8xbet843.cc Open in urlscan Pro
2406:da1e:352:b400:6af6:b0:b74a:1368 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/
Effective URL:
https://8xbet843.cc/
Submission: On December 12 via api (December 12th 2024, 10:04:31 am UTC) from US — Scanned from NZ

Summary HTTP 57 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 15 domains to perform 57 HTTP transactions. The main IP is 2406:da1e:352:b400:6af6:b0:b74a:1368, located in China and belongs to AMAZON-02, US. The main domain is 8xbet843.cc.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 5th 2024. Valid for: a year.

This is the only time 8xbet843.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	172.67.185.4 172.67.185.4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2404:2280:1e2... 2404:2280:1e2:0:715::7f3	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
2	104.20.94.138 104.20.94.138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2406:da1e:352... 2406:da1e:352:b400:6af6:b0:b74a:1368	16509 (AMAZON-02) (AMAZON-02)
4	2404:6800:400... 2404:6800:4006:812::2008	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:bdf::69 2620:1ec:bdf::69	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	157.240.8.23 157.240.8.23	32934 (FACEBOOK) (FACEBOOK)
7	157.240.8.35 157.240.8.35	32934 (FACEBOOK) (FACEBOOK)
8	23.48.247.237 23.48.247.237	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:36::181	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c02::9d	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4006:814::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.66.195 142.250.66.195	15169 (GOOGLE) (GOOGLE)
1	20.122.63.128 20.122.63.128	() ()
57	16

10 172.67.185.4 (United States)

ASN13335 (CLOUDFLARENET, US)

xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:2280:1e2:0:715::7f3 (Singapore)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

n.sinaimg.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.94.138 (None, )

ASN13335 (CLOUDFLARENET, US)

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:da1e:352:b400:6af6:b0:b74a:1368 (China)

ASN16509 (AMAZON-02, US)

8xbet843.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4006:812::2008 (Sydney, Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::69 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 157.240.8.35 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-syd2.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.48.247.237 (United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-48-247-237.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c02::9d (Singapore, Singapore)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4006:814::2002 (Sydney, Australia)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.66.195 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f3.1e100.net

www.google.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.122.63.128 (None, )

ASN- ()

p.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	lifesupport-ambulance.com xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com	27 KB
8	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 799	239 KB
7	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	646 B
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	84 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	422 KB
3	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 625 p.clarity.ms Failed	30 KB
3	sinaimg.cn n.sinaimg.cn — Cisco Umbrella Rank: 55738	257 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135 td.doubleclick.net — Cisco Umbrella Rank: 182	542 B
2	google.com analytics.google.com — Cisco Umbrella Rank: 142
2	statcounter.com www.statcounter.com — Cisco Umbrella Rank: 19002 c.statcounter.com — Cisco Umbrella Rank: 11933	13 KB
1	google.co.nz www.google.co.nz — Cisco Umbrella Rank: 41106	63 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36
1	8xbet843.cc 8xbet843.cc	25 KB
0	8xdfd3t6f.com Failed 29hxa5qjxxye001-fluid.8xdfd3t6f.com Failed
0	baidu.com Failed ziyuan.baidu.com Failed
57	15

	Domain	Requested by
10	xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com	xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com
8	analytics.tiktok.com	xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com analytics.tiktok.com
7	www.facebook.com	8xbet843.cc
5	connect.facebook.net	8xbet843.cc connect.facebook.net
4	www.googletagmanager.com	8xbet843.cc www.googletagmanager.com
3	n.sinaimg.cn	xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com
2	analytics.google.com	www.googletagmanager.com
2	www.clarity.ms	8xbet843.cc www.clarity.ms
1	www.google.co.nz	8xbet843.cc
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	p.clarity.ms	www.clarity.ms
1	www.google-analytics.com	www.googletagmanager.com
1	8xbet843.cc	xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com
1	c.statcounter.com	www.statcounter.com
1	www.statcounter.com	xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com
0	29hxa5qjxxye001-fluid.8xdfd3t6f.com Failed	8xbet843.cc
0	ziyuan.baidu.com Failed	xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com
57	18

This site contains no links.

Subject Issuer	Validity	Valid
lifesupport-ambulance.com WE1	`2024-11-18` - `2025-02-16`	3 months	crt.sh
*.weibo.cn GeoTrust CN RSA CA G1	`2023-12-06` - `2025-01-03`	a year	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-05` - `2025-01-03`	a year	crt.sh
8xbet843.cc Go Daddy Secure Certificate Authority - G2	`2024-06-05` - `2025-06-05`	a year	crt.sh
*.google-analytics.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-20` - `2024-12-19`	3 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
*.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.google.co.nz WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://8xbet843.cc/
Frame ID: B27FD47125F54081F08F73A48C7C1A1F
Requests: 57 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-FH93J8TSNS&gacid=1135607017.1733997870&gtm=45je4cb0v873231969z89103934971za200zb9103934971&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485&z=1155987112
Frame ID: 22D439A7AF61CA3A5E73DA22465D717F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/ Page URL
https://8xbet843.cc/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Statcounter (Analytics) Expand

Overall confidence: 100%
Detected patterns

statcounter\.com/counter/counter

Page Statistics

57
Requests

86 %
HTTPS

53 %
IPv6

15
Domains

18
Subdomains

16
IPs

5
Countries

1098 kB
Transfer

3012 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/ Page URL
https://8xbet843.cc/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 / Show response
xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/ 27 KB
7 KB 877ms
655ms Document
text/html 172.67.185.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 486802c55dcf08b72b4883ff1272e5f41769309881fce4f8dc10c761c96e1b88

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f0ce3d7aad3d9b4-AKL
content-encoding: zstd
content-type: text/html; charset=utf-8
date: Thu, 12 Dec 2024 10:04:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A0xw7DFU7%2FDy%2BKAfnlaml4xLvXOnHmV5CZNQR7egqo8hjcbShTekzwlCacl4%2FzD4CZxCikbbmiX2Qhk84KGXn2SHnEv93KiMmbikgk%2BrOkNdKHDRGpsh4sgtBqB7uzS8tpfg2TuVLJbE1SOQ0IdzXb5DsDl4yWMC4fTLzZW%2BXPwCWu91s2%2BZsc6HN3Eg5J8bnDPmD4BE"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=31019&min_rtt=30450&rtt_var=5660&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4192&recv_bytes=4515&delivery_rate=477&cwnd=12000&unsent_bytes=0&cid=9003dcee15c14568&ts=660&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding

GET
H3 200 style.css
xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/template/news/news3/style/ 7 KB
3 KB 407ms
404ms Stylesheet
text/css 172.67.185.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/template/news/news3/style/style.css
Requested by: Host: xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com
URL: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21200b8d65db930ff8190102f6e0667785d4db9c5853be5ec290cbfec6f0e3ba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"59b09cc6-1adb"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LPi5Qm6hHECnnliK26DyupRsHDZJXAXb1mcf9o4ydVI%2By8qn8vAxh%2FoND716twEwYYHCV5YtPwaK3Ox6iToFMRh1UCw8nrXQ%2FaS%2F2UVOM7JkTBYz6eYNt3gn69SsIoKxSO9fdiPzn8T0eLYkALfEzYpPOtqi058lOeLiCWzKoi647NtRHiTAK6KGTq5cWCM5PeFIQs2f"}],"group":"cf-nel","max_age":604800}
expires: Thu, 12 Dec 2024 22:04:24 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31088&min_rtt=30450&rtt_var=1892&sent=20&recv=15&lost=0&retrans=0&sent_bytes=11740&recv_bytes=5507&delivery_rate=241655&cwnd=12000&unsent_bytes=0&cid=9003dcee15c14568&ts=1080&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 10:04:24 GMT
content-type: text/css
last-modified: Thu, 07 Sep 2017 01:11:34 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0ce3dbdb02d9b4-AKL
server: cloudflare

