C116%2C231%2C162%2C132%2C120%2C150%2C144%2C111
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4700baf4ac786b1e95031d2b6ba840380a342e9cc3f4d41481456541be1f132a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:14 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
GOOD; q=0.7, rtt=70, rtx=0, c=67, mss=1232, tbw=102253, tp=108, tpl=0, uplat=39, ullat=0
pragma
public
x-fb-debug
0bgyzvVphO9LUlrQLaTUrRDcT4Uhq1KrNMyhN9iI571+T6x0kjTVpFi3Em/PV9Hbmm4Z+BfdiZFALJ+shlJuRw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=649891340412960&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2F&rl=&if=false&ts=1726645334428&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=GET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=68, rtx=0, c=29, mss=1232, tbw=12954, tp=39, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Sep 2024 07:42:14 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
193 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=649891340412960&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2F&rl=&if=false&ts=1726645334428&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=FGET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7415885242294986528"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:14 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
/KEUdfYeZmhDbTzN0te06UlD8rMSTrY38ybpEhwC+24uOBZontEerTktKzKn5ZgZ8eLMcf+PNl5ZIxiZTFiN8w==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7415885242294986528", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=68, rtx=0, c=29, mss=1232, tbw=13114, tp=41, tpl=0, uplat=19, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
990819005347244
connect.facebook.net/signals/config/
24 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/990819005347244?v=2.9.167&r=stable&domain=8xbe493.app&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C196%2C195%2C197%2C202%2C203%2C204%2C200%2C192%2C128%2C159%2C191%2C193%2C119%2C153%2C141%2C147%2C185%2C186%2C125%2C228%2C113%2C124%2C229%2C161%2C116%2C231%2C162%2C132%2C120%2C150%2C144%2C111
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9c7458101aeb51328fe01d46e2fad5ece4996682602ff035748cf57c72e7620b
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:14 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
GOOD; q=0.7, rtt=63, rtx=0, c=67, mss=1232, tbw=105597, tp=113, tpl=0, uplat=38, ullat=0
pragma
public
x-fb-debug
PRLtkepUxbTw5JJ1Q7CIPxJxoGzB6foFexqDlqwwmxnN19zewt+J2OxAfRbYCb9Un3U+7mbKrXxgMxD0KBX9kg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=7227341910643335&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2F&rl=&if=false&ts=1726645334586&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=GET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=58, rtx=0, c=30, mss=1232, tbw=14186, tp=46, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Sep 2024 07:42:14 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
193 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=7227341910643335&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2F&rl=&if=false&ts=1726645334586&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=FGET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7415885243060380643"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:14 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
ysqFCbrxVKNcjUiQHHsHemSQOQ15gq8h5s90m8cPY2LwIb+Ppuk1EwFS/NKCmNRBcMd1HZk3fCJEG8kaizJULw==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7415885243060380643", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=58, rtx=0, c=30, mss=1232, tbw=14346, tp=48, tpl=0, uplat=20, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
872220670943117
connect.facebook.net/signals/config/
23 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/872220670943117?v=2.9.167&r=stable&domain=8xbe493.app&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C196%2C195%2C197%2C202%2C203%2C204%2C200%2C192%2C128%2C159%2C191%2C193%2C119%2C153%2C141%2C147%2C185%2C186%2C125%2C228%2C113%2C124%2C229%2C161%2C116%2C231%2C162%2C132%2C120%2C150%2C144%2C111
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
82d5680a4446ec6927f3a8b4d625f851be1eb7937a4153a88034fc962a4d2560
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:14 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=67, mss=1232, tbw=108925, tp=117, tpl=0, uplat=35, ullat=0
pragma
public
x-fb-debug
/Xy8rJWjYPcgrsW5ixDMqgFir3d9RZaYKTCTjZpbAzVzldvT+KmGsbd1J9yrIXDDWL9nnBQoFLy35bCJLgLaHA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=990819005347244&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2F&rl=&if=false&ts=1726645334677&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=GET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=51, rtx=0, c=31, mss=1232, tbw=15370, tp=52, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Sep 2024 07:42:14 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
192 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=990819005347244&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2F&rl=&if=false&ts=1726645334677&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=FGET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7415885243280538076"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:14 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
H+18JsHi4ZL0WMsZpw7jrepb/qFWmSoRXpj2uyzv6Auc3I9LxDEgsfRyXI4ekL1XYgUtO8Oq0lvkuSW/LgAI6w==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7415885243280538076", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=51, rtx=0, c=31, mss=1232, tbw=15530, tp=54, tpl=0, uplat=18, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
urls
001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/user/download/app/
558 B
744 B
XHR
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/user/download/app/urls
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a5f36d5120b4f07b6d0b9e01958d663f0b8efd963d6bb0bf1070cea8f5cd8ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en-us
screen
1600x1200
device
mobile
appType
2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/json;charset=UTF-8
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-csv
false
x-frame-options
SAMEORIGIN
x-envoy-upstream-service-time
24
x-js-verification
false
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8c4fb2c01c068cb9-EWR
access-control-allow-origin
https://8xbe493.app
x-xss-protection
1; mode=block
server
cloudflare
urls
001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/user/download/app/ Frame
0
0
Preflight
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/user/download/app/urls
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
apptype,browser,device,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,x-checksum,pc
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2be7af98cb9-EWR
content-length
0
date
Wed, 18 Sep 2024 07:42:15 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-content-type-options
nosniff
x-csv
false
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
913749893711853
connect.facebook.net/signals/config/
24 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/913749893711853?v=2.9.167&r=stable&domain=8xbe493.app&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C196%2C195%2C197%2C202%2C203%2C204%2C200%2C192%2C128%2C159%2C191%2C193%2C119%2C153%2C141%2C147%2C185%2C186%2C125%2C228%2C113%2C124%2C229%2C161%2C116%2C231%2C162%2C132%2C120%2C150%2C144%2C111
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8823ccc18301459e1e3c8651eaaffc971b326f264973fda22a22c10f6fdce3ef
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:14 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=48, rtx=0, c=67, mss=1232, tbw=112269, tp=122, tpl=0, uplat=41, ullat=0
pragma
public
x-fb-debug
YvPlmiVBscOcs9yxmtTgTk/ED3y76HfNhuac4Q/CLNHCB9iqjYu+eyCbPxvuwZvGQGF78VFIJvhEQH+SPKA3eA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=872220670943117&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2F&rl=&if=false&ts=1726645334815&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=GET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=44, rtx=0, c=31, mss=1232, tbw=16554, tp=58, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Sep 2024 07:42:14 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
191 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=872220670943117&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2F&rl=&if=false&ts=1726645334815&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=FGET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7415885242959785926"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:14 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
7XbczhqxpFAtichafIN9wrkgnLtrbeJAZ0XCcn3Zm3STEPKF8cM/uCjMsPMU0/q1YhmdDrtrAMPZDiY2nYbwcQ==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7415885242959785926", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=44, rtx=0, c=31, mss=1232, tbw=16794, tp=61, tpl=0, uplat=19, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
triggering
001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/promotion/promotion/br/ Frame
0
0
Preflight
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/promotion/promotion/br/triggering?currency=USD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
apptype,browser,currency,device,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,x-checksum,pc
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2bf2b628cb9-EWR
content-length
0
date
Wed, 18 Sep 2024 07:42:15 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-content-type-options
nosniff
x-csv
false
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
merchantSetting
001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/user/ Frame
0
0
Preflight
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/user/merchantSetting?device=mobile&currency=USD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
apptype,browser,currency,device,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,x-checksum,pc
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2bf2b648cb9-EWR
content-length
0
date
Wed, 18 Sep 2024 07:42:15 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-content-type-options
nosniff
x-csv
false
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
agent
001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/user/merchantSetting/ Frame
0
0
Preflight
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/user/merchantSetting/agent?device=mobile&currency=USD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
apptype,browser,currency,device,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,x-checksum,pc
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2bf3b7a8cb9-EWR
content-length
0
date
Wed, 18 Sep 2024 07:42:15 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-content-type-options
nosniff
x-csv
false
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
v2
001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/user/listThirdpartyLoginMethods/ Frame
0
0
Preflight
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/user/listThirdpartyLoginMethods/v2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
apptype,browser,currency,device,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,x-checksum,pc
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2bf3b7b8cb9-EWR
content-length
0
date
Wed, 18 Sep 2024 07:42:15 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-content-type-options
nosniff
x-csv
false
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
index-bfe77249.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
1 KB
1 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-bfe77249.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b8dc5f8d2d8ac655c55992fc7dd36a92452c01027593e89e18e281c0881843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"43eadbf13c412e21b246dd6f2780a193"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:52 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2beecf9191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index-e8166ccd.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
5 KB
3 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-e8166ccd.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6ff78c6d3d6d296bbfebffba6882d830999d9605ef4053c63050a83e84a0e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"c89e09d370b8accfa0b50c5bae8f2a56"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:53 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2befcfa191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
avatar-2e6bf57e.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
26 KB
5 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/avatar-2e6bf57e.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cabba12b9c6b0f2eed215654ca7b11033dfea6503ab45f79e9e90eb1f386b25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"1cb880e0a2ac3763418d40fec4ec6614"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:44:51 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2bf0d04191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
369b864f7de597756888c657deab8921e100041ae22dbd8b792c98f7df3b0e59

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
triggering
001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/promotion/promotion/br/
104 B
413 B
XHR
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/promotion/promotion/br/triggering?currency=USD
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b6d749329207f0af84dd52e7ef06e640c95c0b9b35053db03af3422d9e1069d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en-us
screen
1600x1200
currency
USD
device
mobile
appType
2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/json;charset=UTF-8
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-csv
false
x-frame-options
SAMEORIGIN
x-envoy-upstream-service-time
10
x-js-verification
false
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8c4fb2c08c4e8cb9-EWR
access-control-allow-origin
https://8xbe493.app
x-xss-protection
1; mode=block
server
cloudflare
merchantSetting
001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/user/
2 KB
1 KB
XHR
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/user/merchantSetting?device=mobile&currency=USD
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3bf092187b59c917a7aa224efa9ca98dbac2df734e64573ba444f3ff4c71146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en-us
screen
1600x1200
currency
USD
device
mobile
appType
2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/json;charset=UTF-8
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-csv
false
x-frame-options
SAMEORIGIN
x-envoy-upstream-service-time
21
x-js-verification
false
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8c4fb2c09c558cb9-EWR
access-control-allow-origin
https://8xbe493.app
x-xss-protection
1; mode=block
server
cloudflare
agent
001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/user/merchantSetting/
1 KB
1 KB
XHR
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/user/merchantSetting/agent?device=mobile&currency=USD
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
389a2363e482d36126bf3429cc953e798f0572ff256d4ffc265a342a3092bc7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en-us
screen
1600x1200
currency
USD
device
mobile
appType
2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

content-encoding
br
cf-cache-status
MISS
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 07:47:15 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/json;charset=UTF-8
last-modified
Wed, 18 Sep 2024 07:42:15 GMT
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-csv
false
x-frame-options
SAMEORIGIN
cache-control
public, max-age=300
x-envoy-upstream-service-time
14
x-js-verification
false
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8c4fb2c0dc9a8cb9-EWR
access-control-allow-origin
https://8xbe493.app
x-xss-protection
1; mode=block
server
cloudflare
v2
001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/user/listThirdpartyLoginMethods/
600 B
740 B
XHR
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/user/listThirdpartyLoginMethods/v2
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cc5b8218559e02dec01d88a591a5b40ce753f0ed1b0c8585e1a8205771e977a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en-us
screen
1600x1200
currency
USD
device
mobile
appType
2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

content-encoding
br
cf-cache-status
MISS
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 07:47:15 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/json;charset=UTF-8
last-modified
Wed, 18 Sep 2024 07:42:15 GMT
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-csv
false
x-frame-options
SAMEORIGIN
cache-control
public, max-age=300
x-envoy-upstream-service-time
6
x-js-verification
false
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8c4fb2c0dc968cb9-EWR
access-control-allow-origin
https://8xbe493.app
x-xss-protection
1; mode=block
server
cloudflare
livingCountrySettings
001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/user/tiger-system/
10 KB
1 KB
XHR
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/user/tiger-system/livingCountrySettings
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40d6f96983e15f070d94d18673359f62b3ab7768215d896b67716a7d8e47718b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en-us
screen
1600x1200
currency
USD
device
mobile
appType
2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

content-encoding
br
cf-cache-status
MISS
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 07:47:15 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/json;charset=UTF-8
last-modified
Wed, 18 Sep 2024 07:42:15 GMT
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-csv
false
x-frame-options
SAMEORIGIN
cache-control
public, max-age=300
x-envoy-upstream-service-time
11
x-js-verification
false
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8c4fb2c09c5c8cb9-EWR
access-control-allow-origin
https://8xbe493.app
x-xss-protection
1; mode=block
server
cloudflare
promotionCode
001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/user/agent/
117 B
422 B
XHR
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/user/agent/promotionCode
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
483937ac02ee91baf02e1330c8ff65eb57ae76af45bd110284c5b6f6231c3aa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en-us
screen
1600x1200
currency
USD
device
mobile
appType
2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/json;charset=UTF-8
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-csv
false
x-frame-options
SAMEORIGIN
x-envoy-upstream-service-time
6
x-js-verification
false
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8c4fb2c0ac638cb9-EWR
access-control-allow-origin
https://8xbe493.app
x-xss-protection
1; mode=block
server
cloudflare
promotionMasters
001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/promotion/
230 B
566 B
XHR
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/promotion/promotionMasters?gameType=-1&appType=2&index=false&currency=USD&isLogin=false
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75e99cdd7e840dcbeda0e018dd257dd18ec3435b2c295ac8adc3cfca16841313
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en-us
screen
1600x1200
currency
USD
device
mobile
appType
2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

content-encoding
br
cf-cache-status
EXPIRED
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 07:47:15 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/json;charset=UTF-8
last-modified
Wed, 18 Sep 2024 07:42:15 GMT
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-csv
false
x-frame-options
SAMEORIGIN
cache-control
public, max-age=300
x-envoy-upstream-service-time
7
x-js-verification
false
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8c4fb2c0dc998cb9-EWR
access-control-allow-origin
https://8xbe493.app
x-xss-protection
1; mode=block
server
cloudflare
livingCountrySettings
001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/user/tiger-system/ Frame
0
0
Preflight
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/user/tiger-system/livingCountrySettings
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
apptype,browser,currency,device,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,x-checksum,pc
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2bf3b7c8cb9-EWR
content-length
0
date
Wed, 18 Sep 2024 07:42:15 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-content-type-options
nosniff
x-csv
false
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
promotionCode
001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/user/agent/ Frame
0
0
Preflight
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/user/agent/promotionCode
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
apptype,browser,currency,device,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,x-checksum,pc
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2bf3b7e8cb9-EWR
content-length
0
date
Wed, 18 Sep 2024 07:42:15 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-content-type-options
nosniff
x-csv
false
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
promotionMasters
001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/promotion/ Frame
0
0
Preflight
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/promotion/promotionMasters?gameType=-1&appType=2&index=false&currency=USD&isLogin=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
apptype,browser,currency,device,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,x-checksum,pc
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2bf3b7f8cb9-EWR
content-length
0
date
Wed, 18 Sep 2024 07:42:15 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-content-type-options
nosniff
x-csv
false
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
info
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/tournament/ Frame
0
0
Preflight
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/tournament/info?sid=1&sort=tournament&inplay=true&language=en-us
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
apptype,browser,currency,device,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,x-checksum,region
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2c09c548cb9-EWR
content-length
0
date
Wed, 18 Sep 2024 07:42:15 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-content-type-options
nosniff
x-csv
false
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
card
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/popular/ Frame
0
0
Preflight
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/popular/card
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
apptype,browser,currency,device,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,x-checksum,region
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2c09c578cb9-EWR
content-length
0
date
Wed, 18 Sep 2024 07:42:15 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-content-type-options
nosniff
x-csv
false
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
tournamentInfo
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/prematch/ Frame
0
0
Preflight
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/prematch/tournamentInfo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
apptype,browser,currency,device,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,x-checksum,region
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2c09c588cb9-EWR
content-length
0
date
Wed, 18 Sep 2024 07:42:15 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-content-type-options
nosniff
x-csv
false
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
info
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/tournament/ Frame
0
0
Preflight
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/tournament/info?sid=1&inplay=true&language=en-us
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
apptype,browser,currency,device,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,x-checksum,region
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2c09c598cb9-EWR
content-length
0
date
Wed, 18 Sep 2024 07:42:15 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-content-type-options
nosniff
x-csv
false
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
index-7c402a3c.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
3 KB
2 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-7c402a3c.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb25ce9049eafe780422ee56442848aae25f17a93e0dcf7e9223d88df9534ddb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"a9676b0ffd476ba4bbce3661efb1a3d2"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:52 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2bf7d2f191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
Footer-164bd5d2.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
15 KB
6 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/Footer-164bd5d2.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b02947b8590e91a2db0ee059179a9e6a7f2eb5322d9c6a766d938e7011b91997
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"4831216bc43ce4642cc4163911d4925f"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:44:44 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2bf9d3a191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index-d61f4db0.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
14 KB
6 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-d61f4db0.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b7194fc85f8d45245facdfc5755232544b4db772d8f71d943bb5ac4b9e900a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"953f6e10268b0473eccfd481fb6279d2"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:53 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2bf9d3b191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
side-menu-5438c226.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
49 KB
7 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/side-menu-5438c226.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10f6d837149efb0b41442f9eaab4ec2ecdd4a4406bb091a078edc2419cb33714
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"b3629813e6c5e39da2b6377bbe98f3f1"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:46:07 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2bfad3e191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
sport-4f184a39.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
44 KB
8 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/sport-4f184a39.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23ddec45ebe78819fc6b18c52e8c852f90468c15af84c12e6779de6d954d1dff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"5594d4536714fbce7d26cb799c3243aa"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:46:08 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2bfed51191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
logo-fd3c06da.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
2 KB
1 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/logo-fd3c06da.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8aca50e1cc5749b9013654a02cea5c87a0ede347ab2bc480b393a9bcd1cd9a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"e57a8e4683e46f883ae635f791fe746d"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:59 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2bfed52191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
info
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/tournament/
2 KB
1 KB
XHR
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/tournament/info?sid=1&sort=tournament&inplay=true&language=en-us
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f785e4eb85b670ca55d7902104fc2c8a983ee34b4afc3f374ab720e95a89a4c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en-us
screen
1600x1200
currency
USD
device
mobile
appType
2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

