urlscan.io logo urlscan.io
SecurityTrails logo

bncddntr-turns7-wheel.cloud Open in urlscan Pro
2606:4700:3031::6815:ba8  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://bncddntr-turns7-wheel.cloud/home
Submission: On November 09 via api from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 23 HTTP transactions. The main IP is 2606:4700:3031::6815:ba8, located in United States and belongs to CLOUDFLARENET, US. The main domain is bncddntr-turns7-wheel.cloud.
TLS certificate: Issued by WE1 on November 9th 2024. Valid for: 3 months.
This is the only time bncddntr-turns7-wheel.cloud was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

IP Address AS Autonomous System
1 17 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a03:2880:f08... 32934 (FACEBOOK)
4 2a03:2880:f17... 32934 (FACEBOOK)
23 3
Apex Domain
Subdomains		 Transfer
17 bncddntr-turns7-wheel.cloud
bncddntr-turns7-wheel.cloud
289 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
4 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
79 KB
23 3
Domain Requested by
17 bncddntr-turns7-wheel.cloud 1 redirects bncddntr-turns7-wheel.cloud
4 www.facebook.com bncddntr-turns7-wheel.cloud
3 connect.facebook.net bncddntr-turns7-wheel.cloud
connect.facebook.net
23 3

This site contains no links.

Subject Issuer Validity Valid
bncddntr-turns7-wheel.cloud
WE1		 2024-11-09 -
2025-02-07		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-18 -
2024-11-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bncddntr-turns7-wheel.cloud/home
Frame ID: 319286756F6E057373A0E30318693DC8
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Giriş yap | Binance

Page URL History Show full URLs

  1. https://bncddntr-turns7-wheel.cloud/home Page URL
  2. https://bncddntr-turns7-wheel.cloud/cdn-cgi/phish-bypass?atok=60JkrTFzyaUArnzwo4OLpa1H51HfusY8al0aEWuu08w-173117... HTTP 301
    https://bncddntr-turns7-wheel.cloud/home Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

23
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

371 kB
Transfer

970 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bncddntr-turns7-wheel.cloud/home Page URL
  2. https://bncddntr-turns7-wheel.cloud/cdn-cgi/phish-bypass?atok=60JkrTFzyaUArnzwo4OLpa1H51HfusY8al0aEWuu08w-1731175899-0.0.1.1-%2Fhome HTTP 301
    https://bncddntr-turns7-wheel.cloud/home Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
home
bncddntr-turns7-wheel.cloud/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bncddntr-turns7-wheel.cloud/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:ba8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6b4c753824193d81f67d86d525ba290b8e99afbdd0dab13731ada7df5d1811c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cf-ray
8dffc43beeaa9b4b-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 09 Nov 2024 18:11:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nJbIdlg4I9DVz8ZV7ObUwlNfaF8SfwYx7PJU83DxFLythTbDpAL7p99S%2BJ9txlfhN9AlldqlT22xw9jDqj3cZliSmoZlhW%2BYbwyImDyaTHPpCfww1Iqt0FY71AFE5KoQzT6BqAhXjuwstTKnfjyYjVlfpQEc97tT79M%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf.errors.css
bncddntr-turns7-wheel.cloud/cdn-cgi/styles/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bncddntr-turns7-wheel.cloud/cdn-cgi/styles/cf.errors.css
Requested by
Host: bncddntr-turns7-wheel.cloud
URL: https://bncddntr-turns7-wheel.cloud/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:ba8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bncddntr-turns7-wheel.cloud/home

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
content-encoding
gzip
etag
W/"672b8dd6-5df3"
x-content-type-options
nosniff
cf-ray
8dffc43c2ee59b4b-FRA
expires
Sat, 09 Nov 2024 20:11:39 GMT
date
Sat, 09 Nov 2024 18:11:39 GMT
content-type
text/css
last-modified
Wed, 06 Nov 2024 15:40:06 GMT
server
cloudflare
x-frame-options
DENY
icon-exclamation.png
bncddntr-turns7-wheel.cloud/cdn-cgi/images/ 		452 B
671 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bncddntr-turns7-wheel.cloud/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: bncddntr-turns7-wheel.cloud
URL: https://bncddntr-turns7-wheel.cloud/cdn-cgi/styles/cf.errors.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:ba8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bncddntr-turns7-wheel.cloud/cdn-cgi/styles/cf.errors.css

