irsasafety.com Open in urlscan Pro
2606:4700:3037::ac43:98f9 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://irsasafety.com/
Submission: On May 09 via automatic, source certstream-suspicious (May 9th 2021, 4:01:14 pm UTC)

Summary HTTP 70 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 5 countries across 11 domains to perform 70 HTTP transactions. The main IP is 2606:4700:3037::ac43:98f9, located in United States and belongs to CLOUDFLARENET, US. The main domain is irsasafety.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 9th 2021. Valid for: a year.

This is the only time irsasafety.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 15	2606:4700:303... 2606:4700:3037::ac43:98f9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	122.228.91.87 122.228.91.87	134771 (CHINATELE...) (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
4	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:d76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3035::6815:55ed	13335 (CLOUDFLAR...) (CLOUDFLARENET)
36	2606:4700::68... 2606:4700::6812:9124	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.10.104.110 185.10.104.110	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1	139.45.197.234 139.45.197.234	9002 (RETN-AS) (RETN-AS)
70	11

15 2606:4700:3037::ac43:98f9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

irsasafety.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 122.228.91.87 (China)

ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN)

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:d76 (United States)

ASN13335 (CLOUDFLARENET, US)

iclickcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3035::6815:55ed (United States)

ASN13335 (CLOUDFLARENET, US)

video.baobongda.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2606:4700::6812:9124 (United States)

ASN13335 (CLOUDFLARENET, US)

cgnew.fts368.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.10.104.110 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

ss0.bdstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.234 (United Kingdom)

ASN9002 (RETN-AS, GB)

bedrapiona.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	fts368.com cgnew.fts368.com	250 KB
15	irsasafety.com 1 redirects irsasafety.com	165 KB
4	baobongda.online video.baobongda.online
4	google-analytics.com www.google-analytics.com	39 KB
3	googletagmanager.com www.googletagmanager.com	126 KB
2	baidu.com hm.baidu.com	15 KB
1	bedrapiona.com bedrapiona.com	777 B
1	bdstatic.com ss0.bdstatic.com	33 KB
1	iclickcdn.com iclickcdn.com	19 KB
1	51.la js.users.51.la ia.51.la Failed	3 KB
0	bongdatructiep.live Failed bongdatructiep.live Failed
70	11

	Domain	Requested by
36	cgnew.fts368.com	irsasafety.com cgnew.fts368.com
15	irsasafety.com	1 redirects irsasafety.com
4	video.baobongda.online	irsasafety.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com cgnew.fts368.com
3	www.googletagmanager.com	irsasafety.com www.googletagmanager.com
2	hm.baidu.com	irsasafety.com
1	bedrapiona.com	iclickcdn.com
1	ss0.bdstatic.com	irsasafety.com
1	iclickcdn.com	irsasafety.com
1	js.users.51.la	irsasafety.com
0	ia.51.la Failed	irsasafety.com
0	bongdatructiep.live Failed	irsasafety.com
70	12

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-09` - `2022-05-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.users.51.la GlobalSign GCC R3 DV TLS CA 2020	`2020-08-27` - `2022-04-19`	2 years	crt.sh
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-10-20` - `2021-07-26`	9 months	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.fts368.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-05-22`	a year	crt.sh
bedrapiona.com R3	`2021-04-06` - `2021-07-05`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://irsasafety.com/
Frame ID: 0017CBE2CD41E0D88627503C8D334340
Requests: 29 HTTP requests in this frame

Frame: https://video.baobongda.online/2021/03/24/phap.mp4?_=2
Frame ID: 75D72A638353D285EE807575C39F7B28
Requests: 11 HTTP requests in this frame

Frame: https://cgnew.fts368.com/DomainNames/cgnew/home.aspx?date=&sportType=&groupId=&mType=&oddsType=
Frame ID: 4BC722B167F0E26D085CAE486D754EE9
Requests: 3 HTTP requests in this frame

Frame: https://cgnew.fts368.com/Mem/LeftEmpty.aspx
Frame ID: E778E3244318CBB1EDF0358307F05A54
Requests: 3 HTTP requests in this frame

Frame: https://cgnew.fts368.com/DomainNames/ID368CASH/top.aspx
Frame ID: C3EC277E98B3E4570935FDC5C85C129C
Requests: 13 HTTP requests in this frame

Frame: https://cgnew.fts368.com/MEM/Left.aspx
Frame ID: AADF31E391C97DDC4B44DE689D8A7271
Requests: 15 HTTP requests in this frame

Frame: https://cgnew.fts368.com/Mem/LeftEmpty.aspx
Frame ID: 5FE82D38D5BD62A75ED3FADC3725DB3C
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

70
Requests

96 %
HTTPS

60 %
IPv6

11
Domains

12
Subdomains

11
IPs

5
Countries

650 kB
Transfer

2631 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://irsasafety.com/uploads/images/735558.jpg HTTP 301
https://ss0.bdstatic.com/70cFvHSh_Q1YnxGkpoWK1HF6hhy/it/u=2782742454,1144443786&fm=26&gp=0.jpg

70 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
irsasafety.com/ 51 KB
15 KB 439ms
381ms Document
text/html 2606:4700:3037::ac43:98f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irsasafety.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:98f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a20b0ab31c071a30832dc7c308a1409359539fc957dd93fb047b1c95703d1ce6

Request headers

:method: GET
:authority: irsasafety.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:35 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d446f02e2319d5e05ed535a2f1dc6c3c11620576035; expires=Tue, 08-Jun-21 16:00:35 GMT; path=/; domain=.irsasafety.com; HttpOnly; SameSite=Lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 09f374fb0100004e8621208000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GG1ZTgDmxKbrogSIUXPXlHw2yllBY0flT7ywAK0FoqgHuawiJCZP69YcsuUUz7jbVuit0D%2F3HnN6WnZ4Dt9EFlp7gNlMv7sTntKNfa%2Bx01aGfteIUE4RCnTAag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64cc243e69f34e86-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.min.css
irsasafety.com/template/bongda/bongda-ga/static/css/ 50 KB
7 KB 322ms
314ms Stylesheet
text/css 2606:4700:3037::ac43:98f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irsasafety.com/template/bongda/bongda-ga/static/css/style.min.css
Requested by: Host: irsasafety.com
URL: https://irsasafety.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:98f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981

Request headers

:path: /template/bongda/bongda-ga/static/css/style.min.css
pragma: no-cache
cookie: __cfduid=d446f02e2319d5e05ed535a2f1dc6c3c11620576035
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: irsasafety.com
referer: https://irsasafety.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://irsasafety.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:36 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09f374fc9500004e868fbf7000000001
last-modified: Fri, 29 Jan 2021 08:24:14 GMT
server: cloudflare
etag: W/"6013c62e-c8ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EDBndGLz0lq8HNjhrvbTTTXu3IbT9baiK0TZZgXT4VSwAt0kOBIm6xOHPqivL7obbf06NwS85W6YtCIMyjL1n4WdiENMzcFUgYf%2FzfsDRbpVImNSMAvH6CMN%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 64cc2440e8d94e86-FRA
expires: Mon, 10 May 2021 04:00:36 GMT

GET
H2 200 kk-star-ratings.css
irsasafety.com/template/bongda/bongda-ga/static/css/ 3 KB
867 B 325ms
318ms Stylesheet
text/css 2606:4700:3037::ac43:98f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irsasafety.com/template/bongda/bongda-ga/static/css/kk-star-ratings.css
Requested by: Host: irsasafety.com
URL: https://irsasafety.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:98f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc13d07c9b6ca393ac3bcdba88bbdfa8d4f50304f1a22e43fb89722150136a4f

Request headers

:path: /template/bongda/bongda-ga/static/css/kk-star-ratings.css
pragma: no-cache
cookie: __cfduid=d446f02e2319d5e05ed535a2f1dc6c3c11620576035
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: irsasafety.com
referer: https://irsasafety.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://irsasafety.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:36 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09f374fc9600004e864e932000000001
last-modified: Fri, 29 Jan 2021 08:24:14 GMT
server: cloudflare
etag: W/"6013c62e-bad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qvWKWjTWYUGp0xg8gL3qmL9TR8VsdTPGLkdx%2FoetzhKs%2Br9qqvbkvkERZpF36drUE7F8uo0A9DWujVo4WQvTZOPvfXS%2BVjO2BCsDqunYWNJOOArsVHJeSqX%2B4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 64cc2440f8dd4e86-FRA
expires: Mon, 10 May 2021 04:00:36 GMT

GET
H2 200 main.min.css
irsasafety.com/template/bongda/bongda-ga/static/css/ 19 KB
5 KB 322ms
315ms Stylesheet
text/css 2606:4700:3037::ac43:98f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irsasafety.com/template/bongda/bongda-ga/static/css/main.min.css
Requested by: Host: irsasafety.com
URL: https://irsasafety.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:98f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baa8d3bd604f2a4a1ac557a89e045db73777eeb824c3e30d6fd1447415ab7a69

Request headers

:path: /template/bongda/bongda-ga/static/css/main.min.css
pragma: no-cache
cookie: __cfduid=d446f02e2319d5e05ed535a2f1dc6c3c11620576035
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: irsasafety.com
referer: https://irsasafety.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://irsasafety.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:36 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09f374fc9600004e865fa89000000001
last-modified: Fri, 29 Jan 2021 08:24:14 GMT
server: cloudflare
etag: W/"6013c62e-4b82"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QIEZclaSu0wj2LNNfchK6XT37zJj9UGLMAHM8FbX5Cp2PqQDJSWdaN0qKBN0n4Ew8D0dZ%2BU3fucINbRy18J%2FfPXG1mdSX5%2BsENfNxU1tgm%2Be5aHvn7Apnu5jsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 64cc2440f8de4e86-FRA
expires: Mon, 10 May 2021 04:00:36 GMT

