kancilwin.makeup Open in urlscan Pro
18.164.96.4  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

• https://unpkg.com/swiper@8/swiper-bundle.min.css HTTP 302
• https://unpkg.com/swiper@8.4.7/swiper-bundle.min.css

Request Chain 52

• https://unpkg.com/swiper@8/swiper-bundle.min.js HTTP 302
• https://unpkg.com/swiper@8.4.7/swiper-bundle.min.js

210 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response kancilwin.makeup/	46 KB 8 KB	1121ms 882ms	Document text/html	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PHP/7.4.33 PleskLin Resource Hash 79c2ff37c65d761ed989c6ae287680a8fda392b7f41e058f1e20e76f36f55237 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers content-encoding gzip content-length 7398 content-type text/html; charset=UTF-8 date Sat, 23 Nov 2024 10:03:31 GMT server nginx vary Accept-Encoding Origin via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) x-amz-cf-id hHqb4jwXJd0VcLBr0GL8OeO06viHWgbK4lDfAqD-aVAFaYzjR3PdUg== x-amz-cf-pop JFK50-P5 x-cache Miss from cloudfront x-content-type-options nosniff x-frame-options SAMEORIGIN x-powered-by PHP/7.4.33 PleskLin x-xss-protection 1; mode=block
GET H2	200	style.css kancilwin.makeup/assets/css/	200 KB 31 KB	138ms 134ms	Stylesheet text/css	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kancilwin.makeup/assets/css/style.css Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 268946e7b9476b41590d6d1a39df30cc3dcec436827d57f83b7d32803e80ac11 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding br etag W/"66a25fa2-31e2a" age 56835 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id XvmH7NY7N5Ld7gCHQZVVhUEQ1ZD4GdFA3OiXsUfa2kW5x_NznRjhRQ== date Fri, 22 Nov 2024 18:16:17 GMT content-type text/css last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	custom.css kancilwin.makeup/assets/css/	604 B 724 B	154ms 151ms	Stylesheet text/css	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kancilwin.makeup/assets/css/custom.css Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 7b0ed71752f16e15e1e51f3ba734b41a11f53fba858082ba6feb2a7f0d31d512 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding gzip etag "25c-61e131fc66d1a-gzip" age 45374 x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id NqP_a3IPAyutEddRTkifwRXq43srzU_lfHc_SzCDylYC1EsPlXB_GA== date Fri, 22 Nov 2024 21:27:18 GMT content-type text/css vary Accept-Encoding last-modified Thu, 25 Jul 2024 14:22:26 GMT x-frame-options SAMEORIGIN x-accel-version 0.01 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes content-length 267 x-xss-protection 1; mode=block x-amz-cf-pop JFK50-P5 x-powered-by PleskLin server nginx
GET H2	200	css2 fonts.googleapis.com/	1 KB 971 B	284ms 101ms	Stylesheet text/css	2607:f8b0:4004:c1d::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Prompt:wght@300&display=swap Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f3dd2589c4e7fd107cc6c9d00496ec8f20be8db77b687dbed62b7080aa823b3e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding gzip x-content-type-options nosniff expires Sat, 23 Nov 2024 10:03:32 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 23 Nov 2024 10:03:32 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Sat, 23 Nov 2024 09:45:43 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	dark.css kancilwin.makeup/assets/css/src/sweetalert/	30 KB 5 KB	233ms 230ms	Stylesheet text/css	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kancilwin.makeup/assets/css/src/sweetalert/dark.css Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 34707c48532b63ab4afe37c9f050706825ecf634d8cdc066d551760dfd8b76fe Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding br etag W/"66a25fa2-79f6" age 56827 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id LB1o77r9Ob3b60CqYyIOBTPWepwNJyw1z87fy3DdVJrlrxa5avXOKQ== date Fri, 22 Nov 2024 18:16:25 GMT content-type text/css last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	swiper.css kancilwin.makeup/assets/css/	22 KB 3 KB	230ms 227ms	Stylesheet text/css	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kancilwin.makeup/assets/css/swiper.css Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 238e0e3a9dd3cdcf2a593bf8c287c4e7d2c819738b51fc3b598cb2cf3db52b17 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding br etag W/"66a25fa2-58a2" age 45375 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id uEkY6a5rMAa8Sw0WaF2OPdOYGYJFGVIFzfOZl6lcHW1HYhHW5uhNnQ== date Fri, 22 Nov 2024 21:27:17 GMT content-type text/css last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H3	200	all.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/	58 KB 11 KB	147ms 78ms	Stylesheet text/css	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "6599bda5-28f2" age 1338235 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LyORz%2FqIlNAZ4uXI6iYbkSYE0wIDesHfXihjSSDcuuaWFvA5csRhIL%2FnDJcsaOnD9Fdl%2BnYHW1A8g%2FAV%2BVB%2FJqmgERhQhlJEKUhaCaHnoISkoLL%2FoW%2FvHJmGXaFY8P630%2BAmFOts"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 13 Nov 2025 10:03:32 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Sat, 23 Nov 2024 10:03:32 GMT content-type text/css; charset=utf-8 last-modified Sat, 06 Jan 2024 21:52:53 GMT vary Accept-Encoding priority u=0,i=?0 strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8e7054769fbada93-MIA accept-ranges bytes access-control-allow-origin * content-length 10482 server cloudflare
GET H2	200	slider.css kancilwin.makeup/assets/css/src/slider/	1 KB 712 B	124ms 122ms	Stylesheet text/css	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kancilwin.makeup/assets/css/src/slider/slider.css Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 1c22d769efb9b0fc8712a33989b8f455edfd3aaa1d9782d1bb7eee9e4c8ba8d4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding br etag W/"66a25fa2-50a" age 45377 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id E8C5zcsi1wbkQdbDAZxT3evyKKOasJGX70SSAMf2NSZ_agxRwKIcLA== date Fri, 22 Nov 2024 21:27:15 GMT content-type text/css last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	logo.png kancilwin.makeup/	46 KB 46 KB	231ms 229ms	Image image/png	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/logo.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 412ad4d5d023e5e273472c2baa9ce333a8743550178ccefa39feb30f865d63c1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers etag "66c34841-b810" age 4395 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 47120 x-amz-cf-id 6WJqMKtlLitzPRAwz1Ivw_-jYoyD5UrEKd91M1pjRU8OAyRObqW0kg== date Sat, 23 Nov 2024 08:50:17 GMT content-type image/png last-modified Mon, 19 Aug 2024 13:27:29 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	ic-menu1.png kancilwin.makeup/btn-menu/	5 KB 5 KB	153ms 151ms	Image image/png	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/btn-menu/ic-menu1.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 823c3b7f8a4ea43707286a730ee81abe76ef86d392cee402418700b89c3474f1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers etag "66a25fa2-12ca" age 4393 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 4810 x-amz-cf-id uYMGoO9_nj2iNsbQY37Rs9IjQCN7U8TIHWT7L_SVzKEzD2m3mYoASw== date Sat, 23 Nov 2024 08:50:19 GMT content-type image/png last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	ic-menu2.png kancilwin.makeup/btn-menu/	5 KB 5 KB	210ms 210ms	Image image/png	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/btn-menu/ic-menu2.