GET
H3 200 mjqwgy3bojqxiidpmrshgiddmfwgg5lmmf2g64q.png
xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/images/logo/ 3 KB
3 KB 436ms
433ms Image
image/png 172.67.185.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/images/logo/mjqwgy3bojqxiidpmrshgiddmfwgg5lmmf2g64q.png?w=180
Requested by: Host: xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com
URL: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a43d9c6821f71cb28f090525ea6fd51d73267bee1dcd34da86bf172461b6433

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dUwC51zBnEHfaajwYOyIaJMzO0uVF5RqczWfuOQHFqW6tZD5UvKiGBMvpnDmCeOOeATB2yTYIWp%2Bz111MTDVNYH%2BMVNad2qPEtsYh7LjyQU6QlV2vxZEV90GZNjV0EX0HhuQ%2FScmILpHPqtTcQF%2BpDFmq9PgcDi1jNE84h58TaEZN0O0%2Btsa7U0gqYKvQi3Gx%2BSQUicB"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0ce3dbdb03d9b4-AKL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31088&min_rtt=30450&rtt_var=1892&sent=23&recv=15&lost=0&retrans=0&sent_bytes=14640&recv_bytes=5507&delivery_rate=241655&cwnd=12000&unsent_bytes=0&cid=9003dcee15c14568&ts=1105&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 10:04:24 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare
last-modified: Thu, 12 Dec 2024 10:04:24 GMT
priority: u=2,i

GET
H2 200 yWGT-fyscsmu5850053.jpg
n.sinaimg.cn/news/transform/w600h400/20180312/ 55 KB
56 KB 3027ms
268ms Image
image/jpeg 2404:2280:1e2:0:715::7f3
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.sinaimg.cn/news/transform/w600h400/20180312/yWGT-fyscsmu5850053.jpg?zdy
Requested by: Host: xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com
URL: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:2280:1e2:0:715::7f3 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 5792609f00c98dddb69872ad06b10e618046919a67eee14605572de5948c5f57

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/

Response headers

access-control-max-age: 31536000
x-filesize: 56201
etag: "7da6ba7ed9626d1a2c79bb0b5949cc8b"
age: 24219667
edge-copy-time: 1709738081123
x-requester: GRPS000000ANONYMOUSE
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS, HEAD
x-via-edge: 1709778200895a704f17838361f0a7cfacc19
x-cache: MISS TCP_MISS dirn:-2:-2
date: Thu, 07 Mar 2024 02:23:20 GMT
content-type: image/jpeg
last-modified: Sun, 14 Jul 2019 08:01:13 GMT
x-requestid: dbd7cdb8-2403-0623-1441-3868dd5cd1c8
access-control-allow-headers: Origin, Content-Type, Accept, Range, Content-Length
x-via-cdn: f=aliyun,s=ens-cache2.au4,c=2404:f780:5:def::c2e;f=sinaedge,s=ctc.guangzhou.union.56.nb.sinaedge.com,c=120.241.4.167;f=Edge,s=cnc.guangzhou.union.24,c=10.31.54.56
cache-control: max-age=31536000
x-swift-cachetime: 7316333
timing-allow-origin: *
via: http/1.1 cnc.guangzhou.union.24 (ApacheTrafficServer/6.2.1 [cHs f ]), cache17.l2st3-1[32,32,200-0,M], cache44.l2st3-1[34,0], cache15.l2sg2[0,0,200-0,H], cache31.l2sg2[1,0], ens-cache2.au4[98,97,200-0,M], ens-cache2.au4[120,0]
ali-swift-global-savetime: 1709778200
x-swift-savetime: Thu, 12 Dec 2024 10:04:27 GMT
access-control-allow-origin: *
eagleid: 2ff62a9617339978670537755e
content-length: 56201
x-amz-meta-crc32: 7F1E589F
server: Tengine

GET
H2 200 LZOI-fyscsmu9330396.jpg
n.sinaimg.cn/news/transform/w600h400/20180313/ 26 KB
26 KB 2992ms
274ms Image
image/jpeg 2404:2280:1e2:0:715::7f3
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.sinaimg.cn/news/transform/w600h400/20180313/LZOI-fyscsmu9330396.jpg?zdy
Requested by: Host: xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com
URL: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:2280:1e2:0:715::7f3 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/

Response headers

access-control-max-age: 31536000
x-filesize: 26342
etag: "c7f9ea54a7e7b4cbd4b2f0ab35cb3ebd"
age: 24194583
edge-copy-time: 1709803284802
x-requester: GRPS000000ANONYMOUSE
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS, HEAD
x-via-edge: 17098032847360e3b6071b8321f0a1fece081
x-cache: MISS TCP_MISS dirn:-2:-2
date: Thu, 07 Mar 2024 09:21:24 GMT
content-type: image/jpeg
last-modified: Sun, 14 Jul 2019 08:01:13 GMT
x-requestid: dc40f2a5-2403-0717-2124-58c7acc909bc
access-control-allow-headers: Origin, Content-Type, Accept, Range, Content-Length
x-via-cdn: f=aliyun,s=ens-cache2.au4,c=2404:f780:5:def::c2e;f=sinaedge,s=ctc.guangzhou.union.184.nb.sinaedge.com,c=113.96.59.14;f=Edge,s=cmcc.guangzhou.union.7777,c=10.31.50.184
cache-control: max-age=31536000
x-swift-cachetime: 7341417
timing-allow-origin: *
via: http/1.1 cmcc.guangzhou.union.7777 (ApacheTrafficServer/6.2.1 [cMsSfW]), cache45.l2st3-1[0,0,200-0,H], cache22.l2st3-1[1,0], cache28.l2sg2[0,0,200-0,H], cache14.l2sg2[1,0], ens-cache4.au4[127,127,200-0,M], ens-cache2.au4[144,0]
ali-swift-global-savetime: 1709803284
x-swift-savetime: Thu, 12 Dec 2024 10:04:27 GMT
access-control-allow-origin: *
eagleid: 2ff62a9617339978670537767e
content-length: 26342
x-amz-meta-crc32: 10B2246C
server: Tengine

GET
H2 200 l0C6-fxpwyhw9754129.jpg
n.sinaimg.cn/front/w880h774/20180311/ 175 KB
176 KB 2831ms
113ms Image
image/jpeg 2404:2280:1e2:0:715::7f3
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.sinaimg.cn/front/w880h774/20180311/l0C6-fxpwyhw9754129.jpg?zdy
Requested by: Host: xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com
URL: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:2280:1e2:0:715::7f3 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 26c220c657daac9a57172ab94ab5ece6c6b03e6b4d0e6f54698f2d23e3d95647

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/

Response headers

access-control-max-age: 31536000
x-filesize: 178731
etag: "82c1a6642d56a6e6c9c7fc56179617e3"
age: 970976
edge-copy-time: 1732526762752
x-requester: GRPS000000ANONYMOUSE
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS, HEAD
x-via-edge: 1733026891786193b6071187410ac77012cac
x-cache: HIT TCP_HIT dirn:4:766916455
date: Sun, 01 Dec 2024 04:21:31 GMT
content-type: image/jpeg
last-modified: Sun, 11 Mar 2018 04:40:19 GMT
x-requestid: 6c0a89d6-2411-2517-2602-58c7acc7b10a
access-control-allow-headers: Origin, Content-Type, Accept, Range, Content-Length
x-via-cdn: f=aliyun,s=ens-cache2.au4,c=2404:f780:5:def::c2e;f=sinaedge,s=cnc.guangzhou.union.24.nb.sinaedge.com,c=113.96.59.25;f=Edge,s=cnc.guangzhou.union.24,c=172.16.116.24
cache-control: max-age=31536000
x-swift-cachetime: 30753267
timing-allow-origin: *
via: http/1.1 cnc.guangzhou.union.24 (ApacheTrafficServer/6.2.1 [cHs f ]), cache34.l2st3-1[29,28,200-0,M], cache17.l2st3-1[31,0], cache28.l2hk4[0,28,200-0,H], cache4.l2hk4[31,0], ens-cache8.au4[0,21,200-0,H], ens-cache2.au4[40,0]
ali-swift-global-savetime: 1733026891
x-swift-savetime: Tue, 10 Dec 2024 05:47:04 GMT
access-control-allow-origin: *
eagleid: 2ff62a9617339978670537773e
content-length: 178731
x-amz-meta-crc32: 8A4F63A9
server: Tengine