GET
H2 200 featured-images.min.css
irsasafety.com/template/bongda/bongda-ga/static/css/ 3 KB
821 B 319ms
312ms Stylesheet
text/css 2606:4700:3037::ac43:98f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irsasafety.com/template/bongda/bongda-ga/static/css/featured-images.min.css
Requested by: Host: irsasafety.com
URL: https://irsasafety.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:98f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e545a7e4d7f69a26daa026799b6ab7caea7cfe6aa822b0038f63c14a5f69cf1

Request headers

:path: /template/bongda/bongda-ga/static/css/featured-images.min.css
pragma: no-cache
cookie: __cfduid=d446f02e2319d5e05ed535a2f1dc6c3c11620576035
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: irsasafety.com
referer: https://irsasafety.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://irsasafety.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:36 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09f374fc9700004e867ca92000000001
last-modified: Fri, 29 Jan 2021 08:24:14 GMT
server: cloudflare
etag: W/"6013c62e-d3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6h382H%2FlJeBMzPyTUPjyj1NoU5AwkTWTCmPBWBwjHoARADRGGiL9KXE%2BVBG9%2BtNq0H6ckLjUVCl5PK%2FZTMPPm46xEhsN2LHUJXcvsGssHtxeXz9NV5GULfeBHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 64cc2440f8e04e86-FRA
expires: Mon, 10 May 2021 04:00:36 GMT

GET
H2 200 jquery.min.js Show response
irsasafety.com/template/bongda/bongda-ga/static/js/ 87 KB
30 KB 478ms
472ms Script
application/javascript 2606:4700:3037::ac43:98f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irsasafety.com/template/bongda/bongda-ga/static/js/jquery.min.js
Requested by: Host: irsasafety.com
URL: https://irsasafety.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:98f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path: /template/bongda/bongda-ga/static/js/jquery.min.js
pragma: no-cache
cookie: __cfduid=d446f02e2319d5e05ed535a2f1dc6c3c11620576035
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: irsasafety.com
referer: https://irsasafety.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://irsasafety.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:36 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09f374fc9700004e867a001000000001
last-modified: Fri, 29 Jan 2021 08:24:16 GMT
server: cloudflare
etag: W/"6013c630-15d98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=P4xbpe6yZwLyeHGmaMEI2s5%2FbM1%2BRaKKuBXwTMIltggedrB%2FXXw8vaWKmrXXX1PhNlr2zmZMYgApjLM%2FBVZihGTFOFbcfaZwnooLHSAveDAQG8DuVSwci5VpIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 64cc2440f8e14e86-FRA
expires: Mon, 10 May 2021 04:00:36 GMT

GET
H2 200 jquery-migrate.min.js Show response
irsasafety.com/template/bongda/bongda-ga/static/js/ 11 KB
4 KB 325ms
320ms Script
application/javascript 2606:4700:3037::ac43:98f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irsasafety.com/template/bongda/bongda-ga/static/js/jquery-migrate.min.js
Requested by: Host: irsasafety.com
URL: https://irsasafety.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:98f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /template/bongda/bongda-ga/static/js/jquery-migrate.min.js
pragma: no-cache
cookie: __cfduid=d446f02e2319d5e05ed535a2f1dc6c3c11620576035
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: irsasafety.com
referer: https://irsasafety.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://irsasafety.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:36 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09f374fc9700004e861b348000000001
last-modified: Fri, 29 Jan 2021 08:24:16 GMT
server: cloudflare
etag: W/"6013c630-2bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ogxXuRFz83wNeWmqMrFJt24xBqQlSOsXQAnqMSUdRqHPKIcu0j1WxrU1%2FrpJyzPzv5X9NVZCvohZq6kpT8prtWyjewouwees6YpBXbLP0eqnzly7YQiiAhwYZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 64cc2440f8e24e86-FRA
expires: Mon, 10 May 2021 04:00:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 51ms
30ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-179321326-15

Requested by

Host: irsasafety.com
URL: https://irsasafety.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

109cf6cada95661f559970676e345662a12d5924ca77602baa2f02a780615b82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://irsasafety.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35776
x-xss-protection: 0
last-modified: Sun, 09 May 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 09 May 2021 16:00:36 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 117 KB
45 KB 35ms
21ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DF1GKEY96C

Requested by

Host: irsasafety.com
URL: https://irsasafety.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

67ee488b6a6242a3fc1c572c2c15d557bd536859c39a530dae962d598ea95dce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://irsasafety.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:36 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46181
x-xss-protection: 0
expires: Sun, 09 May 2021 16:00:36 GMT

GET
H/1.1 200
OK 20980049.js Show response
js.users.51.la/ 5 KB
3 KB 829ms
273ms Script
application/javascript 122.228.91.87
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/20980049.js
Requested by: Host: irsasafety.com
URL: https://irsasafety.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 122.228.91.87 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: c81ea5cf92950ad183c84f52eb2e7525fde56fa02b3969207c51f82f0dbc9c5a

Request headers

Referer: https://irsasafety.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: 20980049
Date: Sun, 09 May 2021 16:00:36 GMT
Content-Encoding: gzip
X-Ws-Request-Id: 60980724_ianxin168_31641-20534
Age: 34111
Transfer-Encoding: chunked
X-Via: 1.1 zhshx11:5 (Cdn Cache Server V2.0)[0 200 0], 1.1 zhoudxin208:5 (Cdn Cache Server V2.0)[0 200 0], 1.1 ianxin170:1 (Cdn Cache Server V2.0)[0 200 0]
Content-Disposition: inline;filename=f.txt
Connection: keep-alive
Request-Id: 00000178A734A30F901979EF2E9C1D81
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSMuoAEOmeC+lkXD9jeSC06d2PXlmCRs
Last-Modified: Wed Nov 04 21:05:18 CST 2020
Server: nginx/1.14.0
ETag: "b5af7786e7c33b57165aee7f1031cb8d"
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
version-id: G0011175935C9195FFFF905570BF13FD

GET
H2 200 jwplayer.js Show response
irsasafety.com/template/bongda/bongda-ga/static/js/ 81 KB
25 KB 469ms
467ms Script
application/javascript 2606:4700:3037::ac43:98f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irsasafety.com/template/bongda/bongda-ga/static/js/jwplayer.js
Requested by: Host: irsasafety.com
URL: https://irsasafety.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:98f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04428792ed4940a77a3ee5a87f3792f15c42126a00fcbbd55b880b3693ee38c0

Request headers

:path: /template/bongda/bongda-ga/static/js/jwplayer.js
pragma: no-cache
cookie: __cfduid=d446f02e2319d5e05ed535a2f1dc6c3c11620576035
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: irsasafety.com
referer: https://irsasafety.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://irsasafety.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:36 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09f374fc9700004e868986f000000001
last-modified: Fri, 29 Jan 2021 08:24:16 GMT
server: cloudflare
etag: W/"6013c630-144e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fG8lghb1BbX01Mi9K%2F%2FkDn8XekOoldDs4A54cy%2BMXYnJHTlJ4L8KZQH4mug4X6rsEiUkOQfUhZuhSoLMn0u2%2Bv1N0Mblzdy4txdcK66%2BNE6RdApMlTKcd3i88w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 64cc2440f8e44e86-FRA
expires: Mon, 10 May 2021 04:00:36 GMT

GET wp-emoji-release.min.js
bongdatructiep.live/wp-includes/js/ 0
0

GET
H3-29 200 main.min_1.css
irsasafety.com/template/bongda/bongda-ga/static/css/ 3 KB
1 KB 326ms
325ms Stylesheet
text/css 2606:4700:3037::ac43:98f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irsasafety.com/template/bongda/bongda-ga/static/css/main.min_1.css
Requested by: Host: irsasafety.com
URL: https://irsasafety.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:98f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5978d7eee4b0fb37c9409a3315f1ca722ebd7dfd476a42e9efa8cb016c076414

Request headers

:path: /template/bongda/bongda-ga/static/css/main.min_1.css
pragma: no-cache
cookie: __cfduid=d446f02e2319d5e05ed535a2f1dc6c3c11620576035
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: irsasafety.com
referer: https://irsasafety.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://irsasafety.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:36 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09f374fd140000bea625075000000001
last-modified: Fri, 29 Jan 2021 08:24:16 GMT
server: cloudflare
etag: W/"6013c630-bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=48G8WNwuR%2BVffPDAKVR%2BltKz%2F318t2dcY6nYQ3qLgp4%2F5wo56Umd8IeLf%2FKWU0qPSzUa%2F7OQlfKTjU7extuEV%2B175hy7BnPDwwpRaHbMLd3w64t%2Flmh%2BcRF1pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 64cc2441bb6fbea6-FRA
expires: Mon, 10 May 2021 04:00:36 GMT

GET
H3-29 200 kk-star-ratings.js Show response
irsasafety.com/template/bongda/bongda-ga/static/js/ 2 KB
1 KB 323ms
322ms Script
application/javascript 2606:4700:3037::ac43:98f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irsasafety.com/template/bongda/bongda-ga/static/js/kk-star-ratings.js
Requested by: Host: irsasafety.com
URL: https://irsasafety.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:98f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8c0ce32234af999076b48518b249d477718550593a782e170f159477e8b4265

Request headers

:path: /template/bongda/bongda-ga/static/js/kk-star-ratings.js
pragma: no-cache
cookie: __cfduid=d446f02e2319d5e05ed535a2f1dc6c3c11620576035
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: irsasafety.com
referer: https://irsasafety.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://irsasafety.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:36 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09f374fd150000bea625076000000001
last-modified: Fri, 29 Jan 2021 08:24:16 GMT
server: cloudflare
etag: W/"6013c630-77f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PTqmYnPxckxxnapRXUyNcogja9exs8Z5hvvnnny%2FgV%2FGKaBut9Q0qOIwZn07KcmmwUXrzyVeRbuOxYi1zN%2Bmusgw%2BGib0vzLw%2FLGWWEGTD4nLzrpergBFLpr2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 64cc2441bb70bea6-FRA
expires: Mon, 10 May 2021 04:00:36 GMT