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
etag
"672b8dd6-1c4"
x-content-type-options
nosniff
cf-ray
8dffc43ca99cc963-IAD
expires
Sat, 09 Nov 2024 20:11:39 GMT
accept-ranges
bytes
content-length
452
date
Sat, 09 Nov 2024 18:11:39 GMT
content-type
image/png
last-modified
Wed, 06 Nov 2024 15:40:06 GMT
server
cloudflare
x-frame-options
DENY
favicon.ico
bncddntr-turns7-wheel.cloud/ 		808 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bncddntr-turns7-wheel.cloud/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:ba8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bncddntr-turns7-wheel.cloud/home

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ybIaJTEOKV4tU5d8CzNcuH7PSUYDRUd00aD3PIO5CRw%2BQZdt4RdeZDgVZo2YVQU8%2BtILm0oVPrhBEQVR5u0E%2BISwuoAYI8%2F9z7JC9A9vBVqQT3%2BZBcAo9fWzZjvEXlxtMHs3vncoSM%2BiJmLzTOJjqE38M8BV5RP%2Bv1s%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dffc43d6b49c963-IAD
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=116228&sent=14&recv=11&lost=0&retrans=0&sent_bytes=4888&recv_bytes=4811&delivery_rate=244&cwnd=12000&unsent_bytes=0&cid=29d4223ad20642d7&ts=430&x=1", cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 18:11:39 GMT
content-type
text/html
last-modified
Fri, 04 Oct 2024 15:02:32 GMT
vary
Accept-Encoding
server
cloudflare
Primary Request home
bncddntr-turns7-wheel.cloud/
Redirect Chain
  • https://bncddntr-turns7-wheel.cloud/cdn-cgi/phish-bypass?atok=60JkrTFzyaUArnzwo4OLpa1H51HfusY8al0aEWuu08w-1731175899-0.0.1.1-%2Fhome
  • https://bncddntr-turns7-wheel.cloud/home
47 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bncddntr-turns7-wheel.cloud/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:ba8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.3.13 PleskLin
Resource Hash
515c286f142873108179be92b9a5c5c8aba9aed27781441acc167a46b8c7b982

Request headers

Referer
https://bncddntr-turns7-wheel.cloud/home
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8dffc454ce66c963-IAD
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Sat, 09 Nov 2024 18:11:43 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V0RPatHb4cQv6AfZAFT0kQ1jnc7fHwf1kCnUIxcdOt25Lk%2BPmHI8WMkXuOGPI7LKUcHmv8BMXXyq3u6qvaxNRdp4taFHl3UWOWST5Tc2HnqUTxACqt0wPME2vFyDYBwjv%2BQiZlJV1af0YqBnzo11d0tGVZPg127lKWI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=114976&sent=20&recv=16&lost=0&retrans=0&sent_bytes=6565&recv_bytes=5915&delivery_rate=211&cwnd=12000&unsent_bytes=0&cid=29d4223ad20642d7&ts=4190&x=1" cfHdrFlush;dur=0
vary
accept-encoding
x-powered-by
PHP/8.3.13 PleskLin