sport-request-id
22395388-2869-48da-88cd-036f1270700f
cf-cache-status
MISS
content-encoding
br
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 07:42:25 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/json;charset=UTF-8
last-modified
Wed, 18 Sep 2024 07:42:15 GMT
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-csv
false
x-frame-options
SAMEORIGIN
cache-control
public, max-age=10
x-envoy-upstream-service-time
10
x-js-verification
false
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8c4fb2c1fd3a8cb9-EWR
access-control-allow-origin
https://8xbe493.app
x-xss-protection
1; mode=block
server
cloudflare
card
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/popular/
10 KB
3 KB
XHR
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/popular/card
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efd7be125915ea2ebf6d2c7faf3cc5b421d65b11f075fb5ef090d368c6edf363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en-us
screen
1600x1200
currency
USD
device
mobile
appType
2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

sport-request-id
015b699c-d07e-4e14-8103-5c4f6c3b8506
cf-cache-status
MISS
content-encoding
br
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 07:42:25 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/json;charset=UTF-8
last-modified
Wed, 18 Sep 2024 07:42:15 GMT
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-csv
false
x-frame-options
SAMEORIGIN
cache-control
public, max-age=10
x-envoy-upstream-service-time
3
x-js-verification
false
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8c4fb2c22d588cb9-EWR
access-control-allow-origin
https://8xbe493.app
x-xss-protection
1; mode=block
server
cloudflare
tournamentInfo
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/prematch/
1 KB
949 B
XHR
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/prematch/tournamentInfo
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea3efa717caebc5252b262403f58d8664738902a063912e2cfc3435c63735541
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en-us
screen
1600x1200
currency
USD
device
mobile
appType
2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

sport-request-id
36b5d7b3-25cc-478a-8e6a-84032f4ba63f
cf-cache-status
MISS
content-encoding
br
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 07:47:15 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/json;charset=UTF-8
last-modified
Wed, 18 Sep 2024 07:42:15 GMT
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-csv
false
x-frame-options
SAMEORIGIN
cache-control
public, max-age=300
x-envoy-upstream-service-time
61
x-js-verification
false
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8c4fb2c22d608cb9-EWR
access-control-allow-origin
https://8xbe493.app
x-xss-protection
1; mode=block
server
cloudflare
info
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/tournament/
2 KB
1 KB
XHR
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/tournament/info?sid=1&inplay=true&language=en-us
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc940219c3316c88d41b09c1f34bb15609e7beab290918f61b292d747eff7117
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en-us
screen
1600x1200
currency
USD
device
mobile
appType
2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

sport-request-id
ebb0d7c2-efb5-4e3a-9cf6-d0ae66d9b889
cf-cache-status
MISS
content-encoding
br
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 07:42:25 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/json;charset=UTF-8
last-modified
Wed, 18 Sep 2024 07:42:15 GMT
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-csv
false
x-frame-options
SAMEORIGIN
cache-control
public, max-age=10
x-envoy-upstream-service-time
11
x-js-verification
false
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8c4fb2c22d5e8cb9-EWR
access-control-allow-origin
https://8xbe493.app
x-xss-protection
1; mode=block
server
cloudflare
tournament
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/prematch/
1 MB
117 KB
XHR
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/prematch/tournament?sid=1&date=todayAndAll&sort=tournament&inplay=false
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0144170b6557fdd5463bb97f85366b0d3fac64465e18834d60905487b157be8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en-us
screen
1600x1200
currency
USD
device
mobile
appType
2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

sport-request-id
af4c0b5e-9050-4510-b64e-c33b369163bd
cf-cache-status
MISS
content-encoding
br
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 07:43:15 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/json;charset=UTF-8
last-modified
Wed, 18 Sep 2024 07:42:15 GMT
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-csv
false
x-frame-options
SAMEORIGIN
cache-control
public, max-age=60
x-envoy-upstream-service-time
44
x-js-verification
false
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8c4fb2c22d638cb9-EWR
access-control-allow-origin
https://8xbe493.app
x-xss-protection
1; mode=block
server
cloudflare
info
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/tournament/
271 KB
34 KB
XHR
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/tournament/info?sid=1&inplay=false&date=24h&language=en-us
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c57b5c1e43ed169c7b362275e420f41da00be1236439d1f4658c6687631ebcb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en-us
screen
1600x1200
currency
USD
device
mobile
appType
2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

sport-request-id
a04cf25c-027f-48e6-923e-98d1e85f45f3
cf-cache-status
MISS
content-encoding
br
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 07:42:25 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/json;charset=UTF-8
last-modified
Wed, 18 Sep 2024 07:42:15 GMT
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-csv
false
x-frame-options
SAMEORIGIN
cache-control
public, max-age=10
x-envoy-upstream-service-time
17
x-js-verification
false
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8c4fb2c22d628cb9-EWR
access-control-allow-origin
https://8xbe493.app
x-xss-protection
1; mode=block
server
cloudflare
tournament
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/prematch/ Frame
0
0
Preflight
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/prematch/tournament?sid=1&date=todayAndAll&sort=tournament&inplay=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
apptype,browser,currency,device,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,x-checksum,region
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2c09c5a8cb9-EWR
content-length
0
date
Wed, 18 Sep 2024 07:42:15 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-content-type-options
nosniff
x-csv
false
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
info
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/tournament/ Frame
0
0
Preflight
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/tournament/info?sid=1&inplay=false&date=24h&language=en-us
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
apptype,browser,currency,device,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,x-checksum,region
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2c09c5b8cb9-EWR
content-length
0
date
Wed, 18 Sep 2024 07:42:15 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-content-type-options
nosniff
x-csv
false
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
pixel
analytics.tiktok.com/api/v2/
0
877 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcyYmY3Y2UyMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.111.30 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-111-30.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://8xbe493.app/

Response headers

x-cache-remote
TCP_MISS from a23-218-222-76.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Wed, 18 Sep 2024 07:42:15 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=14, origin; dur=21, inner; dur=17
x-cache
TCP_MISS from a23-44-200-156.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
date
Wed, 18 Sep 2024 07:42:15 GMT
x-akamai-request-id
28c59118.1bbe04d3
access-control-allow-headers
Authorization,*
x-tt-trace-host
01c40aed925e54e905c7abacbb1779f8d89192591232274f45851bb15aeae40fe0dd9dffa442dd71e4dbb99a7652971a2185556e009d5ac2bd8b817e080dbcb56105b593317ec04e9fa273b19af13829c40a945115552575695bfd19860c3ccbb6e348eabff060c75722a56402ed1a5ba2
x-origin-response-time
21,23.218.222.76
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-2409180742150F76067DAF98716F9C21-0160F8E7874CABC6-00
content-length
0
x-parent-response-time
29,23.44.200.156
x-tt-logid
202409180742150F76067DAF98716F9C21
server
nginx
pixel
analytics.tiktok.com/api/v2/
0
880 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcyYmY3Y2UyMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.111.30 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-111-30.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://8xbe493.app/

Response headers

x-cache-remote
TCP_MISS from a23-218-222-88.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Wed, 18 Sep 2024 07:42:15 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=14, origin; dur=24, inner; dur=19
x-cache
TCP_MISS from a23-44-200-156.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
date
Wed, 18 Sep 2024 07:42:15 GMT
x-akamai-request-id
863325b5.1bbe04d4
access-control-allow-headers
Authorization,*
x-tt-trace-host
01c40aed925e54e905c7abacbb1779f8d89192591232274f45851bb15aeae40fe0ba1331baae9ad3b591f092a7b6750e56ff81026634a2149f8c56f6a569c4d69c12d50f864eb580763d8d788bbe43aeaf25fd0a092c9841ff1f2e905075528f1a69ff400bca1b970a90fdf28812f29509
x-origin-response-time
24,23.218.222.88
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-2409180742159B3E9D0D69A2FD5E666A-2FF9D72F5FEA7DB6-00
content-length
0
x-parent-response-time
31,23.44.200.156
x-tt-logid
202409180742159B3E9D0D69A2FD5E666A
server
nginx
258547467105651
connect.facebook.net/signals/config/
23 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/258547467105651?v=2.9.167&r=stable&domain=8xbe493.app&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C196%2C195%2C197%2C202%2C203%2C204%2C200%2C192%2C128%2C159%2C191%2C193%2C119%2C153%2C141%2C147%2C185%2C186%2C125%2C228%2C113%2C124%2C229%2C161%2C116%2C231%2C162%2C132%2C120%2C150%2C144%2C111
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8de1b212909b38e32bd73b21cb88bc1755f4b28afea192caa34d9e2290f7b455
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=45, rtx=0, c=67, mss=1232, tbw=115677, tp=127, tpl=0, uplat=38, ullat=0
pragma
public
x-fb-debug
q7HoOKMOVSXBBDcQR2xYXYeNJjBJFxTGvriNgxONs3lCufGNOd5aFRbAmDhsOCh3tMErDT6gFmeZn3UW98EIpA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=913749893711853&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2FsportEvents&rl=&if=false&ts=1726645335176&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=GET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=32, mss=1232, tbw=17818, tp=65, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
192 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=913749893711853&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2FsportEvents&rl=&if=false&ts=1726645335176&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=FGET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7415885246634184621"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
ZJVzdFfCRSh2jS6NnAueQboEu5wxmEoZ88mqyBYB5faoHhg/Sc22jTFnwcuQcMqAXJVjLqGEl0hIvWyzVkBH/w==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7415885246634184621", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=32, mss=1232, tbw=18058, tp=68, tpl=0, uplat=16, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
index-634a83d5.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
6 KB
3 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-634a83d5.js
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09aa6106d6b9789309734ee4f9d37ec72eb06112a19d11116466faa42b844664
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-e8166ccd.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"8944da294ed519214a9827cc49ffbb40"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:51 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c0fdb7191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index-1fdaf75e.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
8 KB
4 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1fdaf75e.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30e107f0fd9d8746e6254db96d0121d8a7859a67f146f743a26bf84f0d7e2d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"da13761620597d4886734f7d1db06d12"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:51 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c0fdb8191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index-c7130157.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
1 KB
1 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-c7130157.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a957e7d42322baa921d49b0d50aa521981f1aac41afc7443b3eb024d9b803c8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"1afa2d9b1482c676a88dce3ea6947ada"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:52 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c11dbd191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index-27a62f7a.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
5 KB
3 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-27a62f7a.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b16645a57d43e13a1c11d22821fe4f35eb38bdb2a89e85e86332e2550f0f2666
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"1ff72c8bfce6a53856c94a3085a6fc12"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:51 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c11dbf191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index-c329268d.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
156 KB
50 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-c329268d.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed4dc6abd5bfb298c1e6a5bb867e1864dd893db9f84dc7f41b0c869315f17a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"4ecd1358b7214839226d7674b4745588"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:52 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c11dc0191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
baseball@3x-6c80c3e9.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
4 KB
5 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/baseball@3x-6c80c3e9.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c80c3e9f044583940670ba70dc78298df90bc263bd92b560209c477269f1f59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"f89faacc61eb4017e2d01fa705cba308"
age
1605413
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
binary/octet-stream
last-modified
Thu, 29 Aug 2024 05:48:38 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c24db8422b-EWR
accept-ranges
bytes
content-length
4480
x-xss-protection
1; mode=block
server
cloudflare
score@3x-8cc28d32.png
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
680 B
1 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/score@3x-8cc28d32.png
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64a3abe46639f8ee97b8be78b8053e2019ab81554931588006279b86480e3847
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-bgj
imgq:85,h2pri
etag
"ac4e3ed011bdca97e6e1c399cb91a23f"
age
1605413
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=926
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
image/webp
content-disposition
inline; filename="score@3x-8cc28d32.webp"
vary
Accept
last-modified
Thu, 29 Aug 2024 05:49:56 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c24db9422b-EWR
accept-ranges
bytes
content-length
680
x-xss-protection
1; mode=block
server
cloudflare
favorite@3x-1ec884a0.png
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
4 KB
4 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/favorite@3x-1ec884a0.png
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6b6ccbdf6d1944e9becb8a8ad4dedde959d16e5bdb1cfc29818d7d83e5cc456
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-bgj
imgq:85,h2pri
etag
"2730257ccf580807a74beedee4f9cda6"
age
466272
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
cf-polished
origFmt=png, origSize=4499
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
image/webp
content-disposition
inline; filename="favorite@3x-1ec884a0.webp"
vary
Accept
last-modified
Thu, 12 Sep 2024 03:42:38 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c24dc4422b-EWR
accept-ranges
bytes
content-length
3808
x-xss-protection
1; mode=block
server
cloudflare
bd1-manchester-0947702f.png
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

favorite@3x-d1c5b0f7.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
3 KB
4 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/favorite@3x-d1c5b0f7.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1c5b0f7c2ce1d1b999ed18ddd3b16671558bacc723dcadbaf0a6ea7282b8d72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"f4385b99ce6fce27f0aa3ab63cce7eea"
age
478216
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
binary/octet-stream
last-modified
Tue, 10 Sep 2024 02:45:46 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c24dce422b-EWR
accept-ranges
bytes
content-length
3566
x-xss-protection
1; mode=block
server
cloudflare
bd1-manchester-3de2cfb2.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
6 KB
6 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/bd1-manchester-3de2cfb2.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3de2cfb2b645c8dad7c3e024f90ebe9ca745fd8cc87637fa1fe771d97f68af7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"59d69f30040431ac6d0b116a8c8d71ad"
age
1605413
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
binary/octet-stream
last-modified
Thu, 29 Aug 2024 05:48:48 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c24dd3422b-EWR
accept-ranges
bytes
content-length
5874
x-xss-protection
1; mode=block
server
cloudflare
Home@3x-4330c5c5.png
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

tennis@3x-4b8b4017.png
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

score@3x-e29ef533.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
2 KB
2 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/score@3x-e29ef533.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e29ef5332bdc55fbaa7d0170397d446c9d30c889eb284347267cb83db64688d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"cc16cb5632f19c341b141e07f3725100"
age
1605413
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
binary/octet-stream
last-modified
Thu, 29 Aug 2024 05:49:56 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c24dda422b-EWR
accept-ranges
bytes
content-length
1702
x-xss-protection
1; mode=block
server
cloudflare
gift@3x-49127621.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
4 KB
4 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/gift@3x-49127621.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49127621beb5d0a0d790d2765a5c397c124683303f34d4491eb90d2dcf45f75a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"49ae4db0dcfbe517608dc40c410fd6cf"
age
1605413
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
binary/octet-stream
last-modified
Thu, 29 Aug 2024 05:49:24 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c24ddd422b-EWR
accept-ranges
bytes
content-length
4026
x-xss-protection
1; mode=block
server
cloudflare
tennis@3x-df74cbf0.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
5 KB
5 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/tennis@3x-df74cbf0.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df74cbf05565fd69a9d756142726bcf288d94a6e13e3b362b24b457149985cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"808d9e830aedebc708dbcf2bc75a3927"
age
1605413
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
binary/octet-stream
last-modified
Thu, 29 Aug 2024 05:50:00 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c24dde422b-EWR
accept-ranges
bytes
content-length
5146
x-xss-protection
1; mode=block
server
cloudflare
record@3x-3b7d7441.png
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

basketball@3x-c67ca619.png
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

scoreboard@3x-a4c3c31d.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
4 KB
5 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/scoreboard@3x-a4c3c31d.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4c3c31d30c0314f54161ee2e0a65c4d5da4a68d3ddece9f93759f786825bf3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"9f8229ef1f40a0ced7038a3cc6ab9bf2"
age
1605413
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
binary/octet-stream
last-modified
Thu, 29 Aug 2024 05:49:57 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c25df0422b-EWR
accept-ranges
bytes
content-length
4342
x-xss-protection
1; mode=block
server
cloudflare
basketball@3x-b9e87885.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
5 KB
6 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/basketball@3x-b9e87885.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9e87885e056cecd731aad0e38e1007667d972204049e7aadecee7fe799cf285
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"8bb9323edd33c088aca6431f86633a46"
age
1605413
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
binary/octet-stream
last-modified
Thu, 29 Aug 2024 05:48:39 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c25df1422b-EWR
accept-ranges
bytes
content-length
5352
x-xss-protection
1; mode=block
server
cloudflare
casino@3x-dc1c320f.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
3 KB
3 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/casino@3x-dc1c320f.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc1c320fcde0c7e5c55e875f8737c3c6356553baa12208ffd23b9978ffb731ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"aa2fc6009d4deb8e78fe8554f849c685"
age
1605413
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
binary/octet-stream
last-modified
Thu, 29 Aug 2024 05:49:18 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c26df2422b-EWR
accept-ranges
bytes
content-length
3008
x-xss-protection
1; mode=block
server
cloudflare
soccer@3x-0ac516b7.png
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