GET
H3-29 200 main.min.js Show response
irsasafety.com/template/bongda/bongda-ga/static/js/ 4 KB
2 KB 328ms
327ms Script
application/javascript 2606:4700:3037::ac43:98f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irsasafety.com/template/bongda/bongda-ga/static/js/main.min.js
Requested by: Host: irsasafety.com
URL: https://irsasafety.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:98f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 995456f7211327129612b97dc0a2baa2288f1e3065d1d6ed1882a0eb89d6baac

Request headers

:path: /template/bongda/bongda-ga/static/js/main.min.js
pragma: no-cache
cookie: __cfduid=d446f02e2319d5e05ed535a2f1dc6c3c11620576035
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: irsasafety.com
referer: https://irsasafety.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://irsasafety.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:36 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09f374fd150000bea6fc090000000001
last-modified: Fri, 29 Jan 2021 08:24:16 GMT
server: cloudflare
etag: W/"6013c630-e5e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WY5QjP3GxLbAoZAbZUf5WDuCxwHJPCMuRq6XGvjh4pa0b82WuwE6heo4mfQBNrj74ocCwRl6ZzbRtdQMFQZrYzOeudj4CoeZjDNbkQf6aKTzn8zwli6SofOVkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 64cc2441bb71bea6-FRA
expires: Mon, 10 May 2021 04:00:36 GMT

GET
H3-29 200 wp-embed.min.js Show response
irsasafety.com/template/bongda/bongda-ga/static/js/ 1 KB
1 KB 320ms
319ms Script
application/javascript 2606:4700:3037::ac43:98f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irsasafety.com/template/bongda/bongda-ga/static/js/wp-embed.min.js
Requested by: Host: irsasafety.com
URL: https://irsasafety.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:98f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

:path: /template/bongda/bongda-ga/static/js/wp-embed.min.js
pragma: no-cache
cookie: __cfduid=d446f02e2319d5e05ed535a2f1dc6c3c11620576035
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: irsasafety.com
referer: https://irsasafety.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://irsasafety.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:36 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09f374fd150000bea6180cf000000001
last-modified: Fri, 29 Jan 2021 08:24:16 GMT
server: cloudflare
etag: W/"6013c630-59a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dBF1ycSgse%2FLwOyyDYHGutU677QMRsCKOrYCEeG6xiXYY9GrVjkr3kjOfmOVP5zLto7sxRL6X8%2BGHMUjyLnG9McgMo5LPLhdyYGzWsMDpVn7z6gkLd%2BVYWwJjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 64cc2441bb72bea6-FRA
expires: Mon, 10 May 2021 04:00:36 GMT

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 39 KB
14 KB 1157ms
563ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?d40323711b6984a926545d38802f2dc1

Requested by

Host: irsasafety.com
URL: https://irsasafety.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

282748c62e6bd7ed63bf9616b5f5c9fb2810527c898280f8687b898ad06de530

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: https://irsasafety.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 09 May 2021 16:00:37 GMT
Content-Encoding: gzip
Server: apache
Etag: a10cb6c32dc86a205338b7d6c0352529
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 14042

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-179321326-15

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://irsasafety.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 5624
date: Sun, 09 May 2021 14:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sun, 09 May 2021 16:26:52 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 117 KB
45 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DF1GKEY96C&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-179321326-15

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

35a88631e0b3266161e220b40f0214ac2b5848a0669872265d0f6af4787bbc0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://irsasafety.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:36 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46147
x-xss-protection: 0
expires: Sun, 09 May 2021 16:00:36 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
350 B 33ms
13ms Ping
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-DF1GKEY96C&gtm=2oe4s0&_p=294724302&sr=1600x1200&ul=en-us&cid=698486280.1620576037&_s=1&dl=https%3A%2F%2Firsasafety.com%2F&dt=viva88%F0%9F%8E%96Nh%E1%BA%ADn%20%C4%90%E1%BB%8Bnh%20B%C3%B3ng%20%C4%90%C3%A1&sid=1620576036&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DF1GKEY96C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://irsasafety.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 09 May 2021 16:00:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://irsasafety.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET go1
ia.51.la/ 0
0

GET
H2 200 tag.min.js Show response
iclickcdn.com/ 56 KB
19 KB 44ms
26ms Script
application/javascript 2606:4700:20::681a:d76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iclickcdn.com/tag.min.js
Requested by: Host: irsasafety.com
URL: https://irsasafety.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 237b757471e0eda4c69dd3b31f44fc91f1b5ce56054617260250ec763ad89cd6

Request headers

Referer: https://irsasafety.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
age: 66902
access-control-allow-methods: GET, POST, OPTIONS
cf-request-id: 09f374ffec00004a920c8ba000000001
x-trace-id: c0edb55b2955b13cd1665d5b6f9a69e6
pragma: no-cache
last-modified: Tue, 04 May 2021 16:08:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q1KTlOcSggIG%2Fgk5pBuLRBWkgXXAs%2FAipjZpgtQ5NvcP9SYkGWXIdUGA4eGnWlj1dM1mET53g8XsZZZZ6LGDp2ZDN1k0mb%2Bn6L%2BCFUyBdZGHzRFnwi6GUz6n"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 64cc244649714a92-FRA
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Sun, 09 May 2021 21:25:34 GMT

GET
H2 200 phap.mp4
video.baobongda.online/2021/03/24/ Frame 75D7 0
0 605ms
564ms Document
video/mp4 2606:4700:3035::6815:55ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.baobongda.online/2021/03/24/phap.mp4?_=2
Requested by: Host: irsasafety.com
URL: https://irsasafety.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:55ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: video.baobongda.online
:scheme: https
:path: /2021/03/24/phap.mp4?_=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://irsasafety.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://irsasafety.com/

Response headers

date: Sun, 09 May 2021 16:00:37 GMT
content-type: video/mp4
content-length: 83784394
set-cookie: __cfduid=d8b5aee50a238b26accbfd23b8b2277201620576036; expires=Tue, 08-Jun-21 16:00:36 GMT; path=/; domain=.baobongda.online; HttpOnly; SameSite=Lax
last-modified: Wed, 24 Mar 2021 22:28:14 GMT
etag: "605bbcfe-4fe72ca"
accept-ranges: bytes
cf-cache-status: DYNAMIC
cf-request-id: 09f37500070000dffb65a65000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SeqdDwlq7YcCjucKBrOmLZSdARzyt2iC%2FL%2F2H1ue9LuACvKU1pQNOyFujEZVm0sPo5lufvMpB6j88l16bMVw%2FWCEJDel36rDEeY5uJ6XXo%2BDh9iZJqMS3OCdMyNYzUIkokvh"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64cc24467f48dffb-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 home.aspx Show response
cgnew.fts368.com/DomainNames/cgnew/ Frame 4BC7 2 KB
1 KB 1374ms
1347ms Document
text/html 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cgnew.fts368.com/DomainNames/cgnew/home.aspx?date=&sportType=&groupId=&mType=&oddsType=
Requested by: Host: irsasafety.com
URL: https://irsasafety.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 48f4297a72612db481aecf4ae45ae5f2ee01ad7bceacc2b74646cb245bef1393

Request headers

:method: GET
:authority: cgnew.fts368.com
:scheme: https
:path: /DomainNames/cgnew/home.aspx?date=&sportType=&groupId=&mType=&oddsType=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://irsasafety.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://irsasafety.com/

Response headers

date: Sun, 09 May 2021 16:00:38 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d41763a2379f094d59a368afe510732841620576036; expires=Tue, 08-Jun-21 16:00:36 GMT; path=/; domain=.fts368.com; HttpOnly; SameSite=Lax ASP.NET_SessionId=zgt20qo01uhujomz4hsmhs5h; path=/; SameSite=None; secure; HttpOnly; SameSite=None; SameSite=None; Secure language=en-US; expires=Mon, 09-May-2022 16:00:38 GMT; path=/; SameSite=None; secure; SameSite=None; Secure nginx=1902487744.47873.0000; expires=Sun, 16-May-2021 16:00:38 GMT; path=/
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cf-cache-status: DYNAMIC
cf-request-id: 09f374fff700004a970795d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64cc2446591c4a97-FRA
content-encoding: gzip

GET Da-ga-truc-tiep-thomo-hom-nay-sv388.jpg
irsasafety.com//wp-content/uploads/2021/01/ 0
0

GET
H3-29 200 inactive.svg
irsasafety.com/template/bongda/bongda-ga/static/fonts/ 39 KB
39 KB 534ms
534ms Image
text/html 2606:4700:3037::ac43:98f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://irsasafety.com/template/bongda/bongda-ga/static/fonts/inactive.svg
Requested by: Host: irsasafety.com
URL: https://irsasafety.com/template/bongda/bongda-ga/static/css/kk-star-ratings.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:98f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /template/bongda/bongda-ga/static/fonts/inactive.svg
pragma: no-cache
cookie: __cfduid=d446f02e2319d5e05ed535a2f1dc6c3c11620576035; _ga_DF1GKEY96C=GS1.1.1620576036.1.0.1620576036.0; _ga=GA1.1.698486280.1620576037; __tins__20980049=%7B%22sid%22%3A%201620576036820%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201620577836820%7D; __51cke__=; __51laig__=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: irsasafety.com
referer: https://irsasafety.com/template/bongda/bongda-ga/static/css/kk-star-ratings.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://irsasafety.com/template/bongda/bongda-ga/static/css/kk-star-ratings.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:37 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eXxhnFz8p11jSt23YfVsQNS65RAtOWf72I8Z3b3JAI517f%2BBSZhCFPa1eipQ1iGhuRGS%2BJXIHp7BiwAFdffRuSXU9LDcfjwLOGUFBUD0X%2BL6gGaXryyzgt%2Bakw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
cf-ray: 64cc24463dc3bea6-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09f374ffe50000bea6fcbb7000000001