Redirect headers

cache-control
private, no-cache
cf-ray
8dffc4540ce0c963-IAD
content-length
167
content-type
text/html
date
Sat, 09 Nov 2024 18:11:43 GMT
location
https://bncddntr-turns7-wheel.cloud/home
server
cloudflare
x-content-type-options
nosniff
x-frame-options
DENY
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: bncddntr-turns7-wheel.cloud
URL: https://bncddntr-turns7-wheel.cloud/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6dba87f2bb4627686798df345a05d779c19b18fe0ab7366e2269786bc3251798
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-wCfslKwx' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bncddntr-turns7-wheel.cloud/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 09 Nov 2024 18:11:43 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-wCfslKwx' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=23, mss=1232, tbw=4436, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
+613liVmXKe34wh8fCFjxu7qDVnu9/nvgTqkFSGZ4HdeCa97aAtIr7kCkFUjn1aeiBMG7Gk8zs5TpF282OLLrA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62105
x-xss-protection
0
origin-agent-cluster
?1
874629221479362
connect.facebook.net/signals/config/ 		76 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/874629221479362?v=2.9.176&r=stable&domain=bncddntr-turns7-wheel.cloud&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
29723094f9a1a5dbeba0dcb55f5d794ae7b2cb229de38fb51542384bfa699484
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-sYQmAGDw' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bncddntr-turns7-wheel.cloud/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 09 Nov 2024 18:11:44 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-sYQmAGDw' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=77, mss=1232, tbw=70322, tp=66, tpl=0, uplat=166, ullat=0
pragma
public
x-fb-debug
l+bP13j8nnAuAtb36qv0lI7Cq+p8lsvPxIYf5XN5PW2MST/yp7QVZdDNIMBuL9/tgP+m6dfltxcqwY/fYnD8xw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?1
4438110b.css
bncddntr-turns7-wheel.cloud/css/ 		175 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bncddntr-turns7-wheel.cloud/css/4438110b.css
Requested by
Host: bncddntr-turns7-wheel.cloud
URL: https://bncddntr-turns7-wheel.cloud/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:ba8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
6c3af8380f41217255e09a46d00e0bda5ee981f36b135adea86bbea1ae2aeaa8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bncddntr-turns7-wheel.cloud/home

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"66764cc1-2bb66"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OqpOuqVejqJij1ARWskDV6DSKHKRsL%2FAEFMlTx2r4recd2qqc1cnVea9LqxXbSHlM471y1FDpAs0ZfJG7l90jujM%2Bgprn9t2hcfruBD0QAW8zDxoxz8TYfPm5%2F4yueHZtTtOtdHwzNJObb0EpdZAVTZlmcYp%2FCW70NA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dffc4580dbfc963-IAD
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=123324&sent=69&recv=38&lost=0&retrans=0&sent_bytes=58201&recv_bytes=10389&delivery_rate=81948&cwnd=24000&unsent_bytes=0&cid=29d4223ad20642d7&ts=4789&x=1", cfHdrFlush;dur=32
date
Sat, 09 Nov 2024 18:11:44 GMT
content-type
text/css
last-modified
Sat, 22 Jun 2024 04:02:09 GMT
x-powered-by
PleskLin
server
cloudflare
vary
Accept-Encoding
94583742.css
bncddntr-turns7-wheel.cloud/css/ 		91 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bncddntr-turns7-wheel.cloud/css/94583742.css
Requested by
Host: bncddntr-turns7-wheel.cloud
URL: https://bncddntr-turns7-wheel.cloud/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:ba8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
84e8b4360132024f5156c8f88daf5e00a4835197b212be2f62a91f65c038a40b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bncddntr-turns7-wheel.cloud/home

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"66763bff-16ca2"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IQcMMp24%2B53Umen0dVHY5DaO13l5%2FpG160yXaVVIuV0jW3kOJuQn8bKLM2Gku6%2BKGVzeGdoMZdjlLSL0%2FCvTtOqU8Yq%2Fu3TZ9g6b1fCVJ5FTn0g5ObZWTPAOYHsWvg01ub34JmIPdyL3OZW%2Fbo0IFgLeZmwwlFIc9aE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dffc4580dc3c963-IAD
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=123324&sent=64&recv=38&lost=0&retrans=0&sent_bytes=53197&recv_bytes=10389&delivery_rate=81948&cwnd=24000&unsent_bytes=0&cid=29d4223ad20642d7&ts=4726&x=1", cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 18:11:44 GMT
content-type
text/css
last-modified
Sat, 22 Jun 2024 02:50:39 GMT
x-powered-by
PleskLin
server
cloudflare
vary
Accept-Encoding
13c2cba1.chunk.css
bncddntr-turns7-wheel.cloud/css/ 		62 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bncddntr-turns7-wheel.cloud/css/13c2cba1.chunk.css
Requested by
Host: bncddntr-turns7-wheel.cloud
URL: https://bncddntr-turns7-wheel.cloud/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:ba8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
693baab0c3c3b24be1464a5ed722dd6906ce1da4d9f7e50ac4a0b499f922eab2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bncddntr-turns7-wheel.cloud/home