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 4556e8e521ff3713947b54451760cb48b7b9bc728c830f2437d67a5152bf9258 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers etag "66a25fa2-1358" age 4392 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 4952 x-amz-cf-id zw6z9kwc3isdi-2j0YXptY3zcHT8QWCDFfH5OKyK3W5itTP0-gtNaA== date Sat, 23 Nov 2024 08:50:20 GMT content-type image/png last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	ic-menu3.png kancilwin.makeup/btn-menu/	11 KB 12 KB	120ms 117ms	Image image/png	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/btn-menu/ic-menu3.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 4db5c266324e3ff643f63778e774cecf54359cad0c0f0531c9f7749f78669789 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers etag "66a25fa2-2d6d" age 4391 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 11629 x-amz-cf-id Xvf1Gi-8kB10du3msKYit_Hyq3UXJ0xfFVcfLChJX4hunfO4R2HXYw== date Sat, 23 Nov 2024 08:50:21 GMT content-type image/png last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	ic-menu4.png kancilwin.makeup/btn-menu/	8 KB 9 KB	122ms 121ms	Image image/png	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/btn-menu/ic-menu4.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash c6d1444c8bf2a6d64aa72ce8ddc6b6156dded708fa9fb0b69896e990232eef5b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers etag "66a25fa2-20bc" age 4390 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 8380 x-amz-cf-id rMBgURlhKr4t2LRAx_BuyPkiRdn8uwB_DqVYX2rAuVQ0U1bswixI-w== date Sat, 23 Nov 2024 08:50:22 GMT content-type image/png last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	ic-menu5.png kancilwin.makeup/btn-menu/	6 KB 6 KB	240ms 198ms	Image image/png	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/btn-menu/ic-menu5.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 32cf666dc0ea03b1edf609dba262b0e63a8879fdd08653e9dc98b30ea9558c5d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers etag "66a25fa2-179a" age 4389 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 6042 x-amz-cf-id QiYcOZCEC7BjS7lLzFQTApECRd4Tj6QdU3NpgQ8sck-2zmB-RAghvQ== date Sat, 23 Nov 2024 08:50:23 GMT content-type image/png last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	ic-menu6.png kancilwin.makeup/btn-menu/	6 KB 6 KB	291ms 250ms	Image image/png	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/btn-menu/ic-menu6.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 4b891cc515bb8eec6f44426193acf1f0c86135f10cb1f3a13018228ab46df86f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers etag "66a25fa2-169b" age 4388 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 5787 x-amz-cf-id f83xYQCfmbLDxTji40kzXYS8vgLiuYARsEGKot5Lug-5mdwAM9fDxQ== date Sat, 23 Nov 2024 08:50:23 GMT content-type image/png last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	ic-menu11.png kancilwin.makeup/btn-menu/	7 KB 8 KB	267ms 225ms	Image image/png	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/btn-menu/ic-menu11.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash e1a3556fdf7ab4b24637f652e305736b2fe89145a39633f088288267600a3fde Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers etag "66a25fa2-1df3" age 4386 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 7667 x-amz-cf-id VD31SwAxvJGMwtoDZ6pwQc06gGCPcY69gr1iPRkDRopPCXWgTDMr_Q== date Sat, 23 Nov 2024 08:50:26 GMT content-type image/png last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	202	ic-menu7.png kancilwin.makeup/btn-menu/	0 366 B	218ms 177ms	Image text/html	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/btn-menu/ic-menu7.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers access-control-max-age 86400 cache-control no-store, max-age=0 access-control-allow-methods OPTIONS,GET,POST via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Error from cloudfront content-length 0 x-amz-cf-id GpfuI8gP2JLTM-cAOq4hdURvcjjl5TMFQS55Ds5ipK-_WbXIXIflFg== date Sat, 23 Nov 2024 10:03:32 GMT content-type text/html; charset=UTF-8 x-amz-cf-pop JFK50-P5 server CloudFront x-amzn-waf-action challenge
GET H2	202	ic-menu8.png kancilwin.makeup/btn-menu/	0 366 B	219ms 178ms	Image text/html	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/btn-menu/ic-menu8.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers access-control-max-age 86400 cache-control no-store, max-age=0 access-control-allow-methods OPTIONS,GET,POST via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Error from cloudfront content-length 0 x-amz-cf-id J4Oh6kilekrDw6yHKOslMYa2MZ6QUdmMgUqtizOW75lCnplaYGFxgg== date Sat, 23 Nov 2024 10:03:32 GMT content-type text/html; charset=UTF-8 x-amz-cf-pop JFK50-P5 server CloudFront x-amzn-waf-action challenge
GET H2	202	ic-menu9.png kancilwin.makeup/btn-menu/	0 366 B	223ms 183ms	Image text/html	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/btn-menu/ic-menu9.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers access-control-max-age 86400 cache-control no-store, max-age=0 access-control-allow-methods OPTIONS,GET,POST via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Error from cloudfront content-length 0 x-amz-cf-id QkrL4160cWGqC7zQ471k9Ucnc4hoN7YXoNMZmtnmC7XAHuYl2QKOdw== date Sat, 23 Nov 2024 10:03:32 GMT content-type text/html; charset=UTF-8 x-amz-cf-pop JFK50-P5 server CloudFront x-amzn-waf-action challenge
GET H2	202	h-1.png kancilwin.makeup/btn-menu/	0 366 B	217ms 177ms	Image text/html	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/btn-menu/h-1.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers access-control-max-age 86400 cache-control no-store, max-age=0 access-control-allow-methods OPTIONS,GET,POST via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Error from cloudfront content-length 0 x-amz-cf-id SQkjkHseNe2N9pF_fYSFZXNJdudO1uKSK6cFbiGWuR27_oz3KW1odg== date Sat, 23 Nov 2024 10:03:32 GMT content-type text/html; charset=UTF-8 x-amz-cf-pop JFK50-P5 server CloudFront x-amzn-waf-action challenge
GET H2	200	h-2.png kancilwin.makeup/btn-menu/	9 KB 9 KB	321ms 281ms	Image image/png	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/btn-menu/h-2.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash f445c82a445552ee1bf897b8e4019ba12b8dd332bf41fe5790ca977be24d97da Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers etag "66a25fa2-2325" age 4382 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 8997 x-amz-cf-id PlbIVlBgfo-Yk9-V59-wRx0CMj8sDSXeWnJDdbdwZwgNo8FF9PBmoQ== date Sat, 23 Nov 2024 08:50:30 GMT content-type image/png last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	202	h-3.png kancilwin.makeup/btn-menu/	0 367 B	222ms 178ms	Image text/html	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/btn-menu/h-3.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers access-control-max-age 86400 cache-control no-store, max-age=0 access-control-allow-methods OPTIONS,GET,POST via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Error from cloudfront content-length 0 x-amz-cf-id KtXPXkNfQWKGO-I7lqNsWwdRYLV6oVbMcmpFFmq_kKWMbRK7ZonpVg== date Sat, 23 Nov 2024 10:03:32 GMT content-type text/html; charset=UTF-8 x-amz-cf-pop JFK50-P5 server CloudFront x-amzn-waf-action challenge
