96ccd.com Open in urlscan Pro
34.49.148.218 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mypure.at/
Effective URL:
https://96ccd.com/?ma_token=vSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk&channel_id=60008360&s2s.req_id=ErAPDTNNPjeht4xM63YYJZ
Submission: On December 27 via manual (December 27th 2024, 4:48:53 pm UTC) from LV — Scanned from AT

Summary HTTP 105 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 6 countries across 19 domains to perform 105 HTTP transactions. The main IP is 34.49.148.218, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is 96ccd.com.
TLS certificate: Issued by WR3 on December 18th 2024. Valid for: 3 months.

This is the only time 96ccd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	37.221.212.181 37.221.212.181	41075 (ATW-AS AT...) (ATW-AS ATW Internet Kft.)
1	194.1.147.36 194.1.147.36	210250 (WPX K Med...) (WPX K Media Tech Ltd.)
1 2	104.21.55.169 104.21.55.169	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	77.37.34.62 77.37.34.62	47583 (AS-HOSTIN...) (AS-HOSTINGER Hostinger International Limited)
2 14	104.18.23.222 104.18.23.222	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.70.16.242 3.70.16.242	16509 (AMAZON-02) (AMAZON-02)
1 1	104.18.190.136 104.18.190.136	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	34.49.148.218 34.49.148.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.111.76.58 34.111.76.58	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	142.250.185.232 142.250.185.232	15169 (GOOGLE) (GOOGLE)
12	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
1	18.66.102.53 18.66.102.53	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.39 143.204.215.39	16509 (AMAZON-02) (AMAZON-02)
11	2.16.183.132 2.16.183.132	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
2	104.21.17.84 104.21.17.84	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
1	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
1	13.33.187.74 13.33.187.74	16509 (AMAZON-02) (AMAZON-02)
22	157.240.253.35 157.240.253.35	32934 (FACEBOOK) (FACEBOOK)
105	19

1 37.221.212.181 (Hungary) 1 redirects

ASN41075 (ATW-AS ATW Internet Kft., HU)
PTR: s04.habana.hu

mypure.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.1.147.36 (Manchester, United Kingdom)

ASN210250 (WPX K Media Tech Ltd., BG)
PTR: wpx.net

wimberleylibrary.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.55.169 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

wwp.psmad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.37.34.62 (Manchester, United Kingdom)

ASN47583 (AS-HOSTINGER Hostinger International Limited, CY)

akumahapa.technologi.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
matigan.technologi.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.18.23.222 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

whomeenoaglauns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.70.16.242 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-70-16-242.eu-central-1.compute.amazonaws.com

www.brgdtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.190.136 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

record.96.partners	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 34.49.148.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.148.49.34.bc.googleusercontent.com

96ccd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.76.58 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 58.76.111.34.bc.googleusercontent.com

api.dpbms5h.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-39.fra53.r.cloudfront.net

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2.16.183.132 (Hamburg, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a2-16-183-132.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.17.84 (None, )

ASN13335 (CLOUDFLARENET, US)

adscool.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)

20861020p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.187.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-74.fra60.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	96ccd.com 96ccd.com	1 MB
22	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	2 KB
14	whomeenoaglauns.com 2 redirects whomeenoaglauns.com	32 KB
12	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	106 KB
11	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 799	245 KB
6	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3353
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	296 KB
2	adscool.net adscool.net — Cisco Umbrella Rank: 163894	5 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 888 script.hotjar.com — Cisco Umbrella Rank: 1185	61 KB
2	dpbms5h.club api.dpbms5h.club	4 KB
2	brgdtracking.com www.brgdtracking.com	1 KB
2	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 10565	2 KB
2	technologi.site akumahapa.technologi.site matigan.technologi.site	2 KB
2	psmad.com 1 redirects wwp.psmad.com	3 KB
1	rfihub.com 20861020p.rfihub.com
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 4931	6 KB
1	96.partners 1 redirects record.96.partners	533 B
1	wimberleylibrary.org wimberleylibrary.org	540 B
1	mypure.at 1 redirects mypure.at	377 B
105	19

	Domain	Requested by
23	96ccd.com	96ccd.com
22	www.facebook.com
14	whomeenoaglauns.com	2 redirects matigan.technologi.site whomeenoaglauns.com
12	connect.facebook.net	wimberleylibrary.org connect.facebook.net
11	analytics.tiktok.com	wimberleylibrary.org analytics.tiktok.com
6	region1.google-analytics.com	www.googletagmanager.com
3	www.googletagmanager.com	96ccd.com www.googletagmanager.com
2	adscool.net	wimberleylibrary.org adscool.net
2	api.dpbms5h.club	96ccd.com
2	www.brgdtracking.com
2	my.rtmark.net	whomeenoaglauns.com
2	wwp.psmad.com	1 redirects wimberleylibrary.org
1	script.hotjar.com	static.hotjar.com
1	20861020p.rfihub.com	c1.rfihub.net
1	c1.rfihub.net	wimberleylibrary.org
1	static.hotjar.com	wimberleylibrary.org
1	record.96.partners	1 redirects
1	matigan.technologi.site
1	akumahapa.technologi.site	wwp.psmad.com
1	wimberleylibrary.org
1	mypure.at	1 redirects
105	21

This site contains no links.

Subject Issuer	Validity	Valid
wimberleylibrary.org R10	`2024-11-15` - `2025-02-13`	3 months	crt.sh
psmad.com WE1	`2024-11-02` - `2025-01-31`	3 months	crt.sh
akumahapa.technologi.site R10	`2024-11-30` - `2025-02-28`	3 months	crt.sh
matigan.technologi.site ZeroSSL RSA Domain Secure Site CA	`2024-12-04` - `2025-03-04`	3 months	crt.sh
whomeenoaglauns.com WE1	`2024-12-21` - `2025-03-21`	3 months	crt.sh
my.rtmark.net WE1	`2024-11-06` - `2025-02-04`	3 months	crt.sh
www.brgdtracking.com R11	`2024-10-22` - `2025-01-20`	3 months	crt.sh
96ccd.com WR3	`2024-12-18` - `2025-03-18`	3 months	crt.sh
api.dpbms5h.club Sectigo RSA Domain Validation Secure Server CA	`2024-07-10` - `2025-07-10`	a year	crt.sh
*.google-analytics.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-10-05` - `2025-01-03`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.rfihub.net Amazon RSA 2048 M03	`2024-09-30` - `2025-10-29`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
adscool.net WE1	`2024-12-13` - `2025-03-13`	3 months	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2024-04-08` - `2025-04-27`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://96ccd.com/?ma_token=vSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk&channel_id=60008360&s2s.req_id=ErAPDTNNPjeht4xM63YYJZ
Frame ID: E5085E5FE3092E11D9F1298B5E2B2105
Requests: 92 HTTP requests in this frame

Frame: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56
Frame ID: 6FCDA2E60F9C3D48B8C809FAE33E878F
Requests: 13 HTTP requests in this frame

Frame: https://20861020p.rfihub.com/ca.html?ver=9&rb=52593&ca=20861020&_o=52593&_t=20861020&pe=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DvSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DErAPDTNNPjeht4xM63YYJZ%23%2F&pf=https%3A%2F%2Fwww.brgdtracking.com%2F&ra=11802693553738086
Frame ID: 46A4757ADD9FD611657C49D4107B1AE0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Landing

Page URL History Show full URLs

https://mypure.at/ HTTP 302
https://wimberleylibrary.org/dup-installer/karo-pride/ Page URL
https://wwp.psmad.com/redirect-zone/76133339 Page URL
https://wwp.psmad.com/zone/76133339?frame=0&ancestorOrigins=0&originalReferrer=https%3A%2F%2Fwimbe... HTTP 307
https://akumahapa.technologi.site/ Page URL
https://matigan.technologi.site/?Referer=douban.com Page URL
https://whomeenoaglauns.com/4/8540500 Page URL
https://whomeenoaglauns.com/?z=8540500&syncedCookie=true&rhd=false HTTP 302
https://whomeenoaglauns.com/4/6118780?var=8540500&btz=Europe/Vienna&bto=-60&bar=x Page URL
https://whomeenoaglauns.com/?z=6118780&syncedCookie=true&rhd=false HTTP 302
https://www.brgdtracking.com/go/f717918a-590a-496d-bed3-4953115842ea?cost=0.002955&visitor_id=89655180139... Page URL
https://record.96.partners/_Eg4yvmL2GO-l43LEo86vh2Nd7ZgqdRLk/1/?channel_id=60008360&s2s.req_id=ErAPDTNN... HTTP 301
https://96ccd.com/?ma_token=vSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk&channel_id=60008360&s2s.req_id=Er... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

105
Requests

100 %
HTTPS

0 %
IPv6

19
Domains

21
Subdomains

19
IPs

6
Countries

1981 kB
Transfer

6091 kB
Size

37
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mypure.at/ HTTP 302
https://wimberleylibrary.org/dup-installer/karo-pride/ Page URL
https://wwp.psmad.com/redirect-zone/76133339 Page URL
https://wwp.psmad.com/zone/76133339?frame=0&ancestorOrigins=0&originalReferrer=https%3A%2F%2Fwimberleylibrary.org%2F&v=VBVScGlbE9%2F78sefHnMKEVY94fAIOmYXAmz3bou2NqBx26gtMKz0AHYTcEZXI%2BsWm%2BFRv59Da2MB0v%2BXh%2BQZP3rHhSSva%2FdQumLQitfc9RWDxuzUhRud5aZNJ8%2FM9Bb78rlsXSYNvgqfj5e%2BxtgY7h18SEKZo1gfZ4eg4ZH7Rs4A8wEtgUkF4MuG9W%2ByM8%2BTXf%2B9HpSQqN8ddvrz8nZ1rB02ayH9DeCPKWEL98hYf5SMlxfSdgrYR3xYjOF7WMyfXpZcIAqlZ27BvBIdjnNRvr5YAbLXsyixoFr7FGkF%2Bw97yMlxWk3OszP6qN3GJdvYMdj6yXzMM%2Bbm2kBvIM47Ww%3D%3D&st=1735318124502&uuid=fed58752-978c-4cca-a302-b00c6ee2b7f8 HTTP 307
https://akumahapa.technologi.site/ Page URL
https://matigan.technologi.site/?Referer=douban.com Page URL
https://whomeenoaglauns.com/4/8540500 Page URL
https://whomeenoaglauns.com/?z=8540500&syncedCookie=true&rhd=false HTTP 302
https://whomeenoaglauns.com/4/6118780?var=8540500&btz=Europe/Vienna&bto=-60&bar=x Page URL
https://whomeenoaglauns.com/?z=6118780&syncedCookie=true&rhd=false HTTP 302
https://www.brgdtracking.com/go/f717918a-590a-496d-bed3-4953115842ea?cost=0.002955&visitor_id=896551801397187271&zoneid=6118780&bannerid=22762180&country=AT&os=linux&user_activity=high&campaignid=8954331 Page URL
https://record.96.partners/_Eg4yvmL2GO-l43LEo86vh2Nd7ZgqdRLk/1/?channel_id=60008360&s2s.req_id=ErAPDTNNPjeht4xM63YYJZ HTTP 301
https://96ccd.com/?ma_token=vSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk&channel_id=60008360&s2s.req_id=ErAPDTNNPjeht4xM63YYJZ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://mypure.at/ HTTP 302
https://wimberleylibrary.org/dup-installer/karo-pride/

Request Chain 2

https://wwp.psmad.com/zone/76133339?frame=0&ancestorOrigins=0&originalReferrer=https%3A%2F%2Fwimberleylibrary.org%2F&v=VBVScGlbE9%2F78sefHnMKEVY94fAIOmYXAmz3bou2NqBx26gtMKz0AHYTcEZXI%2BsWm%2BFRv59Da2MB0v%2BXh%2BQZP3rHhSSva%2FdQumLQitfc9RWDxuzUhRud5aZNJ8%2FM9Bb78rlsXSYNvgqfj5e%2BxtgY7h18SEKZo1gfZ4eg4ZH7Rs4A8wEtgUkF4MuG9W%2ByM8%2BTXf%2B9HpSQqN8ddvrz8nZ1rB02ayH9DeCPKWEL98hYf5SMlxfSdgrYR3xYjOF7WMyfXpZcIAqlZ27BvBIdjnNRvr5YAbLXsyixoFr7FGkF%2Bw97yMlxWk3OszP6qN3GJdvYMdj6yXzMM%2Bbm2kBvIM47Ww%3D%3D&st=1735318124502&uuid=fed58752-978c-4cca-a302-b00c6ee2b7f8 HTTP 307
https://akumahapa.technologi.site/

Request Chain 10

https://whomeenoaglauns.com/?z=8540500&syncedCookie=true&rhd=false HTTP 302
https://whomeenoaglauns.com/4/6118780?var=8540500&btz=Europe/Vienna&bto=-60&bar=x

Request Chain 17

https://whomeenoaglauns.com/?z=6118780&syncedCookie=true&rhd=false HTTP 302
https://www.brgdtracking.com/go/f717918a-590a-496d-bed3-4953115842ea?cost=0.002955&visitor_id=896551801397187271&zoneid=6118780&bannerid=22762180&country=AT&os=linux&user_activity=high&campaignid=8954331

105 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
wimberleylibrary.org/dup-installer/karo-pride/
Redirect Chain

https://mypure.at/
https://wimberleylibrary.org/dup-installer/karo-pride/

521 B
540 B

113ms
38ms

Document
text/html

194.1.147.36
WPX K Media Tech ...

General

Check archive.org

Show headers Download Go to

Full URL: https://wimberleylibrary.org/dup-installer/karo-pride/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.1.147.36 Manchester, United Kingdom, ASN210250 (WPX K Media Tech Ltd., BG),
Reverse DNS: wpx.net
Software: WPX CLOUD/FF02 / PHP/7.4.33
Resource Hash: 4a50cdae04c12478950258852730bef4acde33a90ab5450f1170f6e4c3c9a7f4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public,max-age=3600,stale-while-revalidate=21600
content-encoding: br
content-length: 237
content-type: text/html; charset=UTF-8
date: Fri, 27 Dec 2024 16:48:44 GMT
server: WPX CLOUD/FF02
vary: Accept-Encoding,Origin
wpx: 1
x-cache-status: STALE
x-edge-location: WPX CLOUD/FF02
x-powered-by: PHP/7.4.33
x-quic: h3
x-turbo-charged-by: LiteSpeed