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"66764d12-f8c7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8qIRmQ2fIumoz4vq2QgNd4Q3SM%2B9GcQe%2FxaWnqYYV2S0r%2FOu5ZyrO6y3GjUaB6QnZ6O6LPzU7jVZGZUk4DoGGJKWDpIAaRFc9QYkOz3Xd21WZd7aMiFZ2jC6srou1romMShXyLVBZPfVDamMOanFpgKFz28GS13fXGQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dffc4580dc4c963-IAD
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=123324&sent=47&recv=38&lost=0&retrans=0&sent_bytes=34201&recv_bytes=10389&delivery_rate=81948&cwnd=24000&unsent_bytes=0&cid=29d4223ad20642d7&ts=4709&x=1", cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 18:11:44 GMT
content-type
text/css
last-modified
Sat, 22 Jun 2024 04:03:30 GMT
x-powered-by
PleskLin
server
cloudflare
vary
Accept-Encoding
3a29be03.chunk.css
bncddntr-turns7-wheel.cloud/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bncddntr-turns7-wheel.cloud/css/3a29be03.chunk.css
Requested by
Host: bncddntr-turns7-wheel.cloud
URL: https://bncddntr-turns7-wheel.cloud/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:ba8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
f69f5d83b13e9269f2abb50a186081b8472479e5ef23f00e99bc4b635aeb6d9d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bncddntr-turns7-wheel.cloud/home

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"66764be7-930"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oox6bP97hJvmDYAg71AGcfflV%2B9T%2FsX03uRPdaAW28%2FGr1bK5Zi9k8Xpzj0SpuLQ46w1usOG4C7%2BfgjOgW%2BMtL6hmRTXQhD4llF8KhHz7j%2B%2BeWxqgsgM0QOHo%2FdYjfI8sIS1DQjgDtEE6wEnVB7OcFo4JB8ZI25fgRo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dffc4580dc5c963-IAD
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=123324&sent=69&recv=38&lost=0&retrans=0&sent_bytes=58201&recv_bytes=10389&delivery_rate=81948&cwnd=24000&unsent_bytes=0&cid=29d4223ad20642d7&ts=4730&x=1", cfHdrFlush;dur=91
date
Sat, 09 Nov 2024 18:11:44 GMT
content-type
text/css
last-modified
Sat, 22 Jun 2024 03:58:31 GMT
x-powered-by
PleskLin
server
cloudflare
vary
Accept-Encoding
extra.css
bncddntr-turns7-wheel.cloud/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bncddntr-turns7-wheel.cloud/css/extra.css
Requested by
Host: bncddntr-turns7-wheel.cloud
URL: https://bncddntr-turns7-wheel.cloud/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:ba8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
6c7c9c8a65cd26728628e85c495ca299e1d2d0f1918ddd53944a1b7d6de8480f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bncddntr-turns7-wheel.cloud/home

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"66764caf-771e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YtcgOT1baxdsGecD2GsBqQIuQQqyfHmOXQDMXRW1Hhijddzj1wJiVgbKN1nMMQlMcMj%2F8o0ss8sq0xNNnrvr8FbfZ%2BMgsampFvtbxm1d5MuFJN1sZ1kVeuC90lZ1H8BIfUxbkFIWUPGx6Lk6rH1Os89gyL1N51RsrM8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dffc4580dc7c963-IAD
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=123324&sent=58&recv=38&lost=0&retrans=0&sent_bytes=46812&recv_bytes=10389&delivery_rate=81948&cwnd=24000&unsent_bytes=0&cid=29d4223ad20642d7&ts=4718&x=1", cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 18:11:44 GMT
content-type
text/css
last-modified
Sat, 22 Jun 2024 04:01:51 GMT
x-powered-by
PleskLin
server
cloudflare
vary
Accept-Encoding
download.png
bncddntr-turns7-wheel.cloud/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bncddntr-turns7-wheel.cloud/images/download.png
Requested by
Host: bncddntr-turns7-wheel.cloud
URL: https://bncddntr-turns7-wheel.cloud/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:ba8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
2001deeb7d475b4174b0bf4b74f1fcd6a16b6aaf6b0d2ff3fe069d018f272273