GET H2	202	h-4.png kancilwin.makeup/btn-menu/	0 367 B	218ms 175ms	Image text/html	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/btn-menu/h-4.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers access-control-max-age 86400 cache-control no-store, max-age=0 access-control-allow-methods OPTIONS,GET,POST via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Error from cloudfront content-length 0 x-amz-cf-id Hr71WYzDewOnhz7nqaCUAQLxyX5nFcwLtSsvHA1s3xZTNbl9HZJeCw== date Sat, 23 Nov 2024 10:03:32 GMT content-type text/html; charset=UTF-8 x-amz-cf-pop JFK50-P5 server CloudFront x-amzn-waf-action challenge
GET H2	200	h-8.png kancilwin.makeup/btn-menu/	9 KB 9 KB	265ms 222ms	Image image/png	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/btn-menu/h-8.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 1367a6641f912c829148ea376c3727b1fca1141ba0b9e0aaed2cddfaf77d8644 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers etag "66a25fa2-221a" age 7142 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 8730 x-amz-cf-id 0iEUtTKA9tUdYuGbD0ZYcBcCyxnuGhh1Na8diARZYQZMGxSuQ1Z0DA== date Sat, 23 Nov 2024 08:04:29 GMT content-type image/png last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	h-5.png kancilwin.makeup/btn-menu/	6 KB 6 KB	290ms 247ms	Image image/png	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/btn-menu/h-5.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 784bae4366186c2036406f99121bf4f3e9e26f97b8a1ae976b9571c14120c873 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers etag "66a25fa2-175a" age 7143 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 5978 x-amz-cf-id W2Dsk9JaDDax6KBXSdqyqqOiceLQybX3fToRyssrvE16fNGyWrwDOw== date Sat, 23 Nov 2024 08:04:29 GMT content-type image/png last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	202	h-6.png kancilwin.makeup/btn-menu/	0 367 B	235ms 193ms	Image text/html	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/btn-menu/h-6.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers access-control-max-age 86400 cache-control no-store, max-age=0 access-control-allow-methods OPTIONS,GET,POST via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Error from cloudfront content-length 0 x-amz-cf-id SccSxLDcqKM8doTYwqNDxNxDjwHGnLi59psIRG6aaLZRDxuopTzVmg== date Sat, 23 Nov 2024 10:03:32 GMT content-type text/html; charset=UTF-8 x-amz-cf-pop JFK50-P5 server CloudFront x-amzn-waf-action challenge
GET H2	200	h-7.png kancilwin.makeup/btn-menu/	8 KB 8 KB	290ms 248ms	Image image/png	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/btn-menu/h-7.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash b73a332f68ec9944e8d612e28b1849b57d8d034fc5f599259ad0605e1fd38508 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers etag "66a25fa2-1ffa" age 7143 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 8186 x-amz-cf-id APmSQndX4HH6Zmb5cfFoXUl5BwoWIz8ubr46fcOO9jcfaEpcrfqR6w== date Sat, 23 Nov 2024 08:04:29 GMT content-type image/png last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	spin.svg kancilwin.makeup/img/	3 KB 1 KB	833ms 791ms	Image image/svg+xml	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/img/spin.svg Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 30455e5983d92b9a6391deb9e5c301af45e99d7f6a9e2122717e7a36b31bd9e4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers x-amz-cf-pop JFK50-P5 content-encoding br etag W/"66a25fa5-c8d" via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) x-cache Miss from cloudfront x-amz-cf-id dEs_f6pxNLCOwaphPs2DbrlBYMpJ0hDOTDMzt7Ce3xYRFo22LRYJNg== date Sat, 23 Nov 2024 10:03:33 GMT content-type image/svg+xml vary Accept-Encoding, Origin server nginx last-modified Thu, 25 Jul 2024 14:22:29 GMT x-powered-by PleskLin
GET H2	200	wheel2.png kancilwin.makeup/icon/	7 KB 7 KB	264ms 222ms	Image image/png	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/icon/wheel2.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 290588a5378eb7dc24f4d2e1b6110cf3c7c0ca60451d2a9f96ae3478e71d24fe Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers etag "66a25fa5-1c67" age 7142 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 7271 x-amz-cf-id 2KdCFovEvlk6CFnInBUv1u7-bHXeIwHy7jFirU8_dgyxBKilvYnZ3A== date Sat, 23 Nov 2024 08:04:29 GMT content-type image/png last-modified Thu, 25 Jul 2024 14:22:29 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	wheel.png kancilwin.makeup/icon/	9 KB 9 KB	262ms 221ms	Image image/png	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/icon/wheel.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 8602235707a63cf533b276e58ee9c4ef4fde9c9dc8fe1a12b2a36ceedfee4b04 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers etag "66a25fa5-22d4" age 7142 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 8916 x-amz-cf-id kG_V6jkQtR9ketGdLqQK1w9fqfq6FWkoIR8xnoYu9wFqm8wNvndMAA== date Sat, 23 Nov 2024 08:04:29 GMT content-type image/png last-modified Thu, 25 Jul 2024 14:22:29 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	btn-1.png kancilwin.makeup/btn-menu/	10 KB 10 KB	310ms 269ms	Image image/png	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/btn-menu/btn-1.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash ab77c63d2e4dbad58e95a2984c8b37a9d7f28daaa575e75a6cac4f8f698cbee8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers etag "66a25fa2-2674" age 7142 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 9844 x-amz-cf-id m9uvFdjhLUb-Swafk96xrogWtEnN-G4thIL1f2mcWckXMy9UB0lcUg== date Sat, 23 Nov 2024 08:04:29 GMT content-type image/png last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	202	btn-2.png kancilwin.makeup/btn-menu/	0 367 B	218ms 178ms	Image text/html	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/btn-menu/btn-2.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers access-control-max-age 86400 cache-control no-store, max-age=0 access-control-allow-methods OPTIONS,GET,POST via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Error from cloudfront content-length 0 x-amz-cf-id iUYN6iLxJJnmwnzGi4onLbBDDwHnjPHUgy273QEs6wwZVjRKoQ7qNw== date Sat, 23 Nov 2024 10:03:32 GMT content-type text/html; charset=UTF-8 x-amz-cf-pop JFK50-P5 server CloudFront x-amzn-waf-action challenge
GET H2	202	btn-3.png kancilwin.makeup/btn-menu/	0 367 B	234ms 193ms	Image text/html	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/btn-menu/btn-3.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers access-control-max-age 86400 cache-control no-store, max-age=0 access-control-allow-methods OPTIONS,GET,POST via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Error from cloudfront content-length 0 x-amz-cf-id 0pd2EiVBJHLUUlqIZVszMWPJLWAbJWhqltOePwUd9vUJdICBxVwUcQ== date Sat, 23 Nov 2024 10:03:32 GMT content-type text/html; charset=UTF-8 x-amz-cf-pop JFK50-P5 server CloudFront x-amzn-waf-action challenge