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 35 KB
13 KB 156ms
44ms Script
application/javascript 104.20.94.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com
URL: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.94.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 608242c41714bcf0ce0c6dc6befbfbd8a4c4fa6c97d88f5deec2f5238ba3e3fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/

Response headers

cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
etag: W/"67596fc4-8a98"
age: 5285
cf-ray: 8f0ce3dcde2850a7-AKL
expires: Thu, 12 Dec 2024 20:36:18 GMT
date: Thu, 12 Dec 2024 10:04:24 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
last-modified: Wed, 11 Dec 2024 10:56:04 GMT

GET image.gif
ziyuan.baidu.com/ 0
0

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
H3 200 so.gif
xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/template/news/news3/style/images/ 1 KB
1 KB 227ms
226ms Image
image/gif 172.67.185.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/template/news/news3/style/images/so.gif
Requested by: Host: xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com
URL: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/template/news/news3/style/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a68a7e5a189026c403a3ad51d1bdbf8fb3fd2a316a596124e96ff8959add4fef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/template/news/news3/style/style.css

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"4e828d46-494"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Fc93ZtHDvQ0rExJ3ko7FauGbeocZqI3BFeZ06wAkppeLIlYhm2LXJbBby02A6ZjvwLX%2FZmrrBUQ%2FN8dSaCRoqoCBXLPzG2s8Bji47r17WRMBizjJXGbXlbcP3Oq%2BX%2FG9%2BS8WG9ozcxc3YigB04vsGHjmZ7i0gwca7eTfva%2BRRRCJkg6Fyic92QKp8dspfWxB6N6VbqW"}],"group":"cf-nel","max_age":604800}
expires: Sat, 11 Jan 2025 10:04:24 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31354&min_rtt=30450&rtt_var=1128&sent=28&recv=23&lost=0&retrans=0&sent_bytes=18112&recv_bytes=7933&delivery_rate=15679&cwnd=12000&unsent_bytes=0&cid=9003dcee15c14568&ts=1325&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 10:04:24 GMT
content-type: image/gif
last-modified: Wed, 28 Sep 2011 02:58:14 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0ce3de8faad9b4-AKL
server: cloudflare

GET
H3 200 search.gif
xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/template/news/news3/style/images/ 216 B
955 B 410ms
409ms Image
image/gif 172.67.185.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/template/news/news3/style/images/search.gif
Requested by: Host: xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com
URL: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/template/news/news3/style/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edd0043b724ca71c9ec7e961800f2a97e956f1e2e906efea9b594d2f4e4174b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/template/news/news3/style/style.css

Response headers

cf-cache-status: MISS
etag: "4e827ab2-d8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R2cNaaXJ3%2BS8Cv1aP051jxRIAE%2FdMmnPkvMbGd6MjZ2CogxixU%2FM2F2AV5YUEWNC5uTaCsMmxuZryqnTzSpsQork2fxzQDjqZdMhoi9L8wTXrxu7QDus7%2B2zxSgtAmhT6YamvViMkf%2Fuc4U2qdEa7VWQarFAadlt9bxKaBYM1JAzhkP0B13HN1TJIHbbDL9h6i5OZxJI"}],"group":"cf-nel","max_age":604800}
expires: Sat, 11 Jan 2025 10:04:25 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31325&min_rtt=30450&rtt_var=904&sent=32&recv=24&lost=0&retrans=0&sent_bytes=20727&recv_bytes=7976&delivery_rate=43170&cwnd=12000&unsent_bytes=0&cid=9003dcee15c14568&ts=1511&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 10:04:25 GMT
content-type: image/gif
last-modified: Wed, 28 Sep 2011 01:38:58 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0ce3de8faed9b4-AKL
accept-ranges: bytes
content-length: 216
server: cloudflare

GET
H3 200 ico2.gif
xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/template/news/news3/style/images/ 477 B
1 KB 407ms
406ms Image
image/gif 172.67.185.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/template/news/news3/style/images/ico2.gif
Requested by: Host: xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com
URL: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/template/news/news3/style/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4e6ee7f1e2fe82ffd7278812cfb8f50e75528fcfeab8ef4773e03ff55bb97a9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/template/news/news3/style/style.css

Response headers

cf-cache-status: MISS
etag: "4e82bcb0-1dd"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h8D6IeyGiEGkyM5EkRztugeqo5AyeHaEuLNyDKTzuyll%2BCU6sGuVb9zfXYwzk%2Fq%2BZ6jZpzfR%2BqI20QXtHyEnzJISBGdLOzwpUF5pvXVzyDZU6mnxCeoMVhDHyE6X5IL3kdZYoODzwjb8sw3AermsnaunMtrgGwkB8s2%2BJMxzWRjeSoyiql%2BK%2BX7bQAyMRMbJZUzq81yP"}],"group":"cf-nel","max_age":604800}
expires: Sat, 11 Jan 2025 10:04:25 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31325&min_rtt=30450&rtt_var=904&sent=30&recv=24&lost=0&retrans=0&sent_bytes=19456&recv_bytes=7976&delivery_rate=43170&cwnd=12000&unsent_bytes=0&cid=9003dcee15c14568&ts=1508&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 10:04:25 GMT
content-type: image/gif
last-modified: Wed, 28 Sep 2011 06:20:32 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0ce3de8fafd9b4-AKL
accept-ranges: bytes
content-length: 477
server: cloudflare

GET
H3 200 t_bg1.gif
xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/template/news/news3/style/images/ 373 B
1 KB 411ms
410ms Image
image/gif 172.67.185.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/template/news/news3/style/images/t_bg1.gif
Requested by: Host: xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com
URL: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/template/news/news3/style/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5856aa36663ba8340cdbad9e405bbf6d07dd13a43c956f0dcb8c2e52e3c5a29

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/template/news/news3/style/style.css

Response headers

cf-cache-status: MISS
etag: "4e827ab4-175"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o6LRnNl9otHL3ZsZ54Fdo%2F3OncFEM76Jz%2BpSJHB9mnw9w39S0CXA45SmdkMiOGJh1y61nn5zU5VsgYnhyxBBYF3ejE0163EW4dtrZYh6mXhBPkUbBwnbnfAfk7TtDBTVM5LboVczDQ5UluuEtlDphrR9alqq%2BL%2Bq8tRYmyZaT2oUlV5AvwW59eK%2FWco%2B3j5LoNOI%2BCFk"}],"group":"cf-nel","max_age":604800}
expires: Sat, 11 Jan 2025 10:04:25 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31325&min_rtt=30450&rtt_var=904&sent=33&recv=24&lost=0&retrans=0&sent_bytes=21705&recv_bytes=7976&delivery_rate=43170&cwnd=12000&unsent_bytes=0&cid=9003dcee15c14568&ts=1512&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 10:04:25 GMT
content-type: image/gif
last-modified: Wed, 28 Sep 2011 01:39:00 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0ce3de8fb0d9b4-AKL
accept-ranges: bytes
content-length: 373
server: cloudflare

GET
H3 200 ico1.gif
xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/template/news/news3/style/images/ 170 B
916 B 415ms
414ms Image
image/gif 172.67.185.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/template/news/news3/style/images/ico1.gif
Requested by: Host: xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com
URL: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/template/news/news3/style/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d04afa0f92cbfb074265f490a1930594b46c2b38e82257f9158bfac7b6a24e3e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/template/news/news3/style/style.css