Redirect headers

content-length: 238
content-type: text/html; charset=iso-8859-1
date: Fri, 27 Dec 2024 16:48:44 GMT
location: https://wimberleylibrary.org/dup-installer/karo-pride/
server: nginx

GET
H3 200 76133339
wwp.psmad.com/redirect-zone/ 3 KB
2 KB 136ms
78ms Document
text/html 104.21.55.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wwp.psmad.com/redirect-zone/76133339
Requested by: Host: wimberleylibrary.org
URL: https://wimberleylibrary.org/dup-installer/karo-pride/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.55.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://wimberleylibrary.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f8accc5ddc0c251-VIE
content-encoding: zstd
content-type: text/html
critical-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
date: Fri, 27 Dec 2024 16:48:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KtvDfk%2FkSrM0yb9QQI5oC84qtF7Zca7Ckp275lrySzerJtxlXY5wdAt1BNnJyb2n3rFjeXS7suJ0kmRVhkTm6U07IM6Mk0t4HH1TrIprikxlE%2FWaiOsm3yNTzhEndrJI"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=17990&min_rtt=17886&rtt_var=3839&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4158&recv_bytes=4471&delivery_rate=32593&cwnd=12000&unsent_bytes=0&cid=6cfbb6e1ed45bfcd&ts=84&x=1" cfExtPri cfHdrFlush;dur=0
vary: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile

GET
H2

200

/ Show response
akumahapa.technologi.site/
Redirect Chain

https://wwp.psmad.com/zone/76133339?frame=0&ancestorOrigins=0&originalReferrer=https%3A%2F%2Fwimberleylibrary.org%2F&v=VBVScGlbE9%2F78sefHnMKEVY94fAIOmYXAmz3bou2NqBx26gtMKz0AHYTcEZXI%2BsWm%2BFRv59D...
https://akumahapa.technologi.site/

2 KB
1 KB

176ms
53ms

Document
text/html

77.37.34.62
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to

Full URL

https://akumahapa.technologi.site/

Requested by

Host: wwp.psmad.com
URL: https://wwp.psmad.com/redirect-zone/76133339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

77.37.34.62 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),

Reverse DNS

Software

LiteSpeed / PHP/8.1.27

Resource Hash

bbf31b590a53f45a8f4eed9a19deda89204ccd32ffc1a73c92ad8dbd10486b09

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://wwp.psmad.com/redirect-zone/76133339
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 879
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Fri, 27 Dec 2024 16:48:44 GMT
panel: hpanel
platform: hostinger
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/8.1.27

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f8accc66e51c251-VIE
content-length: 0
date: Fri, 27 Dec 2024 16:48:44 GMT
location: https://akumahapa.technologi.site/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lXIeFzS7IlsQSrqY0B8HaZ4ALkInCouIkNFLUCIvN%2Bar9%2Br8JVKDrDvE9RrggIm5OKs5PoYO6o1xqlzEc8925xa2IKuBewaQlcoSOGX0kR%2FTrunFZl4tq2tzJ%2FuCGoUX"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=18409&min_rtt=17886&rtt_var=2378&sent=16&recv=13&lost=0&retrans=0&sent_bytes=6384&recv_bytes=5422&delivery_rate=51980&cwnd=12000&unsent_bytes=0&cid=6cfbb6e1ed45bfcd&ts=159&x=1" cfExtPri cfHdrFlush;dur=0

GET
H2 200 / Show response
matigan.technologi.site/ 489 B
655 B 173ms
53ms Document
text/html 77.37.34.62
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to

Full URL

https://matigan.technologi.site/?Referer=douban.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

77.37.34.62 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),

Reverse DNS

Software

LiteSpeed / PHP/8.1.27

Resource Hash

6736c713916509e494561f576817f9dc510d718999047c0eeef84e3c892640b5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 326
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Fri, 27 Dec 2024 16:48:44 GMT
panel: hpanel
platform: hostinger
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/8.1.27

GET
H2 200 8540500 Show response
whomeenoaglauns.com/4/ 31 KB
14 KB 104ms
56ms Document
text/html 104.18.23.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whomeenoaglauns.com/4/8540500

Requested by

Host: matigan.technologi.site
URL: https://matigan.technologi.site/?Referer=douban.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6606d3b7f0c9096b161e045f9b1142424dac7d5214e36c3a30ce26e61e98b6aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://matigan.technologi.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8f8accc979e9325c-VIE
content-encoding: gzip
content-type: text/html; charset=utf8
date: Fri, 27 Dec 2024 16:48:45 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff

GET
H3 200 img.gif
my.rtmark.net/ 43 B
877 B 77ms
45ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=00813f80cfc64e48f6bdd04f01e2881f&z=8540500&p_rid=22527699-0747-49b1-8a05-3a6dc635c318&p_src=sf

Requested by

Host: whomeenoaglauns.com
URL: https://whomeenoaglauns.com/4/8540500

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://whomeenoaglauns.com/

Response headers

access-control-expose-headers: Authorization
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2QHq7UqN%2BZLpAUV5lkIUpC5BVDCNQDkIlDkNC0ZEE30ai4iHSEbu7j8YJx59glpAQgbxJZfv3Ae9mY3DZgSeTMTmKfkK6ZoNQyBDrD1CGlGXyaX1FSuKKllN0OY%2FLBGv"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18095&min_rtt=17875&rtt_var=3967&sent=10&recv=9&lost=0&retrans=0&sent_bytes=4100&recv_bytes=4482&delivery_rate=32894&cwnd=12000&unsent_bytes=0&cid=11ad421beb3175dd&ts=47&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 27 Dec 2024 16:48:45 GMT
content-type: image/gif
priority: u=1,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security: max-age=1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *, *
access-control-allow-credentials: true
cf-ray: 8f8accca1a52325c-VIE
access-control-allow-origin: *
content-length: 43
server: cloudflare

GET
H2 200 sftouch
whomeenoaglauns.com/ 43 B
152 B 49ms
49ms Image
image/gif 104.18.23.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://whomeenoaglauns.com/sftouch?userId=00813f80cfc64e48f6bdd04f01e2881f&z=8540500&p_rid=22527699-0747-49b1-8a05-3a6dc635c318&p_src=sf&branchId=0&rb=GXnTsZVsYtO9I_lbE8N7wfSvYhcEYtPMME9Qq30910IlFeAqhMIsBqYKSCAj2xgZJPKKCDG-H9luJ5Zx7A9s1PosKK8csvFjXpdMqaq2fgnH3xcdGMWVvj13oQ-TpPKBcwPFzZNC8s-xy-6p5l0iv97uMTjuGt18MlWABC1douze_j3dBZcjqMdgt3lXbyjZDMtQF7jz9JT1efGDE2kljxxmklonVLHs61mASBjkCOLqUA7vTGXpXrJyc27StsMR-Ca38xm7WLk8o-s4r7CehjIMDOIjRBhzdbLNrXGQW9zPLfKCx32PqbLYNqIzyRbHWUXNnZGql1xNT677eIr663xxLQ0=&w_img=1

Requested by

Host: whomeenoaglauns.com
URL: https://whomeenoaglauns.com/4/8540500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://whomeenoaglauns.com/4/8540500

Response headers

access-control-max-age: 86400
cf-cache-status: DYNAMIC
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Tue, 11 Jan 1994 10:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 27 Dec 2024 16:48:45 GMT
content-type: image/gif
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security: max-age=1
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *, *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
x-trace-id: 85ee26b14aa965df53f01a9a654dcf8c
cf-ray: 8f8accc9ea39325c-VIE
access-control-allow-origin: *
content-length: 43
server: cloudflare

POST
H2 200 add Show response
whomeenoaglauns.com/log/ 12 B
235 B 48ms
46ms XHR
application/json 104.18.23.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whomeenoaglauns.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=22527699-0747-49b1-8a05-3a6dc635c318

Requested by

Host: whomeenoaglauns.com
URL: https://whomeenoaglauns.com/4/8540500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://whomeenoaglauns.com/4/8540500

Response headers

strict-transport-security: max-age=1
timing-allow-origin: *
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
cf-ray: 8f8accca1a4b325c-VIE
access-control-allow-origin: https://whomeenoaglauns.com
alt-svc: h3=":443"; ma=86400
content-length: 12
date: Fri, 27 Dec 2024 16:48:45 GMT
content-type: application/json; charset=utf-8
server: cloudflare
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

POST
H3 200 add Show response
whomeenoaglauns.com/async_log/ 0
329 B 48ms
47ms XHR
text/plain 104.18.23.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whomeenoaglauns.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=22527699-0747-49b1-8a05-3a6dc635c318

Requested by

Host: whomeenoaglauns.com
URL: https://whomeenoaglauns.com/4/8540500

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://whomeenoaglauns.com/4/8540500

Response headers

strict-transport-security: max-age=1
timing-allow-origin: *
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
cf-ray: 8f8accca1b3d5ac5-VIE
access-control-allow-origin: https://whomeenoaglauns.com
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfExtPri
date: Fri, 27 Dec 2024 16:48:45 GMT
server: cloudflare
priority: u=1,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

GET
H3 204 favicon.ico
whomeenoaglauns.com/ 0
212 B 27ms
27ms Other
text/plain 104.18.23.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whomeenoaglauns.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://whomeenoaglauns.com/4/8540500

Response headers

cache-control: public, max-age=315360000
cf-cache-status: HIT
pragma: public
age: 136016
cf-ray: 8f8accca6b775ac5-VIE
expires: Mon, 25 Dec 2034 16:48:45 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 27 Dec 2024 16:48:45 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET
H3

200

6118780 Show response
whomeenoaglauns.com/4/
Redirect Chain

https://whomeenoaglauns.com/?z=8540500&syncedCookie=true&rhd=false
https://whomeenoaglauns.com/4/6118780?var=8540500&btz=Europe/Vienna&bto=-60&bar=x

30 KB
14 KB

211ms
210ms

Document
text/html

104.18.23.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whomeenoaglauns.com/4/6118780?var=8540500&btz=Europe/Vienna&bto=-60&bar=x

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99e92b7fad088a2f4502e9bdf39d6a982075aa161a49dcf8f0a0387f3d657a56

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://whomeenoaglauns.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8f8acccaebc05ac5-VIE
content-encoding: gzip
content-type: text/html; charset=utf8
date: Fri, 27 Dec 2024 16:48:45 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
pragma: no-cache
priority: u=0,i
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://whomeenoaglauns.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8f8accca9b895ac5-VIE
content-length: 0
date: Fri, 27 Dec 2024 16:48:45 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://whomeenoaglauns.com>; rel="preconnect dns-prefetch"
location: https://whomeenoaglauns.com/4/6118780?var=8540500&btz=Europe/Vienna&bto=-60&bar=x
pragma: no-cache
priority: u=0,i
referrer-policy: no-referrer
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 15acf80157a26a4c811a0ff498153010

GET
H3 204 favicon.ico
whomeenoaglauns.com/ 0
0 0ms
0ms Other
text/plain 104.18.23.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whomeenoaglauns.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://whomeenoaglauns.com/afu.php?zoneid=8540500&var=8540500&rid=mnhKzS_wDF_SW3g2Y1iWsw%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

cache-control: public, max-age=315360000
cf-cache-status: HIT
pragma: public
age: 136016
cf-ray: 8f8accca6b775ac5-VIE
expires: Mon, 25 Dec 2034 16:48:45 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 27 Dec 2024 16:48:45 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET
H3 200 sftouch
whomeenoaglauns.com/ 43 B
562 B 49ms
49ms Image
image/gif 104.18.23.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://whomeenoaglauns.com/sftouch?userId=00813ff6a23a4637e72dd10b86fcbf95&z=6118780&p_rid=7b6c5fa2-f5e6-4846-ab86-2845bdfe2b7f&p_src=sf&branchId=0&rb=KzwvKHPGuw_AsZgLiyDFeKTjrZMJeMntidI_VVRx4RM891LSSM4_sCOhcqbyC3PPhqrK8BMpO_8jQBxAMyv5If28cyMwFjI5DIpZDSEpxj_R_8rCGpm5uZLW1A3FcJgTQ8jgf14xtwV7a5_b8OBJ-A2UrMJpqNju5HLGTxAvGhhHJYfr0SuQAvDbg-oBIVFZe18fAWViF2caw0p41hGYE0-bGNHtGH2vL9E1lVsEgubjPxD0XbE3m0s2qF-UXubboUjKMlqYgdF_J5B7RuydPU1DD3UtMtg8fpd-dbXP-P7adT3UkpT9tw==&w_img=1

Requested by

Host: whomeenoaglauns.com
URL: https://whomeenoaglauns.com/4/6118780?var=8540500&btz=Europe/Vienna&bto=-60&bar=x

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://whomeenoaglauns.com/4/6118780?var=8540500&btz=Europe/Vienna&bto=-60&bar=x

Response headers

access-control-max-age: 86400
cf-cache-status: DYNAMIC
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Tue, 11 Jan 1994 10:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 27 Dec 2024 16:48:45 GMT
content-type: image/gif
priority: u=3,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security: max-age=1
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *, *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
x-trace-id: 8614356a01668f1b8b073a79a4b9a970
cf-ray: 8f8acccc5cac5ac5-VIE
access-control-allow-origin: *
content-length: 43
server: cloudflare

POST
H3 200 add Show response
whomeenoaglauns.com/log/ 12 B
337 B 49ms
48ms XHR
application/json 104.18.23.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whomeenoaglauns.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=7b6c5fa2-f5e6-4846-ab86-2845bdfe2b7f