GET H2	200	btn-4.png kancilwin.makeup/btn-menu/	9 KB 10 KB	301ms 261ms	Image image/png	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/btn-menu/btn-4.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash a089ecc6e866c73622df33f450e163928fb9a2c73b73d4b035c3a6c5c52a2bf9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers etag "66a25fa2-2550" age 7142 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 9552 x-amz-cf-id MBejQOqbFDjA6BvV6uLOpZXQ_Cb0MJq08x1xgZZs6bdE0RHJEJR9wg== date Sat, 23 Nov 2024 08:04:29 GMT content-type image/png last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	202	btn-8.png kancilwin.makeup/btn-menu/	0 366 B	234ms 194ms	Image text/html	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/btn-menu/btn-8.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers access-control-max-age 86400 cache-control no-store, max-age=0 access-control-allow-methods OPTIONS,GET,POST via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Error from cloudfront content-length 0 x-amz-cf-id QuobBt4dUkFgOgO-0FV3TjGROfzPde8_6D92aGxo1H6fKZI5CHIGIQ== date Sat, 23 Nov 2024 10:03:32 GMT content-type text/html; charset=UTF-8 x-amz-cf-pop JFK50-P5 server CloudFront x-amzn-waf-action challenge
GET H2	200	btn-5.png kancilwin.makeup/btn-menu/	9 KB 9 KB	295ms 256ms	Image image/png	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/btn-menu/btn-5.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 12f53d220033846fae137f4216d0b49e5db835a5423e8bd88d2c42296381b387 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers etag "66a25fa2-221e" age 7142 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 8734 x-amz-cf-id pBpgimSlHBpRsVztcbfVkZIU593U7iyy98sfCtY0RfaCMSOZK27Tsw== date Sat, 23 Nov 2024 08:04:29 GMT content-type image/png last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	202	btn-6.png kancilwin.makeup/btn-menu/	0 366 B	312ms 273ms	Image text/html	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/btn-menu/btn-6.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers access-control-max-age 86400 cache-control no-store, max-age=0 access-control-allow-methods OPTIONS,GET,POST via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Error from cloudfront content-length 0 x-amz-cf-id IJewD0Zv1_V6G4KiMc443kIO26h8u1fuHTuMUCEKQLzhg7O47uG6cQ== date Sat, 23 Nov 2024 10:03:32 GMT content-type text/html; charset=UTF-8 x-amz-cf-pop JFK50-P5 server CloudFront x-amzn-waf-action challenge
GET H2	202	btn-7.png kancilwin.makeup/btn-menu/	0 366 B	313ms 274ms	Image text/html	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/btn-menu/btn-7.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers access-control-max-age 86400 cache-control no-store, max-age=0 access-control-allow-methods OPTIONS,GET,POST via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Error from cloudfront content-length 0 x-amz-cf-id 45YkbE_t_WpCr1q3AC2NJ3aU8yF1nCbcnVxy4BGmLXN3u4B2wOe6gw== date Sat, 23 Nov 2024 10:03:32 GMT content-type text/html; charset=UTF-8 x-amz-cf-pop JFK50-P5 server CloudFront x-amzn-waf-action challenge
GET H2	200	tab-hot.png kancilwin.makeup/tab/	13 KB 14 KB	327ms 289ms	Image image/png	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/tab/tab-hot.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 7bc057126aa7dd6142b906966a657d2b616302449ad9ac94777e748e3fda248b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers etag "66a25fa5-351c" age 7142 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 13596 x-amz-cf-id yFMGdhCpJSAnGCrQMnZydYu-yEKeN5rhqXxk_23mg6Op5kmkQeT4zQ== date Sat, 23 Nov 2024 08:04:29 GMT content-type image/png last-modified Thu, 25 Jul 2024 14:22:29 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	202	tab-4.png kancilwin.makeup/img/	0 368 B	319ms 281ms	Image text/html	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/img/tab-4.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers access-control-max-age 86400 cache-control no-store, max-age=0 access-control-allow-methods OPTIONS,GET,POST via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Error from cloudfront content-length 0 x-amz-cf-id dquNwfIfZShYaXiUb63x8YVvwVNJg_jDDctS-ZLMV-ZBlH1xbZyE-Q== date Sat, 23 Nov 2024 10:03:32 GMT content-type text/html; charset=UTF-8 x-amz-cf-pop JFK50-P5 server CloudFront x-amzn-waf-action challenge
GET H2	202	btn-service1.png kancilwin.makeup/btn-menu/	0 367 B	313ms 275ms	Image text/html	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/btn-menu/btn-service1.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers access-control-max-age 86400 cache-control no-store, max-age=0 access-control-allow-methods OPTIONS,GET,POST via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Error from cloudfront content-length 0 x-amz-cf-id QqdOcvNQHEcLCHRL3ycvE3AYWj75zPbrAqdwci6u-QaG2ZNPLpT4ww== date Sat, 23 Nov 2024 10:03:32 GMT content-type text/html; charset=UTF-8 x-amz-cf-pop JFK50-P5 server CloudFront x-amzn-waf-action challenge
GET H2	200	btn-service2.png kancilwin.makeup/btn-menu/	19 KB 20 KB	325ms 288ms	Image image/png	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/btn-menu/btn-service2.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash db8e75b84c22428c04ebba128c6d793f1febdc70964e38290a91dae78c2b72bc Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers etag "66a25fa2-4d52" age 7142 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 19794 x-amz-cf-id f9hsWfhMnD_4omzLfp_UKU-mCJToSO0K_xFSNhModT3NBQpnu9W38A== date Sat, 23 Nov 2024 08:04:29 GMT content-type image/png last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	btn-service3.png kancilwin.makeup/btn-menu/	20 KB 20 KB	329ms 291ms	Image image/png	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/btn-menu/btn-service3.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 3e8878923927abf1b3ef8c58a87ce05960c336005ba8730198fbcf9dbea45ead Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers etag "66a25fa2-4e27" age 7142 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 20007 x-amz-cf-id aDyRN26VM7564HnmKm6TnXh5OtgFQtflI2CGPw670lWqDx7Fm1sztA== date Sat, 23 Nov 2024 08:04:29 GMT content-type image/png last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	icon-game.png kancilwin.makeup/tab/	134 KB 134 KB	353ms 317ms	Image image/png	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/tab/icon-game.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash c01e7fcb58e0c34e5e26ab3140bb3e416418235603c05c20669e98f1d79308cf Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers etag "66a25fa5-21745" age 7142 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 137029 x-amz-cf-id RaLlYswJuIxZykRC5OLllJFN2UqqLVN62gS30xlHPF6V7jV8rFyA7g== date Sat, 23 Nov 2024 08:04:29 GMT content-type image/png last-modified Thu, 25 Jul 2024 14:22:29 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	icon-game-mo.png kancilwin.makeup/tab/	101 KB 101 KB	323ms 287ms	Image image/png	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/tab/icon-game-mo.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash d37b4e68c9543fbc25324fafc7b08347a20a468aac40d4c5f5b3a73eeb567467 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers etag "66a25fa5-1935e" age 7142 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 103262 x-amz-cf-id L0qRq-gZbR6TLzn-DfrqTYp-zxe_hU3QwrmuqwX2tNsOj8nIbI7sLg== date Sat, 23 Nov 2024 08:04:29 GMT content-type image/png last-modified Thu, 25 Jul 2024 14:22:29 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	202	ic-lc.png kancilwin.makeup/tab/	0 366 B	311ms 275ms	Image text/html	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/tab/ic-lc.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers access-control-max-age 86400 cache-control no-store, max-age=0 access-control-allow-methods OPTIONS,GET,POST via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Error from cloudfront content-length 0 x-amz-cf-id HiBV1AGhPuLrmOAnGj_yDUJFPWTe2CYKYcfIiFvUKHOI0BAXw00eEA== date Sat, 23 Nov 2024 10:03:32 GMT content-type text/html; charset=UTF-8 x-amz-cf-pop JFK50-P5 server CloudFront x-amzn-waf-action challenge