Response headers

cf-cache-status: MISS
etag: "4e827ab4-aa"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lqiN%2FcOvOaPOE%2BngvWh8yakakxX%2Fr6EYUh8kXmturxlvuWMWQqDTbWi4EgQiMXMe8h%2BsJHIsDg0YDoFadmODqf3TfNiZdSU2Ez5%2FM4qqiObDtPKI5ZGuRYNAHTkcfr5nj%2FJJ0Xf%2FYGIohN5j%2BhQo7u52OEMlvdCfywJe27CaXj70WBGax0Ni5pbpO%2Fsbca4B3QRN9ZHg"}],"group":"cf-nel","max_age":604800}
expires: Sat, 11 Jan 2025 10:04:25 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31325&min_rtt=30450&rtt_var=904&sent=34&recv=24&lost=0&retrans=0&sent_bytes=22844&recv_bytes=7976&delivery_rate=43170&cwnd=12000&unsent_bytes=0&cid=9003dcee15c14568&ts=1518&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 10:04:25 GMT
content-type: image/gif
last-modified: Wed, 28 Sep 2011 01:39:00 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0ce3de8fb1d9b4-AKL
accept-ranges: bytes
content-length: 170
server: cloudflare

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
634 B 268ms
259ms XHR
application/json 104.20.94.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=12952581&u1=44F3FCEA5718484EAD276880C457AC43&java=1&security=6f4e97c8&sc_snum=1&sess=7810d0&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/&t=baccarat%20odds%20calculator&invisible=1&sc_rum_e_s=1461&sc_rum_e_e=1493&sc_rum_f_s=0&sc_rum_f_e=1099&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.94.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
cf-ray: 8f0ce3dfa93d50a7-AKL
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
date: Thu, 12 Dec 2024 10:04:25 GMT
content-type: application/json
server: cloudflare

GET
H3 200 ym.php
xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/ 24 KB
8 KB 400ms
399ms XHR
text/html 172.67.185.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/ym.php
Requested by: Host: xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com
URL: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YAaSkxhipenpuWJ4CJWaibFAnIfE6vk0toYnFR8hYc4%2FbUW3hKRBTD5WEGq6vGdksdfH4uHKX1Bpdr0iA4jvAD9wsGBZWwk81jH%2Bwm1NOPWWL3QL6uzSEckZbj6MJwUiNTFLpfpyPmyv7MFJfyR2qj2EiiDWtYMk4djKnRtwpH1WNlYQNqBVda6iKdtlgijim%2BHpcEO5"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0ce3ef1beed9b4-AKL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=32907&min_rtt=30450&rtt_var=3372&sent=37&recv=29&lost=0&retrans=0&sent_bytes=23829&recv_bytes=9034&delivery_rate=138734&cwnd=12000&unsent_bytes=0&cid=9003dcee15c14568&ts=4141&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 10:04:27 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET
H3 200 favicon.ico
xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/ 0
727 B 596ms
596ms Other
image/x-icon 172.67.185.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/

Response headers

cf-cache-status: MISS
etag: "5d406788-0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lo5gWELjEnjJi9bA63HzxwrzxkcSr1Zy0qDpgTAySoYmD75hpok1xyeLskVduCbR2S2PTuegw9nKb%2BlJTOygLVNhq5nv77Ob1xmtFO%2B9zKzXQsLracfqG6rJCXVflHu36gOlYmbcdYaeRUJmMtBRoqkOcpOV%2Fn%2FlwdBHcSz1UJjCPYhx%2FT9ZjzkLZkUwEHiRyTkXG9mU"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=33560&min_rtt=30450&rtt_var=2073&sent=44&recv=33&lost=0&retrans=0&sent_bytes=31841&recv_bytes=9207&delivery_rate=20337&cwnd=12000&unsent_bytes=0&cid=9003dcee15c14568&ts=4347&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 12 Dec 2024 10:04:27 GMT
content-type: image/x-icon
last-modified: Tue, 30 Jul 2019 15:51:36 GMT
vary: Accept-Encoding
priority: u=1,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f0ce3ef1bf6d9b4-AKL
accept-ranges: bytes
content-length: 0
server: cloudflare

GET
H2 200 Primary Request / Show response
8xbet843.cc/ 76 KB
25 KB 1118ms
462ms Document
text/html 2406:da1e:352:b400:6af6:b0:b74a:1368
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://8xbet843.cc/

Requested by

Host: xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com
URL: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2406:da1e:352:b400:6af6:b0:b74a:1368 , China, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / Express

Resource Hash

112153216b8d9cb2ab57729cd44c29a842a228518c06afd5b3f024eb2394e686

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'

Request headers

Referer: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-security-policy: frame-ancestors 'none'
content-type: text/html; charset=utf-8
date: Thu, 12 Dec 2024 10:04:28 GMT
etag: W/"12f64-dHE1WrwmBP55Il5CDCWtstc5gUo"
server: nginx
x-checksum: 3d91506254eb220bb760e9080db6524b00adf71a68c8677241305d9f5b3a121d
x-envoy-upstream-service-time: 33
x-powered-by: Express

GET index-0439e67f.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/ 0
0

GET index-e3511ff4.css
29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/ 0
0

GET registerSW.js
29hxa5qjxxye001-fluid.8xdfd3t6f.com/ 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 324 KB
108 KB 519ms
201ms Script
application/javascript 2404:6800:4006:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XK42L1XPP5

Requested by

Host: 8xbet843.cc
URL: https://8xbet843.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:812::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ae2d71fcb0a3ecdb4e1fe40ed046087de1921b0a22ec4abe7f0b32114d9de32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://8xbet843.cc/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 12 Dec 2024 10:04:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 10:04:29 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109884
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 p1w869nwbf Show response
www.clarity.ms/tag/ 689 B
1 KB 756ms
467ms Script
application/x-javascript 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/p1w869nwbf
Requested by: Host: 8xbet843.cc
URL: https://8xbet843.cc/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 68114a3aa56c1f2bef05c716fbe710eace562864dad75cf02e2b761a81116964

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://8xbet843.cc/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 689
date: Thu, 12 Dec 2024 10:04:29 GMT
content-type: application/x-javascript
x-azure-ref: 20241212T100429Z-r1d8f8768458q8pfhC1SYDsm8n000000033g00000000ba7n

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 227 KB
76 KB 476ms
186ms Script
application/javascript 2404:6800:4006:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KLND2S8

Requested by

Host: 8xbet843.cc
URL: https://8xbet843.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:812::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

014ffc6ef216b4c48b536e111650658f1d4b01ebf09a2ba899d590abdf4d7954

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://8xbet843.cc/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 12 Dec 2024 10:04:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 10:04:29 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 12 Dec 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 77033
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 161ms
78ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 8xbet843.cc
URL: https://8xbet843.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-0BTrni1v' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://8xbet843.cc/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 10:04:29 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-0BTrni1v' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=68, rtx=0, c=23, mss=1232, tbw=4507, tp=9, tpl=0, uplat=8, ullat=-1
pragma: public
x-fb-debug: vXUnw6lKg+fclXd5AJP8X5PG1DFM0GM8TimcmQ/gmF4demr3RcwIpb9Sj60qk4S06KKL7vgf4iIq/H0JF+q2hw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62212
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 1788894901579396 Show response
connect.facebook.net/signals/config/ 69 KB
14 KB 273ms
273ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1788894901579396?v=2.9.178&r=stable&domain=8xbet843.cc&hme=28abfdc7e582ae2a8fdd6ac5ebb406923cf601dc2ee488049b0628e75e0f6b36&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

4fc1fda1aed9f491c6424a8803f3c8d35bbe68f2b07e0969c6ba0d10d41d8b68

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-IyLQsdIr' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://8xbet843.cc/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 10:04:29 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-IyLQsdIr' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=68, rtx=0, c=77, mss=1232, tbw=70427, tp=65, tpl=0, uplat=197, ullat=1
pragma: public
x-fb-debug: IoC//em0bqYhDwThrrJyR4pRuxxoDs3FtgEWmfNaccrD0rnu+Tcl2cc1WjBNijSsyfDX4sfBSgUbPfONnjtBGg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 170ms
67ms Image
text/plain 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1788894901579396&ev=PageView&dl=https%3A%2F%2F8xbet843.cc%2F&rl=https%3A%2F%2Fxn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com%2F&if=false&ts=1733997869550&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=4126&fbp=fb.1.1733997869535.236361883957183533&ler=other&cdl=API_unavailable&it=1733997869211&coo=false&rqm=GET