Requested by

Host: whomeenoaglauns.com
URL: https://whomeenoaglauns.com/4/6118780?var=8540500&btz=Europe/Vienna&bto=-60&bar=x

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://whomeenoaglauns.com/4/6118780?var=8540500&btz=Europe/Vienna&bto=-60&bar=x

Response headers

cf-cache-status: DYNAMIC
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 27 Dec 2024 16:48:45 GMT
content-type: application/json; charset=utf-8
priority: u=1,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
strict-transport-security: max-age=1
timing-allow-origin: *
access-control-allow-credentials: true
cf-ray: 8f8acccc6cbd5ac5-VIE
access-control-allow-origin: https://whomeenoaglauns.com
content-length: 12
server: cloudflare

GET
H3 200 img.gif
my.rtmark.net/ 43 B
842 B 45ms
44ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=00813ff6a23a4637e72dd10b86fcbf95&z=6118780&p_rid=7b6c5fa2-f5e6-4846-ab86-2845bdfe2b7f&p_src=sf

Requested by

Host: whomeenoaglauns.com
URL: https://whomeenoaglauns.com/4/6118780?var=8540500&btz=Europe/Vienna&bto=-60&bar=x

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://whomeenoaglauns.com/

Response headers

access-control-expose-headers: Authorization
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ReI3XR7aGUIA34TepC9w3BnYhG7RpP%2BeN48kREV0jyRWa2bmAYBfYAN9rwitN6uW%2FDWOA1cbUo3%2FobdSpVUTfjspTPPL34ulOAPPdYc3ssPFREHJvf2KYQLkIPqxmFwH"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19045&min_rtt=17875&rtt_var=4876&sent=12&recv=11&lost=0&retrans=0&sent_bytes=5023&recv_bytes=4965&delivery_rate=36056&cwnd=12000&unsent_bytes=0&cid=11ad421beb3175dd&ts=418&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 27 Dec 2024 16:48:45 GMT
content-type: image/gif
priority: u=3,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security: max-age=1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *, *
access-control-allow-credentials: true
cf-ray: 8f8acccc6c5d325c-VIE
access-control-allow-origin: *
content-length: 43
server: cloudflare

POST
H3 200 add Show response
whomeenoaglauns.com/async_log/ 0
293 B 47ms
46ms XHR
text/plain 104.18.23.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://whomeenoaglauns.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=7b6c5fa2-f5e6-4846-ab86-2845bdfe2b7f

Requested by

Host: whomeenoaglauns.com
URL: https://whomeenoaglauns.com/4/6118780?var=8540500&btz=Europe/Vienna&bto=-60&bar=x

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://whomeenoaglauns.com/4/6118780?var=8540500&btz=Europe/Vienna&bto=-60&bar=x

Response headers

strict-transport-security: max-age=1
timing-allow-origin: *
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
cf-ray: 8f8acccc6cc05ac5-VIE
access-control-allow-origin: https://whomeenoaglauns.com
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfExtPri
date: Fri, 27 Dec 2024 16:48:45 GMT
server: cloudflare
priority: u=1,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

GET
H3 204 favicon.ico
whomeenoaglauns.com/ 0
0 1ms
1ms Other
text/plain 104.18.23.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whomeenoaglauns.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://whomeenoaglauns.com/4/6118780?var=8540500&btz=Europe/Vienna&bto=-60&bar=x

Response headers

cache-control: public, max-age=315360000
cf-cache-status: HIT
pragma: public
age: 136016
cf-ray: 8f8accca6b775ac5-VIE
expires: Mon, 25 Dec 2034 16:48:45 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 27 Dec 2024 16:48:45 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET
H2

200

f717918a-590a-496d-bed3-4953115842ea Show response
www.brgdtracking.com/go/
Redirect Chain

https://whomeenoaglauns.com/?z=6118780&syncedCookie=true&rhd=false
https://www.brgdtracking.com/go/f717918a-590a-496d-bed3-4953115842ea?cost=0.002955&visitor_id=896551801397187271&zoneid=6118780&bannerid=22762180&country=AT&os=linux&user_activity=high&campaignid=8...

256 B
1 KB

133ms
39ms

Document
text/html

3.70.16.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brgdtracking.com/go/f717918a-590a-496d-bed3-4953115842ea?cost=0.002955&visitor_id=896551801397187271&zoneid=6118780&bannerid=22762180&country=AT&os=linux&user_activity=high&campaignid=8954331
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.70.16.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-16-242.eu-central-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 512befe21e10dabb0e2990fd7e8e16da244a23b9d18f436994e0d99ac0985049

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://whomeenoaglauns.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 27 Dec 2024 16:48:45 GMT
etag: W/"100-IHkPt0YLxKMsWeEXGKtIJRuKNWw"
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: openresty
vary: Accept-Encoding
x-response-time: 4.573ms

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://whomeenoaglauns.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8f8acccced325ac5-VIE
content-length: 0
date: Fri, 27 Dec 2024 16:48:45 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://www.brgdtracking.com>; rel="preconnect dns-prefetch"
location: https://www.brgdtracking.com/go/f717918a-590a-496d-bed3-4953115842ea?cost=0.002955&visitor_id=896551801397187271&zoneid=6118780&bannerid=22762180&country=AT&os=linux&user_activity=high&campaignid=8954331
pragma: no-cache
priority: u=0,i
referrer-policy: no-referrer
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 667bcc0cbc7435cc390523ed0f585d3e

GET
H3 204 favicon.ico
whomeenoaglauns.com/ 0
0 0ms
0ms Other
text/plain 104.18.23.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whomeenoaglauns.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://whomeenoaglauns.com/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

cache-control: public, max-age=315360000
cf-cache-status: HIT
pragma: public
age: 136016
cf-ray: 8f8accca6b775ac5-VIE
expires: Mon, 25 Dec 2034 16:48:45 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 27 Dec 2024 16:48:45 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET
H2

200

Primary Request / Show response
96ccd.com/
Redirect Chain

https://record.96.partners/_Eg4yvmL2GO-l43LEo86vh2Nd7ZgqdRLk/1/?channel_id=60008360&s2s.req_id=ErAPDTNNPjeht4xM63YYJZ
https://96ccd.com/?ma_token=vSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk&channel_id=60008360&s2s.req_id=ErAPDTNNPjeht4xM63YYJZ

2 KB
957 B

372ms
312ms

Document
text/html

34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/?ma_token=vSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk&channel_id=60008360&s2s.req_id=ErAPDTNNPjeht4xM63YYJZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: 70d2dec9e651c3c0567646233efb31192b52e6f24d39a863ac8e33cae7e812c2

Request headers

Referer: https://www.brgdtracking.com/go/f717918a-590a-496d-bed3-4953115842ea?cost=0.002955&visitor_id=896551801397187271&zoneid=6118780&bannerid=22762180&country=AT&os=linux&user_activity=high&campaignid=8954331
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: none
access-control-allow-credentials: true
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
content-encoding: br
content-type: text/html
date: Fri, 27 Dec 2024 16:48:46 GMT
etag: W/"66ce92ce-79e"
last-modified: Wed, 28 Aug 2024 03:00:30 GMT
server: Microsoft-IIS
vary: Accept-Encoding,Accept-Encoding
via: 1.1 google

Redirect headers

access-control-allow-origin: *
cache-control: private, no-cache, must-revalidate
cf-cache-status: BYPASS
cf-ray: 8f8acccf3c47c314-VIE
content-type: text/html; charset=utf-8
date: Fri, 27 Dec 2024 16:48:46 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
location: https://96ccd.com/?ma_token=vSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk&channel_id=60008360&s2s.req_id=ErAPDTNNPjeht4xM63YYJZ
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-powered-by: ZBan

GET
H2 404 favicon.ico
www.brgdtracking.com/ 552 B
260 B 33ms
32ms Other
text/html 3.70.16.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brgdtracking.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.70.16.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-70-16-242.eu-central-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.brgdtracking.com/go/f717918a-590a-496d-bed3-4953115842ea?cost=0.002955&visitor_id=896551801397187271&zoneid=6118780&bannerid=22762180&country=AT&os=linux&user_activity=high&campaignid=8954331

Response headers

content-encoding: gzip
date: Fri, 27 Dec 2024 16:48:45 GMT
content-type: text/html
vary: Accept-Encoding
server: openresty

GET
H2 200 puremvc.min.js Show response
96ccd.com/libs/puremvc/ 9 KB
2 KB 79ms
78ms Script
application/javascript 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/libs/puremvc/puremvc.min.js
Requested by: Host: 96ccd.com
URL: https://96ccd.com/?ma_token=vSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk&channel_id=60008360&s2s.req_id=ErAPDTNNPjeht4xM63YYJZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: e966ae4e462d62393b40a76b5fb5252672638fdb706173de35a04c37f7e684f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/?ma_token=vSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk&channel_id=60008360&s2s.req_id=ErAPDTNNPjeht4xM63YYJZ

Response headers

cache-control: public,max-age=86400
content-encoding: br
etag: W/"642c1867-22aa"
age: 67992
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: none
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1782
date: Thu, 26 Dec 2024 21:55:34 GMT
last-modified: Tue, 04 Apr 2023 12:30:31 GMT
content-type: application/javascript
server: Microsoft-IIS
vary: Accept-Encoding

GET
H2 200 core.min.js Show response
96ccd.com/libs/core/ 146 KB
16 KB 61ms
61ms Script
application/javascript 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/libs/core/core.min.js?2024-08-28%2002:56
Requested by: Host: 96ccd.com
URL: https://96ccd.com/?ma_token=vSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk&channel_id=60008360&s2s.req_id=ErAPDTNNPjeht4xM63YYJZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: baa84fca69d1fee91c2cb0ac064020904d8a4898e31cf108fcb1cd57d813f95b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/?ma_token=vSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk&channel_id=60008360&s2s.req_id=ErAPDTNNPjeht4xM63YYJZ

Response headers

cache-control: public,max-age=86400
content-encoding: br
etag: W/"66b4314a-2464f"
age: 4529
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: none
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16381
date: Fri, 27 Dec 2024 15:33:17 GMT
last-modified: Thu, 08 Aug 2024 02:45:30 GMT
content-type: application/javascript
server: Microsoft-IIS
vary: Accept-Encoding

GET
H2 200 chunk-vendors.a2babcb0.css
96ccd.com/css/ 683 KB
54 KB 29ms
29ms Stylesheet
text/css 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/css/chunk-vendors.a2babcb0.css
Requested by: Host: 96ccd.com
URL: https://96ccd.com/?ma_token=vSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk&channel_id=60008360&s2s.req_id=ErAPDTNNPjeht4xM63YYJZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: 8a6597a24fa67d5ba2f49b99389d221489567863c1aa6f65b7bd04f0061c35e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/?ma_token=vSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk&channel_id=60008360&s2s.req_id=ErAPDTNNPjeht4xM63YYJZ

Response headers

cache-control: public,max-age=86400
content-encoding: br
etag: W/"64f2dd8f-aada7"
age: 28194
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: none
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55653
date: Fri, 27 Dec 2024 08:58:52 GMT
last-modified: Sat, 02 Sep 2023 07:00:31 GMT
content-type: text/css
server: Microsoft-IIS
vary: Accept-Encoding,Accept-Encoding

GET
H2 200 landing.38faaea5.css
96ccd.com/css/ 72 B
153 B 67ms
67ms Stylesheet
text/css 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/css/landing.38faaea5.css
Requested by: Host: 96ccd.com
URL: https://96ccd.com/?ma_token=vSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk&channel_id=60008360&s2s.req_id=ErAPDTNNPjeht4xM63YYJZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: 99531d6d624ddea03006bcaef319bf4f7473332dd75adcc59bfa58da16a9b753

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/?ma_token=vSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk&channel_id=60008360&s2s.req_id=ErAPDTNNPjeht4xM63YYJZ

Response headers

cache-control: public,max-age=86400
etag: "64f2dd8f-48"
age: 28360
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72
date: Fri, 27 Dec 2024 08:56:06 GMT
last-modified: Sat, 02 Sep 2023 07:00:31 GMT
content-type: text/css
server: Microsoft-IIS

GET
H2 200 chunk-vendors.88f2213f.js Show response
96ccd.com/js/ 2 MB
272 KB 68ms
68ms Script
application/javascript 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/js/chunk-vendors.88f2213f.js
Requested by: Host: 96ccd.com
URL: https://96ccd.com/?ma_token=vSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk&channel_id=60008360&s2s.req_id=ErAPDTNNPjeht4xM63YYJZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: 5b4393c6fc659782788dec8167bb00cf8189bacf3eecb149fc7fdc51f6fefdd5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/?ma_token=vSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk&channel_id=60008360&s2s.req_id=ErAPDTNNPjeht4xM63YYJZ

Response headers

cache-control: public,max-age=86400
content-encoding: br
etag: W/"66ce92ce-193bba"
age: 87403
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: none
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Dec 2024 16:32:03 GMT
last-modified: Wed, 28 Aug 2024 03:00:30 GMT
content-type: application/javascript
server: Microsoft-IIS
vary: Accept-Encoding

GET
H2 200 landing.f20b9fe9.js Show response
96ccd.com/js/ 35 KB
13 KB 76ms
76ms Script
application/javascript 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/js/landing.f20b9fe9.js
Requested by: Host: 96ccd.com
URL: https://96ccd.com/?ma_token=vSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk&channel_id=60008360&s2s.req_id=ErAPDTNNPjeht4xM63YYJZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: 37ae7919d75abcb53ddf21b402361c943f724cd02622de2181906ab100df26f9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/?ma_token=vSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk&channel_id=60008360&s2s.req_id=ErAPDTNNPjeht4xM63YYJZ