GET
H3-29 200 selected.svg
irsasafety.com/template/bongda/bongda-ga/static/fonts/ 32 KB
32 KB 526ms
525ms Image
text/html 2606:4700:3037::ac43:98f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://irsasafety.com/template/bongda/bongda-ga/static/fonts/selected.svg
Requested by: Host: irsasafety.com
URL: https://irsasafety.com/template/bongda/bongda-ga/static/css/kk-star-ratings.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:98f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /template/bongda/bongda-ga/static/fonts/selected.svg
pragma: no-cache
cookie: __cfduid=d446f02e2319d5e05ed535a2f1dc6c3c11620576035; _ga_DF1GKEY96C=GS1.1.1620576036.1.0.1620576036.0; _ga=GA1.1.698486280.1620576037; __tins__20980049=%7B%22sid%22%3A%201620576036820%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201620577836820%7D; __51cke__=; __51laig__=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: irsasafety.com
referer: https://irsasafety.com/template/bongda/bongda-ga/static/css/kk-star-ratings.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://irsasafety.com/template/bongda/bongda-ga/static/css/kk-star-ratings.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:37 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bwLm7Xac2%2BxRBKP0%2B%2BBhfjPWVlEoPb3AQJrKbt3EF5l1h2RT6A2bFpdVID0yZsM5XhOi%2BwED0VSgz0ChEi5naRKK75QirJpQD%2BneuNqIRJAWEbhvGynWKNymBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
cf-ray: 64cc24463dc5bea6-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09f374ffe60000bea6ef25a000000001

GET
H2

200

u=2782742454,1144443786&fm=26&gp=0.jpg
ss0.bdstatic.com/70cFvHSh_Q1YnxGkpoWK1HF6hhy/it/
Redirect Chain

https://irsasafety.com/uploads/images/735558.jpg
https://ss0.bdstatic.com/70cFvHSh_Q1YnxGkpoWK1HF6hhy/it/u=2782742454,1144443786&fm=26&gp=0.jpg

33 KB
33 KB

1098ms
455ms

Image
image/jpeg

185.10.104.110
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ss0.bdstatic.com/70cFvHSh_Q1YnxGkpoWK1HF6hhy/it/u=2782742454,1144443786&fm=26&gp=0.jpg
Requested by: Host: irsasafety.com
URL: https://irsasafety.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.110 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 17ed671f280ca35ac42d2b37e14fb7f12d7771243bd38d59a42617241eb5bceb

Request headers

Referer: https://irsasafety.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:38 GMT
ohc-cache-hit: fra01-sys-jomo1.fra01.baidu.com [1]
ohc-response-time: 1 0 0 0 389 389
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: JSP3/2.0.14
etag: 8216157c85e4af32ce060d5806e60200
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 33851
expires: Wed, 09 Jun 2021 02:00:38 GMT

Redirect headers

date: Sun, 09 May 2021 16:00:37 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Va0l9RUghE%2B%2BcSEyNRu5rdLfiFD2JRyvROnLxD8WNr3qGQWe7Z09meRrnSiEsJ8cP8N4VIFVFNIpQ9%2FdMfhdaiZRrdICAjszLW6uTMJaD58mXWe60uqZnfC%2BEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpg; charset=UTF-8
location: https://ss0.bdstatic.com/70cFvHSh_Q1YnxGkpoWK1HF6hhy/it/u=2782742454,1144443786&fm=26&gp=0.jpg
cache-control: max-age=14400
cf-ray: 64cc24471e5cbea6-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09f37500720000bea6313ba000000001

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=294724302&t=pageview&_s=1&dl=https%3A%2F%2Firsasafety.com%2F&ul=en-us&de=UTF-8&dt=viva88%F0%9F%8E%96Nh%E1%BA%ADn%20%C4%90%E1%BB%8Bnh%20B%C3%B3ng%20%C4%90%C3%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1083291210&gjid=80433249&cid=698486280.1620576037&tid=UA-179321326-15&_gid=2020850896.1620576037&_r=1&gtm=2ou4s0&z=53220549

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://irsasafety.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 09 May 2021 16:00:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://irsasafety.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 403 / Show response
bedrapiona.com/5/3676589/ 382 B
777 B 205ms
63ms XHR
application/javascript 139.45.197.234
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bedrapiona.com/5/3676589/?oo=1
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: a9e26d3d2386ac8deff86ae68d8054ecaad583d7ccd4c2b4724f3bc7e47bb2f8

Request headers

Referer: https://irsasafety.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: bb743cadfb44e01698d7f5fb9c995b29
pragma: no-cache
date: Sun, 09 May 2021 16:00:37 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: https://irsasafety.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
content-length: 382
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 75D7 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 75D7 381 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 206 phap.mp4
video.baobongda.online/2021/03/24/ Frame 75D7 677 KB
0 575ms
563ms Media
video/mp4 2606:4700:3035::6815:55ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.baobongda.online/2021/03/24/phap.mp4?_=2
Requested by: Host: irsasafety.com
URL: https://irsasafety.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:55ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://video.baobongda.online/2021/03/24/phap.mp4?_=2
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 09 May 2021 16:00:38 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 24 Mar 2021 22:28:14 GMT
server: cloudflare
etag: "605bbcfe-4fe72ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yjqdvUm5yui8UE%2BXUyUD5wmR%2FyHgF%2B4E4jT9bHymkNH%2FkhYKmPfsBTdfyt27I3xy5d%2FSrMXJpW9qHG%2Fe4FPffy1%2BSED1QzNHqZ8wkullKz2xsIMtvv0lNmXo6LghU3A%2F6G%2Bf"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
Content-Range: bytes 0-83784393/83784394
cf-ray: 64cc244a1c324e44-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 83784394
cf-request-id: 09f375025000004e4403853000000001

GET
DATA 200
OK truncated
/ Frame 75D7 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 75D7 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 75D7 178 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 75D7 352 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f3592a8b8037ea064764a2815799612063c6722d314d1d66d3a9391c3c16d66

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 75D7 243 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 jquery.min.js Show response
cgnew.fts368.com/common/javascripts/ Frame 4BC7 125 KB
48 KB 20ms
20ms Script
application/x-javascript 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cgnew.fts368.com/common/javascripts/jquery.min.js?v=2102091707
Requested by: Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/DomainNames/cgnew/home.aspx?date=&sportType=&groupId=&mType=&oddsType=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c65324baa5e991ff23838e039569597eeab6feb0b2c8f5a44889360adf1b7b2f

Request headers

Referer: https://cgnew.fts368.com/DomainNames/cgnew/home.aspx?date=&sportType=&groupId=&mType=&oddsType=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:38 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2
x-powered-by: ASP.NET
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cf-request-id: 09f375054100004a972816f000000001
last-modified: Tue, 09 Feb 2021 09:07:16 GMT
server: cloudflare
etag: W/"0ba19f6c2fed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 64cc244ece3e4a97-FRA
expires: Sun, 09 May 2021 20:00:38 GMT

GET
H2 200 LeftEmpty.aspx Show response
cgnew.fts368.com/Mem/ Frame E778 927 B
885 B 2298ms
2298ms Document
text/html 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cgnew.fts368.com/Mem/LeftEmpty.aspx
Requested by: Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/DomainNames/cgnew/home.aspx?date=&sportType=&groupId=&mType=&oddsType=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 13aa36081323281e60d2a8b683bbc0e3fe3040cbf877752a2a194799a694922a

Request headers

:method: GET
:authority: cgnew.fts368.com
:scheme: https
:path: /Mem/LeftEmpty.aspx
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: frame
referer: https://cgnew.fts368.com/DomainNames/cgnew/home.aspx?date=&sportType=&groupId=&mType=&oddsType=
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ASP.NET_SessionId=zgt20qo01uhujomz4hsmhs5h; language=en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cgnew.fts368.com/DomainNames/cgnew/home.aspx?date=&sportType=&groupId=&mType=&oddsType=

Response headers

date: Sun, 09 May 2021 16:00:40 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=de4648d3e3d93f7ab714e3106b28b6ea71620576038; expires=Tue, 08-Jun-21 16:00:38 GMT; path=/; domain=.fts368.com; HttpOnly; SameSite=Lax nginx=1919264960.47873.0000; expires=Sun, 16-May-2021 16:00:40 GMT; path=/
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cf-cache-status: DYNAMIC
cf-request-id: 09f375056300004a973d114000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64cc244f0ec24a97-FRA
content-encoding: gzip

GET
H2 200 top.aspx Show response
cgnew.fts368.com/DomainNames/ID368CASH/ Frame C3EC 15 KB
5 KB 1335ms
1335ms Document
text/html 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cgnew.fts368.com/DomainNames/ID368CASH/top.aspx
Requested by: Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/DomainNames/cgnew/home.aspx?date=&sportType=&groupId=&mType=&oddsType=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 61f3830e11775119b0e3c35c7b4d492f371c0590509bf056550fd01df66a5e1e

Request headers

:method: GET
:authority: cgnew.fts368.com
:scheme: https
:path: /DomainNames/ID368CASH/top.aspx
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: frame
referer: https://cgnew.fts368.com/DomainNames/cgnew/home.aspx?date=&sportType=&groupId=&mType=&oddsType=
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ASP.NET_SessionId=zgt20qo01uhujomz4hsmhs5h; language=en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cgnew.fts368.com/DomainNames/cgnew/home.aspx?date=&sportType=&groupId=&mType=&oddsType=

Response headers

date: Sun, 09 May 2021 16:00:39 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=de4648d3e3d93f7ab714e3106b28b6ea71620576038; expires=Tue, 08-Jun-21 16:00:38 GMT; path=/; domain=.fts368.com; HttpOnly; SameSite=Lax nginx=1885710528.47873.0000; expires=Sun, 16-May-2021 16:00:39 GMT; path=/
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cf-cache-status: DYNAMIC
cf-request-id: 09f375056300004a97db2f1000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64cc244f0ec74a97-FRA
content-encoding: gzip