Requested by

Host: 8xbet843.cc
URL: https://8xbet843.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://8xbet843.cc/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=67, rtx=0, c=23, mss=1232, tbw=4558, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 12 Dec 2024 10:04:29 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
196 B 435ms
332ms Image
image/png 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1788894901579396&ev=PageView&dl=https%3A%2F%2F8xbet843.cc%2F&rl=https%3A%2F%2Fxn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com%2F&if=false&ts=1733997869550&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=4126&fbp=fb.1.1733997869535.236361883957183533&ler=other&cdl=API_unavailable&it=1733997869211&coo=false&rqm=FGET

Requested by

Host: 8xbet843.cc
URL: https://8xbet843.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://8xbet843.cc/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7447464139256915744"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 10:04:29 GMT
content-type: image/png
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7447464139256915744", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-debug: /mon7RdljhUGSfO0J3xgZ4Gka9l4I9uPCEqmtz+bpy7CV90mvOPknxiRYARZUgTMbzgcTZyc7ZGECrZY4Wi49w==
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=66, rtx=0, c=23, mss=1232, tbw=4926, tp=13, tpl=0, uplat=265, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 404 KB
131 KB 186ms
185ms Script
application/javascript 2404:6800:4006:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FH93J8TSNS&l=dataLayer&cx=c&gtm=45He4cb0v9103934971za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KLND2S8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:812::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c448191af80d7ec3c7f536e87e12057fe1bbf16afeb57cda405160b1403af8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://8xbet843.cc/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 12 Dec 2024 10:04:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 10:04:29 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 133793
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 777827634088724 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 260ms
259ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/777827634088724?v=2.9.178&r=stable&domain=8xbet843.cc&hme=28abfdc7e582ae2a8fdd6ac5ebb406923cf601dc2ee488049b0628e75e0f6b36&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

73b6e600da96be10a7cf51f74ccea7574db289bc5ee82061ce02a647d4812b4b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-vfTvomvN' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://8xbet843.cc/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 10:04:29 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-vfTvomvN' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=67, rtx=0, c=89, mss=1232, tbw=85675, tp=80, tpl=0, uplat=189, ullat=0
pragma: public
x-fb-debug: rDmCwWWtwl1RnnKUx/paLXaj7iS4O8DHp0QMv8uQcQgCpBusgbDWfw3tiyHqtxwGeSD0N9MqyyXEVrA+yFcDuQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
2 KB 463ms
301ms Script
application/javascript 23.48.247.237
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CLR9LNRC77U7BR4C6SIG&lib=ttq
Requested by: Host: xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com
URL: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.247.237 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-48-247-237.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b0e12195d716748bf5f1e266134a074f87238a456097330be0a613078ec0459a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://8xbet843.cc/

Response headers

content-encoding: gzip
expires: Thu, 12 Dec 2024 10:04:30 GMT
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=205
x-cache: TCP_MISS from a23-46-180-205.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Thu, 12 Dec 2024 10:04:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: 727308b0
x-tt-trace-host: 0134657a04b7a085f5a109bc87d2f6487ea7ce37542cad332380aba10981497fd925d509f15fe41621d4acb215772223a7a3a8b0e5a68828149851ceee83b39f78051d50ff4de665945ff562aff10bb09a2bda9a4bd583eefa65c6241bbbe008a8
x-origin-response-time: 205,23.46.180.205
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-241212100429CCC793CE75DD4B81A8AE-59BED8336FF79CF7-00
content-length: 1641
x-tt-logid: 20241212100429CCC793CE75DD4B81A8AE
server: nginx

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 452ms
296ms Script
application/javascript 23.48.247.237
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CPGOMSRC77UFEMG26950&lib=ttq
Requested by: Host: xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com
URL: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.247.237 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-48-247-237.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3cfe3cbd01a31f53e10932a89ced4a66d0c4e2da5ba60d501af9df862aec3aed

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://8xbet843.cc/

Response headers

content-encoding: gzip
x-cache-remote: TCP_MISS from a23-48-249-139.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
expires: Thu, 12 Dec 2024 10:04:30 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=195, origin; dur=8, inner; dur=4
x-cache: TCP_MISS from a23-46-180-205.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Thu, 12 Dec 2024 10:04:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: 626e166.727308b1
x-tt-trace-host: 0134657a04b7a085f5a109bc87d2f6487e27a3f76bfee0cb44b274edaf633985f440454dcf127dee060fd815f7770930acbee707a26d3f5af8aaaf2907275bc75241fa918e3367c79be6a59621fbd3419f814fb80babb3f370aba311e567e371fd2aa5bd636a1a51d4ed8d7ac01286cfea
x-origin-response-time: 8,23.48.249.139
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2412121004298C71B205C6918684D5E7-667859F5830DB3DD-00
content-length: 2084
x-parent-response-time: 203,23.46.180.205
x-tt-logid: 202412121004298C71B205C6918684D5E7
server: nginx

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 324 KB
107 KB 184ms
184ms Script
application/javascript 2404:6800:4006:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XK42L1XPP5&l=dataLayer&cx=c&gtm=45He4cb0v9103934971za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KLND2S8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:812::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8efca7da7316764887926f774ffc0d8467993c0d7db66dad42460e0fd24af2f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://8xbet843.cc/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 12 Dec 2024 10:04:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 10:04:29 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109844
x-xss-protection: 0
server: Google Tag Manager

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 468ms
164ms Fetch
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-XK42L1XPP5&gtm=45je4cb0v9188334131za200zb9103934971&_p=1733997868960&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1135607017.1733997870&ul=en-nz&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733997869&sct=1&seg=0&dl=https%3A%2F%2F8xbet843.cc%2F&dr=https%3A%2F%2Fxn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2272
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XK42L1XPP5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://8xbet843.cc/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://8xbet843.cc
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 10:04:30 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.58/ 67 KB
28 KB 135ms
135ms Script
application/javascript 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.58/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/p1w869nwbf
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e57f584dc164284e3994776f7ddd7de42d54921a30f096ca971f676b2f5942c7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://8xbet843.cc/

Response headers

x-azure-ref: 20241212T100429Z-r1d8f8768458q8pfhC1SYDsm8n000000033g00000000ba8u
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DD19E020F35B96"
x-fd-int-roxy-purgeid: 79034942
x-ms-request-id: 4e19b5c1-301e-003f-40e6-4be678000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Thu, 12 Dec 2024 10:04:29 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 11 Dec 2024 12:34:17 GMT

GET
H3 200 284095821111767 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 251ms
250ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/284095821111767?v=2.9.178&r=stable&domain=8xbet843.cc&hme=28abfdc7e582ae2a8fdd6ac5ebb406923cf601dc2ee488049b0628e75e0f6b36&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

fdfa6bd96b370bd4d258abbbd02ca2930772ffc655bf2466a33dbb93c62f0110

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-0r6Jo53V' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://8xbet843.cc/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 10:04:30 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-0r6Jo53V' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=67, rtx=0, c=92, mss=1232, tbw=89563, tp=85, tpl=0, uplat=180, ullat=0
pragma: public
x-fb-debug: 1GuhwdkflFXUFveqmIl9sC6d/UxbitdteQyQaCh15Y7wTdENoHm+EKJ1hhBqmkmdZLCNA+mgdmL3tRtGQU7Weg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 69ms
69ms Image
text/plain 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=777827634088724&ev=PageView&dl=https%3A%2F%2F8xbet843.cc%2F&rl=https%3A%2F%2Fxn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com%2F&if=false&ts=1733997869937&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=4126&fbp=fb.1.1733997869535.236361883957183533&ler=other&cdl=API_unavailable&it=1733997869211&coo=false&rqm=GET