Response headers

cache-control: public,max-age=86400
content-encoding: br
etag: W/"66ce92ce-8c8d"
age: 90382
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: none
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13555
date: Thu, 26 Dec 2024 15:42:24 GMT
last-modified: Wed, 28 Aug 2024 03:00:30 GMT
content-type: application/javascript
server: Microsoft-IIS
vary: Accept-Encoding

GET
H3 200 d104fd86ef48111a40dd653fbc0103c5.json Show response
96ccd.com/config/ 154 B
175 B 26ms
26ms XHR
application/json 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/config/d104fd86ef48111a40dd653fbc0103c5.json?4820323
Requested by: Host: 96ccd.com
URL: https://96ccd.com/js/chunk-vendors.88f2213f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: 20732019f332406573f06d35c28ebceb3df2ee15e1585d6c9e2569a4b0f92cad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://96ccd.com/?ma_token=vSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk&channel_id=60008360&s2s.req_id=ErAPDTNNPjeht4xM63YYJZ

Response headers

cache-control: public,max-age=86400
etag: "6719f39e-9a"
age: 31930
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 154
date: Fri, 27 Dec 2024 07:56:36 GMT
last-modified: Thu, 24 Oct 2024 07:13:34 GMT
content-type: application/json
server: Microsoft-IIS

GET
H3 200 60008.json Show response
96ccd.com/config/ 264 B
285 B 26ms
26ms XHR
application/json 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/config/60008.json?4820323
Requested by: Host: 96ccd.com
URL: https://96ccd.com/js/chunk-vendors.88f2213f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: 717f0e0b2d2050e3a00485db646cb973c6abc2775214460f37b31a30f874a04e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://96ccd.com/?ma_token=vSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk&channel_id=60008360&s2s.req_id=ErAPDTNNPjeht4xM63YYJZ

Response headers

cache-control: public,max-age=86400
etag: "6710dbb6-108"
age: 31930
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 264
date: Fri, 27 Dec 2024 07:56:36 GMT
last-modified: Thu, 17 Oct 2024 09:41:10 GMT
content-type: application/json
server: Microsoft-IIS

GET
H3 404 favicon.ico
96ccd.com/ 556 B
572 B 26ms
26ms Other
text/html 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: 3f78207f071d486a2957dac496f6c3c80800bdf809ef22ef140caf4d9f73ad47

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/?ma_token=vSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk&channel_id=60008360&s2s.req_id=ErAPDTNNPjeht4xM63YYJZ

Response headers

cache-control: public,max-age=60
age: 31
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 556
date: Fri, 27 Dec 2024 16:48:15 GMT
content-type: text/html
server: Microsoft-IIS

GET
H3 200 index.html Show response
96ccd.com/template/60008025/178/1729753974/ Frame 6FCD 11 KB
2 KB 25ms
25ms Document
text/html 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56
Requested by: Host: 96ccd.com
URL: https://96ccd.com/js/landing.f20b9fe9.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: 160fccfe88de59a8756ae3a5c8fe56fe585b338a73f3f798e1fec83660800113

Request headers

Referer: https://96ccd.com/?ma_token=vSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk&channel_id=60008360&s2s.req_id=ErAPDTNNPjeht4xM63YYJZ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: none
access-control-allow-credentials: true
access-control-allow-origin: *
age: 94066
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
content-encoding: br
content-length: 2280
content-type: text/html
date: Thu, 26 Dec 2024 14:41:00 GMT
etag: W/"6719f37d-2c4a"
last-modified: Thu, 24 Oct 2024 07:13:01 GMT
server: Microsoft-IIS
vary: Accept-Encoding,Accept-Encoding
via: 1.1 google

GET
H3 200 favicon.ico
96ccd.com/template/60008025/178/1729753974/ 5 KB
4 KB 27ms
27ms Other
image/x-icon 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/template/60008025/178/1729753974/favicon.ico?v=2024-08-28%2002:56
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: b1753030316553e3e984f51db690bda7d082b64604900920e51034c89810defe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/?ma_token=vSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk&channel_id=60008360&s2s.req_id=ErAPDTNNPjeht4xM63YYJZ

Response headers

cache-control: public,max-age=86400
content-encoding: br
etag: W/"6719f384-130c"
age: 94046
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: none
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4200
date: Thu, 26 Dec 2024 14:41:20 GMT
last-modified: Thu, 24 Oct 2024 07:13:08 GMT
content-type: image/x-icon
server: Microsoft-IIS
vary: Accept-Encoding

GET
H3 200 index.css
96ccd.com/template/60008025/178/1729753974/style/ Frame 6FCD 8 KB
2 KB 29ms
27ms Stylesheet
text/css 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/template/60008025/178/1729753974/style/index.css?v=1.3.11
Requested by: Host: 96ccd.com
URL: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: 6be1a104e09946516a4f429665dc27cf12f6cd07f98a1215ab972f73354606ba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56

Response headers

cache-control: public,max-age=86400
content-encoding: br
etag: W/"6719f37e-2029"
age: 94066
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: none
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1690
date: Thu, 26 Dec 2024 14:41:00 GMT
last-modified: Thu, 24 Oct 2024 07:13:02 GMT
content-type: text/css
server: Microsoft-IIS
vary: Accept-Encoding,Accept-Encoding

GET
H3 200 logo.png
96ccd.com/template/60008025/178/1729753974/assets/ Frame 6FCD 4 KB
4 KB 29ms
28ms Image
image/png 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://96ccd.com/template/60008025/178/1729753974/assets/logo.png?v=1.1
Requested by: Host: 96ccd.com
URL: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: 1a617e01a1cf518ce7415891455d332c5929c12f2873c455757ca6b2a1852168

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56

Response headers

cache-control: public,max-age=86400
etag: "6719f37c-edc"
age: 94066
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3804
date: Thu, 26 Dec 2024 14:41:00 GMT
last-modified: Thu, 24 Oct 2024 07:13:00 GMT
content-type: image/png
server: Microsoft-IIS
vary: Accept-Encoding

GET
H3 200 loading.gif
96ccd.com/template/60008025/178/1729753974/assets/ Frame 6FCD 117 KB
117 KB 33ms
32ms Image
image/gif 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://96ccd.com/template/60008025/178/1729753974/assets/loading.gif
Requested by: Host: 96ccd.com
URL: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: bd7e6745a4133374c3132109992c0482ace276042eed482bca718990c64cc091

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56

Response headers

cache-control: public,max-age=86400
etag: "6719f37c-1d42b"
age: 94066
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119851
date: Thu, 26 Dec 2024 14:41:00 GMT
last-modified: Thu, 24 Oct 2024 07:13:00 GMT
content-type: image/gif
server: Microsoft-IIS
vary: Accept-Encoding

GET
H3 200 str.js Show response
96ccd.com/template/60008025/178/1729753974/js/ Frame 6FCD 713 B
734 B 38ms
37ms Script
application/javascript 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/template/60008025/178/1729753974/js/str.js?v=1.3.1
Requested by: Host: 96ccd.com
URL: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: 16df724b6ce9e67ddb93e2f4ef0a04802a871c0a78ce282da9916925aefa825b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56

Response headers

cache-control: public,max-age=86400
etag: "6719f381-2c9"
age: 94066
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 713
date: Thu, 26 Dec 2024 14:41:00 GMT
last-modified: Thu, 24 Oct 2024 07:13:05 GMT
content-type: application/javascript
server: Microsoft-IIS

GET
H3 200 utils.js Show response
96ccd.com/template/60008025/178/1729753974/js/ Frame 6FCD 909 B
930 B 40ms
39ms Script
application/javascript 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/template/60008025/178/1729753974/js/utils.js?v=1.3.1
Requested by: Host: 96ccd.com
URL: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: ed632b9e988afb6efa6f4d1188faa39516409a19e6095689071a03bfbb2e1b2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56

Response headers

cache-control: public,max-age=86400
etag: "6719f382-38d"
age: 94066
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 909
date: Thu, 26 Dec 2024 14:41:00 GMT
last-modified: Thu, 24 Oct 2024 07:13:06 GMT
content-type: application/javascript
server: Microsoft-IIS

GET
H3 200 jquery.js Show response
96ccd.com/template/60008025/178/1729753974/js/ Frame 6FCD 88 KB
32 KB 41ms
40ms Script
application/javascript 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/template/60008025/178/1729753974/js/jquery.js?v=1.3.1
Requested by: Host: 96ccd.com
URL: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: 4da87c258eca460d39cdb0f6158cbf69af539d05a1d14f1bc011518511d02228

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56

Response headers

cache-control: public,max-age=86400
content-encoding: br
etag: W/"6719f383-15ec5"
age: 94066
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: none
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32275
date: Thu, 26 Dec 2024 14:41:00 GMT
last-modified: Thu, 24 Oct 2024 07:13:07 GMT
content-type: application/javascript
server: Microsoft-IIS
vary: Accept-Encoding

GET
H3 200 net.js Show response
96ccd.com/template/60008025/178/1729753974/js/ Frame 6FCD 2 KB
571 B 30ms
29ms Script
application/javascript 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/template/60008025/178/1729753974/js/net.js?v=1.3.6
Requested by: Host: 96ccd.com
URL: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: e28c256943d251f6ac87324b39fcb022a9862e264fb62f755b12adadff31d159

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56

Response headers

cache-control: public,max-age=86400
content-encoding: br
etag: W/"6719f380-78f"
age: 94066
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: none
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 548
date: Thu, 26 Dec 2024 14:41:00 GMT
last-modified: Thu, 24 Oct 2024 07:13:04 GMT
content-type: application/javascript
server: Microsoft-IIS
vary: Accept-Encoding

GET
H3 200 index.js Show response
96ccd.com/template/60008025/178/1729753974/js/ Frame 6FCD 9 KB
2 KB 30ms
29ms Script
application/javascript 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/template/60008025/178/1729753974/js/index.js?v=1.3.14
Requested by: Host: 96ccd.com
URL: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: b93d863cf176ae6744f603ff4601d7fecbae3ee3fb2a35ecf63f4b09c4063694

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56

Response headers

cache-control: public,max-age=86400
content-encoding: br
etag: W/"6719f381-25e3"
age: 94066
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: none
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1670
date: Thu, 26 Dec 2024 14:41:00 GMT
last-modified: Thu, 24 Oct 2024 07:13:05 GMT
content-type: application/javascript
server: Microsoft-IIS
vary: Accept-Encoding

GET
H3 200 click.js Show response
96ccd.com/template/60008025/178/1729753974/js/ Frame 6FCD 8 KB
1 KB 47ms
47ms Script
application/javascript 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/template/60008025/178/1729753974/js/click.js?v=1.3.10
Requested by: Host: 96ccd.com
URL: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: 82b6716f188a2c4d23a17b41cba2b728b1f4b9339dc5e18d2348879da1a3da34

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56

Response headers

cache-control: public,max-age=86400
content-encoding: br
etag: W/"6719f380-202c"
age: 94066
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: none
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1324
date: Thu, 26 Dec 2024 14:41:00 GMT
last-modified: Thu, 24 Oct 2024 07:13:04 GMT
content-type: application/javascript
server: Microsoft-IIS
vary: Accept-Encoding

GET
H3 200 001.jpg
96ccd.com/template/60008025/178/1729753974/assets/ Frame 6FCD 581 KB
581 KB 59ms
59ms Image
image/jpeg 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://96ccd.com/template/60008025/178/1729753974/assets/001.jpg?v=1.3.2
Requested by: Host: 96ccd.com
URL: https://96ccd.com/template/60008025/178/1729753974/style/index.css?v=1.3.11
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: c77770ad3bbf5be5bad727596fc9a4ee55bd309b1e4b4b5eb278dd8bae756570

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/template/60008025/178/1729753974/style/index.css?v=1.3.11

Response headers

cache-control: public,max-age=86400
etag: "6719f37b-91333"
age: 94046
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 594739
date: Thu, 26 Dec 2024 14:41:20 GMT
last-modified: Thu, 24 Oct 2024 07:12:59 GMT
content-type: image/jpeg
server: Microsoft-IIS
vary: Accept-Encoding

GET
H3 200 font.ttf
96ccd.com/template/60008025/178/1729753974/fonts/ Frame 6FCD 112 KB
112 KB 26ms
26ms Font
application/octet-stream 34.49.148.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://96ccd.com/template/60008025/178/1729753974/fonts/font.ttf
Requested by: Host: 96ccd.com
URL: https://96ccd.com/template/60008025/178/1729753974/style/index.css?v=1.3.11
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.49.148.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.148.49.34.bc.googleusercontent.com
Software: Microsoft-IIS /
Resource Hash: f745b91d6345c24243e0e08362ba3b9c82382e12a2c97d3bad4baf1b0f887bc0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://96ccd.com
Referer: https://96ccd.com/template/60008025/178/1729753974/style/index.css?v=1.3.11

Response headers

cache-control: public,max-age=86400
etag: "6719f386-1bfa4"
age: 94050
access-control-allow-credentials: true
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114596
date: Thu, 26 Dec 2024 14:41:16 GMT
last-modified: Thu, 24 Oct 2024 07:13:10 GMT
content-type: application/octet-stream
server: Microsoft-IIS

POST
H2 200 auth_code Show response
api.dpbms5h.club/api/public/ 4 KB
3 KB 408ms
345ms XHR
application/json 34.111.76.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dpbms5h.club/api/public/auth_code

Requested by

Host: 96ccd.com
URL: https://96ccd.com/js/landing.f20b9fe9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.76.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

58.76.111.34.bc.googleusercontent.com

Software

Microsoft-IIS /

Resource Hash

2cfab95c28cd5c3ce80d631edaef14a97d998f33d07658f2a37309d162e2e558

Security Headers

Name	Value
X-Frame-Options	sameorigin, sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryf2I1FrWILGl0JEaX
Referer: https://96ccd.com/

Response headers

access-control-allow-headers: content-type,token,sign
content-encoding: gzip
via: 1.1 google
access-control-request-method: GET,POST
access-control-allow-origin: *
alt-svc: clear
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: application/json
vary: Accept-Encoding
server: Microsoft-IIS
x-frame-options: sameorigin, sameorigin