GET
H2 200 Left.aspx Show response
cgnew.fts368.com/MEM/ Frame AADF 8 KB
3 KB 1305ms
1305ms Document
text/html 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cgnew.fts368.com/MEM/Left.aspx
Requested by: Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/DomainNames/cgnew/home.aspx?date=&sportType=&groupId=&mType=&oddsType=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: af0ded43483ed7152f0d7a9cd569bb126a01300aa9c832683eb0b3ddf187f724

Request headers

:method: GET
:authority: cgnew.fts368.com
:scheme: https
:path: /MEM/Left.aspx
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: frame
referer: https://cgnew.fts368.com/DomainNames/cgnew/home.aspx?date=&sportType=&groupId=&mType=&oddsType=
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ASP.NET_SessionId=zgt20qo01uhujomz4hsmhs5h; language=en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cgnew.fts368.com/DomainNames/cgnew/home.aspx?date=&sportType=&groupId=&mType=&oddsType=

Response headers

date: Sun, 09 May 2021 16:00:39 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=de4648d3e3d93f7ab714e3106b28b6ea71620576038; expires=Tue, 08-Jun-21 16:00:38 GMT; path=/; domain=.fts368.com; HttpOnly; SameSite=Lax nginx=1868933312.47873.0000; expires=Sun, 16-May-2021 16:00:39 GMT; path=/
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cf-cache-status: DYNAMIC
cf-request-id: 09f375056500004a97c5172000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64cc244f0ec94a97-FRA
content-encoding: gzip

GET
H2 200 LeftEmpty.aspx Show response
cgnew.fts368.com/Mem/ Frame 5FE8 927 B
696 B 1300ms
1299ms Document
text/html 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cgnew.fts368.com/Mem/LeftEmpty.aspx
Requested by: Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/DomainNames/cgnew/home.aspx?date=&sportType=&groupId=&mType=&oddsType=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 13aa36081323281e60d2a8b683bbc0e3fe3040cbf877752a2a194799a694922a

Request headers

:method: GET
:authority: cgnew.fts368.com
:scheme: https
:path: /Mem/LeftEmpty.aspx
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: frame
referer: https://cgnew.fts368.com/DomainNames/cgnew/home.aspx?date=&sportType=&groupId=&mType=&oddsType=
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ASP.NET_SessionId=zgt20qo01uhujomz4hsmhs5h; language=en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cgnew.fts368.com/DomainNames/cgnew/home.aspx?date=&sportType=&groupId=&mType=&oddsType=

Response headers

date: Sun, 09 May 2021 16:00:39 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=de4648d3e3d93f7ab714e3106b28b6ea71620576038; expires=Tue, 08-Jun-21 16:00:38 GMT; path=/; domain=.fts368.com; HttpOnly; SameSite=Lax nginx=1919264960.47873.0000; expires=Sun, 16-May-2021 16:00:39 GMT; path=/
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cf-cache-status: DYNAMIC
cf-request-id: 09f375056400004a97be877000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64cc244f0ecc4a97-FRA
content-encoding: gzip

GET
H2 200 lang.aspx Show response
cgnew.fts368.com/ Frame 4BC7 71 KB
18 KB 1800ms
1800ms XHR
text/html 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cgnew.fts368.com/lang.aspx?m=0.5518204198790246&type=load-lang
Requested by: Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/common/javascripts/jquery.min.js?v=2102091707
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bc5c3051d574a8cd01baacd14a4df382d769b0149086419d711513731cb93ef9

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://cgnew.fts368.com/DomainNames/cgnew/home.aspx?date=&sportType=&groupId=&mType=&oddsType=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 May 2021 16:00:40 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
content-type: text/html; charset=UTF-8
cache-control: no-cache
cf-ray: 64cc244f0ed44a97-FRA
cf-request-id: 09f375056500004a97eb1ab000000001
expires: -1

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 392ms
392ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1101506834&si=d40323711b6984a926545d38802f2dc1&v=1.2.80&lv=1&sn=26559&r=0&ww=1600&ct=!!&u=https%3A%2F%2Firsasafety.com%2F&tt=viva88%F0%9F%8E%96Nh%E1%BA%ADn%20%C4%90%E1%BB%8Bnh%20B%C3%B3ng%20%C4%90%C3%A1

Requested by

Host: irsasafety.com
URL: https://irsasafety.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Referer: https://irsasafety.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 09 May 2021 16:00:38 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 206 phap.mp4
video.baobongda.online/2021/03/24/ Frame 75D7 214 KB
0 555ms
555ms Media
video/mp4 2606:4700:3035::6815:55ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.baobongda.online/2021/03/24/phap.mp4?_=2
Requested by: Host: irsasafety.com
URL: https://irsasafety.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:55ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://video.baobongda.online/2021/03/24/phap.mp4?_=2
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=688128-

Response headers

date: Sun, 09 May 2021 16:00:39 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 24 Mar 2021 22:28:14 GMT
server: cloudflare
etag: "605bbcfe-4fe72ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f5RkKPeP6%2F00Vg54yB6pY6EtlhtaroRgOVPPAAELdt70ZruC0siP11AOAVWOg7dqRuXeYsB13xMw3sV0tlnaE3YUlzLG3oBHTi8E2BkXCmrFKH8rkDU62%2FSK3X7N0I%2Fq0Kok"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
Content-Range: bytes 688128-83784393/83784394
cf-ray: 64cc24566878dffb-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 83096266
cf-request-id: 09f3750a040000dffbc5bcf000000001

GET
H2 200 common.css
cgnew.fts368.com/statics/css/ Frame 5FE8 774 B
634 B 13ms
12ms Stylesheet
text/css 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cgnew.fts368.com/statics/css/common.css?v=2102091707
Requested by: Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/Mem/LeftEmpty.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4392bfe4584e60cde047ed78eab9896010e7f439bc7e5a0ccfd3e81f2e28777b

Request headers

Referer: https://cgnew.fts368.com/Mem/LeftEmpty.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 0
x-powered-by: ASP.NET
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cf-request-id: 09f3750a8000004a9716318000000001
last-modified: Tue, 09 Feb 2021 09:07:18 GMT
server: cloudflare
etag: W/"0e74af7c2fed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 64cc24573c264a97-FRA
expires: Sun, 09 May 2021 20:00:39 GMT

GET
H2 200 blue.common.css
cgnew.fts368.com/app_themes/resources/blue/ Frame 5FE8 144 B
222 B 26ms
26ms Stylesheet
text/css 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cgnew.fts368.com/app_themes/resources/blue/blue.common.css?v=2105100000
Requested by: Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/Mem/LeftEmpty.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 023b9d07301a6d3bd456a0aa59d2d71c5a806925ef903e6fc94c5acc903626cf

Request headers

Referer: https://cgnew.fts368.com/Mem/LeftEmpty.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 0
x-powered-by: ASP.NET
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cf-request-id: 09f3750a8000004a973d198000000001
last-modified: Tue, 09 Feb 2021 09:07:16 GMT
server: cloudflare
etag: W/"0ba19f6c2fed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 64cc24573c274a97-FRA
expires: Sun, 09 May 2021 20:00:39 GMT

GET
H2 200 blue.left.css
cgnew.fts368.com/app_themes/resources/blue/ Frame AADF 19 KB
5 KB 19ms
18ms Stylesheet
text/css 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cgnew.fts368.com/app_themes/resources/blue/blue.left.css?v=2105100000
Requested by: Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/MEM/Left.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 42c461beaa323441b1a5a51b123b5568dcde27fe63ca41293460e384333f6d8e

Request headers

Referer: https://cgnew.fts368.com/MEM/Left.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 0
x-powered-by: ASP.NET
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cf-request-id: 09f3750a8300004a97ffbc9000000001
last-modified: Tue, 09 Feb 2021 09:07:16 GMT
server: cloudflare
etag: W/"0ba19f6c2fed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 64cc24573c324a97-FRA
expires: Sun, 09 May 2021 20:00:39 GMT

GET
H2 200 json2.00.js Show response
cgnew.fts368.com/Common/Javascripts/ Frame AADF 17 KB
6 KB 52ms
51ms Script
application/x-javascript 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cgnew.fts368.com/Common/Javascripts/json2.00.js
Requested by: Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/MEM/Left.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 76642a10dc2c7153be0cd951a6abdef9bd19f197fedcdfcbe44b0056559ff19b

Request headers

Referer: https://cgnew.fts368.com/MEM/Left.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 0
x-powered-by: ASP.NET
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cf-request-id: 09f3750a9500004a97e13f7000000001
last-modified: Tue, 09 Feb 2021 09:07:16 GMT
server: cloudflare
etag: W/"0ba19f6c2fed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 64cc24573c334a97-FRA
expires: Sun, 09 May 2021 20:00:39 GMT

GET
H2 200 jquery-1.4.2.fixed.js Show response
cgnew.fts368.com/Common/Javascripts/ Frame AADF 122 KB
39 KB 15ms
14ms Script
application/x-javascript 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cgnew.fts368.com/Common/Javascripts/jquery-1.4.2.fixed.js
Requested by: Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/MEM/Left.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b77bbea846a5c48f9047c0386db8f75ca304dc5e21a6a6d8e7308a7bbb9b4c57

Request headers

Referer: https://cgnew.fts368.com/MEM/Left.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 0
x-powered-by: ASP.NET
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cf-request-id: 09f3750a8300004a9715b59000000001
last-modified: Tue, 09 Feb 2021 09:07:16 GMT
server: cloudflare
etag: W/"0ba19f6c2fed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 64cc24573c344a97-FRA
expires: Sun, 09 May 2021 20:00:39 GMT