soccer@3x-ab948c18.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
4 KB
4 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/soccer@3x-ab948c18.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab948c181ee78085dee34725c0af18343dba7d4ec9bb67445f7fc650a4ea4caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"551958137ea1bfeed182c687108aeb50"
age
1605413
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
binary/octet-stream
last-modified
Thu, 29 Aug 2024 05:49:58 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c26df8422b-EWR
accept-ranges
bytes
content-length
3996
x-xss-protection
1; mode=block
server
cloudflare
Home@3x-beaa03b7.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
3 KB
4 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/Home@3x-beaa03b7.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
beaa03b778e48d9e77e01cf905fd7bd2f262192e4ff12a5be36f22c380eb0b24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"8a68afc65e54a5f863d2446ba2763257"
age
1023759
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
binary/octet-stream
last-modified
Thu, 29 Aug 2024 05:48:30 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c26dfa422b-EWR
accept-ranges
bytes
content-length
3206
x-xss-protection
1; mode=block
server
cloudflare
record@3x-70ef7fa8.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
3 KB
3 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/record@3x-70ef7fa8.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70ef7fa8d40505947992aaa63a22ba757d232b29dde11dafb399fbe7deeaa14a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"6356578072d5ac51b971b925bad44d44"
age
555623
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
binary/octet-stream
last-modified
Tue, 10 Sep 2024 02:46:19 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c26dfb422b-EWR
accept-ranges
bytes
content-length
2666
x-xss-protection
1; mode=block
server
cloudflare
sport-goals-event.service-072ce222.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
61 KB
24 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/sport-goals-event.service-072ce222.js
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc7125f2f5c97ac301d7e3f488dcb2feaf2893d26ebf9df947472218bd3a2e32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-d61f4db0.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"309883cef61ee657d73a306600f7fe39"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:46:08 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c26e30191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index-7d2537b1.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
1 KB
1 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-7d2537b1.js
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ac3140c770ec7371ba07de61599e2d73aa46f3ae9c93f8c5b71b855c2dd9df4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-d61f4db0.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"4e18578addd676aa3c45a36f5fe6bc46"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:52 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c26e32191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index-0446a869.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
2 KB
2 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-0446a869.js
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10e2467f59e11b33e4881cfdfd329f4ad22fdf458827e1bc19af942de2392e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-d61f4db0.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"9a23466640c008a7f4cbebb60d0c91d5"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:50 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c26e34191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
video.helper-5bcc322c.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
154 KB
40 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/video.helper-5bcc322c.js
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea4457f9e23fd3e0ab33c498cdb59b8e5f4d8113ea0a88ce943d7312a9ef5bca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-d61f4db0.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"fbb7377f5295c9873bc117f6d7d9c5fc"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:46:14 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c26e35191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index-af8760fb.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
1 KB
1 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-af8760fb.js
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74e604bdc067bb9c0122652a26af17d19e8cdc99a7ed34c174ae03cc485fc465
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-d61f4db0.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"bc991db096e60193357d576295d7c8e4"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:52 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c26e36191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index-220fa53d.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
730 B
898 B
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-220fa53d.js
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba90b53082facb6efd3cd9c6f0ca123cc1f5a4f5b13b186aa4fd9ae25c555609
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-d61f4db0.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"9b7fd5c5ce0ce626bca0a4ac9e48f429"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:51 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c26e37191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index-25fd85b5.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
27 KB
11 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-25fd85b5.js
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abf9109bccf372cd0c0245bb6ce8138d919524e213b44144f566b44f67003052
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-d61f4db0.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"a58b83ab49f7fc4143432ecde6593681"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:51 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c26e39191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
create-customize-infinite-query-cd18a1b6.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
1 KB
1 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/create-customize-infinite-query-cd18a1b6.js
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a56e5bce4dc7cc755d5cbf27a71134be941401831ef71f6c94ee2f76e662c61d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-d61f4db0.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"24cf7ed646d4b7336159a7b05f02cbc9"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:30 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c26e3b191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index-632051b1.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
24 KB
10 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-632051b1.js
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ac6c4ec0b7941e8819ec4a635e879867c437d261b5afd046cfb8d4a459ac248
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-d61f4db0.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"3fae424a2eace3fd281a242e8c913bf2"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:51 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c26e3d191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index-f1acbe71.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
4 KB
2 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-f1acbe71.js
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9d15ccdb330fd274031bdbd5920bbb9e94cb5369e3da733318c31cee0ba225f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-d61f4db0.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"06b32362905cfe7674698d39af3f664f"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:53 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c26e3e191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
expert-article.model-41703340.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
2 KB
1 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/expert-article.model-41703340.js
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6158457aaa4103b2234da8cfa5bca7804e2421bcea0928800c4905e7e129bee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-d61f4db0.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"552beccf0e81d3e9eb82e14d11cd8aae"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:33 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c26e3f191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
750001766504475
connect.facebook.net/signals/config/
23 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/750001766504475?v=2.9.167&r=stable&domain=8xbe493.app&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C196%2C195%2C197%2C202%2C203%2C204%2C200%2C192%2C128%2C159%2C191%2C193%2C119%2C153%2C141%2C147%2C185%2C186%2C125%2C228%2C113%2C124%2C229%2C161%2C116%2C231%2C162%2C132%2C120%2C150%2C144%2C111
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b5f749d9eff82a15f2daea960576ec69898b146f13f27671eb79fc92deb9a252
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=44, rtx=0, c=67, mss=1232, tbw=119053, tp=132, tpl=0, uplat=39, ullat=0
pragma
public
x-fb-debug
DRmD4eqos4R2opHQP6PP6nhkep6JxwYZBwt+a++RsU7EGWQrG8pJLU7f9THQOt7OpuNlyfyHtVCj6zOZTNqafA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=258547467105651&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2FsportEvents&rl=&if=false&ts=1726645335411&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=GET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=34, rtx=0, c=33, mss=1232, tbw=19130, tp=73, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
191 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=258547467105651&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2FsportEvents&rl=&if=false&ts=1726645335411&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=FGET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7415885247698489807"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
XAkTtZtioblKfw1NBLucs4ypFse1sHo2XOJ1VJOIoQ4H/oYsEfIK/hIgv59BUWTrqYRF2YuXYBlsnuVRFiHMdQ==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7415885247698489807", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=34, rtx=0, c=33, mss=1232, tbw=19322, tp=75, tpl=0, uplat=17, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
bd1-secondary_logo-397a8599.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
3 KB
3 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/bd1-secondary_logo-397a8599.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
397a8599acbac2863a2b77c6e8e3afda83b39eb013d7418b2a33322d176e5513
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"bce0d74df395682d55df68177655875c"
age
1655483
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
binary/octet-stream
last-modified
Thu, 29 Aug 2024 05:48:50 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c27e06422b-EWR
accept-ranges
bytes
content-length
2664
x-xss-protection
1; mode=block
server
cloudflare
inplay-cc608194.svg
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
3 KB
2 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/inplay-cc608194.svg
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc608194b577e64ff096ca34a3f08c787bca3232569ecd7a6a350162f04ba8cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"ce654a09cebb617944ebc070c51759a8"
age
1665877
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
image/svg+xml
last-modified
Thu, 29 Aug 2024 05:49:46 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c27e07422b-EWR
x-xss-protection
1; mode=block
server
cloudflare
bd1-img_0-19049f32.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
4 KB
4 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/bd1-img_0-19049f32.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19049f32b31124fccfb8d96d8ecad8ff4c4840689d45abaee512823a65b0f1b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"6f140c05570124120902c97520bce166"
age
1655484
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
binary/octet-stream
last-modified
Thu, 29 Aug 2024 05:48:47 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c28e10422b-EWR
accept-ranges
bytes
content-length
4066
x-xss-protection
1; mode=block
server
cloudflare
bd1-background_xl-66e0e48a.png
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

img_0-b798485a.png
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

bd1-background_xl-175c8b77.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
63 KB
64 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/bd1-background_xl-175c8b77.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
175c8b77c1bcce1c551f5ffb321a1746ee88a9c3fd0054802978e4cec121e290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"6adda888d8cf8f59d1fa126be8851e78"
age
1605355
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
binary/octet-stream
last-modified
Thu, 29 Aug 2024 05:48:45 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c28e14422b-EWR
accept-ranges
bytes
content-length
64864
x-xss-protection
1; mode=block
server
cloudflare
featured-62f94837.svg
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
2 KB
1 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/featured-62f94837.svg
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62f948376fdfc699703e0bab3633daa80c81d35960f4299d925e6de349f3de28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"78d49c2e0587bf16ed215007bf3fbcc0"
age
1655483
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
image/svg+xml
last-modified
Thu, 29 Aug 2024 05:49:22 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c28e16422b-EWR
x-xss-protection
1; mode=block
server
cloudflare
img_0-850f5a67.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
3 KB
4 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/img_0-850f5a67.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
850f5a67a12d5dfaa683d2aa0df050d28c1196f91a07ce099eecf1490899e8e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"156bd9a597e439904de79ab281aebdfd"
age
1655484
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
binary/octet-stream
last-modified
Thu, 29 Aug 2024 05:49:40 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c28e19422b-EWR
accept-ranges
bytes
content-length
3498
x-xss-protection
1; mode=block
server
cloudflare
tennis-f4a536c6.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
4 KB
4 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/tennis-f4a536c6.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4a536c6a2484962422cdc55e7b01eedd562c9c1b8f25c4ba078edf06dc4e8e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"39667dacf8104d03e12376630382be96"
age
1655483
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
binary/octet-stream
last-modified
Thu, 29 Aug 2024 05:50:00 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c28e1d422b-EWR
accept-ranges
bytes
content-length
3974
x-xss-protection
1; mode=block
server
cloudflare
upcoming-4fbeaef4.svg
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
656 B
748 B
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/upcoming-4fbeaef4.svg
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fbeaef4a57e9332df7381e59b393a39f82714d1d9722f72e577d8886d80dbbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"a7afe2109687515f6a4d44f26de1efa0"
age
1655483
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
image/svg+xml
last-modified
Thu, 29 Aug 2024 05:50:02 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c28e1f422b-EWR
x-xss-protection
1; mode=block
server
cloudflare
baseball_bet_detail-32549811.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
3 KB
4 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/baseball_bet_detail-32549811.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32549811c283e718eda4157daa0e3528aa256927831cf70ae3db24fae5dd62ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"6a61e4fba8603c45fef717541c5b5415"
age
1655483
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
binary/octet-stream
last-modified
Thu, 29 Aug 2024 05:48:38 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c28e20422b-EWR
accept-ranges
bytes
content-length
3480
x-xss-protection
1; mode=block
server
cloudflare
footer-7d4a6cd3.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
3 KB
1 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/footer-7d4a6cd3.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e4a0ac5b05093fb43aaeedf969b79f739ef0c4800675228f40fa3c913936397
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"ef7024f552e3e7c0f6cce69879884f73"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:34 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c2ae55191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
promotionMasters
001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/promotion/
230 B
568 B
XHR
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/promotion/promotionMasters?appType=2&currency=USD&isLogin=false
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d77ceb169d68ad72dce0b82b34607825de850b374ec7455706045b77a7f6fa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en-us
screen
1600x1200
currency
USD
device
mobile
appType
2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

content-encoding
br
cf-cache-status
MISS
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 07:47:16 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
application/json;charset=UTF-8
last-modified
Wed, 18 Sep 2024 07:42:16 GMT
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-csv
false
x-frame-options
SAMEORIGIN
cache-control
public, max-age=300
x-envoy-upstream-service-time
12
x-js-verification
false
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8c4fb2c63fc78cb9-EWR
access-control-allow-origin
https://8xbe493.app
x-xss-protection
1; mode=block
server
cloudflare
promotionMasters
001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/promotion/ Frame
0
0
Preflight
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/platform/promotion/promotionMasters?appType=2&currency=USD&isLogin=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
apptype,browser,currency,device,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,x-checksum,pc
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2c2ada98cb9-EWR
content-length
0
date
Wed, 18 Sep 2024 07:42:15 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-content-type-options
nosniff
x-csv
false
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
bd1-primary_logo-369b864f.png
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

bd1-primary_logo-ec35572f.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
5 KB
5 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/bd1-primary_logo-ec35572f.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec35572fe972eef5b9921b9535da7ec3b9b02d52f5cdab53c9ad6fe5f27a41d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"7a5020f3879aa42508686aed0602e7ba"
age
1655483
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
binary/octet-stream
last-modified
Thu, 29 Aug 2024 05:48:49 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c34e9a422b-EWR
accept-ranges
bytes
content-length
4848
x-xss-protection
1; mode=block
server
cloudflare
index-3ea16c18.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
1 KB
1 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-3ea16c18.js
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26a30e2ad1cd2a0339b0cd3413ce6807150092c96599797690b28c85d836a11d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-c7130157.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"92741f80363945f00c565a3c80deec08"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:51 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c36ea3191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index-43ae69aa.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
2 KB
2 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-43ae69aa.js
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9c628294e47de7a2e5cb2ae9fabd032543cf684a88cc6b44746569238a9edfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-c7130157.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"48be212a0c2c3625cb48c617de2df190"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:51 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c36ea4191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index-3f5fdabc.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
2 KB
1 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-3f5fdabc.js
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f04f383999be168d07b335452e930ee29dc33bc66dad3f1a6503d87ca338f465
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1fdaf75e.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"682ced9dda6f15584c1777ea3d2bacc5"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:51 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c36ea5191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
not-login-4c0626b3.png
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

not-login-dd1ec0ba.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
2 KB
2 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/not-login-dd1ec0ba.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd1ec0ba895308707c5b2bdefecc7b62765b7807b8222713d5dcf837498fd6b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"e10d8a1912092c07c50c150591616a9f"
age
1605413
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
binary/octet-stream
last-modified
Thu, 29 Aug 2024 05:49:52 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c36eaa422b-EWR
accept-ranges
bytes
content-length
2078
x-xss-protection
1; mode=block
server
cloudflare
1508012896424092
connect.facebook.net/signals/config/
23 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1508012896424092?v=2.9.167&r=stable&domain=8xbe493.app&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C196%2C195%2C197%2C202%2C203%2C204%2C200%2C192%2C128%2C159%2C191%2C193%2C119%2C153%2C141%2C147%2C185%2C186%2C125%2C228%2C113%2C124%2C229%2C161%2C116%2C231%2C162%2C132%2C120%2C150%2C144%2C111
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3ed744aa38a0b82ab89ecef47b49eb1b251588648c89da29dd4fecfddb5126c9
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
GOOD; q=0.7, rtt=56, rtx=0, c=67, mss=1232, tbw=122397, tp=137, tpl=0, uplat=36, ullat=0
pragma
public
x-fb-debug
44dt2TR/B9rzAGG6sFbRewtwxwTg+/Wefgf9J9eCNMMuFMWU+6ru89C2fgDscYeAL1ElUqvxAeVWfMUJ/n7GNw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=750001766504475&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2FsportEvents&rl=&if=false&ts=1726645335587&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=GET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=51, rtx=0, c=34, mss=1232, tbw=20442, tp=81, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
192 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=750001766504475&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2FsportEvents&rl=&if=false&ts=1726645335587&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=FGET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7415885247694967209"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
2jxjeKh/VF0RAV1m9JNYPzydHBj1fMNmmdQx7Ott8IxmrW6JeWVEzzLt2fHbDCRqw2vOrH12f5AI/RBM+Up9ww==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7415885247694967209", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=51, rtx=0, c=34, mss=1232, tbw=20602, tp=83, tpl=0, uplat=19, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
CheckIcon-bd6bf499.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
1 KB
1 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/CheckIcon-bd6bf499.js
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
078a0021abf1e4c2b75873ad091ba1d43abd64fe9598bde04a704f8c4f83be82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-c329268d.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"d4cb5b9aaa77597abf63282f56123730"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:44:43 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c3eec7191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index-67564d8b.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
32 KB
10 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-67564d8b.js
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1952ce639ec1bd27999eeb90c8ee8593b6082502c972a81716105992b3b8e44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-c329268d.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"269aa2b16bb65d1167e0fde377191a81"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:51 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c3eec8191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
TrashIcon-fdba403b.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
2 KB
1 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/TrashIcon-fdba403b.js
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
302af3772ba81c0855f9cfd6002f4437fa6aa8ac5446985102d2ecd2a58d8844
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-c329268d.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"5cfe8c9e9700e02706ba8b7037f68aa7"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:44:48 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c3eec9191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
InfoFillIcon-d6797572.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
2 KB
2 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/InfoFillIcon-d6797572.js
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21072e72c9b2af88a5f90b10808621ed816fec8fc7aa1690e3c740fab31aa77c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-c329268d.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"f4ae9cfb5c9c7015a03411ce7f259282"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:44:44 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c3eeca191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
AddIcon-391b20be.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
1 KB
1 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/AddIcon-391b20be.js
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d5f2f88cc6878ff4e0aae3390fd18150f235de1777502c34304f81b9ea1a9be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-c329268d.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"bc876ec34111d639fb13a0233c00d80e"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:44:41 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c3eecb191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
text.helper-32fbea46.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
2 KB
1 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/text.helper-32fbea46.js
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89e39445033d9a87deb5aa9b5dce4752b2b6df9bc823ea4ebd028fddd4043209
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-c329268d.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"c8afeeebebc1f4f0fca0b13ff1da3f9e"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:46:09 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c3eecc191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
check.helper-b23ed75d.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
919 B
1006 B
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/check.helper-b23ed75d.js
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4415e655e24c97c5500871243d4c4b5e737d2a54ca3ab9693f0b91690272da8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-c329268d.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"bf0fe5cac9f6a1c9de47533fbd098362"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:29 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c3eecd191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index-cc3b8576.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
38 KB
15 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-cc3b8576.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af1c86e75d02baa1a235c5fd331270f7c58c9abb2a3b2801d277979f4d476d12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"79009efa49c804faa0f32a3e47a9a61f"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:53 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c59f83191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
117.png
qvjyxrjte001-be-source.8xdfd3t6f.com/badge/countryflags/
2 KB
3 KB
Image
General
Full URL
https://qvjyxrjte001-be-source.8xdfd3t6f.com/badge/countryflags/117.png
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2efdd21817ca0915c8c726d1b51944c63a8683ce26ac447034c6222d7397986d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-bgj
imgq:85,h2pri
etag
"24fd2101684e216002850307e767d129"
age
177
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, OPTIONS
cf-polished
origFmt=png, origSize=3160
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
image/webp
content-disposition
inline; filename="117.webp"
vary
Accept
last-modified
Wed, 29 Nov 2023 07:28:31 GMT
x-frame-options
SAMEORIGIN
access-control-allow-headers
browser,currency,devicemode,phonebrand,screen,time-zone,x-uuid,x-checksum
cache-control
max-age=300
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c5c859422b-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
2174
x-xss-protection
1; mode=block
server
cloudflare
720.png
qvjyxrjte001-be-source.8xdfd3t6f.com/badge/countryflags/
1 KB
2 KB
Image
General
Full URL
https://qvjyxrjte001-be-source.8xdfd3t6f.com/badge/countryflags/720.png
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2a4ddd2e9c4805fca439e55cc65f8250bc5734678cb4825d506db1ba2a5a8e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-bgj
imgq:85,h2pri
etag
"1e9044f1e02d791c8be4d80a91d8b347"
age
177
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, OPTIONS
cf-polished
origFmt=png, origSize=2129
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
image/webp
content-disposition
inline; filename="720.webp"
vary
Accept
last-modified
Wed, 29 Nov 2023 07:56:03 GMT
x-frame-options
SAMEORIGIN
access-control-allow-headers
browser,currency,devicemode,phonebrand,screen,time-zone,x-uuid,x-checksum
cache-control
max-age=300
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c5c85b422b-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
1208
x-xss-protection
1; mode=block
server
cloudflare
vd001.png
qvjyxrjte001-be-source.8xdfd3t6f.com/badge/competitors/
7 KB
7 KB
Image
General
Full URL
https://qvjyxrjte001-be-source.8xdfd3t6f.com/badge/competitors/vd001.png
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8db2168d5bca48d237eef9c9a90568f5b1aa74af66413fbca28fd6bcd8295d1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-bgj
imgq:85,h2pri
etag
"7196d790e282a9a5a142e54729bb21fb"
age
177
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, OPTIONS
cf-polished
origFmt=png, origSize=19133
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
image/webp
content-disposition
inline; filename="vd001.webp"
vary
Accept
last-modified
Wed, 26 Jan 2022 04:33:48 GMT
x-frame-options
SAMEORIGIN
access-control-allow-headers
browser,currency,devicemode,phonebrand,screen,time-zone,x-uuid,x-checksum
cache-control
max-age=300
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c5c85c422b-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
6702
x-xss-protection
1; mode=block
server
cloudflare
act
analytics.tiktok.com/api/v2/pixel/
0
876 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcyYmY3Y2UyMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.111.30 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-111-30.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://8xbe493.app/