Requested by

Host: 8xbet843.cc
URL: https://8xbet843.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://8xbet843.cc/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=66, rtx=0, c=23, mss=1232, tbw=8430, tp=18, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 12 Dec 2024 10:04:29 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
192 B 251ms
251ms Image
image/png 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=777827634088724&ev=PageView&dl=https%3A%2F%2F8xbet843.cc%2F&rl=https%3A%2F%2Fxn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com%2F&if=false&ts=1733997869937&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=4126&fbp=fb.1.1733997869535.236361883957183533&ler=other&cdl=API_unavailable&it=1733997869211&coo=false&rqm=FGET

Requested by

Host: 8xbet843.cc
URL: https://8xbet843.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://8xbet843.cc/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7447464143084811551"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 10:04:30 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: BLgvdANWlgMuDPcUq1ki0qfOYcKFvgyxEGjr/byrxGOoz65M7wogW/Cd0t6bZ2TXXm8kU0fLEJONWJTBoY5cTg==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7447464143084811551", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=67, rtx=0, c=26, mss=1232, tbw=8638, tp=21, tpl=0, uplat=183, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST collect
p.clarity.ms/ 0
0

POST
H2 204 collect
analytics.google.com/g/ 0
0 416ms
175ms Fetch
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-FH93J8TSNS&gtm=45je4cb0v873231969z89103934971za200zb9103934971&_p=1733997868960&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&cid=1135607017.1733997870&ul=en-nz&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1733997870&sct=1&seg=0&dl=https%3A%2F%2F8xbet843.cc%2F&dr=https%3A%2F%2Fxn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com%2F&dt=&en=page_view&_fv=1&_ss=1&tfd=2730
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FH93J8TSNS&l=dataLayer&cx=c&gtm=45He4cb0v9103934971za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://8xbet843.cc/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://8xbet843.cc
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 10:04:30 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
542 B 480ms
161ms Ping
text/plain 2404:6800:4003:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FH93J8TSNS&cid=1135607017.1733997870&gtm=45je4cb0v873231969z89103934971za200zb9103934971&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FH93J8TSNS&l=dataLayer&cx=c&gtm=45He4cb0v9103934971za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c02::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://8xbet843.cc/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://8xbet843.cc
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 10:04:30 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 22D4 0
0 393ms
173ms Document
text/html 2404:6800:4006:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-FH93J8TSNS&gacid=1135607017.1733997870&gtm=45je4cb0v873231969z89103934971za200zb9103934971&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485&z=1155987112

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FH93J8TSNS&l=dataLayer&cx=c&gtm=45He4cb0v9103934971za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8xbet843.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 12 Dec 2024 10:04:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.co.nz/ads/ 42 B
63 B 340ms
170ms Image
image/gif 142.250.66.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.nz/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FH93J8TSNS&cid=1135607017.1733997870&gtm=45je4cb0v873231969z89103934971za200zb9103934971&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485&tag_exp=101925629~102067555~102067808~102081485&z=39845670

Requested by

Host: 8xbet843.cc
URL: https://8xbet843.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://8xbet843.cc/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 12 Dec 2024 10:04:30 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 204 collect
analytics.google.com/g/ 0
0 328ms
176ms Fetch
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-FH93J8TSNS&gtm=45je4cb0v873231969z89103934971za200zb9103934971&_p=1733997868960&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&cid=1135607017.1733997870&ul=en-nz&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AAAC&sid=1733997870&sct=1&seg=1&dl=https%3A%2F%2F8xbet843.cc%2F&dr=https%3A%2F%2Fxn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com%2F&dt=&_s=2&tfd=2821
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FH93J8TSNS&l=dataLayer&cx=c&gtm=45He4cb0v9103934971za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://8xbet843.cc/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://8xbet843.cc
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 10:04:30 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 main.MWZiM2ZlMGNjMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 351 KB
97 KB 98ms
98ms Script
application/javascript 23.48.247.237
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CPGOMSRC77UFEMG26950&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.247.237 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-48-247-237.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: da2d5cc7a936d3108413875e85969ff2e0a1bc79e4c9df4fabadb1ec9198e215

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://8xbet843.cc/

Response headers

x-cache: TCP_MEM_HIT from a23-46-180-205.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=13
x-tt-trace-id: 00-241210133444671069EF00C5D263D149-5413C72D97B0780B-00
content-length: 98684
date: Thu, 12 Dec 2024 10:04:30 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20241210133444671069EF00C5D263D149
server: nginx
x-akamai-request-id: 72731c5b
x-tt-trace-host: 0140bc7e6c82fb546daa64fa72fd53f5f6026df2b02207c607885a3b5d6746976aa75cf075e08d4ee734d4261d3d4f7c373cdde08a1b22d38f4d9011d9384f08e92244ae9ce146bb6bba06a39e7a624c3860bea34ac01d8a7a004b8b1eb70ff73f

GET
H2 200 main.MWZiM2ZlMGNjMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 345 KB
95 KB 228ms
228ms Script
application/javascript 23.48.247.237
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CLR9LNRC77U7BR4C6SIG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.247.237 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-48-247-237.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7d60c0cd0647ecb04df42bcfd2acd351c105c2d89e2b401ba03b0845336170e7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://8xbet843.cc/

Response headers

x-cache: TCP_MEM_HIT from a23-46-180-205.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=16
x-tt-trace-id: 00-2412101334436FAB6B80F16A74BB28FA-65ECA53B64538517-00
content-length: 96801
date: Thu, 12 Dec 2024 10:04:30 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202412101334436FAB6B80F16A74BB28FA
server: nginx
x-akamai-request-id: 72731c5c
x-tt-trace-host: 018e93d0f8228ebd6d17c726d568f017625067b9b99537d32c327845f8b3747a2a3265ff4b630174eaca1928d09ab9e4ed1be271fa92aa7301ce08f270cfce4f4ff4cc9efe04674afa1234fa8109304d6893d2c9f09b0cad7d53f032ed828fe75f

GET
H3 200 1049161216101108 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 261ms
261ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1049161216101108?v=2.9.178&r=stable&domain=8xbet843.cc&hme=28abfdc7e582ae2a8fdd6ac5ebb406923cf601dc2ee488049b0628e75e0f6b36&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

2e753868bbe2f6441a4c7c3ae47e84cfb49d64a8afddcb7fd69ad83ae1643c6f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-1UQdT8bU' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://8xbet843.cc/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 10:04:30 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-1UQdT8bU' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=67, rtx=0, c=95, mss=1232, tbw=93563, tp=91, tpl=0, uplat=191, ullat=0
pragma: public
x-fb-debug: iOEwef4kGNWk3nfRgVXZbuk0XLHlun1jyaBvu2pHl4LOPRdRNPo5D6dpGiPoihnWj1/u7l5+cwiaiNvUNnEwKQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 71ms
70ms Image
text/plain 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=284095821111767&ev=PageView&dl=https%3A%2F%2F8xbet843.cc%2F&rl=https%3A%2F%2Fxn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com%2F&if=false&ts=1733997870321&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=4126&fbp=fb.1.1733997869535.236361883957183533&ler=other&cdl=API_unavailable&it=1733997869211&coo=false&rqm=GET

Requested by

Host: 8xbet843.cc
URL: https://8xbet843.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://8xbet843.cc/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=67, rtx=0, c=27, mss=1232, tbw=9694, tp=25, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 12 Dec 2024 10:04:30 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
191 B 376ms
375ms Image
image/png 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=284095821111767&ev=PageView&dl=https%3A%2F%2F8xbet843.cc%2F&rl=https%3A%2F%2Fxn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com%2F&if=false&ts=1733997870321&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=4126&fbp=fb.1.1733997869535.236361883957183533&ler=other&cdl=API_unavailable&it=1733997869211&coo=false&rqm=FGET