GET
H2 200 jquery.cookies.js Show response
cgnew.fts368.com/Common/Javascripts/ Frame AADF 4 KB
2 KB 14ms
13ms Script
application/x-javascript 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cgnew.fts368.com/Common/Javascripts/jquery.cookies.js
Requested by: Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/MEM/Left.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 57e2ca2a5dda246c34d3eb461dff33055a81dd3841769bd7657b6749d740e062

Request headers

Referer: https://cgnew.fts368.com/MEM/Left.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 0
x-powered-by: ASP.NET
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cf-request-id: 09f3750a8300004a97cc890000000001
last-modified: Tue, 09 Feb 2021 09:07:16 GMT
server: cloudflare
etag: W/"0ba19f6c2fed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 64cc24573c364a97-FRA
expires: Sun, 09 May 2021 20:00:39 GMT

GET
H2 200 AjaxWrapper.js Show response
cgnew.fts368.com/Common/Javascripts/ Frame AADF 8 KB
2 KB 17ms
15ms Script
application/x-javascript 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cgnew.fts368.com/Common/Javascripts/AjaxWrapper.js
Requested by: Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/MEM/Left.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f6190d51d3334bb9a576fc1e12182790f83978a453f1169830df9ce282e6bb38

Request headers

Referer: https://cgnew.fts368.com/MEM/Left.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 0
x-powered-by: ASP.NET
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cf-request-id: 09f3750a8800004a97149ca000000001
last-modified: Tue, 09 Feb 2021 09:07:16 GMT
server: cloudflare
etag: W/"0ba19f6c2fed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 64cc24574c424a97-FRA
expires: Sun, 09 May 2021 20:00:39 GMT

GET
H2 200 DelayExt.js Show response
cgnew.fts368.com/Common/Javascripts/ Frame AADF 501 B
463 B 19ms
17ms Script
application/x-javascript 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cgnew.fts368.com/Common/Javascripts/DelayExt.js
Requested by: Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/MEM/Left.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a187e5d4b8d11a59ea421fc06a80091bae46b3dbcd00d6f0a9006c1a2b9f1aef

Request headers

Referer: https://cgnew.fts368.com/MEM/Left.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 0
x-powered-by: ASP.NET
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cf-request-id: 09f3750a8c00004a97f414a000000001
last-modified: Tue, 09 Feb 2021 09:07:16 GMT
server: cloudflare
etag: W/"0ba19f6c2fed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 64cc24574c464a97-FRA
expires: Sun, 09 May 2021 20:00:39 GMT

GET
H2 200 TopMessage.js Show response
cgnew.fts368.com/Common/Javascripts/Main/ Frame AADF 10 KB
3 KB 17ms
16ms Script
application/x-javascript 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cgnew.fts368.com/Common/Javascripts/Main/TopMessage.js?v=2102091707
Requested by: Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/MEM/Left.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d3a39ffdb71bd1df974cd6c0a1dbee104dc37b8cb140c7d42803be57040adcda

Request headers

Referer: https://cgnew.fts368.com/MEM/Left.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 0
x-powered-by: ASP.NET
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cf-request-id: 09f3750a8800004a97c3b43000000001
last-modified: Tue, 09 Feb 2021 09:07:16 GMT
server: cloudflare
etag: W/"0ba19f6c2fed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 64cc24574c474a97-FRA
expires: Sun, 09 May 2021 20:00:39 GMT

GET
H2 200 LeftSportPanel.js Show response
cgnew.fts368.com/Common/Javascripts/Main/ Frame AADF 30 KB
10 KB 18ms
17ms Script
application/x-javascript 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cgnew.fts368.com/Common/Javascripts/Main/LeftSportPanel.js?v=2102091707
Requested by: Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/MEM/Left.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ffe4233b1e55dc334983c3c04a13b663f985b23d5e4a413e74ed751e5d23f3a2

Request headers

Referer: https://cgnew.fts368.com/MEM/Left.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 0
x-powered-by: ASP.NET
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cf-request-id: 09f3750a8a00004a97f21fe000000001
last-modified: Tue, 09 Feb 2021 09:07:16 GMT
server: cloudflare
etag: W/"0ba19f6c2fed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 64cc24574c484a97-FRA
expires: Sun, 09 May 2021 20:00:39 GMT

GET
H2 200 LeftFavorites.js Show response
cgnew.fts368.com/Common/Javascripts/Main/ Frame AADF 4 KB
2 KB 16ms
15ms Script
application/x-javascript 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cgnew.fts368.com/Common/Javascripts/Main/LeftFavorites.js?v=2102201549
Requested by: Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/MEM/Left.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cd0b13c72b18e71fd73cf5cbd9e9432ee7cf0756de096b8dd4663be373c62e82

Request headers

Referer: https://cgnew.fts368.com/MEM/Left.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 0
x-powered-by: ASP.NET
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cf-request-id: 09f3750a8a00004a97be8f2000000001
last-modified: Sat, 20 Feb 2021 07:49:46 GMT
server: cloudflare
etag: W/"0497f55c7d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 64cc24574c4a4a97-FRA
expires: Sun, 09 May 2021 20:00:39 GMT

GET
H2 200 LeftLoader.js Show response
cgnew.fts368.com/Common/Javascripts/Main/ Frame AADF 11 KB
4 KB 21ms
21ms Script
application/x-javascript 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cgnew.fts368.com/Common/Javascripts/Main/LeftLoader.js
Requested by: Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/MEM/Left.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4700420b47aaa4bb279a4fdbba1cc345867c8649bb21ba68835a4011a325c6ad

Request headers

Referer: https://cgnew.fts368.com/MEM/Left.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 0
x-powered-by: ASP.NET
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cf-request-id: 09f3750a8a00004a9720215000000001
last-modified: Tue, 09 Feb 2021 09:07:16 GMT
server: cloudflare
etag: W/"0ba19f6c2fed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 64cc24574c4b4a97-FRA
expires: Sun, 09 May 2021 20:00:39 GMT

GET
H2 200 live_center.gif
cgnew.fts368.com/app_themes/resources/blue/img/ Frame AADF 3 KB
4 KB 1301ms
1300ms Image
image/gif 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cgnew.fts368.com/app_themes/resources/blue/img/live_center.gif
Requested by: Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/app_themes/resources/blue/blue.left.css?v=2105100000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ba08ea9e306a985a2162b950a555f24242d1033701f2b9cb0870c0513136a963

Request headers

Referer: https://cgnew.fts368.com/app_themes/resources/blue/blue.left.css?v=2105100000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:40 GMT
cf-cache-status: REVALIDATED
x-powered-by: ASP.NET
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
content-length: 3486
cf-request-id: 09f3750ad500004a97c79a4000000001
last-modified: Tue, 09 Feb 2021 09:07:16 GMT
server: cloudflare
etag: "0ba19f6c2fed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 64cc2457bd7a4a97-FRA
expires: Sun, 09 May 2021 20:00:40 GMT

GET
H2 200 leftnavbg.png
cgnew.fts368.com/app_themes/resources/blue/img/ Frame AADF 319 B
409 B 1295ms
1294ms Image
image/png 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cgnew.fts368.com/app_themes/resources/blue/img/leftnavbg.png
Requested by: Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/app_themes/resources/blue/blue.left.css?v=2105100000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c4bf70b089f3457788fc6031736b35c06c45139afdf55186aec995fc4db124a1

Request headers

Referer: https://cgnew.fts368.com/app_themes/resources/blue/blue.left.css?v=2105100000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:40 GMT
cf-cache-status: REVALIDATED
x-powered-by: ASP.NET
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
content-length: 319
cf-request-id: 09f3750ad500004a9740b65000000001
last-modified: Tue, 09 Feb 2021 09:07:16 GMT
server: cloudflare
etag: "0ba19f6c2fed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 64cc2457bd7c4a97-FRA
expires: Sun, 09 May 2021 20:00:40 GMT

GET
H2 200 icon_odds.png
cgnew.fts368.com/app_themes/resources/blue/img/ Frame AADF 7 KB
7 KB 1298ms
1298ms Image
image/png 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cgnew.fts368.com/app_themes/resources/blue/img/icon_odds.png
Requested by: Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/app_themes/resources/blue/blue.left.css?v=2105100000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a41ac5c066b1e24a71f0c1d9c0018a3ba98c2cc36630c09fafd969c5e88c3bf0

Request headers

Referer: https://cgnew.fts368.com/app_themes/resources/blue/blue.left.css?v=2105100000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:40 GMT
cf-cache-status: REVALIDATED
x-powered-by: ASP.NET
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
content-length: 7497
cf-request-id: 09f3750ad600004a97db382000000001
last-modified: Tue, 09 Feb 2021 09:07:16 GMT
server: cloudflare
etag: "0ba19f6c2fed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 64cc2457bd7f4a97-FRA
expires: Sun, 09 May 2021 20:00:40 GMT

GET
H2 200 betlistbg.png
cgnew.fts368.com/app_themes/resources/blue/img/ Frame AADF 229 B
463 B 1256ms
1255ms Image
image/png 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cgnew.fts368.com/app_themes/resources/blue/img/betlistbg.png
Requested by: Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/app_themes/resources/blue/blue.left.css?v=2105100000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f98983672d130496071bf0468655e5421787a40dc8f41eb41ef1e759b804ae85

Request headers

Referer: https://cgnew.fts368.com/app_themes/resources/blue/blue.left.css?v=2105100000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:40 GMT
cf-cache-status: REVALIDATED
x-powered-by: ASP.NET
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
content-length: 229
cf-request-id: 09f3750ad600004a9733933000000001
last-modified: Tue, 09 Feb 2021 09:07:16 GMT
server: cloudflare
etag: "0ba19f6c2fed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 64cc2457bd814a97-FRA
expires: Sun, 09 May 2021 20:00:40 GMT

GET
H2 200 blue.top.css
cgnew.fts368.com/app_themes/resources/blue/ Frame C3EC 18 KB
6 KB 15ms
13ms Stylesheet
text/css 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cgnew.fts368.com/app_themes/resources/blue/blue.top.css?v=2105100000
Requested by: Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/DomainNames/ID368CASH/top.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d9964797f840e1db4874f95fa3737f902ea37c055752161ea01d3a7d4b4b50f6