GET H2	200	ic-lc-mo.png kancilwin.makeup/tab/	45 KB 46 KB	427ms 391ms	Image image/png	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/tab/ic-lc-mo.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 06514d0fb4a038f791a94f4d3bfc5f696fae8048af9e1780fd1de8b200b369a4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers etag "66a25fa5-b4cb" age 7142 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 46283 x-amz-cf-id ZV18z4Fa7eAtemFHLSTMiiiHCyOxa5hocUkeOm-Fp9R-O4ktU3K1wg== date Sat, 23 Nov 2024 08:04:29 GMT content-type image/png last-modified Thu, 25 Jul 2024 14:22:29 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	menu-1.png kancilwin.makeup/btn-menu/	7 KB 7 KB	324ms 290ms	Image image/png	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/btn-menu/menu-1.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash be8b0ffc24a4779622b149dc26953155e532be19d4665fb9645c126ae27476f7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers etag "66a25fa2-1b2a" age 7142 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 6954 x-amz-cf-id NGcjeNGpv83zS5-dTjmG3YnfODTj1y_gSCmRDbggHFXiIMW9BuB53Q== date Sat, 23 Nov 2024 08:04:29 GMT content-type image/png last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	menu-2.png kancilwin.makeup/btn-menu/	5 KB 5 KB	447ms 413ms	Image image/png	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/btn-menu/menu-2.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash e5cb36cef3e9b2cbf5d402b1df3117bda3552bd805d33263852a5e9d50a3ebef Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers etag "66a25fa2-132d" age 7142 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 4909 x-amz-cf-id lZtVSkQNMxy2Q54OhjzJceMOLlZeM59SQSDkuCamr5Fpw-HnfgaIxA== date Sat, 23 Nov 2024 08:04:29 GMT content-type image/png last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	menu-3.png kancilwin.makeup/btn-menu/	5 KB 5 KB	423ms 389ms	Image image/png	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/btn-menu/menu-3.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 7857636c4eb41b16ed84cbbb7372bbaba381a5db68216151e32b5017ebcea0e6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers etag "66a25fa2-1202" age 7142 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 4610 x-amz-cf-id lVNqX5XvpfANQJzUE0HtoLywvYIT7k0X6h7Q7S578Tsu2-3SxCvVew== date Sat, 23 Nov 2024 08:04:29 GMT content-type image/png last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	202	menu-4.png kancilwin.makeup/btn-menu/	0 366 B	315ms 281ms	Image text/html	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/btn-menu/menu-4.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers access-control-max-age 86400 cache-control no-store, max-age=0 access-control-allow-methods OPTIONS,GET,POST via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Error from cloudfront content-length 0 x-amz-cf-id 3jKoQjQuY5lpubUAyvcrZ_ndRqtoMzbxCNYGrsGzg1W0Uu6mi0OCCw== date Sat, 23 Nov 2024 10:03:32 GMT content-type text/html; charset=UTF-8 x-amz-cf-pop JFK50-P5 server CloudFront x-amzn-waf-action challenge
GET H2	202	menu-5.png kancilwin.makeup/btn-menu/	0 365 B	313ms 279ms	Image text/html	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/btn-menu/menu-5.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers access-control-max-age 86400 cache-control no-store, max-age=0 access-control-allow-methods OPTIONS,GET,POST via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Error from cloudfront content-length 0 x-amz-cf-id OVlcpPFxl-j1ZhNe9MU0PYq7dh1ytFf8Cq52a8lCgUHni7Ubtlqt3Q== date Sat, 23 Nov 2024 10:03:32 GMT content-type text/html; charset=UTF-8 x-amz-cf-pop JFK50-P5 server CloudFront x-amzn-waf-action challenge
GET H2	200	swiper-bundle.min.css unpkg.com/swiper@8.4.7/ Redirect Chain https://unpkg.com/swiper@8/swiper-bundle.min.css https://unpkg.com/swiper@8.4.7/swiper-bundle.min.css	16 KB 5 KB	78ms 78ms	Stylesheet text/css	2606:4700::6811:f8cb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/swiper@8.4.7/swiper-bundle.min.css Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Server 2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 322d15d99efb792c941a5202fa8fc7ee9e932847227383ff9605163338a08eac Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding br cf-cache-status HIT etag "406d-rwCOh5O6dcNGNg6U6W482jFM4n8" age 1206990 x-content-type-options nosniff date Sat, 23 Nov 2024 10:03:32 GMT content-type text/css; charset=utf-8 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01JC88HKPP4DM2EABWCBZ81K8E-mia vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31536000 via 1.1 fly.io cf-ray 8e705479695fa584-MIA access-control-allow-origin * server cloudflare Redirect headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, s-maxage=600, max-age=60 location /swiper@8.4.7/swiper-bundle.min.css content-encoding br cf-cache-status HIT age 210 x-content-type-options nosniff via 1.1 fly.io cf-ray 8e705478e91ea584-MIA access-control-allow-origin * date Sat, 23 Nov 2024 10:03:32 GMT content-type text/plain; charset=utf-8 vary Accept, Accept-Encoding fly-request-id 01JDC7DM93ANPB9TG4Z8PYFK9A-mia server cloudflare
GET H2	200	swiper-bundle.min.js Show response unpkg.com/swiper@8.4.7/ Redirect Chain https://unpkg.com/swiper@8/swiper-bundle.min.js https://unpkg.com/swiper@8.4.7/swiper-bundle.min.js	140 KB 51 KB	74ms 74ms	Script application/javascript	2606:4700::6811:f8cb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/swiper@8.4.7/swiper-bundle.min.js Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Server 2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f645b12f27c4e9c1210d5725cfa894b86464372e7b1becbe47126a5fe82f9ade Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding br cf-cache-status HIT etag "2315a-9NyNRghnOcWBIRhbLQ9OGQcQ8Rs" age 944168 x-content-type-options nosniff date Sat, 23 Nov 2024 10:03:32 GMT content-type application/javascript; charset=utf-8 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01JCG36A5MKRMJF31050QK9B23-mia vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31536000 via 1.1 fly.io cf-ray 8e7054796960a584-MIA access-control-allow-origin * server cloudflare Redirect headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, s-maxage=600, max-age=60 location /swiper@8.4.7/swiper-bundle.min.js content-encoding br cf-cache-status HIT age 103 x-content-type-options nosniff via 1.1 fly.io cf-ray 8e705478e91fa584-MIA access-control-allow-origin * date Sat, 23 Nov 2024 10:03:32 GMT content-type text/plain; charset=utf-8 vary Accept, Accept-Encoding fly-request-id 01JDC7GXBV0RAW4WYAH3BSPD3F-mia server cloudflare