Requested by

Host: 8xbet843.cc
URL: https://8xbet843.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://8xbet843.cc/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7447464144031750440"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 10:04:30 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: D4a8nnySxY7xeAdQsurjOI0miIBbeBz7AMyTV55/8IKSo7wBG8dWyzCoxh0DpcQuqc2S61gwW/b6Jsb+ymMbyw==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7447464144031750440", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=66, rtx=0, c=27, mss=1232, tbw=9902, tp=28, tpl=0, uplat=307, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 identify_45dd5971.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 72ms
71ms Script
application/javascript 23.48.247.237
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.247.237 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-48-247-237.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://8xbet843.cc/

Response headers

x-cache: TCP_MEM_HIT from a23-46-180-205.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=5
x-tt-trace-id: 00-241115050237655D427DD54E2779CAA3-2246FDF1732A9816-00
content-length: 39438
date: Thu, 12 Dec 2024 10:04:30 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20241115050237655D427DD54E2779CAA3
server: nginx
x-akamai-request-id: 727325cc
x-tt-trace-host: 01ec657972fc33318c4652948d4807c2b82e3592eb50beca23a184ceb52eb1a60b9063f6ee62fa94c6dca5573da3118852d1e10b1671b8a9231d455e2760203883e4516486b480e558f77c770c38a9a426aab471959679127f1f63a2b46a356a06

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
880 B 305ms
300ms Ping
text/plain 23.48.247.237
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.247.237 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-48-247-237.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://8xbet843.cc/

Response headers

x-cache-remote: TCP_MISS from a23-218-223-14.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Thu, 12 Dec 2024 10:04:30 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=214, origin; dur=21, inner; dur=19
x-cache: TCP_MISS from a23-46-180-205.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Thu, 12 Dec 2024 10:04:30 GMT
x-akamai-request-id: 205c95d9.72732749
access-control-allow-headers: Authorization,*
x-tt-trace-host: 0134657a04b7a085f5a109bc87d2f6487e27a3f76bfee0cb44b274edaf633985f42d5a0abf8537770e7c8120bf9b2d177699f7a4b59c5f4ca2b58c3a98000c340f7b81433ca56e01c67a7bc6fd4425ec8a24c107cd1deef2a90fb316b77d5198d5ddc082009fa0f935ef5b57314c0c3e0a
x-origin-response-time: 22,23.218.223.14
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241212100430138B66BAA9F517862635-0E79925374083423-00
content-length: 0
x-parent-response-time: 229,23.46.180.205
x-tt-logid: 20241212100430138B66BAA9F517862635
server: nginx

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
877 B 290ms
286ms Ping
text/plain 23.48.247.237
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.247.237 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-48-247-237.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://8xbet843.cc/

Response headers

x-cache-remote: TCP_MISS from a23-48-249-156.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Thu, 12 Dec 2024 10:04:30 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=199, origin; dur=19, inner; dur=16
x-cache: TCP_MISS from a23-46-180-205.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Thu, 12 Dec 2024 10:04:30 GMT
x-akamai-request-id: 14353e72.7273274a
access-control-allow-headers: Authorization,*
x-tt-trace-host: 0134657a04b7a085f5a109bc87d2f6487e27a3f76bfee0cb44b274edaf633985f44fc10d9479fb101ea1aff46afbc69d8e55e0ebe4a1e6eaad11385e45516f5f04c8e8ca517969c0735e54acec20d01b8a2a5d5825b2f6c1f2c8b5e9835ac841119593a7574a66e1ec9bed914c164de8ae
x-origin-response-time: 19,23.48.249.156
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241212100430D5400A59A8F211D80EB9-2AA520FF41F4C4CD-00
content-length: 0
x-parent-response-time: 212,23.46.180.205
x-tt-logid: 20241212100430D5400A59A8F211D80EB9
server: nginx

GET 375407261712370
connect.facebook.net/signals/config/ 0
0

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 71ms
70ms Image
text/plain 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1049161216101108&ev=PageView&dl=https%3A%2F%2F8xbet843.cc%2F&rl=https%3A%2F%2Fxn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com%2F&if=false&ts=1733997870649&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=4126&fbp=fb.1.1733997869535.236361883957183533&ler=other&cdl=API_unavailable&it=1733997869211&coo=false&rqm=GET

Requested by

Host: 8xbet843.cc
URL: https://8xbet843.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://8xbet843.cc/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=66, rtx=0, c=27, mss=1232, tbw=10878, tp=31, tpl=0, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 12 Dec 2024 10:04:30 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 0
0

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
721 B 317ms
315ms Ping
text/plain 23.48.247.237
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZiM2ZlMGNjMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.247.237 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-48-247-237.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://8xbet843.cc/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Thu, 12 Dec 2024 10:04:31 GMT
server-timing: inner; dur=29, cdn-cache; desc=MISS, edge; dur=8, origin; dur=242
x-cache: TCP_MISS from a23-46-180-205.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-35a4fcef889a1f053c9fa641f2ccd99a) (-)
date: Thu, 12 Dec 2024 10:04:31 GMT
x-akamai-request-id: 727330c7
access-control-allow-headers: Authorization,*
x-tt-trace-host: 0134657a04b7a085f5a109bc87d2f6487ea7ce37542cad332380aba10981497fd9cf875948f2082a0c3811105797fd954c002b9bed0e705f68dac34fa0672e5bcdefa353cedbe0d27b79ef14937453ce76d90bb270f7ab48e5daf565a87bdcff4d
x-origin-response-time: 242,23.46.180.205
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241212100431022E7BD6D640DBBEFBE6-4E2A52415AFF6CBA-00
content-length: 0
x-tt-logid: 20241212100431022E7BD6D640DBBEFBE6
server: nginx

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
275 B 509ms
505ms XHR
text/plain 20.122.63.128

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.58/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://8xbet843.cc/

Response headers

Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin: https://8xbet843.cc
Date: Thu, 12 Dec 2024 10:04:31 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST collect
p.clarity.ms/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ziyuan.baidu.com
URL: https://ziyuan.baidu.com/image.gif

Domain: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-0439e67f.js

Domain: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-e3511ff4.css

Domain: 29hxa5qjxxye001-fluid.8xdfd3t6f.com
URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/registerSW.js

Domain: p.clarity.ms
URL: https://p.clarity.ms/collect

Domain: connect.facebook.net
URL: https://connect.facebook.net/signals/config/375407261712370?v=2.9.178&r=stable&domain=8xbet843.cc&hme=28abfdc7e582ae2a8fdd6ac5ebb406923cf601dc2ee488049b0628e75e0f6b36&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Domain: www.facebook.com
URL: https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1049161216101108&ev=PageView&dl=https%3A%2F%2F8xbet843.cc%2F&rl=https%3A%2F%2Fxn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com%2F&if=false&ts=1733997870649&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=4126&fbp=fb.1.1733997869535.236361883957183533&ler=other&cdl=API_unavailable&it=1733997869211&coo=false&rqm=FGET

Domain: p.clarity.ms
URL: https://p.clarity.ms/collect

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/	1970-01-21 11:15:57	Name: sc_is_visitor_unique Value: rx12952581.1733997865.44F3FCEA5718484EAD276880C457AC43.1.1.1.1.1.1.1.1.1
.statcounter.com/	1970-01-21 11:15:57	Name: is_unique Value: sc12952581.1733997865.0
.statcounter.com/	1970-01-21 11:15:57	Name: is_visitor_unique Value: 1733997865204016680
.baidu.com/	1970-01-21 10:25:33	Name: BAIDUID_BFESS Value: 0A00EADA6E64B0FF60D40A84A6D970B0:FG=1
.8xbet843.cc/	1970-01-21 03:49:33	Name: _fbp Value: fb.1.1733997869535.236361883957183533
www.clarity.ms/	1970-01-21 10:25:33	Name: CLID Value: 92143ef307414cbea1491c57b43938ab.20241212.20251212
.8xbet843.cc/	1970-01-21 11:15:57	Name: _ga Value: GA1.1.1135607017.1733997870
.8xbet843.cc/	1970-01-21 11:15:57	Name: _ga_XK42L1XPP5 Value: GS1.1.1733997869.1.0.1733997869.0.0.0
.8xbet843.cc/	1970-01-21 10:25:33	Name: _clck Value: 6k1eru%7C2%7Cfrn%7C0%7C1807
.tiktok.com/	1970-01-21 11:01:33	Name: _ttp Value: 2q6zZfP0KccL22Q6xNDdasBrIiO
.8xbet843.cc/	1970-01-21 11:15:57	Name: _ga_FH93J8TSNS Value: GS1.1.1733997870.1.1.1733997870.60.0.0
.8xbet843.cc/	1970-01-21 11:01:33	Name: _tt_enable_cookie Value: 1
.8xbet843.cc/	1970-01-21 11:01:33	Name: _ttp Value: yqw4OCX7OZ8FOw0daW1b1vKuIuj.tt.1
.doubleclick.net/	1970-01-21 01:39:58	Name: test_cookie Value: CheckForPermission