POST
H2 200 area_code Show response
api.dpbms5h.club/api/public/ 2 KB
575 B 669ms
607ms XHR
application/json 34.111.76.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dpbms5h.club/api/public/area_code

Requested by

Host: 96ccd.com
URL: https://96ccd.com/js/landing.f20b9fe9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.76.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

58.76.111.34.bc.googleusercontent.com

Software

Microsoft-IIS /

Resource Hash

babfbe530a0a4426430dccc41755bfb35b9337ee18af2524c328d73ddb7462d0

Security Headers

Name	Value
X-Frame-Options	sameorigin, sameorigin

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryAMeKqbvT6zfYTVSg
Referer: https://96ccd.com/

Response headers

access-control-allow-headers: content-type,token,sign
content-encoding: gzip
via: 1.1 google
access-control-request-method: GET,POST
access-control-allow-origin: *
alt-svc: clear
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: application/json
vary: Accept-Encoding
server: Microsoft-IIS
x-frame-options: sameorigin, sameorigin

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 246 KB
81 KB 108ms
40ms Script
application/javascript 142.250.185.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K3PWVTS2

Requested by

Host: 96ccd.com
URL: https://96ccd.com/?ma_token=vSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk&channel_id=60008360&s2s.req_id=ErAPDTNNPjeht4xM63YYJZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

aad532aaabf17d672a45d44fd22ede73627830d320640b14ea2a801985dacfd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 27 Dec 2024 16:48:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Dec 2024 16:48:46 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 27 Dec 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 82223
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 63ms
30ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: wimberleylibrary.org
URL: https://wimberleylibrary.org/dup-installer/karo-pride/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-KdjsEITn' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-KdjsEITn' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=29, rtx=0, c=23, mss=1232, tbw=4476, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: ZwkvfLAhoEBV8fOhVHdhg2RjOk7YmFyU6KVKLON6+VEYAGFQMkd6oA8i+iMeue6PbsrD3mPX9uSIH5gakb13bg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62282
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 323 KB
108 KB 40ms
39ms Script
application/javascript 142.250.185.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D1MREPZMK9&l=dataLayer&cx=c&gtm=45He4cc1v9173077786za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3PWVTS2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

7300db8004db2ef6ebebf3f648ed3fe500f317b702c9c6323b7a62e2d60ed8e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 27 Dec 2024 16:48:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109806
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 323 KB
107 KB 46ms
46ms Script
application/javascript 142.250.185.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q4XV74EN3M&l=dataLayer&cx=c&gtm=45He4cc1v9173077786za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3PWVTS2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c6074e4a8d4d99c02a832e63dfe432527bf45a0c929bfcfbc34464d766951043

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 27 Dec 2024 16:48:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109893
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 hotjar-5163049.js Show response
static.hotjar.com/c/ 13 KB
6 KB 132ms
36ms Script
application/javascript 18.66.102.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-5163049.js?sv=6

Requested by

Host: wimberleylibrary.org
URL: https://wimberleylibrary.org/dup-installer/karo-pride/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-53.fra56.r.cloudfront.net

Software

Resource Hash

77188d533238144a29ae9918bc2ed54c592821c983febd7a65c19d072f08e5f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: br
etag: W/582b03c9b87324348536db059d68c12f
age: 26
x-content-type-options: nosniff
x-cache-hit: 1
x-cache: Hit from cloudfront
x-amz-cf-id: rnmGViqWr12Yez5YaI4SUIwQekJLtQkcbh8DJeYs8z5L9MyE5iNmJQ==
date: Fri, 27 Dec 2024 16:48:23 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P2

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 126ms
34ms Script
application/x-javascript 143.204.215.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: wimberleylibrary.org
URL: https://wimberleylibrary.org/dup-installer/karo-pride/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-39.fra53.r.cloudfront.net
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

x-amz-cf-id: co7Ta8-w6RV_9oEAxZomu-2yb0c7xRlBer2fc08z6OMMMzCTsmCJDQ==
cache-control: public, max-age=3600
content-encoding: gzip
age: 3436
via: 1.1 e7377cc861b31102786678df3616bf68.cloudfront.net (CloudFront)
expires: Fri, 27 Dec 2024 16:51:31 GMT
x-cache: Hit from cloudfront
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 6162
date: Fri, 27 Dec 2024 15:51:31 GMT
content-type: application/x-javascript
last-modified: Fri, 27 Dec 2024 15:51:21 GMT
server: Jetty(9.4.51.v20230217)
x-amz-cf-pop: FRA53-C1

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 255ms
153ms Script
application/javascript 2.16.183.132
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CTDC483C77UF4VSQMLHG&lib=ttq
Requested by: Host: wimberleylibrary.org
URL: https://wimberleylibrary.org/dup-installer/karo-pride/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.183.132 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-16-183-132.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5111c196de0c92aaefb1157a693098cd8ff00cb9466331bd1619d643e0454e6d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: gzip
x-cache-remote: TCP_MISS from a23-48-100-103.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
expires: Fri, 27 Dec 2024 16:48:47 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=102, origin; dur=7, inner; dur=4
x-cache: TCP_MISS from a2-17-34-214.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: e36d1665.680fd0e
x-tt-trace-host: 012319799a2b05f7018ccb3c57e9060d974cfcf930afbf66549f90f795d3380547afaea85923ff03b00327f58c8288b488bf706dfb4d74f23fbe875360ad5f1626fbe28679dee111f0d4f8137648826c5a27468893908e82e20417c8a3452cf1afc3bdbc8c4b246031b6efe0bf7bccad2b
x-origin-response-time: 7,23.48.100.103
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-241227164847B60148F52A791E6A2102-0E7AB88B664AB2F2-00
content-length: 2073
x-parent-response-time: 107,2.17.34.214
x-tt-logid: 20241227164847B60148F52A791E6A2102
server: nginx

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 243ms
141ms Script
application/javascript 2.16.183.132
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CTGJBO3C77U22OFG0JQ0&lib=ttq
Requested by: Host: wimberleylibrary.org
URL: https://wimberleylibrary.org/dup-installer/karo-pride/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.183.132 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-16-183-132.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 611a00821de2e96f91de667875553555db25a7d3475ccab3b026f1600359ac94

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: gzip
x-cache-remote: TCP_MISS from a23-48-100-103.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
expires: Fri, 27 Dec 2024 16:48:47 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=9, inner; dur=4
x-cache: TCP_MISS from a2-17-34-214.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: e36d171a.680fd0f
x-tt-trace-host: 012319799a2b05f7018ccb3c57e9060d974cfcf930afbf66549f90f795d3380547afaea85923ff03b00327f58c8288b4880fa795cf30900d25ba7762334aa0d8bcf78297fe4060fa18dc88ae897d59db6f02867d592db42d7559de6db1596805e1f84f99c9df80e36e1be8dd0086fb92aa
x-origin-response-time: 9,23.48.100.103
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-241227164847FD5DD40C305C844F3881-0762269A1E855659-00
content-length: 2036
x-parent-response-time: 96,2.17.34.214
x-tt-logid: 20241227164847FD5DD40C305C844F3881
server: nginx

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
2 KB 524ms
421ms Script
application/javascript 2.16.183.132
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=null&lib=ttq
Requested by: Host: wimberleylibrary.org
URL: https://wimberleylibrary.org/dup-installer/karo-pride/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.183.132 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-16-183-132.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 151e9945d1864529d43608131fa05913de40c093bda6ad013ac479961f9f0c57

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: gzip
x-cache-remote: TCP_MISS from a23-218-223-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
expires: Fri, 27 Dec 2024 16:48:47 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=278, origin; dur=99, inner; dur=3
x-cache: TCP_MISS from a2-17-34-214.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: fc71a799.680fd10
x-tt-trace-host: 012319799a2b05f7018ccb3c57e9060d974a5158368a1473497a7102924886b890cbc6fab380699efeaba4dd50715ad451018d8c5808bef8d292913a504a1343df5c080cc5f0a167a07b976ffc8e4314dcd42e2e15dd4c36cb33d11c1724a830d7df55301ebd9c3634fff5958de3c00818
x-origin-response-time: 99,23.218.223.71
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24122716484775A72E9B772F4F121C06-06A3973320684515-00
content-length: 1587
x-parent-response-time: 376,2.17.34.214
x-tt-logid: 2024122716484775A72E9B772F4F121C06
server: nginx

GET
H3 200 96com.js Show response
adscool.net/resources/content/ 9 KB
4 KB 163ms
129ms Script
text/javascript 104.21.17.84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adscool.net/resources/content/96com.js

Requested by

Host: wimberleylibrary.org
URL: https://wimberleylibrary.org/dup-installer/karo-pride/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.17.84 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df055b5940ce90d969f6bf709c9b35e117f8a1b6fee2e2b1d3441fd645a58336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

x-request-id: 3d2e53b9-2d1c-403a-aba9-7bee62d9486d
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"df055b5940ce90d969f6bf709c9b35e1"
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BZ4QyaCSkvT%2B3jRMk9%2BKdsmZR5iu4w5dvoFqvMINJ3waRHpOb5VSm5%2BkmciyYszRwRnZwYTSvVTQaRHc0h%2B17qW5NjYkyigTEqUEt0Swq6ORRrVNw7A2SCQyoSO32w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
status: 200 OK
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18411&min_rtt=17912&rtt_var=3259&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4144&recv_bytes=4368&delivery_rate=639&cwnd=12000&unsent_bytes=0&cid=10b24e65f7d6fbf9&ts=135&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-runtime: 0.001379
priority: u=3,i=?0
cache-control: no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8f8accd66c2d5bb5-VIE
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 101ms
38ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-D1MREPZMK9&gtm=45je4cc1v9173005657z89173077786za200zb9173077786&_p=1735318126892&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=635319294.1735318127&ul=de-at&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1735318127&sct=1&seg=0&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DvSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DErAPDTNNPjeht4xM63YYJZ&dr=https%3A%2F%2Fwww.brgdtracking.com%2F&dt=Landing&en=page_view&_fv=1&_nsi=1&_ss=1&up.undefined=&tfd=1263
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D1MREPZMK9&l=dataLayer&cx=c&gtm=45He4cc1v9173077786za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://96ccd.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 78ms
39ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Q4XV74EN3M&gtm=45je4cc1v9189217623z89173077786za200zb9173077786&_p=1735318126892&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=635319294.1735318127&ul=de-at&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1735318127&sct=1&seg=0&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DvSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DErAPDTNNPjeht4xM63YYJZ&dr=https%3A%2F%2Fwww.brgdtracking.com%2F&dt=Landing&en=page_view&_fv=1&_ss=1&tfd=1287
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q4XV74EN3M&l=dataLayer&cx=c&gtm=45He4cc1v9173077786za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://96ccd.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 493229386862469 Show response
connect.facebook.net/signals/config/ 69 KB
14 KB 31ms
31ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/493229386862469?v=2.9.179&r=stable&domain=96ccd.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

ebe3a9b0e9c561389a42cb0f7d287c163710172b510261a454737672a53e1da1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-wo1gfw6t' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-wo1gfw6t' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=77, mss=1232, tbw=70492, tp=65, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: I/z7dlzGZvx3JOK6KogmC2MlIsBTe6QhnFZTsI6euiooX3CrSSU0AgPexL9uYhRcVR19Bis0+zO5Fr7IzGAweA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 14124
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 61ms
39ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Q4XV74EN3M&gtm=45je4cc1v9189217623z89173077786za200zb9173077786&_p=1735318126892&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=635319294.1735318127&ul=de-at&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1735318127&sct=1&seg=0&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DvSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DErAPDTNNPjeht4xM63YYJZ&dr=https%3A%2F%2Fwww.brgdtracking.com%2F&dt=Landing&en=scroll&_et=12&tfd=1304
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q4XV74EN3M&l=dataLayer&cx=c&gtm=45He4cc1v9173077786za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://96ccd.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 55ms
39ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Q4XV74EN3M&gtm=45je4cc1v9189217623za200zb9173077786&_p=1735318126892&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=635319294.1735318127&ul=de-at&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=3&sid=1735318127&sct=1&seg=0&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DvSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DErAPDTNNPjeht4xM63YYJZ&dr=https%3A%2F%2Fwww.brgdtracking.com%2F&dt=Landing&en=scroll&epn.percent_scrolled=90&tfd=1310
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q4XV74EN3M&l=dataLayer&cx=c&gtm=45He4cc1v9173077786za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://96ccd.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: text/plain
server: Golfe2

GET
H/1.1 200
OK ca.html
20861020p.rfihub.com/ Frame 46A4 0
0 177ms
41ms Document
text/html 193.0.160.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20861020p.rfihub.com/ca.html?ver=9&rb=52593&ca=20861020&_o=52593&_t=20861020&pe=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DvSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DErAPDTNNPjeht4xM63YYJZ%23%2F&pf=https%3A%2F%2Fwww.brgdtracking.com%2F&ra=11802693553738086
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash

Request headers

Referer: https://96ccd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache
Content-Length: 2364
Content-Type: text/html;charset=utf-8
Date: Fri, 27 Dec 2024 16:48:47 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2 200 modules.60031afbf51fb3e88a5b.js Show response
script.hotjar.com/ 223 KB
56 KB 119ms
38ms Script
application/javascript 13.33.187.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.60031afbf51fb3e88a5b.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-5163049.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.187.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-187-74.fra60.r.cloudfront.net

Software

Resource Hash

e38338484d969872e570a554c807dab4a79233b82d64a7cb7028fb459123d44a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

x-robots-tag: none
content-encoding: br
etag: "b4a1a7933e55e780894c3f39b1aca0b4"
age: 795460
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: JXR1kmkEJqLfJNAV3ivhsKGMqLDa8DfEZF_RBILqL0q3UDRb90H45w==
date: Wed, 18 Dec 2024 11:51:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 18 Dec 2024 11:50:24 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 dbddc07d9edf6f99394912c390c6ef32.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56408
x-amz-cf-pop: FRA60-P9