GET H2	200	jquery-3.5.1.min.js Show response kancilwin.makeup/assets/js/lib/	89 KB 30 KB	174ms 128ms	Script text/javascript	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kancilwin.makeup/assets/js/lib/jquery-3.5.1.min.js Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 89fcf327c7e8b8776831a8ddb7bc760da489619bcf6fb0b6e24741b2ceedf0d6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding br etag W/"66a25fa2-1651e" age 45372 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id 9QD6fddASKbX2AKD3LCoH5ZebqM8PVhcg1FEajlWkDYt56yPVjyrfA== date Fri, 22 Nov 2024 21:27:20 GMT content-type text/javascript last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	popper.min.js Show response kancilwin.makeup/assets/js/lib/	21 KB 7 KB	169ms 123ms	Script text/javascript	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kancilwin.makeup/assets/js/lib/popper.min.js Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding br etag W/"66a25fa2-520c" age 45376 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id J2iKLYtMNBjHOL-78XTKXwDb0LM-taHBtXSOR3PkK5SxMSpa6cvw4Q== date Fri, 22 Nov 2024 21:27:16 GMT content-type text/javascript last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	bootstrap.min.js Show response kancilwin.makeup/assets/js/lib/	57 KB 15 KB	158ms 112ms	Script text/javascript	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kancilwin.makeup/assets/js/lib/bootstrap.min.js Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding br etag W/"66a25fa2-e2d8" age 45370 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id 5SIiTxLwASvL45VBlOANq7GXMJUOAmQDBYG5v8vi8tzY0ipU1q3j0g== date Fri, 22 Nov 2024 21:27:22 GMT content-type text/javascript last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	ionicons.js Show response unpkg.com/ionicons@5.0.0/dist/	958 B 628 B	110ms 65ms	Script application/javascript	2606:4700::6811:f8cb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/ionicons@5.0.0/dist/ionicons.js Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e4586c43ad318b0d2e9a31e97f07b07566b2284dc37ccbf9aa8611979a029168 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding br cf-cache-status HIT etag "3be-uNPMa5ta6OqF1Q3R1VYxDGb4EWA" age 1543574 x-content-type-options nosniff date Sat, 23 Nov 2024 10:03:32 GMT content-type application/javascript; charset=utf-8 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01JBY7HMXFGJ1RMX4XW725W2PB-mia vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31536000 via 1.1 fly.io cf-ray 8e705478e920a584-MIA access-control-allow-origin * server cloudflare
GET H2	200	jquery.validate.min.js Show response kancilwin.makeup/assets/js/plugins/	24 KB 8 KB	173ms 127ms	Script text/javascript	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kancilwin.makeup/assets/js/plugins/jquery.validate.min.js Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash b0f074179d185032b4a2d0e7b1f3476b0626039334a638d47f84ef44990616b2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding br etag W/"66a25fa2-5f38" age 45365 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id I95XS729f_XGvojQB94701GDYYJj0ldp_5A8OEkzD9-qiYlaGpO88Q== date Fri, 22 Nov 2024 21:27:27 GMT content-type text/javascript last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	202	owl.carousel.min.js Show response kancilwin.makeup/assets/js/plugins/owl-carousel/	0 365 B	148ms 102ms	Script text/html	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kancilwin.makeup/assets/js/plugins/owl-carousel/owl.carousel.min.js Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers access-control-max-age 86400 cache-control no-store, max-age=0 access-control-allow-methods OPTIONS,GET,POST via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Error from cloudfront content-length 0 x-amz-cf-id Abm87NK5tcJmomHmIWecBZC2E-mLszJ8xj103hgpdDPjkuo5ChgbJQ== date Sat, 23 Nov 2024 10:03:32 GMT content-type text/html; charset=UTF-8 x-amz-cf-pop JFK50-P5 server CloudFront x-amzn-waf-action challenge
GET H2	202	sweetalert2.min.js Show response kancilwin.makeup/assets/js/plugins/sweetalert/	0 365 B	148ms 103ms	Script text/html	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kancilwin.makeup/assets/js/plugins/sweetalert/sweetalert2.min.js Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers access-control-max-age 86400 cache-control no-store, max-age=0 access-control-allow-methods OPTIONS,GET,POST via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Error from cloudfront content-length 0 x-amz-cf-id uQa9k52-shvvm9eN9iT3Jc1u08TgKGLPr4gXrQQNDhJChEtl_4zReQ== date Sat, 23 Nov 2024 10:03:32 GMT content-type text/html; charset=UTF-8 x-amz-cf-pop JFK50-P5 server CloudFront x-amzn-waf-action challenge
GET H2	200	plugins.js Show response kancilwin.makeup/assets/js/plugins/sly/	5 KB 2 KB	190ms 145ms	Script text/javascript	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kancilwin.makeup/assets/js/plugins/sly/plugins.js Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 9a2261452883e198c4d240618f9ac2dbf46c1c478d5473c92a69caf802e6cdc1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding br etag W/"66a25fa2-12c2" age 7143 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id RYsJZ-TnejamNAHWjUPKFGDZP3XT_3Lkm1fmKVIpKhveE_B16URETA== date Sat, 23 Nov 2024 08:04:29 GMT content-type text/javascript last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	sly.min.js Show response kancilwin.makeup/assets/js/plugins/sly/	18 KB 7 KB	163ms 118ms	Script text/javascript	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kancilwin.makeup/assets/js/plugins/sly/sly.min.js Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash e8dc09e4ddc3c326ef6341498e7e8e70af3a848713429b909be53c947b43da10 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding br etag W/"66a25fa2-48de" age 45361 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id 6Y8VHjVGabXQDz4oVnQ6Up0G2XuA1attJg1PbKcCtuWDNhaRIDQ5Sg== date Fri, 22 Nov 2024 21:27:31 GMT content-type text/javascript last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	script.js Show response kancilwin.makeup/assets/js/plugins/sly/	9 KB 1 KB	194ms 149ms	Script text/javascript	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kancilwin.makeup/assets/js/plugins/sly/script.js Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 8cbbc1321b552c0219b74c45e3019e7fc26cfb25df54437fb377a57b3a7985ae Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding br etag W/"66a25fa2-239d" age 45268 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id xb1vsxnt-30Ljc2cSnJVUDCQ0E81C5Cfav5w0HkLIIqjW9GJqm28jg== date Fri, 22 Nov 2024 21:29:04 GMT content-type text/javascript last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	swiper.js Show response kancilwin.makeup/assets/js/plugins/swiper/	236 KB 41 KB	200ms 155ms	Script text/javascript	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kancilwin.makeup/assets/js/plugins/swiper/swiper.js Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 7fa6ffb0d0bf2f78d52fdddd15eae512e9749f40b41acc56b12f8090fa3477ae Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding br etag W/"66a25fa2-3b113" age 45362 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id 1IFAbLvxlljI7PH_NnUo1vNVrm7uSC_FumsFqG4ZhQ_W60LA63m4KA== date Fri, 22 Nov 2024 21:27:30 GMT content-type text/javascript last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	script.js Show response kancilwin.makeup/assets/js/plugins/swiper/	568 B 688 B	171ms 127ms	Script text/javascript	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kancilwin.makeup/assets/js/plugins/swiper/script.js Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 84f1140125752635c393e1a9137a424eed6bb771ac850e9ade47868225dbe2bc Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding gzip etag "238-61e131fc69bfb-gzip" age 45359 x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id 82A5hVHtfVtj8XW45PSkBfJ3nM-pmO9IwlV0moMEOj5IAIAdXb2Kyg== date Fri, 22 Nov 2024 21:27:32 GMT content-type text/javascript vary Accept-Encoding last-modified Thu, 25 Jul 2024 14:22:26 GMT x-frame-options SAMEORIGIN x-accel-version 0.01 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes content-length 225 x-xss-protection 1; mode=block x-amz-cf-pop JFK50-P5 x-powered-by PleskLin server nginx