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/ Message: Mixed Content: The page at 'https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/' was loaded over HTTPS, but requested an insecure element 'http://n.sinaimg.cn/news/transform/w600h400/20180312/yWGT-fyscsmu5850053.jpg?zdy'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/ Message: Mixed Content: The page at 'https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/' was loaded over HTTPS, but requested an insecure element 'http://n.sinaimg.cn/news/transform/w600h400/20180312/yWGT-fyscsmu5850053.jpg?zdy'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/ Message: Mixed Content: The page at 'https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/' was loaded over HTTPS, but requested an insecure element 'http://n.sinaimg.cn/news/transform/w600h400/20180313/LZOI-fyscsmu9330396.jpg?zdy'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/ Message: Mixed Content: The page at 'https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/' was loaded over HTTPS, but requested an insecure element 'http://n.sinaimg.cn/front/w880h774/20180311/l0C6-fxpwyhw9754129.jpg?zdy'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/(Line 179) Message: Mixed Content: The page at 'https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/' was loaded over HTTPS, but requested an insecure element 'http://n.sinaimg.cn/news/transform/w600h400/20180312/yWGT-fyscsmu5850053.jpg?zdy'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/(Line 179) Message: Mixed Content: The page at 'https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/' was loaded over HTTPS, but requested an insecure element 'http://n.sinaimg.cn/news/transform/w600h400/20180312/yWGT-fyscsmu5850053.jpg?zdy'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/(Line 179) Message: Mixed Content: The page at 'https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/' was loaded over HTTPS, but requested an insecure element 'http://n.sinaimg.cn/news/transform/w600h400/20180313/LZOI-fyscsmu9330396.jpg?zdy'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/(Line 179) Message: Mixed Content: The page at 'https://xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com/' was loaded over HTTPS, but requested an insecure element 'http://n.sinaimg.cn/front/w880h774/20180311/l0C6-fxpwyhw9754129.jpg?zdy'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript	error	URL: https://8xbet843.cc/ Message: Access to CSS stylesheet at 'https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-e3511ff4.css' from origin 'https://8xbet843.cc' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-e3511ff4.css Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://8xbet843.cc/(Line 145) Message: Access to script at 'https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-0439e67f.js' from origin 'https://8xbet843.cc' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://29hxa5qjxxye001-fluid.8xdfd3t6f.com/assets/index-0439e67f.js Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

29hxa5qjxxye001-fluid.8xdfd3t6f.com
8xbet843.cc
analytics.google.com
analytics.tiktok.com
c.statcounter.com
connect.facebook.net
n.sinaimg.cn
p.clarity.ms
stats.g.doubleclick.net
td.doubleclick.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.co.nz
www.googletagmanager.com
www.statcounter.com
xn---16--2562-zj2awgzazf3jjhi0fbb5c9azown.lifesupport-ambulance.com
ziyuan.baidu.com
29hxa5qjxxye001-fluid.8xdfd3t6f.com
connect.facebook.net
p.clarity.ms
www.facebook.com
ziyuan.baidu.com
104.20.94.138
142.250.66.195
157.240.8.23
157.240.8.35
172.67.185.4
20.122.63.128
2001:4860:4802:36::181
2001:4860:4802:38::178
23.48.247.237
2404:2280:1e2:0:715::7f3
2404:6800:4003:c02::9d
2404:6800:4006:812::2008
2404:6800:4006:814::2002
2406:da1e:352:b400:6af6:b0:b74a:1368
2620:1ec:bdf::69
014ffc6ef216b4c48b536e111650658f1d4b01ebf09a2ba899d590abdf4d7954
0a43d9c6821f71cb28f090525ea6fd51d73267bee1dcd34da86bf172461b6433
0ae2d71fcb0a3ecdb4e1fe40ed046087de1921b0a22ec4abe7f0b32114d9de32
112153216b8d9cb2ab57729cd44c29a842a228518c06afd5b3f024eb2394e686
1c448191af80d7ec3c7f536e87e12057fe1bbf16afeb57cda405160b1403af8a
21200b8d65db930ff8190102f6e0667785d4db9c5853be5ec290cbfec6f0e3ba
26c220c657daac9a57172ab94ab5ece6c6b03e6b4d0e6f54698f2d23e3d95647
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4
2e753868bbe2f6441a4c7c3ae47e84cfb49d64a8afddcb7fd69ad83ae1643c6f
3cfe3cbd01a31f53e10932a89ced4a66d0c4e2da5ba60d501af9df862aec3aed
486802c55dcf08b72b4883ff1272e5f41769309881fce4f8dc10c761c96e1b88
4fc1fda1aed9f491c6424a8803f3c8d35bbe68f2b07e0969c6ba0d10d41d8b68
5792609f00c98dddb69872ad06b10e618046919a67eee14605572de5948c5f57
608242c41714bcf0ce0c6dc6befbfbd8a4c4fa6c97d88f5deec2f5238ba3e3fc
68114a3aa56c1f2bef05c716fbe710eace562864dad75cf02e2b761a81116964
73b6e600da96be10a7cf51f74ccea7574db289bc5ee82061ce02a647d4812b4b
7d60c0cd0647ecb04df42bcfd2acd351c105c2d89e2b401ba03b0845336170e7
8efca7da7316764887926f774ffc0d8467993c0d7db66dad42460e0fd24af2f4
a68a7e5a189026c403a3ad51d1bdbf8fb3fd2a316a596124e96ff8959add4fef
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b0e12195d716748bf5f1e266134a074f87238a456097330be0a613078ec0459a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c4e6ee7f1e2fe82ffd7278812cfb8f50e75528fcfeab8ef4773e03ff55bb97a9
c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847
d04afa0f92cbfb074265f490a1930594b46c2b38e82257f9158bfac7b6a24e3e
da2d5cc7a936d3108413875e85969ff2e0a1bc79e4c9df4fabadb1ec9198e215
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57f584dc164284e3994776f7ddd7de42d54921a30f096ca971f676b2f5942c7
e5856aa36663ba8340cdbad9e405bbf6d07dd13a43c956f0dcb8c2e52e3c5a29
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
edd0043b724ca71c9ec7e961800f2a97e956f1e2e906efea9b594d2f4e4174b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fdfa6bd96b370bd4d258abbbd02ca2930772ffc655bf2466a33dbb93c62f0110

8xbet843.cc Open in urlscan Pro 2406:da1e:352:b400:6af6:b0:b74a:1368 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

86 %HTTPS

53 %IPv6

15 Domains

18 Subdomains

16 IPs

5 Countries

1098 kBTransfer

3012 kBSize

14 Cookies

0 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

8xbet843.cc Open in urlscan Pro
2406:da1e:352:b400:6af6:b0:b74a:1368 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

86 %
HTTPS

53 %
IPv6

15
Domains

18
Subdomains

16
IPs

5
Countries

1098 kB
Transfer

3012 kB
Size

14
Cookies

57 HTTP transactions
1 data transactions