GET
H3 200 26782498068061504 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 32ms
32ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/26782498068061504?v=2.9.179&r=stable&domain=96ccd.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

998454c7d2c095c55d3e5fc5cedc780b1dc4ee763bf36004dc38d921d9da332a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-M5CCgxer' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-M5CCgxer' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=89, mss=1232, tbw=85628, tp=79, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: WJAg4D2aWymT7TM8sTqaH3mXn7SjESVWLA5AxieScbDNfK2y6WscGqeFSq9YtAEhnmaIDiSOR5iUhQUKwwaJ6w==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 3056
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 63ms
31ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=493229386862469&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DvSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DErAPDTNNPjeht4xM63YYJZ%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1735318127228&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1735318127228.502193804105134500&ler=other&cdl=API_unavailable&it=1735318127186&coo=false&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=23, mss=1232, tbw=4527, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
198 B 199ms
167ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=493229386862469&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DvSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DErAPDTNNPjeht4xM63YYJZ%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1735318127228&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1735318127228.502193804105134500&ler=other&cdl=API_unavailable&it=1735318127186&coo=false&tm=1&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7453134603661908523"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7453134603661908523"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 411YZ0Zd+E2RW12OfmrQ9QKUQZvsXDDbvH1bA+RTsAr6ROtv1aY+JLcpxIFueYmuHCNCwlABKk+RYE3A+8/Weg==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7453134603661908523", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control: private, no-store, no-cache, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=24, mss=1232, tbw=5999, tp=28, tpl=0, uplat=136, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 96com Show response
adscool.net/pageview/ 0
824 B 126ms
125ms Script
text/javascript 104.21.17.84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adscool.net/pageview/96com?usr=v1.0%3A13246032937%3A1735318127230%3A1735318127230&scr=1600x1200%7C1600x1200&scv=1600x1200%7C0&pgh=96ccd.com&pgl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DvSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DErAPDTNNPjeht4xM63YYJZ%23%2F&pgr=https%3A%2F%2Fwww.brgdtracking.com%2F

Requested by

Host: adscool.net
URL: https://adscool.net/resources/content/96com.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.17.84 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

x-request-id: fba9e6c2-c12f-4e49-99f4-cdc4b4f55cfb
content-encoding: gzip
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CVClm3kjLQG%2FOzRA1U3JTpRRMwSnLdB9r9KsfqYlyC1C9drMoi2tmteNrBT%2FSxosGWyrFuFXUY3yqr2re6fXKfiZtnKWQjF6voGA4qoUiK6SLF0WeuJziTVBBhAQNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
status: 200 OK
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18634&min_rtt=17861&rtt_var=2237&sent=17&recv=13&lost=0&retrans=0&sent_bytes=8744&recv_bytes=4941&delivery_rate=256192&cwnd=12000&unsent_bytes=0&cid=10b24e65f7d6fbf9&ts=270&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding,Accept
x-runtime: 0.003839
priority: u=3,i=?0
cache-control: no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8f8accd73cd05bb5-VIE
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 805296468443854 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 40ms
39ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/805296468443854?v=2.9.179&r=stable&domain=96ccd.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

f47949a0ae5a27b32be31138c9d6c75961e03c3629b7100e44a29ae8ac660bcd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-IPje23oj' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-IPje23oj' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=92, mss=1232, tbw=89516, tp=84, tpl=0, uplat=9, ullat=-1
pragma: public
x-fb-debug: cDPRQLj527vqzhZHZlCLMUIozisyS1qLR5ULsAvSHNOyb1NP9f2ckapZiNxkbRjGV3QBHhMRDGUDlZe713EUNQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 3030
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 31ms
30ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=26782498068061504&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DvSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DErAPDTNNPjeht4xM63YYJZ%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1735318127264&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1735318127228.502193804105134500&ler=other&cdl=API_unavailable&it=1735318127186&coo=false&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=23, mss=1232, tbw=4943, tp=14, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
196 B 207ms
207ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=26782498068061504&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DvSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DErAPDTNNPjeht4xM63YYJZ%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1735318127264&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1735318127228.502193804105134500&ler=other&cdl=API_unavailable&it=1735318127186&coo=false&tm=1&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7453134605191225738"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7453134605191225738"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: pIwudazaeOi5deb5P7D1FDzO0GwIZZ4lEr3XTNghkFldhZvWOiWrw+SrBjyXRkG/SU8O8BSfyEBZh3Kgx9VkOw==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7453134605191225738", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control: private, no-store, no-cache, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=29, mss=1232, tbw=12687, tp=40, tpl=0, uplat=177, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?1

GET
DATA 200
OK truncated
/ Frame 6FCD 3 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 02462c60c805a57a7e23642833ac234aabc2a67922d313aa1d8a904e0d59c278

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpeg

GET
H2 200 main.MWE1OTI4NzI4MQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 352 KB
97 KB 45ms
44ms Script
application/javascript 2.16.183.132
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CTGJBO3C77U22OFG0JQ0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.183.132 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-16-183-132.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ba3710ffb62361879a717271253bcda8d3a4d1c61f22abc95e00181ca2fea228

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

x-cache: TCP_HIT from a2-17-34-214.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
x-tt-trace-id: 00-2412191324289EEE8960976C39420FDC-31180C365554A5F8-00
content-length: 99112
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202412191324289EEE8960976C39420FDC
server: nginx
x-akamai-request-id: 680fd92
x-tt-trace-host: 01ee799bf3cc4354048dac84f44e2890f2ecc62002607cf5cd2b9c2e5a1a4e417eb5992ee8761a1ebac77290dca5ad7d2a81d22b833cff7be038c0ef436ed52edf772a16cc5a634f321fb8ca57c84ef7fa7776f90d6deba69742a75ba595e0225e

GET
H3 200 910149207653208 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 31ms
30ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/910149207653208?v=2.9.179&r=stable&domain=96ccd.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

5e80534095f28f98b5fc97dc2cd55c64c12e293e12380229e80f4b4047b87c7d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-JHfQMSMx' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-JHfQMSMx' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=95, mss=1232, tbw=93372, tp=89, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: LJU40OLIpK/eF+MdL/AxPBhit7kNsXOIUZBNnA6bW3bjewesJBWdgKR19ihC1ihxvvgA6ktt5KPhpk1WBaBoTA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 3029
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 32ms
31ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=805296468443854&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DvSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DErAPDTNNPjeht4xM63YYJZ%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1735318127308&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1735318127228.502193804105134500&ler=other&cdl=API_unavailable&it=1735318127186&coo=false&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=24, mss=1232, tbw=5231, tp=18, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
193 B 133ms
133ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=805296468443854&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DvSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DErAPDTNNPjeht4xM63YYJZ%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1735318127308&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1735318127228.502193804105134500&ler=other&cdl=API_unavailable&it=1735318127186&coo=false&tm=1&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7453134605318241247"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7453134605318241247"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: o4OPBkV0j9oviTOgRUD7IVE5VBqxoG5Y2WJC8n4Q5dtRIrL7mVndWYp6Tu5JtpX1ToUWxInqJJ/WhCVH7WjcDA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7453134605318241247", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control: private, no-store, no-cache, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=24, mss=1232, tbw=10239, tp=33, tpl=0, uplat=102, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 3050918968381160 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 32ms
31ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3050918968381160?v=2.9.179&r=stable&domain=96ccd.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

837bd5165ce282e140b0a91e6f6b3ff98dab2ec27d4573ee21aa646e70967544

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-V1JnXNXz' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-V1JnXNXz' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=98, mss=1232, tbw=97228, tp=94, tpl=0, uplat=2, ullat=-1
pragma: public
x-fb-debug: I9Hzw+Xu5pwO+ujNFJTEvlJQuV6Tak4Q4TgmxojYXdR3b3S0lKr7UmhKwXieTB/Q4twqUK8CPHZMKMTlRpO0uw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 3030
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 30ms
29ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=910149207653208&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DvSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DErAPDTNNPjeht4xM63YYJZ%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1735318127343&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1735318127228.502193804105134500&ler=other&cdl=API_unavailable&it=1735318127186&coo=false&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=24, mss=1232, tbw=5519, tp=22, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 85ms
85ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=910149207653208&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DvSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DErAPDTNNPjeht4xM63YYJZ%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1735318127343&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1735318127228.502193804105134500&ler=other&cdl=API_unavailable&it=1735318127186&coo=false&tm=1&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7453134604169498778"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7453134604169498778"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: image/png
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7453134604169498778", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control: private, no-store, no-cache, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=24, mss=1232, tbw=8959, tp=31, tpl=0, uplat=54, ullat=0
pragma: no-cache
x-fb-debug: geJpa5tFluGGv8NFHiRbaipWSKyADeAbpYALaNpxUVWRSAlMwqi3CqmoqhK9WX82pHluf+YNN+uQoid/q4zx0Q==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 8489556127800875 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 32ms
32ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/8489556127800875?v=2.9.179&r=stable&domain=96ccd.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

afc0bf7a34a8285792933cb258404d8e72b4fea3314e02867480b410241f891d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-bV1sqBe4' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-bV1sqBe4' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=101, mss=1232, tbw=101116, tp=99, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: 24KHJSNPifz08yb4tFkNgVt3W9lrBnfai3yVZ72KtmFpzN7LHetpyC0iP/SGr/3IcvCo3lezP9WbtZFphNQczw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 3098
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 30ms
30ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3050918968381160&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DvSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DErAPDTNNPjeht4xM63YYJZ%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1735318127379&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1735318127228.502193804105134500&ler=other&cdl=API_unavailable&it=1735318127186&coo=false&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=24, mss=1232, tbw=5807, tp=26, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
196 B 76ms
76ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=3050918968381160&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DvSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DErAPDTNNPjeht4xM63YYJZ%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1735318127379&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1735318127228.502193804105134500&ler=other&cdl=API_unavailable&it=1735318127186&coo=false&tm=1&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7453134603648548607"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7453134603648548607"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: j7GKVLKBOxik983cTK39GQzbmSFntVfo4akTqO9hDmhZ/74gtZjtmG5Xq+KWNgyakWN4NxjFTK5pyvHJ808OeQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7453134603648548607", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control: private, no-store, no-cache, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=24, mss=1232, tbw=11599, tp=38, tpl=0, uplat=46, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 identify_45dd5971.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 45ms
45ms Script
application/javascript 2.16.183.132
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.183.132 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-16-183-132.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

x-cache: TCP_MEM_HIT from a2-17-34-214.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
x-tt-trace-id: 00-241115050237F3C32871CE772FECF1E9-0A5A0FB23EDF874B-00
content-length: 39430
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20241115050237F3C32871CE772FECF1E9
server: nginx
x-akamai-request-id: 680fded
x-tt-trace-host: 01ee9044bd5275060a15f768892f1d60f280a9f548fcd22c250a364acead722b2514ff4d2306b2f511943ee74c25958e37839a06d340fb7a835f407f56064ee984930ec5b2ac50c9490eaac60ff243188156ee353b17f924397aca32b1cf1f5e60

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
876 B 162ms
161ms Ping
text/plain 2.16.183.132
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.183.132 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-16-183-132.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://96ccd.com/

Response headers

x-cache-remote: TCP_MISS from a23-48-100-103.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Fri, 27 Dec 2024 16:48:47 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=100, origin; dur=20, inner; dur=17
x-cache: TCP_MISS from a2-17-34-214.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Fri, 27 Dec 2024 16:48:47 GMT
x-akamai-request-id: e36d1fe5.680fdf5
access-control-allow-headers: Authorization,*
x-tt-trace-host: 012319799a2b05f7018ccb3c57e9060d974cfcf930afbf66549f90f795d3380547afaea85923ff03b00327f58c8288b4886b7b3a941f63902581791d0ebe1664fa8d3bc3310ae311a12fb34a38deb5c6a5e32fd00e858726aad322c14d101174283024102f85112ba8062058ed22c4444b
x-origin-response-time: 20,23.48.100.103
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241227164847CBF961590C550A0E1B25-0333B54C66A3291D-00
content-length: 0
x-parent-response-time: 109,2.17.34.214
x-tt-logid: 20241227164847CBF961590C550A0E1B25
server: nginx

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
879 B 255ms
254ms Ping
text/plain 2.16.183.132
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.183.132 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-16-183-132.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://96ccd.com/

Response headers

x-cache-remote: TCP_MISS from a23-220-104-203.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Fri, 27 Dec 2024 16:48:47 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=97, origin; dur=110, inner; dur=107
x-cache: TCP_MISS from a2-17-34-214.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Fri, 27 Dec 2024 16:48:47 GMT
x-akamai-request-id: 310960fd.680fdf9
access-control-allow-headers: Authorization,*
x-tt-trace-host: 012319799a2b05f7018ccb3c57e9060d974a5158368a1473497a7102924886b890b7dc4bcc9d9a618a31bc72ee3b7d1e83f57e6c094543a4908be76805cd72db6a5f5d0c16a18134e6769f6cf5e19451e06123714e76811ac3a3371fcec73506e83c2c134aca4af5d660eb0a3a2d28d708
x-origin-response-time: 111,23.220.104.203
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241227164847FD2FED6326A79FF8BE94-4D477F49228F5FC8-00
content-length: 0
x-parent-response-time: 199,2.17.34.214
x-tt-logid: 20241227164847FD2FED6326A79FF8BE94
server: nginx

GET
H3 200 9485012911551124 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 32ms
31ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/9485012911551124?v=2.9.179&r=stable&domain=96ccd.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