GET H2	200	base.js Show response kancilwin.makeup/assets/js/	5 KB 1 KB	193ms 149ms	Script text/javascript	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kancilwin.makeup/assets/js/base.js Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 4cb6b457a9fefab4d37535344203867b5eb629f001cc667c846e95a69486bc6e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding br etag W/"66a25fa2-14ac" age 45357 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id IbFSu1bTI5JGy11YvVH9qSoFTDTKol5r7AxXeuuPisGONo7Ei-Q7Ow== date Fri, 22 Nov 2024 21:27:34 GMT content-type text/javascript last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	function.js Show response kancilwin.makeup/assets/js/	3 KB 1 KB	192ms 148ms	Script text/javascript	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kancilwin.makeup/assets/js/function.js Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 1cd5290c9ac939a7fe377e40c807fffd98b7180d30b7fee2a6641af7dc4ca8c4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding br etag W/"66a25fa2-c08" age 45355 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id EGPP3o_dfoROEoxd2JHlrMTIOJkr7JKJPGpDPWSg8ev2BhcV_SPfhw== date Fri, 22 Nov 2024 21:27:37 GMT content-type text/javascript last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	script-side.js Show response kancilwin.makeup/assets/js/	607 B 671 B	294ms 250ms	Script text/javascript	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kancilwin.makeup/assets/js/script-side.js Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash bf0307988f9bc16d7f6d798eb78d38cf5c8703d8002bd468b62c904017b2fec2 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding gzip etag "25f-61e131fc69bfb-gzip" age 45271 x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id 6VFNIpPvwP-bPSeP6gCyuHUl-ze6PiMYWXc7aB3MWxTUViFRk5K0jg== date Fri, 22 Nov 2024 21:29:00 GMT content-type text/javascript vary Accept-Encoding last-modified Thu, 25 Jul 2024 14:22:26 GMT x-frame-options SAMEORIGIN x-accel-version 0.01 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes content-length 207 x-xss-protection 1; mode=block x-amz-cf-pop JFK50-P5 x-powered-by PleskLin server nginx
GET H2	202	script-jackpot.js Show response kancilwin.makeup/assets/js/	0 366 B	216ms 173ms	Script text/html	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kancilwin.makeup/assets/js/script-jackpot.js Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers access-control-max-age 86400 cache-control no-store, max-age=0 access-control-allow-methods OPTIONS,GET,POST via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Error from cloudfront content-length 0 x-amz-cf-id YoPVEwmCkcI2pP3bRAQgjG__28bNnbZY_iYgXlM_kbJGAeTE80CaHg== date Sat, 23 Nov 2024 10:03:32 GMT content-type text/html; charset=UTF-8 x-amz-cf-pop JFK50-P5 server CloudFront x-amzn-waf-action challenge
GET H2	200	top-footer.js Show response kancilwin.makeup/assets/js/custom/	5 KB 1 KB	227ms 184ms	Script text/javascript	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kancilwin.makeup/assets/js/custom/top-footer.js Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 721159a856828f0145bfa0a5b8f28a40c145547efcbe1eb5260429f2f9ccebc4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding br etag W/"66a25fa2-15ea" age 45354 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id 3BTcmF5PpL9guchdRxjB-1eOhdvlttsAKNQI3uTQGqq8TIWk3hPuQA== date Fri, 22 Nov 2024 21:27:38 GMT content-type text/javascript last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	jssor.slider-28.1.0.min.js Show response kancilwin.makeup/assets/js/plugins/slider/	55 KB 24 KB	243ms 200ms	Script text/javascript	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kancilwin.makeup/assets/js/plugins/slider/jssor.slider-28.1.0.min.js Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash dc4112b369f9be1abb3af3eeadf8831354a16b8eaa0beb40cfa89defcddfd62f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding br etag W/"66a25fa2-dd2f" age 45358 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id qoIi6tjKd_1_3xDTsoB6UVFPGRHgQ-c7qlsSVAraJI93_NBgrM9aGA== date Fri, 22 Nov 2024 21:27:34 GMT content-type text/javascript last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	script.js Show response kancilwin.makeup/assets/js/plugins/slider/	4 KB 1 KB	246ms 203ms	Script text/javascript	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kancilwin.makeup/assets/js/plugins/slider/script.js Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 00b32f791552c13dca8856916ad8e0c9193c3ea5d4c3d127f5bd3005aa969f76 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding br etag W/"66a25fa2-fe4" age 39852 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id lN4wY-Cm4DboXPftASX5TRUn24bGaUpbYuRzTvE0oVBEKQgdPyHkkg== date Fri, 22 Nov 2024 22:59:20 GMT content-type text/javascript last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	id1.js Show response kancilwin.makeup/assets/js/custom/	2 KB 801 B	241ms 199ms	Script text/javascript	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kancilwin.makeup/assets/js/custom/id1.js Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash deba2121043fa07b4fc1325c8af83dc28d7e627dc3311c954b8da0564808393b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding br etag W/"66a25fa2-65d" age 45271 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id F8bLrmSjOI-XKUcEfDQ4vRa2NOUeRCQfSAkMdafpDMnufOHChZwMcA== date Fri, 22 Nov 2024 21:29:01 GMT content-type text/javascript last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	bootstrap.min.css kancilwin.makeup/assets/css/src/bootstrap/	157 KB 21 KB	212ms 210ms	Stylesheet text/css	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kancilwin.makeup/assets/css/src/bootstrap/bootstrap.min.css Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/assets/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash a95979a7e84a39334494b11ed360ecca2ce663a8b0c6b73ccd37d16980fe7922 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/assets/css/style.css Response headers content-encoding br etag W/"66a25fa2-27362" age 45366 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id vzf7YeFAdBT5SaR_DSShgghaCVtpYup5gX_wEotmhVME0iZfOLLsFw== date Fri, 22 Nov 2024 21:27:26 GMT content-type text/css last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	owl.carousel.min.css kancilwin.makeup/assets/css/src/owl-carousel/	3 KB 1 KB	123ms 122ms	Stylesheet text/css	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kancilwin.makeup/assets/css/src/owl-carousel/owl.carousel.min.css Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/assets/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/assets/css/style.css Response headers content-encoding br etag W/"66a25fa2-d17" age 56811 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id g-LsN6cwxb6NXS4Ua031I1lYjQMn_DfklcUTdqehgvs5kb3vhGZNow== date Fri, 22 Nov 2024 18:16:41 GMT content-type text/css