Request headers

Referer: https://cgnew.fts368.com/DomainNames/ID368CASH/top.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 0
x-powered-by: ASP.NET
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cf-request-id: 09f3750ae900004a97281ea000000001
last-modified: Tue, 09 Feb 2021 09:07:16 GMT
server: cloudflare
etag: W/"0ba19f6c2fed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 64cc2457ddcd4a97-FRA
expires: Sun, 09 May 2021 20:00:39 GMT

GET
H2 200 jquery.qtip.css
cgnew.fts368.com/Common/Javascripts/jqueryplugin/qtip/ Frame C3EC 12 KB
4 KB 17ms
15ms Stylesheet
text/css 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cgnew.fts368.com/Common/Javascripts/jqueryplugin/qtip/jquery.qtip.css
Requested by: Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/DomainNames/ID368CASH/top.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2d0d927513c8975ffb06e63b4ecd037e0c76f922153a6866653c98f066d865ed

Request headers

Referer: https://cgnew.fts368.com/DomainNames/ID368CASH/top.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 0
x-powered-by: ASP.NET
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cf-request-id: 09f3750ae900004a9716322000000001
last-modified: Tue, 09 Feb 2021 09:07:16 GMT
server: cloudflare
etag: W/"0ba19f6c2fed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 64cc2457ddd04a97-FRA
expires: Sun, 09 May 2021 20:00:39 GMT

GET
H2 200 jquery.min.js Show response
cgnew.fts368.com/Common/Javascripts/ Frame C3EC 125 KB
47 KB 19ms
17ms Script
application/x-javascript 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cgnew.fts368.com/Common/Javascripts/jquery.min.js
Requested by: Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/DomainNames/ID368CASH/top.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c65324baa5e991ff23838e039569597eeab6feb0b2c8f5a44889360adf1b7b2f

Request headers

Referer: https://cgnew.fts368.com/DomainNames/ID368CASH/top.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 0
x-powered-by: ASP.NET
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cf-request-id: 09f3750aea00004a973e20c000000001
last-modified: Tue, 09 Feb 2021 09:07:16 GMT
server: cloudflare
etag: W/"0ba19f6c2fed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 64cc2457ddd34a97-FRA
expires: Sun, 09 May 2021 20:00:39 GMT

GET
H2 200 jquery.cookies.js Show response
cgnew.fts368.com/Common/Javascripts/ Frame C3EC 4 KB
2 KB 23ms
21ms Script
application/x-javascript 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cgnew.fts368.com/Common/Javascripts/jquery.cookies.js
Requested by: Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/DomainNames/ID368CASH/top.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 57e2ca2a5dda246c34d3eb461dff33055a81dd3841769bd7657b6749d740e062

Request headers

Referer: https://cgnew.fts368.com/DomainNames/ID368CASH/top.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 0
x-powered-by: ASP.NET
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cf-request-id: 09f3750aea00004a97f9961000000001
last-modified: Tue, 09 Feb 2021 09:07:16 GMT
server: cloudflare
etag: W/"0ba19f6c2fed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 64cc2457ddd74a97-FRA
expires: Sun, 09 May 2021 20:00:39 GMT

GET
H2 200 timer.js Show response
cgnew.fts368.com/Common/Javascripts/ Frame C3EC 2 KB
1 KB 15ms
13ms Script
application/x-javascript 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cgnew.fts368.com/Common/Javascripts/timer.js
Requested by: Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/DomainNames/ID368CASH/top.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 61ce3d1f6a9c9d09f82ab871470f7d672cd8c7234cd1912127d9b26d026b0865

Request headers

Referer: https://cgnew.fts368.com/DomainNames/ID368CASH/top.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 0
x-powered-by: ASP.NET
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cf-request-id: 09f3750aea00004a972aa59000000001
last-modified: Tue, 09 Feb 2021 09:07:16 GMT
server: cloudflare
etag: W/"0ba19f6c2fed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 64cc2457ddd94a97-FRA
expires: Sun, 09 May 2021 20:00:39 GMT

GET
H2 200 formatter.js Show response
cgnew.fts368.com/New/assets/js/ Frame C3EC 8 KB
2 KB 22ms
21ms Script
application/x-javascript 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cgnew.fts368.com/New/assets/js/formatter.js
Requested by: Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/DomainNames/ID368CASH/top.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 501aa55074a5fdfd0bfc89cee6a74a3c08100e33c92767743faa570332f824f4

Request headers

Referer: https://cgnew.fts368.com/DomainNames/ID368CASH/top.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 0
x-powered-by: ASP.NET
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cf-request-id: 09f3750aea00004a970e056000000001
last-modified: Tue, 09 Feb 2021 09:07:16 GMT
server: cloudflare
etag: W/"0ba19f6c2fed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 64cc2457dddc4a97-FRA
expires: Sun, 09 May 2021 20:00:39 GMT

GET
H2 200 DelayExt.js Show response
cgnew.fts368.com/Common/Javascripts/ Frame C3EC 501 B
383 B 15ms
14ms Script
application/x-javascript 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cgnew.fts368.com/Common/Javascripts/DelayExt.js
Requested by: Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/DomainNames/ID368CASH/top.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a187e5d4b8d11a59ea421fc06a80091bae46b3dbcd00d6f0a9006c1a2b9f1aef

Request headers

Referer: https://cgnew.fts368.com/DomainNames/ID368CASH/top.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 0
x-powered-by: ASP.NET
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cf-request-id: 09f3750aeb00004a970ea41000000001
last-modified: Tue, 09 Feb 2021 09:07:16 GMT
server: cloudflare
etag: W/"0ba19f6c2fed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 64cc2457ddde4a97-FRA
expires: Sun, 09 May 2021 20:00:39 GMT

GET
H2 200 TopMessage.js Show response
cgnew.fts368.com/Common/Javascripts/Main/ Frame C3EC 10 KB
3 KB 20ms
18ms Script
application/x-javascript 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cgnew.fts368.com/Common/Javascripts/Main/TopMessage.js?v=2102091707
Requested by: Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/DomainNames/ID368CASH/top.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d3a39ffdb71bd1df974cd6c0a1dbee104dc37b8cb140c7d42803be57040adcda

Request headers

Referer: https://cgnew.fts368.com/DomainNames/ID368CASH/top.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 0
x-powered-by: ASP.NET
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cf-request-id: 09f3750aeb00004a97d2247000000001
last-modified: Tue, 09 Feb 2021 09:07:16 GMT
server: cloudflare
etag: W/"0ba19f6c2fed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 64cc2457dddf4a97-FRA
expires: Sun, 09 May 2021 20:00:39 GMT

GET
H2 200 CashTop.js Show response
cgnew.fts368.com/Common/Javascripts/CashMem/ Frame C3EC 9 KB
3 KB 20ms
19ms Script
application/x-javascript 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cgnew.fts368.com/Common/Javascripts/CashMem/CashTop.js?v=2102091707
Requested by: Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/DomainNames/ID368CASH/top.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 58be028355bab9b26ca70b4bc5ba02a20fbf40e4b76c9943b0e615007fd87889

Request headers

Referer: https://cgnew.fts368.com/DomainNames/ID368CASH/top.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 0
x-powered-by: ASP.NET
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cf-request-id: 09f3750aed00004a97cc89a000000001
last-modified: Tue, 09 Feb 2021 09:07:16 GMT
server: cloudflare
etag: W/"0ba19f6c2fed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 64cc2457dde24a97-FRA
expires: Sun, 09 May 2021 20:00:39 GMT

GET
H2 200 jquery.qtip.min.js Show response
cgnew.fts368.com/Common/Javascripts/jqueryplugin/qtip/ Frame C3EC 40 KB
17 KB 20ms
20ms Script
application/x-javascript 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cgnew.fts368.com/Common/Javascripts/jqueryplugin/qtip/jquery.qtip.min.js
Requested by: Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/DomainNames/ID368CASH/top.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 39c147504114d5181c8b72e5873a46315b7d8c9960fa84c3ee7a478f25afc1ef

Request headers

Referer: https://cgnew.fts368.com/DomainNames/ID368CASH/top.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 0
x-powered-by: ASP.NET
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cf-request-id: 09f3750aee00004a97eba65000000001
last-modified: Tue, 09 Feb 2021 09:07:16 GMT
server: cloudflare
etag: W/"0ba19f6c2fed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 64cc2457dde84a97-FRA
expires: Sun, 09 May 2021 20:00:39 GMT

GET
H2 200 jquery.marquee.js Show response
cgnew.fts368.com/Common/Javascripts/ Frame C3EC 7 KB
2 KB 21ms
20ms Script
application/x-javascript 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cgnew.fts368.com/Common/Javascripts/jquery.marquee.js
Requested by: Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/DomainNames/ID368CASH/top.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9f22ae60bc1d592634ef9942f3e79844b737259b6aac24b263d7ffdba2fe81bc

Request headers

Referer: https://cgnew.fts368.com/DomainNames/ID368CASH/top.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 0
x-powered-by: ASP.NET
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cf-request-id: 09f3750aed00004a97db385000000001
last-modified: Tue, 09 Feb 2021 09:07:16 GMT
server: cloudflare
etag: W/"0ba19f6c2fed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 64cc2457ddea4a97-FRA
expires: Sun, 09 May 2021 20:00:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame C3EC 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/DomainNames/ID368CASH/top.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cgnew.fts368.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 5627
date: Sun, 09 May 2021 14:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sun, 09 May 2021 16:26:52 GMT

GET
H2 200 common.css
cgnew.fts368.com/statics/css/ Frame E778 774 B
497 B 15ms
15ms Stylesheet
text/css 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cgnew.fts368.com/statics/css/common.css?v=2102091707
Requested by: Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/Mem/LeftEmpty.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4392bfe4584e60cde047ed78eab9896010e7f439bc7e5a0ccfd3e81f2e28777b