461f25b6b885144d00c9b633755e95e731a95fdee7a415d8c0ad790863ee2c44

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-ZtP6AYfs' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-ZtP6AYfs' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=105, mss=1232, tbw=105036, tp=104, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: PAyIGstLNGSxro6QvzWhOEmgTlxhUuLqWEyUkPH6pFqruErt24y5C9wdn7RHwwKQ1mPTa0fM4py8/dk5PelU6g==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 3030
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 31ms
30ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=8489556127800875&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DvSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DErAPDTNNPjeht4xM63YYJZ%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1735318127423&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1735318127228.502193804105134500&ler=other&cdl=API_unavailable&it=1735318127186&coo=false&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=24, mss=1232, tbw=11407, tp=36, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
195 B 70ms
70ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=8489556127800875&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DvSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DErAPDTNNPjeht4xM63YYJZ%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1735318127423&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1735318127228.502193804105134500&ler=other&cdl=API_unavailable&it=1735318127186&coo=false&tm=1&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7453134604160459729"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7453134604160459729"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: I/VYxVMHKXb5sc+sRnoDVTXqJvU9+VJoKcfogJLUrd2CDVkdbRoCbeVyB9h5e5OfgIICo6/F6OBgEcx3+KCCRA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7453134604160459729", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control: private, no-store, no-cache, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=30, mss=1232, tbw=14079, tp=45, tpl=0, uplat=40, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 595766396257728 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 34ms
32ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/595766396257728?v=2.9.179&r=stable&domain=96ccd.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

22cbd6624dbe2f79211784ebeaddbe362f8f323316ecfc7a4878988292206e22

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-dEZpaHGy' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-dEZpaHGy' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=108, mss=1232, tbw=108892, tp=109, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: AaSUQKueXEN32/sjHv+O2gAKBrbwcoJgYM7EtIG4YpJ0n5AC1/YxY+Y9HbOXKoucwHQrEO1dtcx+Bo9VUD/pcw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 3030
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 31ms
31ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=9485012911551124&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DvSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DErAPDTNNPjeht4xM63YYJZ%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1735318127461&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1735318127228.502193804105134500&ler=other&cdl=API_unavailable&it=1735318127186&coo=false&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=30, mss=1232, tbw=13887, tp=43, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
192 B 74ms
73ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=9485012911551124&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DvSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DErAPDTNNPjeht4xM63YYJZ%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1735318127461&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1735318127228.502193804105134500&ler=other&cdl=API_unavailable&it=1735318127186&coo=false&tm=1&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7453134604344456922"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7453134604344456922"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: Adw1zKh6FJtYu/eF8/qPO9GFgNxL0j6R34ydaeixyIyxjXthX86COelKeItebfRCA2Lr4KgNhE2VRCaVzckzSw==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7453134604344456922", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control: private, no-store, no-cache, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=32, mss=1232, tbw=15407, tp=50, tpl=0, uplat=42, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 952808073432966 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 32ms
31ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/952808073432966?v=2.9.179&r=stable&domain=96ccd.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

c179d10985bd0cbbba81c5a56591e6935e7688a941aa350c55e3f760a4c8988f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-Q8kMKLEa' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-Q8kMKLEa' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=111, mss=1232, tbw=112748, tp=114, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: zdEPUURYJLd2pC5dV7sIjpI6BykiHjDYoYzcMrdeZfCs1PPmxAYGRD5cBZj4jHTA1F/evKRehLK7cRHhIymU0Q==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 3030
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 30ms
30ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=595766396257728&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DvSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DErAPDTNNPjeht4xM63YYJZ%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1735318127500&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1735318127228.502193804105134500&ler=other&cdl=API_unavailable&it=1735318127186&coo=false&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=32, mss=1232, tbw=15215, tp=48, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 88ms
88ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=595766396257728&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DvSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DErAPDTNNPjeht4xM63YYJZ%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1735318127500&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1735318127228.502193804105134500&ler=other&cdl=API_unavailable&it=1735318127186&coo=false&tm=1&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7453134604717074483"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7453134604717074483"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: mqZwI2UfXzaKFaS1EPDmHi0XWOlWYby57pSb6W7B8+0pR7TH/a8vAppCHr+4ta2zhUuuNuf7jjJEL9GdNDGmlA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7453134604717074483", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control: private, no-store, no-cache, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=33, mss=1232, tbw=16735, tp=55, tpl=0, uplat=57, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 1130325188453930 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 34ms
34ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1130325188453930?v=2.9.179&r=stable&domain=96ccd.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

7257a519ef1a2963bd2996f825d8ba2a4acedc7fcf7aa6ee3f731124d07c74ef

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-OjSuO3kD' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-OjSuO3kD' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=114, mss=1232, tbw=116604, tp=119, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: BmOe+/S0Qxg/3WpBQd0qGqAGF+hpZt92HDpNe1RpOSQOc97Mp6KGB60VO9529fiHZwBlVpO2iPXrt6eFl+2w+A==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 3030
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 33ms
32ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=952808073432966&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DvSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DErAPDTNNPjeht4xM63YYJZ%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1735318127535&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1735318127228.502193804105134500&ler=other&cdl=API_unavailable&it=1735318127186&coo=false&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=33, mss=1232, tbw=16543, tp=53, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 77ms
76ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=952808073432966&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DvSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DErAPDTNNPjeht4xM63YYJZ%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1735318127535&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1735318127228.502193804105134500&ler=other&cdl=API_unavailable&it=1735318127186&coo=false&tm=1&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7453134604041878859"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7453134604041878859"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: mASdoiyWi8z/ZgqdCsrwXB+C4ifCnm946/NYeYyepBSGME/zLt7j8fWXhLetTmZP74hviWau+WaqmVYwFjlhmA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7453134604041878859", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control: private, no-store, no-cache, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=33, mss=1232, tbw=18063, tp=60, tpl=0, uplat=43, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 2329401274088336 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 32ms
31ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2329401274088336?v=2.9.179&r=stable&domain=96ccd.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

9b0fc82588b1a0e778a74500fbbbea37829256aa2932eccf892be7bd2bfd2653

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-ZoqCPdgR' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-ZoqCPdgR' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=117, mss=1232, tbw=120460, tp=124, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: OE78E9pmOKQqh+g/dDRXB+cis/1//SoKhYjCM3DQIGhOEsUIJ8mRiSBdGOA4vNq/fMZoX8JIl2mf+xREKRtOTg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 3031
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 30ms
30ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1130325188453930&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DvSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DErAPDTNNPjeht4xM63YYJZ%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1735318127574&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1735318127228.502193804105134500&ler=other&cdl=API_unavailable&it=1735318127186&coo=false&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=33, mss=1232, tbw=17871, tp=58, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 74ms
74ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1130325188453930&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DvSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DErAPDTNNPjeht4xM63YYJZ%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1735318127574&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1735318127228.502193804105134500&ler=other&cdl=API_unavailable&it=1735318127186&coo=false&tm=1&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7453134605598165177"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7453134605598165177"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 3w+Y+W5kEOn8uRqUcnKfEUaCxpxIZqLy0cE7FEWGTLYQs0MUcc90CEc41K9hg4EelnvPHvj3wFSr1oEG5OMljA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7453134605598165177", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control: private, no-store, no-cache, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=35, mss=1232, tbw=19391, tp=65, tpl=0, uplat=43, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 main.MWE1OTI4NzI4MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 347 KB
96 KB 45ms
43ms Script
application/javascript 2.16.183.132
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=null&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.183.132 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-16-183-132.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ecf6e5354373fa78e0539f812ecc35f949250f81c4146c419b6208a4166c0005

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

x-cache: TCP_HIT from a2-17-34-214.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
x-tt-trace-id: 00-2412191324324D9831B89AF0CEFEA7DD-5A681A73122F551E-00
content-length: 97380
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202412191324324D9831B89AF0CEFEA7DD
server: nginx
x-akamai-request-id: 680feb2
x-tt-trace-host: 01aeaa7333434a517ef39120603095ef1ae1404630761e4cdeae07b334f60deb7aae30a24691bfb55cabf154e6c9ab2b598a41b1fd71590a4849cd8cb1d61cdd6b7642d1b8a8caba1eec9a6401700a9072357c2d1e38782399ced2d8d76dc13236

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 30ms
30ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2329401274088336&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DvSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DErAPDTNNPjeht4xM63YYJZ%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1735318127612&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1735318127228.502193804105134500&ler=other&cdl=API_unavailable&it=1735318127186&coo=false&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=35, mss=1232, tbw=19199, tp=63, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 76ms
75ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2329401274088336&ev=PageView&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DvSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DErAPDTNNPjeht4xM63YYJZ%23%2F&rl=https%3A%2F%2Fwww.brgdtracking.com%2F&if=false&ts=1735318127612&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1735318127228.502193804105134500&ler=other&cdl=API_unavailable&it=1735318127186&coo=false&tm=1&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7453134603799008014"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7453134603799008014"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 27 Dec 2024 16:48:47 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: WQsRtYSekjYTfnLQbG6Tq+iHVzeLsorJTXEtPt0Tix1J20NUAnZSRkPTkqeVJ4g26+8iX7cK0pAXlPPMuKPdpw==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7453134603799008014", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control: private, no-store, no-cache, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=35, mss=1232, tbw=21496, tp=68, tpl=0, uplat=45, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
715 B 205ms
201ms Ping
text/plain 2.16.183.132
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.183.132 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-16-183-132.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://96ccd.com/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Fri, 27 Dec 2024 16:48:47 GMT
server-timing: inner; dur=31, cdn-cache; desc=MISS, edge; dur=37, origin; dur=123
x-cache: TCP_MISS from a2-17-34-214.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Fri, 27 Dec 2024 16:48:47 GMT
x-akamai-request-id: 680fee4
access-control-allow-headers: Authorization,*
x-tt-trace-host: 012319799a2b05f7018ccb3c57e9060d97095f87c1c159036c2240a62592b2a8ca904c0ebe5d694a2e80540e4e5d389d5dd14d72c70a09f2411d09b20bcc715ade425756250239e49f34c6bb340590a2074778b034f04bba205b83beeb0cf992c7
x-origin-response-time: 124,2.17.34.214
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-2412271648476017DD8E348B1533760A-302914BC70589AB1-00
content-length: 0
x-tt-logid: 202412271648476017DD8E348B1533760A
server: nginx

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
879 B 170ms
168ms Ping
text/plain 2.16.183.132
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.183.132 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-16-183-132.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://96ccd.com/

Response headers

x-cache-remote: TCP_MISS from a23-218-223-69.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Fri, 27 Dec 2024 16:48:47 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=96, origin; dur=27, inner; dur=24
x-cache: TCP_MISS from a2-17-34-214.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Fri, 27 Dec 2024 16:48:47 GMT
x-akamai-request-id: aeff5237.680fefe
access-control-allow-headers: Authorization,*
x-tt-trace-host: 012319799a2b05f7018ccb3c57e9060d974a5158368a1473497a7102924886b890aabb1c10f457f8a50957b94c9e683a76f3e46b0f16ebd8d373c9d3b43abceda9256dea78daac20db047bd37c8b1e47eca14643e506aa4525df97457db3b3174cb0458119861aa5cc6111f56e9f7e5eab
x-origin-response-time: 27,23.218.223.69
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241227164847E5823BFDA1D7E70DEDD3-3F85E1BC57C41293-00
content-length: 0
x-parent-response-time: 113,2.17.34.214
x-tt-logid: 20241227164847E5823BFDA1D7E70DEDD3
server: nginx

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
875 B 163ms
162ms Ping
text/plain 2.16.183.132
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE1OTI4NzI4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.183.132 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-16-183-132.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://96ccd.com/

Response headers

x-cache-remote: TCP_MISS from a23-48-100-118.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Fri, 27 Dec 2024 16:48:48 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=94, origin; dur=21, inner; dur=17
x-cache: TCP_MISS from a2-17-34-214.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Fri, 27 Dec 2024 16:48:48 GMT
x-akamai-request-id: de08a172.680ffa9
access-control-allow-headers: Authorization,*
x-tt-trace-host: 012319799a2b05f7018ccb3c57e9060d974cfcf930afbf66549f90f795d338054784f8abd458892e83b0145e1bfac2af48eb7b7de6802116eb1004bc18ce28a1bceeae8469d6f20c148f610fe26da21db78cd0051c7539d91cc80a1cedc50f8cece72abf6cc7a74d2826b7f00ef8402bdd
x-origin-response-time: 21,23.48.100.118
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241227164847F1C46F4F2D996E180877-7DFF89A374FAE041-00
content-length: 0
x-parent-response-time: 107,2.17.34.214
x-tt-logid: 20241227164847F1C46F4F2D996E180877
server: nginx

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 41ms
41ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-D1MREPZMK9&gtm=45je4cc1v9173005657za200zb9173077786&_p=1735318126892&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=635319294.1735318127&ul=de-at&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1735318127&sct=1&seg=0&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DvSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DErAPDTNNPjeht4xM63YYJZ&dr=https%3A%2F%2Fwww.brgdtracking.com%2F&dt=Landing&en=scroll&epn.percent_scrolled=90&_et=6&tfd=6271
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D1MREPZMK9&l=dataLayer&cx=c&gtm=45He4cc1v9173077786za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://96ccd.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Dec 2024 16:48:52 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 41ms
39ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Q4XV74EN3M&gtm=45je4cc1v9189217623z89173077786za200zb9173077786&_p=1735318126892&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=635319294.1735318127&ul=de-at&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=4&sid=1735318127&sct=1&seg=0&dl=https%3A%2F%2F96ccd.com%2F%3Fma_token%3DvSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk%26channel_id%3D60008360%26s2s.req_id%3DErAPDTNNPjeht4xM63YYJZ&dr=https%3A%2F%2Fwww.brgdtracking.com%2F&dt=Landing&en=scroll&_et=5&tfd=6310
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q4XV74EN3M&l=dataLayer&cx=c&gtm=45He4cc1v9173077786za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://96ccd.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://96ccd.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Dec 2024 16:48:52 GMT
content-type: text/plain
server: Golfe2