Response headers

x-cache-remote
TCP_MISS from a23-32-16-72.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Wed, 18 Sep 2024 07:42:16 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=50, origin; dur=30, inner; dur=25
x-cache
TCP_MISS from a23-44-200-156.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
date
Wed, 18 Sep 2024 07:42:16 GMT
x-akamai-request-id
d13e6d79.1bbe07d7
access-control-allow-headers
Authorization,*
x-tt-trace-host
01c40aed925e54e905c7abacbb1779f8d89192591232274f45851bb15aeae40fe09b8854fe9e365a1f8b4f0fa36a75d98112e307b205998c3c2337787b61b83501f24457eedb32205fd964b381003b7ce449f0742525ee2104ed2ac5d38b1e98f153cd2c92601596f1395587c87a5ddbd1
x-origin-response-time
30,23.32.16.72
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-240918074216AB54E81AB261F456A24C-0AEDA9FF1207BE40-00
content-length
0
x-parent-response-time
71,23.44.200.156
x-tt-logid
20240918074216AB54E81AB261F456A24C
server
nginx
shared-61cf3786.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
953 B
967 B
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/shared-61cf3786.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ce132b49fb61dae0c44c60470605d24a0f17066be17835d6c68fb224489fea3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"39705dc61ed8b80f97e46eb292629174"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:46:06 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c5ff9c191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
icon-b584e258.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
6 KB
2 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/icon-b584e258.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eb057b6f0abf72569722840351f2ddfd7aeb207861838ae9fe1dd2c6240fb74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"042a40a4f377a0192c282721c2b75544"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:36 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c62fb6191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
267180006171117
connect.facebook.net/signals/config/
23 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/267180006171117?v=2.9.167&r=stable&domain=8xbe493.app&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C196%2C195%2C197%2C202%2C203%2C204%2C200%2C192%2C128%2C159%2C191%2C193%2C119%2C153%2C141%2C147%2C185%2C186%2C125%2C228%2C113%2C124%2C229%2C161%2C116%2C231%2C162%2C132%2C120%2C150%2C144%2C111
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
61a8cbf106a632a52453c636adb67a7d2541d864e791888bdd4a687b9f5a9564
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
GOOD; q=0.7, rtt=143, rtx=0, c=67, mss=1232, tbw=125789, tp=143, tpl=0, uplat=39, ullat=0
pragma
public
x-fb-debug
1jqqVLRlTsX+zCoEJrBoPM+M4KR5XkKHOIGO/MC6WaQuXleFY+SMhkWpZgraiWy8E1cq3iCN1iSpsx9H9I+PxA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/
0
20 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1508012896424092&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2FsportEvents&rl=&if=false&ts=1726645336070&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=GET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=120, rtx=0, c=35, mss=1232, tbw=21770, tp=90, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
193 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1508012896424092&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2FsportEvents&rl=&if=false&ts=1726645336070&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=FGET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7415885251270314586"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
NNME9W8y9cqfhuVmmHin1f719n/GpYsNSrcpHVGLJsNefkbbZ1DXctpQMp9z9mGQ8QINDi5T6L6DzzUYPT+IRA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7415885251270314586", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=120, rtx=0, c=35, mss=1232, tbw=21962, tp=92, tpl=0, uplat=18, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-XK42L1XPP5&gtm=45je4990v9188334131za200&_p=1726645331220&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&ul=en-us&cid=1889026432.1726645332&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1726645332&sct=1&seg=0&dl=https%3A%2F%2F8xbe493.app%2F&dt=&en=open_app&_ee=1&ep.event_label=simple-match-mode&ep.event_category=&ep.app_type=pc-wap&ep.device_type=&ep.screen_size=&ep.is_logged_in=false&ep.vendor=vd001&ep.value=professional&_et=411&tfd=7071
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XK42L1XPP5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
text/plain
server
Golfe2
22519.png
qvjyxrjte001-be-source.8xdfd3t6f.com/badge/tournaments/
6 KB
6 KB
Image
General
Full URL
https://qvjyxrjte001-be-source.8xdfd3t6f.com/badge/tournaments/22519.png
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41fdd14f9aaa4042d94ddd0c58b8e9059471ee3d3a926d4f3bc826fb67397ba0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-bgj
imgq:85,h2pri
etag
"e5f8349df7d9f9bd84c930a06c7303c9"
age
178
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, OPTIONS
cf-polished
origFmt=png, origSize=13715
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
image/webp
content-disposition
inline; filename="22519.webp"
vary
Accept
last-modified
Wed, 15 May 2024 12:48:03 GMT
x-frame-options
SAMEORIGIN
access-control-allow-headers
browser,currency,devicemode,phonebrand,screen,time-zone,x-uuid,x-checksum
cache-control
max-age=300
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c88aa3422b-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
5984
x-xss-protection
1; mode=block
server
cloudflare
169.png
qvjyxrjte001-be-source.8xdfd3t6f.com/badge/tournaments/
24 KB
25 KB
Image
General
Full URL
https://qvjyxrjte001-be-source.8xdfd3t6f.com/badge/tournaments/169.png
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fd230c8261011b536c8debf2999d4d1a638ee1f612ae886ce59651e95ee32a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-bgj
imgq:85,h2pri
etag
"39aef64cf68affe1de8780e99f28db33"
age
178
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, OPTIONS
cf-polished
origFmt=png, origSize=40022
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
image/webp
content-disposition
inline; filename="169.webp"
vary
Accept
last-modified
Wed, 08 Dec 2021 02:11:51 GMT
x-frame-options
SAMEORIGIN
access-control-allow-headers
browser,currency,devicemode,phonebrand,screen,time-zone,x-uuid,x-checksum
cache-control
max-age=300
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c88aa5422b-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
24750
x-xss-protection
1; mode=block
server
cloudflare
564.png
qvjyxrjte001-be-source.8xdfd3t6f.com/badge/tournaments/
6 KB
6 KB
Image
General
Full URL
https://qvjyxrjte001-be-source.8xdfd3t6f.com/badge/tournaments/564.png
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72d5683cf38325e02112d9d923d1eb071b9a11b4d6a3c7216b96d83c512fe2d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-bgj
imgq:85,h2pri
etag
"5da39a3d07111e4d09c309abff062805"
age
178
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, OPTIONS
cf-polished
origFmt=png, origSize=8371
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
image/webp
content-disposition
inline; filename="564.webp"
vary
Accept
last-modified
Wed, 08 Dec 2021 02:12:48 GMT
x-frame-options
SAMEORIGIN
access-control-allow-headers
browser,currency,devicemode,phonebrand,screen,time-zone,x-uuid,x-checksum
cache-control
max-age=300
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c88aa6422b-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
6214
x-xss-protection
1; mode=block
server
cloudflare
196.png
qvjyxrjte001-be-source.8xdfd3t6f.com/badge/tournaments/
5 KB
6 KB
Image
General
Full URL
https://qvjyxrjte001-be-source.8xdfd3t6f.com/badge/tournaments/196.png
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
588aaecc16b625d1d3ed44f90984ecc24197060a9b5dc6e437a6980827f06560
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-bgj
imgq:85,h2pri
etag
"f7eb70790ddeea0a241665c51fbb8484"
age
178
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, OPTIONS
cf-polished
origFmt=png, origSize=14844
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
image/webp
content-disposition
inline; filename="196.webp"
vary
Accept
last-modified
Mon, 26 Aug 2024 07:58:02 GMT
x-frame-options
SAMEORIGIN
access-control-allow-headers
browser,currency,devicemode,phonebrand,screen,time-zone,x-uuid,x-checksum
cache-control
max-age=300
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c97b6c422b-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
5568
x-xss-protection
1; mode=block
server
cloudflare
70.png
qvjyxrjte001-be-source.8xdfd3t6f.com/badge/tournaments/
14 KB
15 KB
Image
General
Full URL
https://qvjyxrjte001-be-source.8xdfd3t6f.com/badge/tournaments/70.png
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
902c7c53c4b115c87050ea20d9eb877663d86bde1349b444172e62abe59b66b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-bgj
imgq:85,h2pri
etag
"14b500d46dbea583789adb50e58498e4"
age
178
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, OPTIONS
cf-polished
origFmt=png, origSize=27892
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
image/webp
content-disposition
inline; filename="70.webp"
vary
Accept
last-modified
Wed, 08 Dec 2021 02:12:51 GMT
x-frame-options
SAMEORIGIN
access-control-allow-headers
browser,currency,devicemode,phonebrand,screen,time-zone,x-uuid,x-checksum
cache-control
max-age=300
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c97b70422b-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
14644
x-xss-protection
1; mode=block
server
cloudflare
1.png
qvjyxrjte001-be-source.8xdfd3t6f.com/badge/tournaments/
14 KB
15 KB
Image
General
Full URL
https://qvjyxrjte001-be-source.8xdfd3t6f.com/badge/tournaments/1.png
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9c55d3ae8ecb3a65f0f88b295c35aa6ee41617e4c913f8d049f04e607fbfb12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-bgj
imgq:85,h2pri
etag
"efec76649987d5f1f40cb48fcb05f105"
age
178
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, OPTIONS
cf-polished
origFmt=png, origSize=21364
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
image/webp
content-disposition
inline; filename="1.webp"
vary
Accept
last-modified
Mon, 26 Aug 2024 08:00:41 GMT
x-frame-options
SAMEORIGIN
access-control-allow-headers
browser,currency,devicemode,phonebrand,screen,time-zone,x-uuid,x-checksum
cache-control
max-age=300
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c97b73422b-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
14602
x-xss-protection
1; mode=block
server
cloudflare
390.png
qvjyxrjte001-be-source.8xdfd3t6f.com/badge/tournaments/
5 KB
5 KB
Image
General
Full URL
https://qvjyxrjte001-be-source.8xdfd3t6f.com/badge/tournaments/390.png
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77bfa3fcc3cae2793be66159dbf260977da050d4853d70d9d2781977f288099c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-bgj
imgq:85,h2pri
etag
"fe4085a02228f6682cede4ae3649e863"
age
178
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, OPTIONS
cf-polished
origFmt=png, origSize=8410
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
image/webp
content-disposition
inline; filename="390.webp"
vary
Accept
last-modified
Wed, 15 May 2024 12:49:42 GMT
x-frame-options
SAMEORIGIN
access-control-allow-headers
browser,currency,devicemode,phonebrand,screen,time-zone,x-uuid,x-checksum
cache-control
max-age=300
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c97b75422b-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
5162
x-xss-protection
1; mode=block
server
cloudflare
473.png
qvjyxrjte001-be-source.8xdfd3t6f.com/badge/tournaments/
3 KB
4 KB
Image
General
Full URL
https://qvjyxrjte001-be-source.8xdfd3t6f.com/badge/tournaments/473.png
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1ee23d3d72709e70ba3ba2153e6dec76ec491de97e659b778a673c600463a41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-bgj
imgq:85,h2pri
etag
"e7b25a06a8f1980ad6aa3c9cfdb5ca1b"
age
178
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, OPTIONS
cf-polished
origFmt=png, origSize=4279
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
image/webp
content-disposition
inline; filename="473.webp"
vary
Accept
last-modified
Wed, 08 Dec 2021 02:12:47 GMT
x-frame-options
SAMEORIGIN
access-control-allow-headers
browser,currency,devicemode,phonebrand,screen,time-zone,x-uuid,x-checksum
cache-control
max-age=300
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c97b77422b-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
3464
x-xss-protection
1; mode=block
server
cloudflare
7060.png
qvjyxrjte001-be-source.8xdfd3t6f.com/badge/tournaments/
29 KB
30 KB
Image
General
Full URL
https://qvjyxrjte001-be-source.8xdfd3t6f.com/badge/tournaments/7060.png
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8e392914cf34a31be1e9fde58523abaf2851fe902b203a5e3dfd79b61b7420
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-bgj
imgq:85,h2pri
etag
"01ca6f991dc6c428cdf13ef2406146a6"
age
178
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, OPTIONS
cf-polished
origFmt=png, origSize=31722
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
image/webp
content-disposition
inline; filename="7060.webp"
vary
Accept
last-modified
Fri, 17 May 2024 07:54:59 GMT
x-frame-options
SAMEORIGIN
access-control-allow-headers
browser,currency,devicemode,phonebrand,screen,time-zone,x-uuid,x-checksum
cache-control
max-age=300
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c97b7b422b-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
29982
x-xss-protection
1; mode=block
server
cloudflare
526.png
qvjyxrjte001-be-source.8xdfd3t6f.com/badge/tournaments/
12 KB
13 KB
Image
General
Full URL
https://qvjyxrjte001-be-source.8xdfd3t6f.com/badge/tournaments/526.png
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e484cb1c81b104717d69ed165a10e63b0286e5d8679dd9016c098676837ff3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-bgj
imgq:85,h2pri
etag
"04bbd4d5212cdb9b0b52bfc288c66ecf"
age
178
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, OPTIONS
cf-polished
origFmt=png, origSize=23604
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
image/webp
content-disposition
inline; filename="526.webp"
vary
Accept
last-modified
Wed, 08 Dec 2021 02:12:48 GMT
x-frame-options
SAMEORIGIN
access-control-allow-headers
browser,currency,devicemode,phonebrand,screen,time-zone,x-uuid,x-checksum
cache-control
max-age=300
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c97b7d422b-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
12730
x-xss-protection
1; mode=block
server
cloudflare
29943.png
qvjyxrjte001-be-source.8xdfd3t6f.com/badge/tournaments/
2 KB
3 KB
Image
General
Full URL
https://qvjyxrjte001-be-source.8xdfd3t6f.com/badge/tournaments/29943.png
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62a81191ef22d0e2fbbb5e192809ea3ba0742ac6b6e4815b42b6a8b7fedb382b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-bgj
imgq:85,h2pri
etag
"ed1f69f6585bcec3c7c7f93ffcb57b14"
age
178
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, OPTIONS
cf-polished
origFmt=png, origSize=5747
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
image/webp
content-disposition
inline; filename="29943.webp"
vary
Accept
last-modified
Tue, 06 Feb 2024 06:17:22 GMT
x-frame-options
SAMEORIGIN
access-control-allow-headers
browser,currency,devicemode,phonebrand,screen,time-zone,x-uuid,x-checksum
cache-control
max-age=300
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c97b7e422b-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
2216
x-xss-protection
1; mode=block
server
cloudflare
23739.png
qvjyxrjte001-be-source.8xdfd3t6f.com/badge/tournaments/
836 B
1 KB
Image
General
Full URL
https://qvjyxrjte001-be-source.8xdfd3t6f.com/badge/tournaments/23739.png
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d54ae544d1053bcc3715efd0bcb695cf05e27eb9242c5fc2b895d05238fcf1d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-bgj
imgq:85,h2pri
etag
"537e55cf37d425d37294839af5ff40ae"
age
178
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, OPTIONS
cf-polished
origFmt=png, origSize=1118
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
image/webp
content-disposition
inline; filename="23739.webp"
vary
Accept
last-modified
Wed, 08 Dec 2021 02:12:23 GMT
x-frame-options
SAMEORIGIN
access-control-allow-headers
browser,currency,devicemode,phonebrand,screen,time-zone,x-uuid,x-checksum
cache-control
max-age=300
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c97b7f422b-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
836
x-xss-protection
1; mode=block
server
cloudflare
youtube-86efc2b5.png
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

instagram-62daf3ee.png
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

game-care-dcd4abea.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
3 KB
3 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/game-care-dcd4abea.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcd4abeae334b71434cd47757c83e5521539f8e9fac0bb1db5992f111705d71f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"79f0eca2cff38b041cb378d34c0f9dd8"
age
1655484
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
binary/octet-stream
last-modified
Thu, 29 Aug 2024 05:49:23 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c89ab3422b-EWR
accept-ranges
bytes
content-length
2848
x-xss-protection
1; mode=block
server
cloudflare
instagram-1da6b4ee.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
1 KB
2 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/instagram-1da6b4ee.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1da6b4ee7b8a9e1a59632c8a5cace098119539514f5fd9173f097e979c5c7694
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"71306dc42da5e077964c1ea20bf8fc68"
age
557299
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
binary/octet-stream
last-modified
Thu, 29 Aug 2024 05:49:46 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c8aab6422b-EWR
accept-ranges
bytes
content-length
1470
x-xss-protection
1; mode=block
server
cloudflare
18-2b5b48b5.png
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

testing-97935473.png
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

facebook-8639109b.png
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

bd1-endorsementSign-7ffa0692.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
7 KB
7 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/bd1-endorsementSign-7ffa0692.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ffa06929aded0d40a74d335246440ac3cf22cfe5cb54431d2d384f6a8a97978
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"6018204568e1236767fbf5c5ea831a83"
age
1655484
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
binary/octet-stream
last-modified
Thu, 29 Aug 2024 05:48:46 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c8aabb422b-EWR
accept-ranges
bytes
content-length
7382
x-xss-protection
1; mode=block
server
cloudflare
x-c624e784.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
2 KB
2 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/x-c624e784.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c624e7846eee3557f7f3ffe52dad340c5b76003ff04953c9f9ecdb8c70cf658d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"d3524c7088f7ee90130e2abdb8afd214"
age
1655484
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
binary/octet-stream
last-modified
Thu, 29 Aug 2024 05:50:07 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c8aabd422b-EWR
accept-ranges
bytes
content-length
1548
x-xss-protection
1; mode=block
server
cloudflare
bd1-manchester-094ab3e0.png
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