Request headers

Referer: https://cgnew.fts368.com/Mem/LeftEmpty.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:40 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1
x-powered-by: ASP.NET
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cf-request-id: 09f3750e6200004a97ebac4000000001
last-modified: Tue, 09 Feb 2021 09:07:18 GMT
server: cloudflare
etag: W/"0e74af7c2fed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 64cc245d6c784a97-FRA
expires: Sun, 09 May 2021 20:00:40 GMT

GET
H2 200 blue.common.css
cgnew.fts368.com/app_themes/resources/blue/ Frame E778 144 B
422 B 13ms
13ms Stylesheet
text/css 2606:4700::6812:9124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cgnew.fts368.com/app_themes/resources/blue/blue.common.css?v=2105100000
Requested by: Host: cgnew.fts368.com
URL: https://cgnew.fts368.com/Mem/LeftEmpty.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:9124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 023b9d07301a6d3bd456a0aa59d2d71c5a806925ef903e6fc94c5acc903626cf

Request headers

Referer: https://cgnew.fts368.com/Mem/LeftEmpty.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 16:00:40 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1
x-powered-by: ASP.NET
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
cf-request-id: 09f3750e6000004a9716388000000001
last-modified: Tue, 09 Feb 2021 09:07:16 GMT
server: cloudflare
etag: W/"0ba19f6c2fed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 64cc245d6c7c4a97-FRA
expires: Sun, 09 May 2021 20:00:40 GMT

GET
H3-29 206 phap.mp4
video.baobongda.online/2021/03/24/ Frame 75D7 100 KB
0 574ms
573ms Media
video/mp4 2606:4700:3035::6815:55ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.baobongda.online/2021/03/24/phap.mp4?_=2
Requested by: Host: irsasafety.com
URL: https://irsasafety.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:55ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://video.baobongda.online/2021/03/24/phap.mp4?_=2
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=884736-

Response headers

date: Sun, 09 May 2021 16:00:41 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 24 Mar 2021 22:28:14 GMT
server: cloudflare
etag: "605bbcfe-4fe72ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=h3Hu0jmJFuVo4hYwjdp59YZA52hPdOhoWWoECX9H5GGhtxUqzjjzkoLZcgpsLSoXUE%2FaGhb6g%2BbuGpi92RXnAUP%2BB4%2BnKHbMdfvJiDQrGDac1S8bXhZAwgr%2FTcCajJZawekF"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
Content-Range: bytes 884736-83784393/83784394
cf-ray: 64cc245f08464e44-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 82899658
cf-request-id: 09f3750f6100004e44eba36000000001

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bongdatructiep.live
URL: https://bongdatructiep.live/wp-includes/js/wp-emoji-release.min.js?ver=5.6

Domain: ia.51.la
URL: https://ia.51.la/go1?id=20980049&rt=1620576036820&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=viva88%25E3%2580%2590HS%25E3%2580%2591d%25E1%25BB%25B1%2520%25C4%2591o%25C3%25A1n%2520t%25E1%25BB%2589%2520s%25E1%25BB%2591%2520ch%25C3%25ADnh%2520&ing=1&ekc=&sid=1620576036820&tt=viva88%25F0%259F%258E%2596Nh%25E1%25BA%25ADn%2520%25C4%2590%25E1%25BB%258Bnh%2520B%25C3%25B3ng%2520%25C4%2590%25C3%25A1&kw=viva88&cu=https%253A%252F%252Firsasafety.com%252F&pu=

Domain: irsasafety.com
URL: http://irsasafety.com//wp-content/uploads/2021/01/Da-ga-truc-tiep-thomo-hom-nay-sv388.jpg

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://irsasafety.com/template/bongda/bongda-ga/static/js/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bedrapiona.com
bongdatructiep.live
cgnew.fts368.com
hm.baidu.com
ia.51.la
iclickcdn.com
irsasafety.com
js.users.51.la
ss0.bdstatic.com
video.baobongda.online
www.google-analytics.com
www.googletagmanager.com
bongdatructiep.live
ia.51.la
irsasafety.com
103.235.46.191
122.228.91.87
139.45.197.234
185.10.104.110
2606:4700:20::681a:d76
2606:4700:3035::6815:55ed
2606:4700:3037::ac43:98f9
2606:4700::6812:9124
2a00:1450:4001:811::2008
2a00:1450:4001:828::200e
023b9d07301a6d3bd456a0aa59d2d71c5a806925ef903e6fc94c5acc903626cf
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04428792ed4940a77a3ee5a87f3792f15c42126a00fcbbd55b880b3693ee38c0
109cf6cada95661f559970676e345662a12d5924ca77602baa2f02a780615b82
13aa36081323281e60d2a8b683bbc0e3fe3040cbf877752a2a194799a694922a
17ed671f280ca35ac42d2b37e14fb7f12d7771243bd38d59a42617241eb5bceb
237b757471e0eda4c69dd3b31f44fc91f1b5ce56054617260250ec763ad89cd6
282748c62e6bd7ed63bf9616b5f5c9fb2810527c898280f8687b898ad06de530
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d0d927513c8975ffb06e63b4ecd037e0c76f922153a6866653c98f066d865ed
35a88631e0b3266161e220b40f0214ac2b5848a0669872265d0f6af4787bbc0b
39c147504114d5181c8b72e5873a46315b7d8c9960fa84c3ee7a478f25afc1ef
3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16
42c461beaa323441b1a5a51b123b5568dcde27fe63ca41293460e384333f6d8e
4392bfe4584e60cde047ed78eab9896010e7f439bc7e5a0ccfd3e81f2e28777b
4700420b47aaa4bb279a4fdbba1cc345867c8649bb21ba68835a4011a325c6ad
48f4297a72612db481aecf4ae45ae5f2ee01ad7bceacc2b74646cb245bef1393
501aa55074a5fdfd0bfc89cee6a74a3c08100e33c92767743faa570332f824f4
57e2ca2a5dda246c34d3eb461dff33055a81dd3841769bd7657b6749d740e062
58be028355bab9b26ca70b4bc5ba02a20fbf40e4b76c9943b0e615007fd87889
5978d7eee4b0fb37c9409a3315f1ca722ebd7dfd476a42e9efa8cb016c076414
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981
5f3592a8b8037ea064764a2815799612063c6722d314d1d66d3a9391c3c16d66
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
61ce3d1f6a9c9d09f82ab871470f7d672cd8c7234cd1912127d9b26d026b0865
61f3830e11775119b0e3c35c7b4d492f371c0590509bf056550fd01df66a5e1e
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82
67ee488b6a6242a3fc1c572c2c15d557bd536859c39a530dae962d598ea95dce
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
76642a10dc2c7153be0cd951a6abdef9bd19f197fedcdfcbe44b0056559ff19b
7e545a7e4d7f69a26daa026799b6ab7caea7cfe6aa822b0038f63c14a5f69cf1
995456f7211327129612b97dc0a2baa2288f1e3065d1d6ed1882a0eb89d6baac
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae
9f22ae60bc1d592634ef9942f3e79844b737259b6aac24b263d7ffdba2fe81bc
a187e5d4b8d11a59ea421fc06a80091bae46b3dbcd00d6f0a9006c1a2b9f1aef
a20b0ab31c071a30832dc7c308a1409359539fc957dd93fb047b1c95703d1ce6
a41ac5c066b1e24a71f0c1d9c0018a3ba98c2cc36630c09fafd969c5e88c3bf0
a9e26d3d2386ac8deff86ae68d8054ecaad583d7ccd4c2b4724f3bc7e47bb2f8
af0ded43483ed7152f0d7a9cd569bb126a01300aa9c832683eb0b3ddf187f724
b77bbea846a5c48f9047c0386db8f75ca304dc5e21a6a6d8e7308a7bbb9b4c57
b8c0ce32234af999076b48518b249d477718550593a782e170f159477e8b4265
ba08ea9e306a985a2162b950a555f24242d1033701f2b9cb0870c0513136a963
baa8d3bd604f2a4a1ac557a89e045db73777eeb824c3e30d6fd1447415ab7a69
bc5c3051d574a8cd01baacd14a4df382d769b0149086419d711513731cb93ef9
c4bf70b089f3457788fc6031736b35c06c45139afdf55186aec995fc4db124a1
c65324baa5e991ff23838e039569597eeab6feb0b2c8f5a44889360adf1b7b2f
c81ea5cf92950ad183c84f52eb2e7525fde56fa02b3969207c51f82f0dbc9c5a
cd0b13c72b18e71fd73cf5cbd9e9432ee7cf0756de096b8dd4663be373c62e82
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3a39ffdb71bd1df974cd6c0a1dbee104dc37b8cb140c7d42803be57040adcda
d9964797f840e1db4874f95fa3737f902ea37c055752161ea01d3a7d4b4b50f6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
f6190d51d3334bb9a576fc1e12182790f83978a453f1169830df9ce282e6bb38
f98983672d130496071bf0468655e5421787a40dc8f41eb41ef1e759b804ae85
fc13d07c9b6ca393ac3bcdba88bbdfa8d4f50304f1a22e43fb89722150136a4f
ffe4233b1e55dc334983c3c04a13b663f985b23d5e4a413e74ed751e5d23f3a2

irsasafety.com Open in urlscan Pro 2606:4700:3037::ac43:98f9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

70 Requests

96 %HTTPS

60 %IPv6

11 Domains

12 Subdomains

11 IPs

5 Countries

650 kBTransfer

2631 kBSize

0 Cookies

0 Outgoing links

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

irsasafety.com Open in urlscan Pro
2606:4700:3037::ac43:98f9 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

96 %
HTTPS

60 %
IPv6

11
Domains

12
Subdomains

11
IPs

5
Countries

650 kB
Transfer

2631 kB
Size

0
Cookies

70 HTTP transactions
7 data transactions