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
my.rtmark.net/	1970-01-21 10:47:34	Name: ID Value: 00813f80cfc64e48f6bdd04f01e2881f
whomeenoaglauns.com/	1970-01-21 10:47:34	Name: oaidts Value: 1735318125
whomeenoaglauns.com/	1970-01-21 10:47:34	Name: OAID Value: 00813f80cfc64e48f6bdd04f01e2881f
whomeenoaglauns.com/	1970-01-21 02:12:02	Name: syncedCookie Value: true
.www.brgdtracking.com/	1970-01-21 10:47:34	Name: bemob-viewer-id Value: 4067cf54-027d-4342-aa85-a380773c0b3d
.www.brgdtracking.com/	1970-01-21 02:03:24	Name: bemob-uniq-visit:f717918a-590a-496d-bed3-4953115842ea Value: 1
.www.brgdtracking.com/	1970-01-21 02:03:24	Name: bemob-rotation:f717918a-590a-496d-bed3-4953115842ea:random:9ffe2fd6d131e45d810e28dac7255b0e Value: 0-0-0
.www.brgdtracking.com/	1970-01-21 02:45:10	Name: bemob-click-id Value: ErAPDTNNPjeht4xM63YYJZ
record.96.partners/	1970-01-21 10:47:34	Name: VID1 Value: KCwzKFEtMzhTLUMkYApgCg%3D%3D
.96.partners/	1970-01-21 10:47:34	Name: ZBan Value: vSHnhNHqMAFJiqXBEED3IGNd7ZgqdRLk
.96ccd.com/	1970-01-21 11:37:58	Name: _ga Value: GA1.1.635319294.1735318127
.96ccd.com/	1970-01-21 11:37:58	Name: _ga_D1MREPZMK9 Value: GS1.1.1735318127.1.0.1735318127.0.0.0
.96ccd.com/	1970-01-21 11:37:58	Name: _ga_Q4XV74EN3M Value: GS1.1.1735318127.1.0.1735318127.0.0.0
.96ccd.com/	1970-01-21 04:11:34	Name: _fbp Value: fb.1.1735318127228.502193804105134500
96ccd.com/	1970-01-21 10:47:34	Name: rtg_usr Value: v1.0:13246032937:1735318127230:1735318127230
.96ccd.com/	1970-01-21 10:47:34	Name: _hjSessionUser_5163049 Value: eyJpZCI6ImVjZWI2OTdmLWJlNGEtNTFhNC1iMWE3LTNmMTY5MmEzNWYxYyIsImNyZWF0ZWQiOjE3MzUzMTgxMjczNjUsImV4aXN0aW5nIjpmYWxzZX0=
.96ccd.com/	1970-01-21 02:01:59	Name: _hjSession_5163049 Value: eyJpZCI6IjgzMjY0ODIwLTgwN2YtNDcyOS1iYTQyLTZhZjM3YmFkNjc1OSIsImMiOjE3MzUzMTgxMjczNjUsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.rfihub.com/	1970-01-21 11:23:34	Name: rud Value: H4sIAAAAAAAA_-MSNjU0NjQwNzc3MjUxMzQyMzY1NhDiM9Q1drNMKkzJSi4o98kBANKmoQklAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0NjQwNzc3MjUxMzQyMzY1NhDiM9Q1drNMKkzJSi4o98kBANKmoQklAAAA
.96ccd.com/	1970-01-21 04:11:34	Name: _tt_enable_cookie Value: 1
.96ccd.com/	1970-01-21 04:11:34	Name: _ttp Value: odN1DJqghaG-ZtFhpE70idDsLKH.tt.1
.adnxs.com/	1970-01-21 11:37:58	Name: receive-cookie-deprecation Value: 1
.demdex.net/	1970-01-21 06:21:10	Name: demdex Value: 76440042606039056640869955053551415332
.tiktok.com/	1970-01-21 04:11:34	Name: _ttp Value: 2qo9asv7PRcRDy0rXLRaogz7d0e
.casalemedia.com/	1970-01-21 10:47:34	Name: CMID Value: Z27ab1VbLZgAAGIJCK64tQAA
.casalemedia.com/	1970-01-21 04:11:34	Name: CMPS Value: 5238
.casalemedia.com/	1970-01-21 04:11:34	Name: CMPRO Value: 5238
.dpm.demdex.net/	1970-01-21 06:21:10	Name: dpm Value: 76440042606039056640869955053551415332
.rezync.com/	1970-01-21 06:21:10	Name: zync-uuid Value: 4bcbe35d-6df9-413e-b554-51b6165a661c:1735318127.8085682
.eyeota.net/	1970-01-21 02:01:58	Name: SERVERID Value: 23326~DM
.rfihub.com/	1970-01-21 11:23:34	Name: eud Value: H4sIAAAAAAAA_13OsRHCMAwF0CMHVY7KVYYwhyxLltkGJ2EgSpcpKV0yAiOkpGQEKkoile_-6X_V3RESEoJASMjQjJ_GL-OP8dd46bQfxs3me-11awrSDua_XvvuUixjmZEmz9Mt-wg4-0IUPUFhYLoyw3j5H53kLMQSqts0ZZBFO7-dXqqD9g9FVgxLSgEAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_wXB0RWAIAwDwB_XqY_QJlS3sYCDOLl33zGiZm3nMq33soBvKzKMKEF8JMwbw-lI9HFmSyr7D4XqYtw6AAAA
live.rezync.com/	1970-01-21 06:21:10	Name: sd-session-id Value: .eJwNy0EOgyAQQNG7zFoMA8xAuYwRmCaklTZiNzXeXZY_ef-E5Sv7tjZpB8Rj_8kE-V1HdYgn9Prf5AURCC1q770hx2jYktVwTdCl9_ppSy3DuJSTWCqKy_OhHFpRicgpwsTItDJjjujHiwGNn4MOxMHAdQO1xCWP.Z27acA.4D77TTJIfjKoDKuXhVS1HbGFpmU
.rlcdn.com/	1970-01-21 10:47:34	Name: rlas3 Value: iNrCC7P+o8CgNR49YLZaovwadEmIa2R35eZaK3JMSU4=
.rlcdn.com/	1970-01-21 03:28:22	Name: pxrc Value: CPC0u7sGEgYItuoBEAA=
.media.net/	1970-01-21 10:47:34	Name: visitor-id Value: 3783197283571252000V10
.media.net/	1970-01-21 10:46:07	Name: data-rk Value: 5131077725461263530~~3

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://whomeenoaglauns.com/4/8540500 Message: [GroupMarkerNotSet(crbug.com/242999)!:A040320DD4130000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://whomeenoaglauns.com/afu.php?zoneid=8540500&var=8540500&rid=mnhKzS_wDF_SW3g2Y1iWsw%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false Message: [GroupMarkerNotSet(crbug.com/242999)!:A020C90CD4130000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://whomeenoaglauns.com/4/6118780?var=8540500&btz=Europe/Vienna&bto=-60&bar=x(Line 80) Message: [GroupMarkerNotSet(crbug.com/242999)!:A040320DD4130000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://whomeenoaglauns.com/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false Message: [GroupMarkerNotSet(crbug.com/242999)!:A0C0C80CD4130000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network	error	URL: https://www.brgdtracking.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://96ccd.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
recommendation	verbose	URL: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56 Message: [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://96ccd.com/template/60008025/178/1729753974/index.html?v=2024-08-28%2002:56 Message: [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20861020p.rfihub.com
96ccd.com
adscool.net
akumahapa.technologi.site
analytics.tiktok.com
api.dpbms5h.club
c1.rfihub.net
connect.facebook.net
matigan.technologi.site
my.rtmark.net
mypure.at
record.96.partners
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
whomeenoaglauns.com
wimberleylibrary.org
wwp.psmad.com
www.brgdtracking.com
www.facebook.com
www.googletagmanager.com
104.18.190.136
104.18.23.222
104.21.17.84
104.21.55.169
13.33.187.74
142.250.185.232
143.204.215.39
157.240.253.1
157.240.253.35
18.66.102.53
188.114.97.3
193.0.160.131
194.1.147.36
2.16.183.132
216.239.34.36
3.70.16.242
34.111.76.58
34.49.148.218
37.221.212.181
77.37.34.62
02462c60c805a57a7e23642833ac234aabc2a67922d313aa1d8a904e0d59c278
151e9945d1864529d43608131fa05913de40c093bda6ad013ac479961f9f0c57
160fccfe88de59a8756ae3a5c8fe56fe585b338a73f3f798e1fec83660800113
16df724b6ce9e67ddb93e2f4ef0a04802a871c0a78ce282da9916925aefa825b
1a617e01a1cf518ce7415891455d332c5929c12f2873c455757ca6b2a1852168
20732019f332406573f06d35c28ebceb3df2ee15e1585d6c9e2569a4b0f92cad
22cbd6624dbe2f79211784ebeaddbe362f8f323316ecfc7a4878988292206e22
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4
2cfab95c28cd5c3ce80d631edaef14a97d998f33d07658f2a37309d162e2e558
37ae7919d75abcb53ddf21b402361c943f724cd02622de2181906ab100df26f9
3f78207f071d486a2957dac496f6c3c80800bdf809ef22ef140caf4d9f73ad47
461f25b6b885144d00c9b633755e95e731a95fdee7a415d8c0ad790863ee2c44
4a50cdae04c12478950258852730bef4acde33a90ab5450f1170f6e4c3c9a7f4
4da87c258eca460d39cdb0f6158cbf69af539d05a1d14f1bc011518511d02228
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5111c196de0c92aaefb1157a693098cd8ff00cb9466331bd1619d643e0454e6d
512befe21e10dabb0e2990fd7e8e16da244a23b9d18f436994e0d99ac0985049
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b4393c6fc659782788dec8167bb00cf8189bacf3eecb149fc7fdc51f6fefdd5
5e80534095f28f98b5fc97dc2cd55c64c12e293e12380229e80f4b4047b87c7d
611a00821de2e96f91de667875553555db25a7d3475ccab3b026f1600359ac94
6606d3b7f0c9096b161e045f9b1142424dac7d5214e36c3a30ce26e61e98b6aa
6736c713916509e494561f576817f9dc510d718999047c0eeef84e3c892640b5
6be1a104e09946516a4f429665dc27cf12f6cd07f98a1215ab972f73354606ba
70d2dec9e651c3c0567646233efb31192b52e6f24d39a863ac8e33cae7e812c2
717f0e0b2d2050e3a00485db646cb973c6abc2775214460f37b31a30f874a04e
7257a519ef1a2963bd2996f825d8ba2a4acedc7fcf7aa6ee3f731124d07c74ef
7300db8004db2ef6ebebf3f648ed3fe500f317b702c9c6323b7a62e2d60ed8e0
77188d533238144a29ae9918bc2ed54c592821c983febd7a65c19d072f08e5f0
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
82b6716f188a2c4d23a17b41cba2b728b1f4b9339dc5e18d2348879da1a3da34
837bd5165ce282e140b0a91e6f6b3ff98dab2ec27d4573ee21aa646e70967544
8a6597a24fa67d5ba2f49b99389d221489567863c1aa6f65b7bd04f0061c35e5
99531d6d624ddea03006bcaef319bf4f7473332dd75adcc59bfa58da16a9b753
998454c7d2c095c55d3e5fc5cedc780b1dc4ee763bf36004dc38d921d9da332a
99e92b7fad088a2f4502e9bdf39d6a982075aa161a49dcf8f0a0387f3d657a56
9b0fc82588b1a0e778a74500fbbbea37829256aa2932eccf892be7bd2bfd2653
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aad532aaabf17d672a45d44fd22ede73627830d320640b14ea2a801985dacfd4
afc0bf7a34a8285792933cb258404d8e72b4fea3314e02867480b410241f891d
b1753030316553e3e984f51db690bda7d082b64604900920e51034c89810defe
b93d863cf176ae6744f603ff4601d7fecbae3ee3fb2a35ecf63f4b09c4063694
ba3710ffb62361879a717271253bcda8d3a4d1c61f22abc95e00181ca2fea228
baa84fca69d1fee91c2cb0ac064020904d8a4898e31cf108fcb1cd57d813f95b
babfbe530a0a4426430dccc41755bfb35b9337ee18af2524c328d73ddb7462d0
bbf31b590a53f45a8f4eed9a19deda89204ccd32ffc1a73c92ad8dbd10486b09
bd7e6745a4133374c3132109992c0482ace276042eed482bca718990c64cc091
c179d10985bd0cbbba81c5a56591e6935e7688a941aa350c55e3f760a4c8988f
c6074e4a8d4d99c02a832e63dfe432527bf45a0c929bfcfbc34464d766951043
c77770ad3bbf5be5bad727596fc9a4ee55bd309b1e4b4b5eb278dd8bae756570
df055b5940ce90d969f6bf709c9b35e117f8a1b6fee2e2b1d3441fd645a58336
e28c256943d251f6ac87324b39fcb022a9862e264fb62f755b12adadff31d159
e38338484d969872e570a554c807dab4a79233b82d64a7cb7028fb459123d44a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e966ae4e462d62393b40a76b5fb5252672638fdb706173de35a04c37f7e684f7
ebe3a9b0e9c561389a42cb0f7d287c163710172b510261a454737672a53e1da1
ecf6e5354373fa78e0539f812ecc35f949250f81c4146c419b6208a4166c0005
ed632b9e988afb6efa6f4d1188faa39516409a19e6095689071a03bfbb2e1b2a
f47949a0ae5a27b32be31138c9d6c75961e03c3629b7100e44a29ae8ac660bcd
f745b91d6345c24243e0e08362ba3b9c82382e12a2c97d3bad4baf1b0f887bc0
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

96ccd.com Open in urlscan Pro 34.49.148.218 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

105 Requests

100 %HTTPS

0 %IPv6

19 Domains

21 Subdomains

19 IPs

6 Countries

1981 kBTransfer

6091 kBSize

37 Cookies

0 Outgoing links

Page URL History

Redirected requests

105 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

96ccd.com Open in urlscan Pro
34.49.148.218 Public Scan

Screenshot
Live screenshot

Full Image

105
Requests

100 %
HTTPS

0 %
IPv6

19
Domains

21
Subdomains

19
IPs

6
Countries

1981 kB
Transfer

6091 kB
Size

37
Cookies

105 HTTP transactions
1 data transactions