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bncddntr-turns7-wheel.cloud/home

Response headers

cf-cache-status
MISS
etag
"6675bb57-d89"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yIDC7GtbxHPLIMQcWWKutMlCp%2BhjgoLoty3sqSzWnTS5JN5HI%2BA0JW%2Baj8X8H8hUbP8uWdG2e9jMI12xkQS%2FIRSvTHclSL2Ill6giltYxBt%2BnJsp4mWf0denEvwYoyf3s2uYzSufj2Vm%2FmhTBhA8GcY1RqW1l9eoNIQ%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=123324&sent=69&recv=38&lost=0&retrans=0&sent_bytes=58201&recv_bytes=10389&delivery_rate=81948&cwnd=24000&unsent_bytes=0&cid=29d4223ad20642d7&ts=4733&x=1", cfHdrFlush;dur=88
date
Sat, 09 Nov 2024 18:11:44 GMT
content-type
image/png
last-modified
Fri, 21 Jun 2024 17:41:43 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dffc4580dc9c963-IAD
accept-ranges
bytes
content-length
3465
x-powered-by
PleskLin
server
cloudflare
logogoogle.png
bncddntr-turns7-wheel.cloud/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bncddntr-turns7-wheel.cloud/images/logogoogle.png
Requested by
Host: bncddntr-turns7-wheel.cloud
URL: https://bncddntr-turns7-wheel.cloud/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:ba8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
e3d40db99105ff6d19854c303de2525f94659f7ac2fa9fe018b61fabbef0d4af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bncddntr-turns7-wheel.cloud/home

Response headers

cf-cache-status
MISS
etag
"6675ae57-483"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w1TcwhEP1JINJJ8XFkfaxdGpaNnrRK8ZAm9o860lUauFo7CFRLieYYy%2FTAPWxcDQxTvccnIRiWqiJSRnFsXcOxlHg9oFCQmaaPLQQqQb96zzNecdx3b2hA%2FShIMrw79ALvhXm%2B3nZq3%2F7GigSauRWqeProc3gTJI8FM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=123324&sent=56&recv=38&lost=0&retrans=0&sent_bytes=44945&recv_bytes=10389&delivery_rate=81948&cwnd=24000&unsent_bytes=0&cid=29d4223ad20642d7&ts=4715&x=1", cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 18:11:44 GMT
content-type
image/png
last-modified
Fri, 21 Jun 2024 16:46:15 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dffc4580dcbc963-IAD
accept-ranges
bytes
content-length
1155
x-powered-by
PleskLin
server
cloudflare
ios.png
bncddntr-turns7-wheel.cloud/images/ 		486 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bncddntr-turns7-wheel.cloud/images/ios.png
Requested by
Host: bncddntr-turns7-wheel.cloud
URL: https://bncddntr-turns7-wheel.cloud/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:ba8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
cb80eabd76e930ffe41e0431a86372fe3d1a412f1e16da14e0761011f66d0f92

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bncddntr-turns7-wheel.cloud/home

Response headers

cf-cache-status
MISS
etag
"1e6-61b692b67c180"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OWhVo7cIBqrFy2E%2BVvXoV%2FTElIv%2BMfQNseOaaDG9e2qzd%2FeiwwTmbSUqgmc%2B2eeJ8jcOij3U%2BahNK430gh08wuKB9ntLp5i9gsdsN0fzgF94IayByMGJD6HvxQEVw1bi8IA3fZnpDshiyWkL6HJEYroimGGx9Da0o44%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=123324&sent=69&recv=38&lost=0&retrans=0&sent_bytes=58201&recv_bytes=10389&delivery_rate=81948&cwnd=24000&unsent_bytes=0&cid=29d4223ad20642d7&ts=4729&x=1", cfHdrFlush;dur=92
date
Sat, 09 Nov 2024 18:11:44 GMT
content-type
image/png
vary
Accept-Encoding
last-modified
Fri, 21 Jun 2024 16:46:14 GMT
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-accel-version
0.01
cf-ray
8dffc4580dccc963-IAD
accept-ranges
bytes
content-length
486
x-powered-by
PleskLin
server
cloudflare
BinancePlex-Regular.woff2
bncddntr-turns7-wheel.cloud/fonts/ 		59 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bncddntr-turns7-wheel.cloud/fonts/BinancePlex-Regular.woff2
Requested by
Host: bncddntr-turns7-wheel.cloud
URL: https://bncddntr-turns7-wheel.cloud/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:ba8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
fb333dfc868c8c5af243500d6f727f8ed0005110e6bfef678b09854d467d8006