18-df295f4a.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
2 KB
2 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/18-df295f4a.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df295f4ac2a38778c8e7bacb3b77ac975fdafe6bdee9bae1a2bbf11ad008ebde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"bdbf1e8cc4d65775d92a66b203fa6b5c"
age
557299
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
binary/octet-stream
last-modified
Thu, 29 Aug 2024 05:48:14 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c8aabf422b-EWR
accept-ranges
bytes
content-length
2040
x-xss-protection
1; mode=block
server
cloudflare
tiktok-b36f17a0.png
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

tiktok-948dbc3b.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
1 KB
2 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/tiktok-948dbc3b.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
948dbc3bf23accba6301fa85f6dbd456a4a8c4a66430d3556a0f475f083e9fa2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"6885479d5766b86a4fba90a92061c396"
age
1655484
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
binary/octet-stream
last-modified
Thu, 29 Aug 2024 05:50:01 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c8aac2422b-EWR
accept-ranges
bytes
content-length
1276
x-xss-protection
1; mode=block
server
cloudflare
aware-817a1f2c.png
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

youtube-6bae050b.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
966 B
1 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/youtube-6bae050b.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bae050b697fd1ecd21e206f4058ba190af124258b045810662fd8c590ff1799
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"0875972ebc30948b2b7f01ffa311161c"
age
1655484
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
binary/octet-stream
last-modified
Thu, 29 Aug 2024 05:50:07 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c8dae3422b-EWR
accept-ranges
bytes
content-length
966
x-xss-protection
1; mode=block
server
cloudflare
bd1-officialPartner-9a0f8848.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
16 KB
16 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/bd1-officialPartner-9a0f8848.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a0f884873749415b521b609410bb3ae8160b25720a08b422aea5339ec641252
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"1bdf4d634a8f61b12fc548022195c175"
age
1655484
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
binary/octet-stream
last-modified
Thu, 29 Aug 2024 05:48:49 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c8dae5422b-EWR
accept-ranges
bytes
content-length
16328
x-xss-protection
1; mode=block
server
cloudflare
testing-9a35e25c.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
3 KB
3 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/testing-9a35e25c.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a35e25ca2fbd821a7c52632072ef39c5dcb9107634ee04790e479deeb5ef0cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"5be1645ff0accfc1793bf21391246b9c"
age
1655484
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
binary/octet-stream
last-modified
Thu, 29 Aug 2024 05:50:00 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c8dae6422b-EWR
accept-ranges
bytes
content-length
2676
x-xss-protection
1; mode=block
server
cloudflare
facebook-d8db8956.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
496 B
780 B
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/facebook-d8db8956.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8db8956626e5c2a26d3bd4219f9110795a379227518b0cf8564c6346f47445b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"d39e01a86291b13e37ad662b3badb3e6"
age
377020
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
binary/octet-stream
last-modified
Fri, 30 Aug 2024 08:48:06 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c8dae7422b-EWR
accept-ranges
bytes
content-length
496
x-xss-protection
1; mode=block
server
cloudflare
aware-5ca5c8a5.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
3 KB
3 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/aware-5ca5c8a5.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ca5c8a5db9397a75507564800b777863fc4d6bcd2c80726fe63fcf4a430887f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"90f1a384d83ffb60ce4c181b8960bd1d"
age
1655484
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
binary/octet-stream
last-modified
Thu, 29 Aug 2024 05:48:37 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c8dae8422b-EWR
accept-ranges
bytes
content-length
3058
x-xss-protection
1; mode=block
server
cloudflare
bd1-leicester-5353afaa.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
35 KB
35 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/bd1-leicester-5353afaa.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5353afaa986d34a28d83eec258f55a3e678d77c4ad2d01ee0517621aa67f1768
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"d60ec3ccb1c6056e8e1d5f22c69a5787"
age
1655484
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
binary/octet-stream
last-modified
Thu, 29 Aug 2024 05:48:48 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c8dae9422b-EWR
accept-ranges
bytes
content-length
35486
x-xss-protection
1; mode=block
server
cloudflare
bd1-manchester-e0c83bad.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
16 KB
16 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/bd1-manchester-e0c83bad.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0c83bad892e83ca10d2af4b91e9199d01db6ca23b39db389b56f0565262f289
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"4009cd7d200c211a76e359f807f18199"
age
1655484
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
binary/octet-stream
last-modified
Thu, 29 Aug 2024 05:48:48 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c8daea422b-EWR
accept-ranges
bytes
content-length
16262
x-xss-protection
1; mode=block
server
cloudflare
league-9a0a3cb9.svg
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
1 KB
915 B
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/league-9a0a3cb9.svg
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a0a3cb9fc76dafb2836919f64135945937b6631cc9eea15195f741ba0716b17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"4fb6c85d31114d61193274496a25d421"
age
1665877
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
image/svg+xml
last-modified
Thu, 29 Aug 2024 05:49:49 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c93b28422b-EWR
x-xss-protection
1; mode=block
server
cloudflare
simple
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/match/ Frame
0
0
Preflight
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/match/simple?sid=1&iidList=3498871&inplay=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
apptype,browser,currency,device,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,x-checksum,region
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2c9ba1c8cb9-EWR
content-length
0
date
Wed, 18 Sep 2024 07:42:16 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-content-type-options
nosniff
x-csv
false
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
simple
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/match/
2 KB
1 KB
XHR
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/match/simple?sid=1&iidList=3498871&inplay=true
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c233314c55d1380a1d59ec9644c5d6fdf590559e6b50e5c7ba351dbc14374ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en-us
screen
1600x1200
currency
USD
device
mobile
appType
2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

sport-request-id
3aa7469c-50df-420a-ae5d-02b437b6b74b
cf-cache-status
MISS
content-encoding
br
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 07:42:22 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:17 GMT
content-type
application/json;charset=UTF-8
last-modified
Wed, 18 Sep 2024 07:42:17 GMT
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-csv
false
x-frame-options
SAMEORIGIN
cache-control
public, max-age=5
x-envoy-upstream-service-time
8
x-js-verification
false
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8c4fb2ccabf48cb9-EWR
access-control-allow-origin
https://8xbe493.app
x-xss-protection
1; mode=block
server
cloudflare
simple
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/match/
2 KB
0
XHR
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/match/simple?sid=1&iidList=3498871&inplay=true
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c233314c55d1380a1d59ec9644c5d6fdf590559e6b50e5c7ba351dbc14374ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en-us
screen
1600x1200
currency
USD
device
mobile
appType
2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

sport-request-id
3aa7469c-50df-420a-ae5d-02b437b6b74b
cf-cache-status
MISS
content-encoding
br
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 07:42:22 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:17 GMT
content-type
application/json;charset=UTF-8
last-modified
Wed, 18 Sep 2024 07:42:17 GMT
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-csv
false
x-frame-options
SAMEORIGIN
cache-control
public, max-age=5
x-envoy-upstream-service-time
8
x-js-verification
false
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8c4fb2ccabf48cb9-EWR
access-control-allow-origin
https://8xbe493.app
x-xss-protection
1; mode=block
server
cloudflare
simple
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/match/ Frame
0
0
Preflight
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/match/simple?sid=1&iidList=3498871&inplay=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
apptype,browser,currency,device,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,x-checksum,region
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2c9ba1e8cb9-EWR
content-length
0
date
Wed, 18 Sep 2024 07:42:16 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-content-type-options
nosniff
x-csv
false
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
simple
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/match/
2 KB
1 KB
XHR
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/match/simple?sid=1&iidList=3501056&inplay=true
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c233314c55d1380a1d59ec9644c5d6fdf590559e6b50e5c7ba351dbc14374ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en-us
screen
1600x1200
currency
USD
device
mobile
appType
2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

sport-request-id
3aa7469c-50df-420a-ae5d-02b437b6b74b
cf-cache-status
HIT
age
0
expect-ct
max-age=86400, enforce
content-encoding
br
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 07:42:22 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:17 GMT
content-type
application/json;charset=UTF-8
last-modified
Wed, 18 Sep 2024 07:42:17 GMT
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-csv
false
x-frame-options
SAMEORIGIN
cache-control
public, max-age=5
x-envoy-upstream-service-time
8
x-js-verification
false
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8c4fb2ccabf98cb9-EWR
access-control-allow-origin
https://8xbe493.app
x-xss-protection
1; mode=block
server
cloudflare
simple
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/match/ Frame
0
0
Preflight
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/match/simple?sid=1&iidList=3501056&inplay=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
apptype,browser,currency,device,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,x-checksum,region
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2c9ca248cb9-EWR
content-length
0
date
Wed, 18 Sep 2024 07:42:16 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-content-type-options
nosniff
x-csv
false
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
simple
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/match/
2 KB
0
XHR
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/match/simple?sid=1&iidList=3501056&inplay=true
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c233314c55d1380a1d59ec9644c5d6fdf590559e6b50e5c7ba351dbc14374ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en-us
screen
1600x1200
currency
USD
device
mobile
appType
2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

sport-request-id
3aa7469c-50df-420a-ae5d-02b437b6b74b
cf-cache-status
HIT
age
0
expect-ct
max-age=86400, enforce
content-encoding
br
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 07:42:22 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:17 GMT
content-type
application/json;charset=UTF-8
last-modified
Wed, 18 Sep 2024 07:42:17 GMT
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-csv
false
x-frame-options
SAMEORIGIN
cache-control
public, max-age=5
x-envoy-upstream-service-time
8
x-js-verification
false
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8c4fb2ccabf98cb9-EWR
access-control-allow-origin
https://8xbe493.app
x-xss-protection
1; mode=block
server
cloudflare
simple
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/match/ Frame
0
0
Preflight
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/match/simple?sid=1&iidList=3501056&inplay=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
apptype,browser,currency,device,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,x-checksum,region
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2c9ca258cb9-EWR
content-length
0
date
Wed, 18 Sep 2024 07:42:16 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-content-type-options
nosniff
x-csv
false
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
1092490305504105
connect.facebook.net/signals/config/
23 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1092490305504105?v=2.9.167&r=stable&domain=8xbe493.app&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C196%2C195%2C197%2C202%2C203%2C204%2C200%2C192%2C128%2C159%2C191%2C193%2C119%2C153%2C141%2C147%2C185%2C186%2C125%2C228%2C113%2C124%2C229%2C161%2C116%2C231%2C162%2C132%2C120%2C150%2C144%2C111
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f3547b8214faaee8c443c7c86fda8ee94669ed2f0fbfbc52cb7abbc97656ec8e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
MODERATE; q=0.3, rtt=205, rtx=0, c=67, mss=1232, tbw=129133, tp=148, tpl=0, uplat=38, ullat=0
pragma
public
x-fb-debug
BjRQAiD9ind9/xb5IItVmo72rmIlZUQzQCtnVF7KRgR1+QUFFkCnkTMsO4FxA/y1DXcQOdoaEfiw6BuSHgSkdg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/
0
23 B
Image
General
Full URL
https://www.facebook.com/tr/?id=267180006171117&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2FsportEvents&rl=&if=false&ts=1726645336590&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=GET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
MODERATE; q=0.3, rtt=206, rtx=0, c=36, mss=1232, tbw=23034, tp=97, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
197 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=267180006171117&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2FsportEvents&rl=&if=false&ts=1726645336590&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=FGET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7415885250636905332"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:16 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
PPlTmbcOE93EDpm7mf4oDoNCMDMUSGnZztcnU/GN7vM0YZMZML3NOxer+mwTH/zeUhJb5pegSqR0NZYEXUdb9g==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7415885250636905332", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
MODERATE; q=0.3, rtt=206, rtx=0, c=36, mss=1232, tbw=23226, tp=99, tpl=0, uplat=29, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
720.png
qvjyxrjte001-be-source.8xdfd3t6f.com/badge/countryflags/
1 KB
0
Image
General
Full URL
https://qvjyxrjte001-be-source.8xdfd3t6f.com/badge/countryflags/720.png
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2a4ddd2e9c4805fca439e55cc65f8250bc5734678cb4825d506db1ba2a5a8e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-bgj
imgq:85,h2pri
etag
"1e9044f1e02d791c8be4d80a91d8b347"
age
177
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, OPTIONS
cf-polished
origFmt=png, origSize=2129
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
image/webp
content-disposition
inline; filename="720.webp"
vary
Accept
last-modified
Wed, 29 Nov 2023 07:56:03 GMT
x-frame-options
SAMEORIGIN
access-control-allow-headers
browser,currency,devicemode,phonebrand,screen,time-zone,x-uuid,x-checksum
cache-control
max-age=300
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c5c85b422b-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
1208
x-xss-protection
1; mode=block
server
cloudflare
img_0-850f5a67.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
3 KB
0
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/img_0-850f5a67.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
850f5a67a12d5dfaa683d2aa0df050d28c1196f91a07ce099eecf1490899e8e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"156bd9a597e439904de79ab281aebdfd"
age
1655484
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
binary/octet-stream
last-modified
Thu, 29 Aug 2024 05:49:40 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c28e19422b-EWR
accept-ranges
bytes
content-length
3498
x-xss-protection
1; mode=block
server
cloudflare
football-jersey-texture-52b00c16.png
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

football-jersey-texture-0212602c.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
5 KB
5 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/football-jersey-texture-0212602c.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0212602c70f02c38e590a5dce12b73b165a0318581a2262928c5c4536c9e0cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"9ebb1fd1526794569ab92cf564d551ef"
age
1655484
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:17 GMT
content-type
binary/octet-stream
last-modified
Thu, 29 Aug 2024 05:49:23 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2cdfef4422b-EWR
accept-ranges
bytes
content-length
5056
x-xss-protection
1; mode=block
server
cloudflare
ht-b2fbabac.svg
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
1 KB
778 B
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/ht-b2fbabac.svg
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2fbabac02eb192a2dee15ead37949dc912d6eaa71f23368cfdbcea9cdc40bd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"0afbc22e1e2589eb11897f3198a113fd"
age
1655485
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:17 GMT
content-type
image/svg+xml
last-modified
Thu, 29 Aug 2024 05:49:25 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2ce0f06422b-EWR
x-xss-protection
1; mode=block
server
cloudflare
corner_kick-dec8ed8d.svg
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
2 KB
1 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/corner_kick-dec8ed8d.svg
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dec8ed8dc60368ef43cbcfb6c1f2a3e79310b519380624524436f9be23f4b0fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"95062639e5435193393e0690764e24c4"
age
1655485
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:17 GMT
content-type
image/svg+xml
last-modified
Thu, 29 Aug 2024 05:49:18 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2ce0f07422b-EWR
x-xss-protection
1; mode=block
server
cloudflare
simple
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/match/
12 KB
4 KB
XHR
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/match/simple?sid=1&iidList=3475095&inplay=false
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99933aa7d73ad1f40085730ded4f9e597847b498d2ac8e171f845f66cc6994e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en-us
screen
1600x1200
currency
USD
device
mobile
appType
2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

sport-request-id
98fd491d-681a-4787-abbf-135bc1e7d0fa
cf-cache-status
MISS
content-encoding
br
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 07:42:47 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:17 GMT
content-type
application/json;charset=UTF-8
last-modified
Wed, 18 Sep 2024 07:42:17 GMT
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-csv
false
x-frame-options
SAMEORIGIN
cache-control
public, max-age=30
x-envoy-upstream-service-time
10
x-js-verification
false
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8c4fb2d09e288cb9-EWR
access-control-allow-origin
https://8xbe493.app
x-xss-protection
1; mode=block
server
cloudflare
simple
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/match/
12 KB
4 KB
XHR
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/match/simple?sid=1&iidList=3475072&inplay=false
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99933aa7d73ad1f40085730ded4f9e597847b498d2ac8e171f845f66cc6994e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en-us
screen
1600x1200
currency
USD
device
mobile
appType
2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

sport-request-id
98fd491d-681a-4787-abbf-135bc1e7d0fa
cf-cache-status
HIT
age
0
expect-ct
max-age=86400, enforce
content-encoding
br
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 07:42:47 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:17 GMT
content-type
application/json;charset=UTF-8
last-modified
Wed, 18 Sep 2024 07:42:17 GMT
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-csv
false
x-frame-options
SAMEORIGIN
cache-control
public, max-age=30
x-envoy-upstream-service-time
10
x-js-verification
false
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8c4fb2d0ae318cb9-EWR
access-control-allow-origin
https://8xbe493.app
x-xss-protection
1; mode=block
server
cloudflare
simple
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/match/ Frame
0
0
Preflight
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/match/simple?sid=1&iidList=3475095&inplay=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
apptype,browser,currency,device,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,x-checksum,region
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2ce0cab8cb9-EWR
content-length
0
date
Wed, 18 Sep 2024 07:42:17 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-content-type-options
nosniff
x-csv
false
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
simple
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/match/ Frame
0
0
Preflight
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/match/simple?sid=1&iidList=3475072&inplay=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
apptype,browser,currency,device,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,x-checksum,region
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2ce0cae8cb9-EWR
content-length
0
date
Wed, 18 Sep 2024 07:42:17 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-content-type-options
nosniff
x-csv
false
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
simple
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/match/
12 KB
4 KB
XHR
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/match/simple?sid=1&iidList=3475050&inplay=false
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99933aa7d73ad1f40085730ded4f9e597847b498d2ac8e171f845f66cc6994e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

browser
Chrome 129.0.0.0
x-checksum
0667d55d32950d3a3c4239df26b2a830fd3435abb7202b6a142213c7724d88a5
time-zone
GMT-10:00
Referer
https://8xbe493.app/
accept-language
en-us
screen
1600x1200
currency
USD
device
mobile
appType
2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
x-uuid
1cb5216ef97d17ceda82573d84b0b12d