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://bncddntr-turns7-wheel.cloud
Referer
https://bncddntr-turns7-wheel.cloud/home

Response headers

cf-cache-status
MISS
etag
"667624ee-ed10"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jf8sMHQmbEhn5HN7kEUsICyxiQc0XhUR9jBHucXh4GBhHdgSdsropdCPzB5KboopQxq97ybCgGxOoCGSMOrGPzdBx%2B3crraZwK04Ylx%2BvmVDrw2EWLNSG5Cs%2FwnbSPZJyvJpzxTNt54iKmN%2B4ZKA1giyfdxa%2FsZbR4I%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=122435&sent=108&recv=49&lost=0&retrans=0&sent_bytes=102207&recv_bytes=10862&delivery_rate=79008&cwnd=48000&unsent_bytes=0&cid=29d4223ad20642d7&ts=4886&x=1", cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 18:11:44 GMT
content-type
font/woff2
last-modified
Sat, 22 Jun 2024 01:12:14 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dffc4581dd0c963-IAD
accept-ranges
bytes
content-length
60688
x-powered-by
PleskLin
server
cloudflare
517102447761546
connect.facebook.net/signals/config/ 		28 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/517102447761546?v=2.9.176&r=stable&domain=bncddntr-turns7-wheel.cloud&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C134%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C126%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
79cc5725afa5f04550865a9ca817a676b732fee4d3f4244aa8ce8b5be4c77f04
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-tWcsFw3m' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bncddntr-turns7-wheel.cloud/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 09 Nov 2024 18:11:44 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-tWcsFw3m' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=90, mss=1232, tbw=86482, tp=82, tpl=0, uplat=132, ullat=0
pragma
public
x-fb-debug
ZI4SkmAeDoPPEJ2NvVI/pS2WQh4556ETAKXSYO9CT+RJ0k5U6a5EmBWPIm9s9WSG3WNvQW3lyORRWgxRwUFMAw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=874629221479362&ev=PageView&dl=https%3A%2F%2Fbncddntr-turns7-wheel.cloud%2Fhome&rl=https%3A%2F%2Fbncddntr-turns7-wheel.cloud%2Fhome&if=false&ts=1731175904186&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1731175904185.734781143151190978&cs_est=true&cdl=API_unavailable&it=1731175903941&coo=false&rqm=GET
Requested by
Host: bncddntr-turns7-wheel.cloud
URL: https://bncddntr-turns7-wheel.cloud/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bncddntr-turns7-wheel.cloud/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1328, tbw=2895, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 09 Nov 2024 18:11:44 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=874629221479362&ev=PageView&dl=https%3A%2F%2Fbncddntr-turns7-wheel.cloud%2Fhome&rl=https%3A%2F%2Fbncddntr-turns7-wheel.cloud%2Fhome&if=false&ts=1731175904186&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1731175904185.734781143151190978&cs_est=true&cdl=API_unavailable&it=1731175903941&coo=false&rqm=FGET
Requested by
Host: bncddntr-turns7-wheel.cloud
URL: https://bncddntr-turns7-wheel.cloud/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bncddntr-turns7-wheel.cloud/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7435343891356147595"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 09 Nov 2024 18:11:44 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
8oM670E0kDFLNaUxNfGiz+36gMrAthKZYmJgoRqcg06D9S4TqYPTKMXjauKpTgFC1dPyHi2IugnCQcTjCUIj0Q==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7435343891356147595", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1328, tbw=3408, tp=-1, tpl=-1, uplat=159, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?0
/
www.facebook.com/tr/ 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=517102447761546&ev=PageView&dl=https%3A%2F%2Fbncddntr-turns7-wheel.cloud%2Fhome&rl=https%3A%2F%2Fbncddntr-turns7-wheel.cloud%2Fhome&if=false&ts=1731175904349&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1731175904185.734781143151190978&cs_est=true&cdl=API_unavailable&it=1731175903941&coo=false&rqm=GET
Requested by
Host: bncddntr-turns7-wheel.cloud
URL: https://bncddntr-turns7-wheel.cloud/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bncddntr-turns7-wheel.cloud/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1328, tbw=3261, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 09 Nov 2024 18:11:44 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=517102447761546&ev=PageView&dl=https%3A%2F%2Fbncddntr-turns7-wheel.cloud%2Fhome&rl=https%3A%2F%2Fbncddntr-turns7-wheel.cloud%2Fhome&if=false&ts=1731175904349&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1731175904185.734781143151190978&cs_est=true&cdl=API_unavailable&it=1731175903941&coo=false&rqm=FGET
Requested by
Host: bncddntr-turns7-wheel.cloud
URL: https://bncddntr-turns7-wheel.cloud/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bncddntr-turns7-wheel.cloud/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7435343893156584939"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-fb-server-load
36
alt-svc
h3=":443"; ma=86400
date
Sat, 09 Nov 2024 18:11:44 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
++asHRCpFjBkKExdw9lNlJu+rR1X+rqGTR+2Oh5UEOvOMLqeJlJHcztmfCWhqrfuiQQ7sx+qsGZ9Lp8RGQTxBg==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7435343893156584939", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1328, tbw=6248, tp=-1, tpl=-1, uplat=108, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
BinancePlex-SemiBold.woff2
bncddntr-turns7-wheel.cloud/fonts/ 		64 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bncddntr-turns7-wheel.cloud/fonts/BinancePlex-SemiBold.woff2
Requested by
Host: bncddntr-turns7-wheel.cloud
URL: https://bncddntr-turns7-wheel.cloud/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:ba8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
ab55edbaaef0358cc623836d1522fa0f4a1b164e5ad876122bfde83372754d1d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://bncddntr-turns7-wheel.cloud
Referer
https://bncddntr-turns7-wheel.cloud/home