Response headers

sport-request-id
98fd491d-681a-4787-abbf-135bc1e7d0fa
cf-cache-status
HIT
age
0
expect-ct
max-age=86400, enforce
content-encoding
br
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 07:42:47 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:17 GMT
content-type
application/json;charset=UTF-8
last-modified
Wed, 18 Sep 2024 07:42:17 GMT
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-csv
false
x-frame-options
SAMEORIGIN
cache-control
public, max-age=30
x-envoy-upstream-service-time
10
x-js-verification
false
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
8c4fb2d1bec88cb9-EWR
access-control-allow-origin
https://8xbe493.app
x-xss-protection
1; mode=block
server
cloudflare
simple
001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/match/ Frame
0
0
Preflight
General
Full URL
https://001eqvscmhs017ondjp-api.8xdfd3t6f.com/product/business/sport/match/simple?sid=1&iidList=3475050&inplay=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
apptype,browser,currency,device,screen,time-zone,x-checksum,x-uuid
Access-Control-Request-Method
GET
Origin
https://8xbe493.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,x-checksum,region
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4fb2ce1cb68cb9-EWR
content-length
0
date
Wed, 18 Sep 2024 07:42:17 GMT
expect-ct
max-age=86400, enforce
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding, Accept-Language, Currency, Time-Zone, Apptype, Pvd, zoneId
x-content-type-options
nosniff
x-csv
false
x-frame-options
SAMEORIGIN
x-js-verification
false
x-xss-protection
1; mode=block
svg_3D_live-12ee673d.svg
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
4 KB
2 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/svg_3D_live-12ee673d.svg
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12ee673d12fca8dc3dcd79c1c28191d6ef764149a7669b88cabd5ed9d7116833
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"28c35f70e33aa7fb9a0bf72f50efcb8e"
age
1617533
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:17 GMT
content-type
image/svg+xml
last-modified
Thu, 29 Aug 2024 05:49:59 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2ce1f12422b-EWR
x-xss-protection
1; mode=block
server
cloudflare
Lottie-36fa85e8.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
252 KB
66 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/Lottie-36fa85e8.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
658d42bf21863c56552e38b412b3d51d6b29e693e8300868d00af1ee19699bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"55c47a24def321194e30b04142032907"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:17 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:44:46 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2ce8ae9191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index-f73136e6.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
54 KB
21 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-f73136e6.js
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-d61f4db0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
959149a26d64a1df6c759832dae8b82473362a9f4bfaa1a68772de6eff159298
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-d61f4db0.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"f64f3a66d493dd2ecc9c446744c4a90d"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:17 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:53 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2ce8aea191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
/
en-001fxh9-sports-stream.articqq123.blog/ Frame 78EE
0
0
Document
General
Full URL
https://en-001fxh9-sports-stream.articqq123.blog/?liveUrl=https://live.chengyangkaisuo.com/live/263269_4bbc7763c07a7680fc3d0a4c8185b8c2_autoChange.m3u8?auth_key=1726659391-0-0-e8eead7af8ebc763eaa33060536d70e6&type=videoJs&isPc=true&vendorId=vd001
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
16.163.52.102 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-16-163-52-102.ap-east-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash

Request headers

Referer
https://8xbe493.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 18 Sep 2024 07:42:18 GMT
etag
W/"5478-LJCi+1Q3RCxWlUwJ1V3T37bIaVY"
server
nginx
x-envoy-upstream-service-time
8
x-powered-by
Express
431614.png
qvjyxrjte001-be-source.8xdfd3t6f.com/badge/competitors/
24 KB
25 KB
Image
General
Full URL
https://qvjyxrjte001-be-source.8xdfd3t6f.com/badge/competitors/431614.png
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4426957dddee1b38120098a03b35467d3e7ae5ac4d9275c654fa78a79c7a539
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-bgj
imgq:85,h2pri
etag
"da57c6b3ef7c4110defdedf266c59d4e"
age
179
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, OPTIONS
cf-polished
origFmt=png, origSize=25913
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:17 GMT
content-type
image/webp
content-disposition
inline; filename="431614.webp"
vary
Accept
last-modified
Tue, 09 Apr 2024 05:57:42 GMT
x-frame-options
SAMEORIGIN
access-control-allow-headers
browser,currency,devicemode,phonebrand,screen,time-zone,x-uuid,x-checksum
cache-control
max-age=300
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2cebf8c422b-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
24916
x-xss-protection
1; mode=block
server
cloudflare
444281.png
qvjyxrjte001-be-source.8xdfd3t6f.com/badge/competitors/
10 KB
10 KB
Image
General
Full URL
https://qvjyxrjte001-be-source.8xdfd3t6f.com/badge/competitors/444281.png
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acd8b6738479c8acb1124da663ad55605cfba1dda098dc884f58954dee29a0f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-bgj
imgq:85,h2pri
etag
"dce2caaba6321d4f039baaf7092badf4"
age
178
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, OPTIONS
cf-polished
origFmt=png, origSize=10305
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:17 GMT
content-type
image/webp
content-disposition
inline; filename="444281.webp"
vary
Accept
last-modified
Wed, 18 Sep 2024 02:14:06 GMT
x-frame-options
SAMEORIGIN
access-control-allow-headers
browser,currency,devicemode,phonebrand,screen,time-zone,x-uuid,x-checksum
cache-control
max-age=300
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2cebf8d422b-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
9762
x-xss-protection
1; mode=block
server
cloudflare
vd001.png
qvjyxrjte001-be-source.8xdfd3t6f.com/badge/competitors/
7 KB
0
Image
General
Full URL
https://qvjyxrjte001-be-source.8xdfd3t6f.com/badge/competitors/vd001.png
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8db2168d5bca48d237eef9c9a90568f5b1aa74af66413fbca28fd6bcd8295d1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-bgj
imgq:85,h2pri
etag
"7196d790e282a9a5a142e54729bb21fb"
age
177
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, OPTIONS
cf-polished
origFmt=png, origSize=19133
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
image/webp
content-disposition
inline; filename="vd001.webp"
vary
Accept
last-modified
Wed, 26 Jan 2022 04:33:48 GMT
x-frame-options
SAMEORIGIN
access-control-allow-headers
browser,currency,devicemode,phonebrand,screen,time-zone,x-uuid,x-checksum
cache-control
max-age=300
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c5c85c422b-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
6702
x-xss-protection
1; mode=block
server
cloudflare
372134939010044
connect.facebook.net/signals/config/
23 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/372134939010044?v=2.9.167&r=stable&domain=8xbe493.app&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C196%2C195%2C197%2C202%2C203%2C204%2C200%2C192%2C128%2C159%2C191%2C193%2C119%2C153%2C141%2C147%2C185%2C186%2C125%2C228%2C113%2C124%2C229%2C161%2C116%2C231%2C162%2C132%2C120%2C150%2C144%2C111
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c82049f44d934c4cea9e337810ea216b75ba4274512d270a9a6bc2eb66100dc1
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:17 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
MODERATE; q=0.3, rtt=208, rtx=0, c=67, mss=1232, tbw=132477, tp=153, tpl=0, uplat=40, ullat=0
pragma
public
x-fb-debug
AFbGx9Xqea5fiMr4YL7CSDSLpOzdcwYgYVol8vDIDtDwufI2YXYvmMsyrsy86PRJA4jZDqiBBuPzXkCeRQ8HRg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/
0
23 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1092490305504105&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2FsportEvents&rl=&if=false&ts=1726645337399&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=GET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
MODERATE; q=0.3, rtt=218, rtx=0, c=37, mss=1232, tbw=24250, tp=103, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Sep 2024 07:42:17 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
202 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1092490305504105&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2FsportEvents&rl=&if=false&ts=1726645337399&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=FGET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7415885254413791512"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:17 GMT
content-type
image/png
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7415885254413791512", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-debug
J1RxWjeneiFZVMcoMQzHxB8U89qHHEUdg5P4izs2Dbe161dZJhBhj3e4RgvU5RvE9GBLTsNGxcRAx5fqseZQmQ==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
MODERATE; q=0.3, rtt=218, rtx=0, c=37, mss=1232, tbw=24474, tp=105, tpl=0, uplat=16, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
empty-7bcab0bf.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
9 KB
9 KB
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/empty-7bcab0bf.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bcab0bfc9998b4940b308b184db7a1d9a923070956e3d84d894411db7de4b28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"8e6af10eb14fa46fcd43b8a4a53ca564"
age
1655475
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:17 GMT
content-type
binary/octet-stream
last-modified
Thu, 29 Aug 2024 05:49:21 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2d1494d422b-EWR
accept-ranges
bytes
content-length
9080
x-xss-protection
1; mode=block
server
cloudflare
bd1-lottie_logo-03705f5c.json
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
167 KB
6 KB
XHR
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/bd1-lottie_logo-03705f5c.json
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03705f5c18eeb7b0c5e53b555f8ff8567c4607733fca7ccb685fbfdeed804f70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://8xbe493.app/

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
HIT
etag
W/"cc008a26cb520a07bc05f11d10918c27"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:17 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Wed, 04 Sep 2024 09:00:43 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2d1cbf6191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
imLive_active-3a4a2ce4.json
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
17 KB
2 KB
XHR
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/imLive_active-3a4a2ce4.json
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a4a2ce466d5dcad5061f6caa4c04bed84df811dc5a3f76133ee03a7430bf2d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://8xbe493.app/

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
HIT
etag
W/"ced23dd5e1dc2aea7ef1ecbf5302c93c"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:17 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Fri, 13 Sep 2024 12:12:28 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2d1cbf7191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
imLive_default-eb0490ad.json
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
20 KB
2 KB
XHR
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/imLive_default-eb0490ad.json
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb0490adf095654d230604e3add04918aa5cc083190cf3c2c09fee602ec8e380
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://8xbe493.app/

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"7d52f4ea0fb5aaba710393c05b46cf32"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:18 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:50 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2d1cbf8191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
realLive_active-fca3b447.json
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
13 KB
2 KB
XHR
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/realLive_active-fca3b447.json
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fca3b4471cf7d79ac45cba711172ea4357d9e8a60294092951133e454cb3c5c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://8xbe493.app/

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"b3e12e990959f1be706f2e00dfe5498a"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:18 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:46:05 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2d1cbf9191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
realLive_default-795963bf.json
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
16 KB
2 KB
XHR
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/realLive_default-795963bf.json
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
795963bf5b2b8b2d4b297f493664846df35c448977038c2155cf43eff5879a8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://8xbe493.app/

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"d3b6ad9802d93c8c0c5b6afb530444aa"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:18 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:46:05 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2d1cbfb191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
H5_active-4075ba1b.json
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
19 KB
2 KB
XHR
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/H5_active-4075ba1b.json
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4075ba1b4ab7f4a1bd541359927626cad966fe27ac5beb908a5bf480355be182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://8xbe493.app/

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
HIT
etag
W/"fcbf0d65a1ad2f66396782fb2b4586bc"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:17 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Fri, 13 Sep 2024 12:11:18 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2d1cbfc191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
H5_default-77432716.json
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
23 KB
2 KB
XHR
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/H5_default-77432716.json
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
774327166159e0a44af4414699a9f6cfd76abf405a4a290bc2cd187cd8ca47c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://8xbe493.app/

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"98e497daaba4ad183de98ce7386adf05"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:18 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:44:44 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2d1cbfd191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
DATA_active-eb9caf08.json
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
14 KB
2 KB
XHR
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/DATA_active-eb9caf08.json
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb9caf085e505e2a09cb9bd70baacfbfb2d63526728d4bfea595979b58ee00d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://8xbe493.app/

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
HIT
etag
W/"24af7774794efb53285be9648e38bda6"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:17 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Fri, 13 Sep 2024 12:11:17 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2d1cbfe191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
DATA_default-b95a3179.json
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
16 KB
2 KB
XHR
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/DATA_default-b95a3179.json
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b95a3179c39e32efe71b2c10ed6ce4d9fa44ffc91142be95d5a1f4e9d85852b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://8xbe493.app/

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"ff9dfc4c877af4a9ba3667d02d670189"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:18 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:44:43 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2d1cbff191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
gear-20ce374a.json
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
47 KB
3 KB
XHR
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/gear-20ce374a.json
Requested by
Host: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1c732274.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20ce374a77a5c2de855cf565b2c0b14ef7f37dd8bc5916bb0e958e72165e2068
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://8xbe493.app/

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
HIT
etag
W/"4b5ac5cb31196e6725cc4a513e695cce"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:17 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Wed, 04 Sep 2024 09:01:18 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2d1cc00191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
117.png
qvjyxrjte001-be-source.8xdfd3t6f.com/badge/countryflags/
2 KB
0
Image
General
Full URL
https://qvjyxrjte001-be-source.8xdfd3t6f.com/badge/countryflags/117.png
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2efdd21817ca0915c8c726d1b51944c63a8683ce26ac447034c6222d7397986d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-bgj
imgq:85,h2pri
etag
"24fd2101684e216002850307e767d129"
age
177
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, OPTIONS
cf-polished
origFmt=png, origSize=3160
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:15 GMT
content-type
image/webp
content-disposition
inline; filename="117.webp"
vary
Accept
last-modified
Wed, 29 Nov 2023 07:28:31 GMT
x-frame-options
SAMEORIGIN
access-control-allow-headers
browser,currency,devicemode,phonebrand,screen,time-zone,x-uuid,x-checksum
cache-control
max-age=300
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2c5c859422b-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
2174
x-xss-protection
1; mode=block
server
cloudflare
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-FH93J8TSNS&gtm=45je4990v873231969za200zb9103934971&_p=1726645331220&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1889026432.1726645332&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEA&sid=1726645332&sct=1&seg=1&dl=https%3A%2F%2F8xbe493.app%2F&dt=&_s=3&tfd=8966
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FH93J8TSNS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://8xbe493.app/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 18 Sep 2024 07:42:18 GMT
content-type
text/plain
server
Golfe2
1121367928863310
connect.facebook.net/signals/config/
24 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1121367928863310?v=2.9.167&r=stable&domain=8xbe493.app&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C196%2C195%2C197%2C202%2C203%2C204%2C200%2C192%2C128%2C159%2C191%2C193%2C119%2C153%2C141%2C147%2C185%2C186%2C125%2C228%2C113%2C124%2C229%2C161%2C116%2C231%2C162%2C132%2C120%2C150%2C144%2C111
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e9bcf04096cab9e2546d20a745db4c87a9a32e9301297c25f66a2e1eba1989ff
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:18 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
MODERATE; q=0.3, rtt=208, rtx=0, c=67, mss=1232, tbw=135757, tp=158, tpl=0, uplat=38, ullat=0
pragma
public
x-fb-debug
3o+nylKSUiu6UrDX2LMqk/o9mJlk7kIaYxQf8PqkF06V8KcPpGF00bWlUyLmSyga/xp4mHRlQvTZdrTAzl0G9w==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/
0
23 B
Image
General
Full URL
https://www.facebook.com/tr/?id=372134939010044&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2FsportEvents&rl=&if=false&ts=1726645338142&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=GET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
MODERATE; q=0.3, rtt=212, rtx=0, c=38, mss=1232, tbw=25770, tp=110, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Sep 2024 07:42:18 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
204 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=372134939010044&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2FsportEvents&rl=&if=false&ts=1726645338142&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=FGET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7415885258819731498"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:18 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
5uIHFiKJi2rmAv4yQTN4VJJGrNHsCG9GRrMICclangi2E1Pe0dqbJcCvzaJc1rUReSaD9MKOUog8z3FKbaFxGA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7415885258819731498", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
MODERATE; q=0.3, rtt=212, rtx=0, c=38, mss=1232, tbw=25994, tp=112, tpl=0, uplat=22, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
index-dc562a33.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
3 KB
2 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-dc562a33.js
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3daa7d305d470184d28a22a7096efb31f450e1eb31d7aed6c6f25dfe3f5abbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-f73136e6.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"f85004d8b1c72bbceee524914fa236e8"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:18 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:53 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2d38c86191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
index-b7b24eb9.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
5 KB
3 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-b7b24eb9.js
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fda6b27ca37b7e13148194b70eb3795e0ceb631d7e0c84efca248f121cdb9a8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-f73136e6.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"50437ba1254e12a27db2c7e5be54d815"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:18 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:52 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2d38c87191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
expert.helper-c1d05730.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
2 KB
2 KB
Script
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/expert.helper-c1d05730.js
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
745412f5149cced41a526ef55e5e6abda8587991dd6b282d2baa8ab761c63bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://8xbe493.app
Referer
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-f73136e6.js

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
br
cf-cache-status
MISS
etag
W/"565e8e56510e7a59a7d59a08093c610b"
expect-ct
max-age=86400, enforce
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:18 GMT
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 16 Sep 2024 10:45:33 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2d38c89191b-EWR
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
431614.png
qvjyxrjte001-be-source.8xdfd3t6f.com/badge/competitors/
24 KB
0
Image
General
Full URL
https://qvjyxrjte001-be-source.8xdfd3t6f.com/badge/competitors/431614.png
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4426957dddee1b38120098a03b35467d3e7ae5ac4d9275c654fa78a79c7a539
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-bgj
imgq:85,h2pri
etag
"da57c6b3ef7c4110defdedf266c59d4e"
age
179
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, OPTIONS
cf-polished
origFmt=png, origSize=25913
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:17 GMT
content-type
image/webp
content-disposition
inline; filename="431614.webp"
vary
Accept
last-modified
Tue, 09 Apr 2024 05:57:42 GMT
x-frame-options
SAMEORIGIN
access-control-allow-headers
browser,currency,devicemode,phonebrand,screen,time-zone,x-uuid,x-checksum
cache-control
max-age=300
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2cebf8c422b-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
24916
x-xss-protection
1; mode=block
server
cloudflare
444281.png
qvjyxrjte001-be-source.8xdfd3t6f.com/badge/competitors/
10 KB
0
Image
General
Full URL
https://qvjyxrjte001-be-source.8xdfd3t6f.com/badge/competitors/444281.png
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acd8b6738479c8acb1124da663ad55605cfba1dda098dc884f58954dee29a0f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-bgj
imgq:85,h2pri
etag
"dce2caaba6321d4f039baaf7092badf4"
age
178
cf-cache-status
HIT
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, OPTIONS
cf-polished
origFmt=png, origSize=10305
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:17 GMT
content-type
image/webp
content-disposition
inline; filename="444281.webp"
vary
Accept
last-modified
Wed, 18 Sep 2024 02:14:06 GMT
x-frame-options
SAMEORIGIN
access-control-allow-headers
browser,currency,devicemode,phonebrand,screen,time-zone,x-uuid,x-checksum
cache-control
max-age=300
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2cebf8d422b-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
9762
x-xss-protection
1; mode=block
server
cloudflare
/
www.facebook.com/tr/
0
23 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1121367928863310&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2FsportEvents&rl=&if=false&ts=1726645338463&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=GET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
MODERATE; q=0.3, rtt=210, rtx=0, c=39, mss=1232, tbw=26970, tp=115, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Sep 2024 07:42:18 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
208 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1121367928863310&ev=PageView&dl=https%3A%2F%2F8xbe493.app%2FsportEvents&rl=&if=false&ts=1726645338463&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726645332721.678353989914723989&ler=empty&cdl=API_unavailable&it=1726645331887&coo=false&rqm=FGET
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7415885260021875005"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:18 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
G4AsH/L4RK2Fgs0Btj0VXvRhkL7cwr4K7X8PD2xqHpt7a7NiUxmo6L8ncU6tqx5+DNYhzD66AGoXDDcgJdUfTA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7415885260021875005", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
MODERATE; q=0.3, rtt=210, rtx=0, c=39, mss=1232, tbw=27210, tp=118, tpl=0, uplat=19, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
empty-7bcab0bf.webp
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
9 KB
0
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/empty-7bcab0bf.webp
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bcab0bfc9998b4940b308b184db7a1d9a923070956e3d84d894411db7de4b28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cf-cache-status
HIT
etag
"8e6af10eb14fa46fcd43b8a4a53ca564"
age
1655475
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:17 GMT
content-type
binary/octet-stream
last-modified
Thu, 29 Aug 2024 05:49:21 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2d1494d422b-EWR
accept-ranges
bytes
content-length
9080
x-xss-protection
1; mode=block
server
cloudflare
orderIcon-fa120e46.svg
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
2 KB
984 B
Image
General
Full URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/orderIcon-fa120e46.svg
Requested by
Host: 8xbe493.app
URL: https://8xbe493.app/sportEvents
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa120e46868f940d31658234b779a837048ec0aa9b64ab28c20318392e41380a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"9b52239c4f57661a0ee4a3d1c2b561a8"
age
1605358
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 07:42:18 GMT
content-type
image/svg+xml
last-modified
Thu, 29 Aug 2024 05:49:52 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=2678400
x-js-verification
false
referrer-policy
same-origin
cf-ray
8c4fb2d69c7b422b-EWR
x-xss-protection
1; mode=block
server
cloudflare
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-XK42L1XPP5&gtm=45je4990v9188334131za200&_p=1726645331220&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1889026432.1726645332&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=4&dl=https%3A%2F%2F8xbe493.app%2FsportEvents&dr=https%3A%2F%2F8xbe493.app%2F&sid=1726645332&sct=1&seg=1&dt=8Xbet%20-%20Official%20Betting%20Partner%20of%20Manchester%20City%20FC&en=page_view&_et=3469&tfd=12075
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XK42L1XPP5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://8xbe493.app
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 18 Sep 2024 07:42:21 GMT
content-type
text/plain
server
Golfe2
favicon.ico
8xbe493.app/
15 KB
15 KB
Other
General
Full URL
https://8xbe493.app/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
43.198.114.34 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-198-114-34.ap-east-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c803056db1549bed4fb118d7c21e6a8ab04c9f21d4da77e72fa669f2a1e0aa9f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://8xbe493.app/sportEvents

Response headers

x-amz-version-id
null
etag
"c2264df6dd61bbf40ddd857ca48e0db9"
x-amz-request-id
B4DW2WSQZAKQ4VQ3
content-length
15406
date
Wed, 18 Sep 2024 07:42:21 GMT
content-type
image/vnd.microsoft.icon
last-modified
Mon, 16 Sep 2024 10:46:17 GMT
server
nginx
x-amz-id-2
wphpZ2TS5vsRhuKPtAoh5yGFiQTonQJIN4jnfLOB/DvWDpYe/p1kM4KHWZp04cGPSM6mP23C7Kk=
index-1f8e26de.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-5f510a76.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-0ad8a487.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-093cb8d8.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-9ff667c7.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-ca30eb3b.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-7a73d942.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-83186511.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-3fb7046d.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-093b1f7b.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-0958195b.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-a8b03392.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-1469d699.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-2f7a41af.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-c55d2181.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-fdc16bf5.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-2baf8b56.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-807abba1.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-ad0c7121.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-6fd1195c.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-ad1f72e6.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-dbf9eb5c.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-88f228ab.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-881c1c47.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-ddfb37f7.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-ac6497e4.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-c4b5d4e6.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-faf1b195.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-b3788a48.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-ee79352e.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-d54af0e3.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-9b9f17d7.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-339f6eed.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-f4ed19cc.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-01b8ca63.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-4c588328.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-12e596e9.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-a8b06636.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-cb8131e6.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-4cb4dfd4.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-af15c729.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-70a83c75.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-abacb527.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-b25f2d02.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-e47033c9.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-fecd79eb.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-593fa907.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-e5a9083d.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-14303abf.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-1cf8439e.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-150137b7.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-8d89d51b.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-37ced3a6.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-b3234eca.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-db1985ab.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-95696e69.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-cf9a2954.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-a90b7fa7.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-7ce686e9.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-ef0eccc2.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-780f5377.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-80def148.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-e87be2c3.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-201ca3b4.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-f5a6063f.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-429ce56b.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-956f60eb.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-92a19659.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-9ee0fdc9.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-1841c914.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-d079f94a.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-7cc3cb3b.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-25e7a27f.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-15e5712e.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-678d7018.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-c6bb82e5.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-95f7f5f1.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-56b529bd.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-1f4b51d2.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-d3d20102.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-9e38291d.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-90008cfa.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-84c48c6a.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-c1a00282.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-07bae609.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-29c78a99.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-e5beb819.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-f23c9844.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-7a2c242b.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-ad1e7160.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-891fa1d1.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-4ffc77b9.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-8d2f2035.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

index-8e55de5c.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/bd1-manchester-0947702f.png
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/Home@3x-4330c5c5.png
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/tennis@3x-4b8b4017.png
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/record@3x-3b7d7441.png
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/basketball@3x-c67ca619.png
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/soccer@3x-0ac516b7.png
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/bd1-background_xl-66e0e48a.png
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/img_0-b798485a.png
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/bd1-primary_logo-369b864f.png
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/not-login-4c0626b3.png
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/youtube-86efc2b5.png
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/instagram-62daf3ee.png
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/18-2b5b48b5.png
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/testing-97935473.png
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/facebook-8639109b.png
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/bd1-manchester-094ab3e0.png
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/tiktok-b36f17a0.png
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/aware-817a1f2c.png
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/football-jersey-texture-52b00c16.png
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1f8e26de.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-5f510a76.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-0ad8a487.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-093cb8d8.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-9ff667c7.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-ca30eb3b.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-7a73d942.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-83186511.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-3fb7046d.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-093b1f7b.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-0958195b.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-a8b03392.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1469d699.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-2f7a41af.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-c55d2181.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-fdc16bf5.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-2baf8b56.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-807abba1.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-ad0c7121.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-6fd1195c.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-ad1f72e6.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-dbf9eb5c.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-88f228ab.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-881c1c47.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-ddfb37f7.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-ac6497e4.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-c4b5d4e6.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-faf1b195.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-b3788a48.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-ee79352e.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-d54af0e3.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-9b9f17d7.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-339f6eed.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-f4ed19cc.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-01b8ca63.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-4c588328.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-12e596e9.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-a8b06636.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-cb8131e6.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-4cb4dfd4.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-af15c729.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-70a83c75.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-abacb527.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-b25f2d02.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-e47033c9.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-fecd79eb.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-593fa907.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-e5a9083d.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-14303abf.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1cf8439e.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-150137b7.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-8d89d51b.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-37ced3a6.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-b3234eca.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-db1985ab.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-95696e69.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-cf9a2954.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-a90b7fa7.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-7ce686e9.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-ef0eccc2.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-780f5377.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-80def148.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-e87be2c3.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-201ca3b4.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-f5a6063f.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-429ce56b.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-956f60eb.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-92a19659.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-9ee0fdc9.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1841c914.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-d079f94a.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-7cc3cb3b.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-25e7a27f.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-15e5712e.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-678d7018.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-c6bb82e5.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-95f7f5f1.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-56b529bd.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-1f4b51d2.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-d3d20102.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-9e38291d.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-90008cfa.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-84c48c6a.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-c1a00282.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-07bae609.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-29c78a99.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-e5beb819.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-f23c9844.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-7a2c242b.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-ad1e7160.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-891fa1d1.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-4ffc77b9.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-8d2f2035.js
Domain
29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL
https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-8e55de5c.js

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| _0x2c3f function| _0x5d01 function| _0x19dd function| _0x1890 function| _0xd4f94c function| _0x383b82 function| _0x20310e function| _0x2de9 function| _0x5726 object| _env_ function| _0x1a49 function| _0x3100 function| _0x29c7c1 object| dataLayer function| _0x18b0 function| _0xdbb7 function| _0x1ee7fb function| fbq function| _fbq function| _0x3d2ece function| _0x415d function| _0x4985 function| uxGtag function| _0x3b57 function| _0x10d5ac function| _0x48d0 string| _version function| _0x4df3a5 function| _0x8a90 function| _0x2f72 object| vendorEnv object| oldEnvConfig object| oldIpInfo object| ipInfo object| deferredCallbackList boolean| isOnline object| isOnlineCallbackList function| notifyIsOnline function| getNewSportConfig object| $env function| subscribeDeferredPrompt function| subscribeIsOnline object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal string| TiktokAnalyticsObject object| ttq object| log function| Hammer object| $lotteryObserver boolean| __vite_is_modern_browser object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks

9 Cookies

Domain/Path Name / Value
.8xbe493.app/ Name: _ga
Value: GA1.1.1889026432.1726645332
.tiktok.com/ Name: _ttp
Value: 2mEcmDEQcjbjH6PARWXwzamYfrU
.8xbe493.app/ Name: _fbp
Value: fb.1.1726645332721.678353989914723989
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.8xbe493.app/ Name: _tt_enable_cookie
Value: 1
.8xbe493.app/ Name: _ttp
Value: h3idRfPVoKOTMaYu1-SLIki0pW_
.8xdfd3t6f.com/ Name: _cfuvid
Value: LbjwNfLUmPu2rPF5jrXDx6p5FW1ohh1.9cgv4g6K8ek-1726645335470-0.0.1.1-604800000
.8xbe493.app/ Name: _ga_XK42L1XPP5
Value: GS1.1.1726645332.1.1.1726645336.0.0.0
.8xbe493.app/ Name: _ga_FH93J8TSNS
Value: GS1.1.1726645332.1.1.1726645336.56.0.0

1 Console Messages

Source Level URL
Text
network error
Message:
A bad HTTP response code (404) was received when fetching the script.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