Response headers

cf-cache-status
MISS
etag
"667624e2-ff6c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zhwhc68%2FPtJzb%2BLeVl0xXEz2VsgsZNyx8FKuZn2pjI1CRHJmdixwC5sKEP8GXuxoKFqhBLqEGggyZorCTeWC1vLhzhkCPaxd%2FBb%2BA2bXlYOO7Zkl%2B4ne1nCRb7dBierMIjAYBx6DtbuEtYjt4CwFSH8mxxiE3Sxx2ks%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=118728&sent=163&recv=75&lost=0&retrans=0&sent_bytes=165001&recv_bytes=12884&delivery_rate=640508&cwnd=80400&unsent_bytes=0&cid=29d4223ad20642d7&ts=5308&x=1", cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 18:11:44 GMT
content-type
font/woff2
last-modified
Sat, 22 Jun 2024 01:12:02 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dffc45aec08c963-IAD
accept-ranges
bytes
content-length
65388
x-powered-by
PleskLin
server
cloudflare
BinancePlex-Medium.woff2
bncddntr-turns7-wheel.cloud/fonts/ 		63 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bncddntr-turns7-wheel.cloud/fonts/BinancePlex-Medium.woff2
Requested by
Host: bncddntr-turns7-wheel.cloud
URL: https://bncddntr-turns7-wheel.cloud/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:ba8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
774f97c9687c03c187b227a2cc5e0a26700d18c5d9624ea5d995154c8b117db7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://bncddntr-turns7-wheel.cloud
Referer
https://bncddntr-turns7-wheel.cloud/home