001eqvscmhs017ondjp-api.8xdfd3t6f.com
29hxa5qjxxye001-fluid.8xdfd3t6f.com
8xbe493.app
analytics.google.com
analytics.tiktok.com
connect.facebook.net
en-001fxh9-sports-stream.articqq123.blog
i18n-001fxh9.jiezhixinjituan.com
kq2v379m73nkp9b001-fe-source.8xdfd3t6f.com
qvjyxrjte001-be-source.8xdfd3t6f.com
stats.g.doubleclick.net
td.doubleclick.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
29hxa5qjxxye001-fluid.8xdfd3t6f.com
13.226.34.116
16.163.52.102
2001:4860:4802:36::181
23.44.111.30
2606:4700::6812:1a29
2607:f8b0:4004:c06::9a
2607:f8b0:4006:80b::2008
2607:f8b0:4006:80d::2002
2607:f8b0:4006:816::200e
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:83:face:b00c:0:25de
43.198.114.34
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
0144170b6557fdd5463bb97f85366b0d3fac64465e18834d60905487b157be8b
0212602c70f02c38e590a5dce12b73b165a0318581a2262928c5c4536c9e0cbc
03705f5c18eeb7b0c5e53b555f8ff8567c4607733fca7ccb685fbfdeed804f70
078a0021abf1e4c2b75873ad091ba1d43abd64fe9598bde04a704f8c4f83be82
09aa6106d6b9789309734ee4f9d37ec72eb06112a19d11116466faa42b844664
0cad72a1e03907ba19d15d22a63b86d07a7153f10c1bb95bd4486f779637e12b
0ce132b49fb61dae0c44c60470605d24a0f17066be17835d6c68fb224489fea3
0e06196b57998e04e0e5cc8b78b030f8351868def039e1f419dfada1f4d443c8
10e2467f59e11b33e4881cfdfd329f4ad22fdf458827e1bc19af942de2392e9e
10f6d837149efb0b41442f9eaab4ec2ecdd4a4406bb091a078edc2419cb33714
12ee673d12fca8dc3dcd79c1c28191d6ef764149a7669b88cabd5ed9d7116833
16ba0d67faf5e86fee3e8e3efe9a2d532887fef9747569cbad0e8a80608da8bf
171d08a4273625dea9657553180e46645df43f2b14ced5e29b470bd8132dda47
175c8b77c1bcce1c551f5ffb321a1746ee88a9c3fd0054802978e4cec121e290
19049f32b31124fccfb8d96d8ecad8ff4c4840689d45abaee512823a65b0f1b1
191633ec5f4b865fe070298101c0a0112062e4fefb8f7a8ab3fe08c83f4452a4
1d5f2f88cc6878ff4e0aae3390fd18150f235de1777502c34304f81b9ea1a9be
1da6b4ee7b8a9e1a59632c8a5cace098119539514f5fd9173f097e979c5c7694
20ce374a77a5c2de855cf565b2c0b14ef7f37dd8bc5916bb0e958e72165e2068
21072e72c9b2af88a5f90b10808621ed816fec8fc7aa1690e3c740fab31aa77c
23ddec45ebe78819fc6b18c52e8c852f90468c15af84c12e6779de6d954d1dff
23ee36536b34ca7687c6f41193aa7b8a3657405155ae77d80d102cf35653c57e
23f1406d64d4d518d777d3ec71841203ffb8cca88e25379978021e4ad15aa28f
2621935862c0d736ffc1fe34b261eaf2c10240a61e2db4767f98fcedc0fe483c
26a30e2ad1cd2a0339b0cd3413ce6807150092c96599797690b28c85d836a11d
2cabba12b9c6b0f2eed215654ca7b11033dfea6503ab45f79e9e90eb1f386b25
2cc5b8218559e02dec01d88a591a5b40ce753f0ed1b0c8585e1a8205771e977a
2efdd21817ca0915c8c726d1b51944c63a8683ce26ac447034c6222d7397986d
2f966b58f66198c6cdc8ae9867c304f6dc092f24c63b61cca8ffa2c9c9f2dc94
302af3772ba81c0855f9cfd6002f4437fa6aa8ac5446985102d2ecd2a58d8844
30381964bbfa3b0a446a73718e85e92f46d9afd9e285f7fe30a2e514619af7c4
30e107f0fd9d8746e6254db96d0121d8a7859a67f146f743a26bf84f0d7e2d14
32549811c283e718eda4157daa0e3528aa256927831cf70ae3db24fae5dd62ba
33652d66c1ea1481a7d5d9aa4054c061caad4bd607d777f56c0275735f71f195
369b864f7de597756888c657deab8921e100041ae22dbd8b792c98f7df3b0e59
389a2363e482d36126bf3429cc953e798f0572ff256d4ffc265a342a3092bc7f
397a8599acbac2863a2b77c6e8e3afda83b39eb013d7418b2a33322d176e5513
3a4a2ce466d5dcad5061f6caa4c04bed84df811dc5a3f76133ee03a7430bf2d4
3aeb7ce2d35ee4d4b5bc34067eb323e2b6d82c2f9a9c0eb56513649d9525a5dd
3dc65eada0b69879523b852762fdde5255cceb9d91a8a85b010366b1c1acbb69
3de2cfb2b645c8dad7c3e024f90ebe9ca745fd8cc87637fa1fe771d97f68af7b
3e4a0ac5b05093fb43aaeedf969b79f739ef0c4800675228f40fa3c913936397
3ed744aa38a0b82ab89ecef47b49eb1b251588648c89da29dd4fecfddb5126c9
3fd230c8261011b536c8debf2999d4d1a638ee1f612ae886ce59651e95ee32a2
4075ba1b4ab7f4a1bd541359927626cad966fe27ac5beb908a5bf480355be182
40d6f96983e15f070d94d18673359f62b3ab7768215d896b67716a7d8e47718b
41fdd14f9aaa4042d94ddd0c58b8e9059471ee3d3a926d4f3bc826fb67397ba0
4415e655e24c97c5500871243d4c4b5e737d2a54ca3ab9693f0b91690272da8a
4700baf4ac786b1e95031d2b6ba840380a342e9cc3f4d41481456541be1f132a
483937ac02ee91baf02e1330c8ff65eb57ae76af45bd110284c5b6f6231c3aa4
49127621beb5d0a0d790d2765a5c397c124683303f34d4491eb90d2dcf45f75a
4a5f36d5120b4f07b6d0b9e01958d663f0b8efd963d6bb0bf1070cea8f5cd8ed
4fbeaef4a57e9332df7381e59b393a39f82714d1d9722f72e577d8886d80dbbf
5199f006420f41558489156d742c81cf71d3743a8f635dd32a273a8912936c70
5353afaa986d34a28d83eec258f55a3e678d77c4ad2d01ee0517621aa67f1768
54a56c8ba24832c0ee4b8c3a78324f945f05a79b2652edd7f0a3ccac9ec1b88e
5799c0c4f9da6bcba5447d89f0385b1f5744b78729d4920bc505fcaf6162e8da
588aaecc16b625d1d3ed44f90984ecc24197060a9b5dc6e437a6980827f06560
5c233314c55d1380a1d59ec9644c5d6fdf590559e6b50e5c7ba351dbc14374ff
5ca5c8a5db9397a75507564800b777863fc4d6bcd2c80726fe63fcf4a430887f
5cdc89d3a5d884fdf82af21db9ca2b9ea9f7d7c8884256c602cef1158e727126
5d77ceb169d68ad72dce0b82b34607825de850b374ec7455706045b77a7f6fa7
601ba5de6f9ed22f73c0fd6685213eeda5bd66af289123b48ca8390010f23eec
6158457aaa4103b2234da8cfa5bca7804e2421bcea0928800c4905e7e129bee9
61a8cbf106a632a52453c636adb67a7d2541d864e791888bdd4a687b9f5a9564
62a81191ef22d0e2fbbb5e192809ea3ba0742ac6b6e4815b42b6a8b7fedb382b
62f948376fdfc699703e0bab3633daa80c81d35960f4299d925e6de349f3de28
645a3ad2baa6983e984113378434219d3319c15757b92d0ae915e67dd2254c38
64a3abe46639f8ee97b8be78b8053e2019ab81554931588006279b86480e3847
654e0654da03f226a1c4eb67568b2f2de5b25497c52592ac65324df44170f078
658d42bf21863c56552e38b412b3d51d6b29e693e8300868d00af1ee19699bc2
6859835df7debbc131132e615403f3026f77d00e327dff04366286a6549cdc6e
6ac6c4ec0b7941e8819ec4a635e879867c437d261b5afd046cfb8d4a459ac248
6b6d749329207f0af84dd52e7ef06e640c95c0b9b35053db03af3422d9e1069d
6b7194fc85f8d45245facdfc5755232544b4db772d8f71d943bb5ac4b9e900a9
6bae050b697fd1ecd21e206f4058ba190af124258b045810662fd8c590ff1799
6c80c3e9f044583940670ba70dc78298df90bc263bd92b560209c477269f1f59
6e484cb1c81b104717d69ed165a10e63b0286e5d8679dd9016c098676837ff3c
6eade210358ca6b41631cf5c309c6b1a3fa1c043133ef84d5fc6b173ac1c9928
6f04c627121bbdc77c52f48bad832829342902c14780fe41f56cb7258bec3c7c
6f9a452ddf2ce663910737d7113476315f9e556de87af4dc41bd03035fe9dd2a
70ef7fa8d40505947992aaa63a22ba757d232b29dde11dafb399fbe7deeaa14a
713c63272e30567b0a739869da93fa1a2aef45ff3f042e959f52341fba995da3
72d5683cf38325e02112d9d923d1eb071b9a11b4d6a3c7216b96d83c512fe2d5
739f51bc3ab37ab91a77eccbd89f2e5179de661859caaed3c2e7cc1d12e9ed24
745412f5149cced41a526ef55e5e6abda8587991dd6b282d2baa8ab761c63bb3
74e604bdc067bb9c0122652a26af17d19e8cdc99a7ed34c174ae03cc485fc465
75e99cdd7e840dcbeda0e018dd257dd18ec3435b2c295ac8adc3cfca16841313
774327166159e0a44af4414699a9f6cfd76abf405a4a290bc2cd187cd8ca47c7
77bfa3fcc3cae2793be66159dbf260977da050d4853d70d9d2781977f288099c
795963bf5b2b8b2d4b297f493664846df35c448977038c2155cf43eff5879a8a
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4
7b83f6cd9c904785f2d56d7b0bb302159e260d7997631a39ec36a3a00f0c565e
7bcab0bfc9998b4940b308b184db7a1d9a923070956e3d84d894411db7de4b28
7ffa06929aded0d40a74d335246440ac3cf22cfe5cb54431d2d384f6a8a97978
82d5680a4446ec6927f3a8b4d625f851be1eb7937a4153a88034fc962a4d2560
850f5a67a12d5dfaa683d2aa0df050d28c1196f91a07ce099eecf1490899e8e5
864072a3229468b4abd5debaf97f3ed17b77f098513c523746cb825ee183e68f
87816e8b9d0cad50f88398be843fb6afce3e63ab46a6f49a5dec23a190e4c716
8823ccc18301459e1e3c8651eaaffc971b326f264973fda22a22c10f6fdce3ef
89e39445033d9a87deb5aa9b5dce4752b2b6df9bc823ea4ebd028fddd4043209
8ac3140c770ec7371ba07de61599e2d73aa46f3ae9c93f8c5b71b855c2dd9df4
8cc5e37d63342a0309a4f288f840a5b92fa99c738a9d274da916eaa5e0662c3c
8db2168d5bca48d237eef9c9a90568f5b1aa74af66413fbca28fd6bcd8295d1a
8de1b212909b38e32bd73b21cb88bc1755f4b28afea192caa34d9e2290f7b455
8ed85a2c9e6944e4f20aa370bd6c4629422bddbce087175e7f8a986a11d5bf6c
902c7c53c4b115c87050ea20d9eb877663d86bde1349b444172e62abe59b66b2
92424af8d0bea162d915fb671bac8eca52068706b3fe72674ffc0f2c48a13253
948dbc3bf23accba6301fa85f6dbd456a4a8c4a66430d3556a0f475f083e9fa2
95601228596ad7ec43885eb2312936dfa59a01a8f4df1bbbe3d275152ea3c30c
9576b3e2712faeeb8d6ad2f6c9011203651e5282952bc426ffa32cbadfc830d7
959149a26d64a1df6c759832dae8b82473362a9f4bfaa1a68772de6eff159298
9742073ef7fc795e7673d98f272992843298426a0ffd8cb3507784df5143608b
975a4fccca4ff575ed94a448f774d628c2047d45b187d64d0a9ee8cbb62c8e14
99933aa7d73ad1f40085730ded4f9e597847b498d2ac8e171f845f66cc6994e9
9a0a3cb9fc76dafb2836919f64135945937b6631cc9eea15195f741ba0716b17
9a0f884873749415b521b609410bb3ae8160b25720a08b422aea5339ec641252
9a35e25ca2fbd821a7c52632072ef39c5dcb9107634ee04790e479deeb5ef0cf
9b8dc5f8d2d8ac655c55992fc7dd36a92452c01027593e89e18e281c0881843d
9c7458101aeb51328fe01d46e2fad5ece4996682602ff035748cf57c72e7620b
9eb057b6f0abf72569722840351f2ddfd7aeb207861838ae9fe1dd2c6240fb74
a396206307a55e6fdff224fd32c5de2335015f7ae69beef6e75f1b90da057ebc
a4c3c31d30c0314f54161ee2e0a65c4d5da4a68d3ddece9f93759f786825bf3e
a5042a492610f318ceddeb8993b799dd200172f374db65673298e6be4e2f9daf
a56e5bce4dc7cc755d5cbf27a71134be941401831ef71f6c94ee2f76e662c61d
a5dd3c29062cdd05d073f7d35f9f708a256579bd19e3dcefc25169e5ba0d7e80
a957e7d42322baa921d49b0d50aa521981f1aac41afc7443b3eb024d9b803c8d
a9dfe201636fcff850f5c263c5b60b0d8371069b61978ec961af54b9b289f968
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab948c181ee78085dee34725c0af18343dba7d4ec9bb67445f7fc650a4ea4caa
abd82e795b692c920409925e3e6e07caffd97562edd63fb9aa5c67a3ef49ee82
abf9109bccf372cd0c0245bb6ce8138d919524e213b44144f566b44f67003052
acd8b6738479c8acb1124da663ad55605cfba1dda098dc884f58954dee29a0f1
af1c86e75d02baa1a235c5fd331270f7c58c9abb2a3b2801d277979f4d476d12
b02947b8590e91a2db0ee059179a9e6a7f2eb5322d9c6a766d938e7011b91997
b16645a57d43e13a1c11d22821fe4f35eb38bdb2a89e85e86332e2550f0f2666
b2fbabac02eb192a2dee15ead37949dc912d6eaa71f23368cfdbcea9cdc40bd1
b5f749d9eff82a15f2daea960576ec69898b146f13f27671eb79fc92deb9a252
b95a3179c39e32efe71b2c10ed6ce4d9fa44ffc91142be95d5a1f4e9d85852b6
b9c55d3ae8ecb3a65f0f88b295c35aa6ee41617e4c913f8d049f04e607fbfb12
b9d15ccdb330fd274031bdbd5920bbb9e94cb5369e3da733318c31cee0ba225f
b9e87885e056cecd731aad0e38e1007667d972204049e7aadecee7fe799cf285
ba90b53082facb6efd3cd9c6f0ca123cc1f5a4f5b13b186aa4fd9ae25c555609
beaa03b778e48d9e77e01cf905fd7bd2f262192e4ff12a5be36f22c380eb0b24
c2a4ddd2e9c4805fca439e55cc65f8250bc5734678cb4825d506db1ba2a5a8e1
c3aa46babe19081e4e58a47c06247ccae40bbd3f0b4d133845627ea2e0cce2f5
c57b5c1e43ed169c7b362275e420f41da00be1236439d1f4658c6687631ebcb2
c624e7846eee3557f7f3ffe52dad340c5b76003ff04953c9f9ecdb8c70cf658d
c66c18c7207fb62a2c0ba7e8c4ef6e0d372141667932301f64edede539073844
c6ff78c6d3d6d296bbfebffba6882d830999d9605ef4053c63050a83e84a0e43
c803056db1549bed4fb118d7c21e6a8ab04c9f21d4da77e72fa669f2a1e0aa9f
c82049f44d934c4cea9e337810ea216b75ba4274512d270a9a6bc2eb66100dc1
c9c628294e47de7a2e5cb2ae9fabd032543cf684a88cc6b44746569238a9edfc
cb25ce9049eafe780422ee56442848aae25f17a93e0dcf7e9223d88df9534ddb
cc608194b577e64ff096ca34a3f08c787bca3232569ecd7a6a350162f04ba8cf
cc940219c3316c88d41b09c1f34bb15609e7beab290918f61b292d747eff7117
ce8e392914cf34a31be1e9fde58523abaf2851fe902b203a5e3dfd79b61b7420
cedfc9fbde93457bd9c4aac757837d787aca4d5048ff0150d330f107f767715c
ceff03adfc4fad17fd06b741bc78199c6845bca371a1fac97d97940b8d49236f
cf39967458343a39c6ecf520747f9c62216760eb46acd489cef83ea752ddee1e
d17e761bf8fb409e48d54260b27601c9f254a1c5fbb41215d494e483f45b7cee
d1c5b0f7c2ce1d1b999ed18ddd3b16671558bacc723dcadbaf0a6ea7282b8d72
d3daa7d305d470184d28a22a7096efb31f450e1eb31d7aed6c6f25dfe3f5abbc
d54ae544d1053bcc3715efd0bcb695cf05e27eb9242c5fc2b895d05238fcf1d3
d8db8956626e5c2a26d3bd4219f9110795a379227518b0cf8564c6346f47445b
daaff45223f93b1714fd283ec8497f5ee78cdb71f36dc3587099dbe713e7a677
dc1c320fcde0c7e5c55e875f8737c3c6356553baa12208ffd23b9978ffb731ec
dc7125f2f5c97ac301d7e3f488dcb2feaf2893d26ebf9df947472218bd3a2e32
dc750913a5a7456fcfe9a392d432bc3f34480c0864178a142d858eb55f429e2e
dcd4abeae334b71434cd47757c83e5521539f8e9fac0bb1db5992f111705d71f
dd1ec0ba895308707c5b2bdefecc7b62765b7807b8222713d5dcf837498fd6b9
dec8ed8dc60368ef43cbcfb6c1f2a3e79310b519380624524436f9be23f4b0fa
df295f4ac2a38778c8e7bacb3b77ac975fdafe6bdee9bae1a2bbf11ad008ebde
df74cbf05565fd69a9d756142726bcf288d94a6e13e3b362b24b457149985cdf
e0c83bad892e83ca10d2af4b91e9199d01db6ca23b39db389b56f0565262f289
e1952ce639ec1bd27999eeb90c8ee8593b6082502c972a81716105992b3b8e44
e1ee23d3d72709e70ba3ba2153e6dec76ec491de97e659b778a673c600463a41
e272dd8ae10fd7ad0a25d7ae345b54e1e00d983c219f094090e08e22f7294dcc
e28df832e8d46fca4740dee05e9d307eb097a1980b55857f60b8a18f556c7191
e29ef5332bdc55fbaa7d0170397d446c9d30c889eb284347267cb83db64688d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bf092187b59c917a7aa224efa9ca98dbac2df734e64573ba444f3ff4c71146
e6b6ccbdf6d1944e9becb8a8ad4dedde959d16e5bdb1cfc29818d7d83e5cc456
e8aca50e1cc5749b9013654a02cea5c87a0ede347ab2bc480b393a9bcd1cd9a7
e90f51f0872bcb799fffe8ed80822b9e169cd259dd3471b5c018f6837fcee281
e9bcf04096cab9e2546d20a745db4c87a9a32e9301297c25f66a2e1eba1989ff
ea3efa717caebc5252b262403f58d8664738902a063912e2cfc3435c63735541
ea4457f9e23fd3e0ab33c498cdb59b8e5f4d8113ea0a88ce943d7312a9ef5bca
ea512b3d0a8ca78151d2122302ce315f63379bda6a4901cc07101b35a06a1f1f
eb0490adf095654d230604e3add04918aa5cc083190cf3c2c09fee602ec8e380
eb9caf085e505e2a09cb9bd70baacfbfb2d63526728d4bfea595979b58ee00d1
ec35572fe972eef5b9921b9535da7ec3b9b02d52f5cdab53c9ad6fe5f27a41d4
ec5e28ff645af171e6a7ec90b6c01689d0d96ec4dec448d7b0419a93c5bad09d
ecf2b1fb67af53780e398912d235d7ae2e1333f6f576a666bc9c8cf66113b0e4
ed4dc6abd5bfb298c1e6a5bb867e1864dd893db9f84dc7f41b0c869315f17a05
efd7be125915ea2ebf6d2c7faf3cc5b421d65b11f075fb5ef090d368c6edf363
f04f383999be168d07b335452e930ee29dc33bc66dad3f1a6503d87ca338f465
f106190bca26bd35269be8de87b6002ae13c5010910a715202a65a57089ef51c
f3547b8214faaee8c443c7c86fda8ee94669ed2f0fbfbc52cb7abbc97656ec8e
f3d43bcc1eef8926d858242a3cb0beac4d6a213b31bc904f6ea5002244df444d
f4426957dddee1b38120098a03b35467d3e7ae5ac4d9275c654fa78a79c7a539
f4a536c6a2484962422cdc55e7b01eedd562c9c1b8f25c4ba078edf06dc4e8e5
f5b1af5afa0acb4cf9e99c30dedd3b440fbf06439dba46d78812475e05465f04
f785e4eb85b670ca55d7902104fc2c8a983ee34b4afc3f374ab720e95a89a4c7
f8a0752295d49386e41e5eb09e04dcabab1e05cdfc8b21f17fc39e110f1a6973
fa120e46868f940d31658234b779a837048ec0aa9b64ab28c20318392e41380a
fca3b4471cf7d79ac45cba711172ea4357d9e8a60294092951133e454cb3c5c9
fd027e66aa9d7df91fe6c67a2f28cad2eeebf8e6e5ab0003fa2852db4c0b9297
fd7a47de9ede0eeb07f413eee335ced9bf103699f898ee36adecd8878ef2812c
fda6b27ca37b7e13148194b70eb3795e0ceb631d7e0c84efca248f121cdb9a8b