Response headers

cf-cache-status
MISS
etag
"667624e8-fd80"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q%2BGR7sqqqbxFEohBotNSicIWyC5%2FjjI5W52%2Fa2jVeW%2Fo%2Bg3CXf6MrQTfHJMLgUsckjWEE4rLMkntKAFa5gb94i8eCOkyPkXq1sapiWs4KiCDckISLlVeUs6dBGvCmPFtEiXokhYV4phuSSoVNV2jn2fCxHmK7rXfRFg%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=118728&sent=220&recv=75&lost=0&retrans=0&sent_bytes=232532&recv_bytes=12884&delivery_rate=640508&cwnd=80400&unsent_bytes=0&cid=29d4223ad20642d7&ts=5310&x=1", cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 18:11:44 GMT
content-type
font/woff2
last-modified
Sat, 22 Jun 2024 01:12:08 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dffc45aec0cc963-IAD
accept-ranges
bytes
content-length
64896
x-powered-by
PleskLin
server
cloudflare

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| fbq function| _fbq function| _TnvD4h58gdI59ysb45Rcn1oyyI8S39T7LDG0U0DYCLNKHpfo function| _XEs5oG59W9h3nQY3KK8NBxY057j0R63Uw28gpAf7xXMfV5kvM object| _$ object| _LaIQ84Ms8rZH09r8gfj8EH9A25CgyT2Ksb3MIs37q number| _SpP66Vb3kXEg95Sa9o2uD98LO object| _JJvC0a2dy0Wh421p9aNS4g object| _VFrGvH27MR9xPiQ64 object| _BwtI52wKNbxUdf1qZTJ26m5Ak5BI function| validateEmail

3 Cookies

Domain/Path Name / Value
.bncddntr-turns7-wheel.cloud/ Name: __cf_mw_byp
Value: 60JkrTFzyaUArnzwo4OLpa1H51HfusY8al0aEWuu08w-1731175899-0.0.1.1-/home
bncddntr-turns7-wheel.cloud/ Name: PHPSESSID
Value: ajldhu20ph7uuk9do3jk1qgrna
.bncddntr-turns7-wheel.cloud/ Name: _fbp
Value: fb.1.1731175904185.734781143151190978

2 Console Messages

Source Level URL
Text
network error URL: https://bncddntr-turns7-wheel.cloud/home
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://bncddntr-turns7-wheel.cloud/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bncddntr-turns7-wheel.cloud
connect.facebook.net
www.facebook.com
2606:4700:3031::6815:ba8
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2001deeb7d475b4174b0bf4b74f1fcd6a16b6aaf6b0d2ff3fe069d018f272273
29723094f9a1a5dbeba0dcb55f5d794ae7b2cb229de38fb51542384bfa699484
515c286f142873108179be92b9a5c5c8aba9aed27781441acc167a46b8c7b982
693baab0c3c3b24be1464a5ed722dd6906ce1da4d9f7e50ac4a0b499f922eab2
6c3af8380f41217255e09a46d00e0bda5ee981f36b135adea86bbea1ae2aeaa8
6c7c9c8a65cd26728628e85c495ca299e1d2d0f1918ddd53944a1b7d6de8480f
6dba87f2bb4627686798df345a05d779c19b18fe0ab7366e2269786bc3251798
774f97c9687c03c187b227a2cc5e0a26700d18c5d9624ea5d995154c8b117db7
79cc5725afa5f04550865a9ca817a676b732fee4d3f4244aa8ce8b5be4c77f04
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
84e8b4360132024f5156c8f88daf5e00a4835197b212be2f62a91f65c038a40b
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab55edbaaef0358cc623836d1522fa0f4a1b164e5ad876122bfde83372754d1d
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
c6b4c753824193d81f67d86d525ba290b8e99afbdd0dab13731ada7df5d1811c
cb80eabd76e930ffe41e0431a86372fe3d1a412f1e16da14e0761011f66d0f92
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d40db99105ff6d19854c303de2525f94659f7ac2fa9fe018b61fabbef0d4af
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f69f5d83b13e9269f2abb50a186081b8472479e5ef23f00e99bc4b635aeb6d9d
fb333dfc868c8c5af243500d6f727f8ed0005110e6bfef678b09854d467d8006