last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	owl.theme.default.css kancilwin.makeup/assets/css/src/owl-carousel/	1 KB 789 B	212ms 211ms	Stylesheet text/css	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kancilwin.makeup/assets/css/src/owl-carousel/owl.theme.default.css Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/assets/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 9d7055ec6af6954d2df80c0ab274b4e4362dcd9f35a184d74ba923ecb0501df3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/assets/css/style.css Response headers content-encoding br etag W/"66a25fa2-564" age 45369 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id OUXdQVxNuBxrkdlLjneJCSp4V0LhBHC0KHuW5oAlgxu7KiGAtPYBxw== date Fri, 22 Nov 2024 21:27:23 GMT content-type text/css last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	ionicons.min.css unpkg.com/ionicons@4.5.10-0/dist/css/	44 KB 12 KB	220ms 79ms	Stylesheet text/css	2606:4700::6811:f8cb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/ionicons@4.5.10-0/dist/css/ionicons.min.css Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/assets/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b82a2dd43936317fee3dc469880686b83caab009d9e71a9953f25bbe8c1b34ae Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding br cf-cache-status HIT etag "b09c-0qR+qwWhl5h3I61TCWRhFVmJ40Y" age 170903 x-content-type-options nosniff date Sat, 23 Nov 2024 10:03:32 GMT content-type text/css; charset=utf-8 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01JD74MAXG1W1X5F0W67G4DT4T-mia vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31536000 via 1.1 fly.io cf-ray 8e70547808a3a584-MIA access-control-allow-origin * server cloudflare
GET H2	200	css fonts.googleapis.com/	2 KB 536 B	125ms 100ms	Stylesheet text/css	2607:f8b0:4004:c1d::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Poppins:400,500,600&display=swap Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/assets/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b6fc568969f8cdcf8a815c24ce95005b60a465bf8c949039cb940d9da08d0d7d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding gzip x-content-type-options nosniff expires Sat, 23 Nov 2024 10:03:32 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 23 Nov 2024 10:03:32 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Sat, 23 Nov 2024 09:32:43 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	tracking.js Show response cdn.livechatinc.com/	83 KB 28 KB	418ms 91ms	Script application/javascript	23.48.224.14 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://cdn.livechatinc.com/tracking.js Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.224.14 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-48-224-14.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash f7632b0750af8f64fff688a459693b8d6de5b396562d9f2df6f5921104fbda6d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding br x-amz-version-id 5ASE_o6ak8xVFJZlY5F8M.mV7NsR8NQ0 etag W/"8adfcaf926fb35ca5f373419153a3df4" expires Sat, 23 Nov 2024 18:03:32 GMT x-amz-cf-id gRRG0zj3g3V-OoB1ow-JyYT1Jj1cCBl7JEmIVvxJIsYv2X85u8aPqQ== date Sat, 23 Nov 2024 10:03:32 GMT content-type application/javascript; charset=utf-8 last-modified Thu, 21 Nov 2024 16:08:52 GMT vary accept-encoding cache-control max-age=28800 cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 28664 x-amz-cf-pop JFK52-P9 server AmazonS3 x-amz-server-side-encryption AES256
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/	239 KB 61 KB	274ms 147ms	Script application/x-javascript	157.240.241.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-lga3.fbcdn.net Software / Resource Hash 527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-FyJk8zF2' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 23 Nov 2024 10:03:32 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'nonce-FyJk8zF2' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=117, rtx=0, c=24, mss=1232, tbw=8215, tp=13, tpl=0, uplat=0, ullat=-1 pragma public x-fb-debug G97yss9vsG8wuqTI0eSIzU8TZ1wjP0xbnbmK8TTR+4kCgm//3id2qr1DseZeEMcbMQLtxtuHX10lKR/xqq22cw== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top content-length 62107 x-xss-protection 0 origin-agent-cluster ?1
GET H2	200	gtm.js Show response www.googletagmanager.com/	209 KB 74 KB	378ms 96ms	Script application/javascript	2607:f8b0:4004:c07::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-KCR4BMGC Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::61 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 09ca15323789182f4951de2813f10bb2a2655c5e176d9663d985dd5ee27075fa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],} expires Sat, 23 Nov 2024 10:03:32 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 23 Nov 2024 10:03:32 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Sat, 23 Nov 2024 09:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 75505 x-xss-protection 0 server Google Tag Manager
GET H/1.1	200 OK	events.js Show response s1.kwai.net/kos/s101/nlav11187/pixel/	10 KB 5 KB	683ms 106ms	Script application/javascript	43.152.136.170 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=258613892563653&lib=kwaiq Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.152.136.170 , Singapore, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software Lego Server / Resource Hash 273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers Content-MD5 xdyEdfWuJAvRR0tEZ9nn2A== Access-Control-Expose-Headers x-ks-request-id,x-ks-client-ip,Content-Length x-oss-storage-class Standard Content-Encoding gzip x-ks-client-ip 38.132.118.73 Etag "C5DC8475F5AE240BD1474B4467D9E7D8" x-oss-object-type Normal kwaisign NULL Expires Wed, 04 Dec 2024 02:11:34 GMT Date Mon, 04 Nov 2024 02:11:34 GMT x-oss-server-time 103 Last-Modified Mon, 27 May 2024 02:52:15 GMT Content-Type application/javascript Vary Accept-Encoding Cache-Control no-cache X-NWS-LOG-UUID 8526809231709710830 X-Ks-Cache Hit from 43.152.136.170 x-oss-hash-crc64ecma 13562747518461854989 Connection keep-alive Accept-Ranges bytes X-Ks-Request-ID 8526809231709710830 Access-Control-Allow-Origin * Content-Length 3744 x-oss-request-id 67282D567637E7343016D239 X-Cache-Lookup Cache Hit Server Lego Server
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	6 KB 3 KB	448ms 162ms	Script application/javascript	23.48.224.108 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CRN4TJ3C77U87P3R4G4G&lib=ttq Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.224.108 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-48-224-108.deploy.static.akamaitechnologies.com Software nginx / Resource Hash d87c43f3998e0744b028c2ae89dfb8787f8bdf40b39a01a5017dccd6089f77d9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding gzip x-cache-remote TCP_MISS from a23-32-16-71.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) expires Sat, 23 Nov 2024 10:03:32 GMT server-timing cdn-cache; desc=MISS, edge; dur=9, origin; dur=19, inner; dur=1 x-cache TCP_MISS from a23-195-36-76.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) date Sat, 23 Nov 2024 10:03:32 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding x-akamai-request-id 5d922064.9b4e2dfa x-tt-trace-host 0165447f0139466249fe6fc15e5a2fb61968e0a2c9faeffb069029d0c03d5b6e9cbe6b6aa01459d23c95dcf5242ca38c2aef82bf5375c863a3eccbe06359548df9e270213a30efabb33ceb5222b29a44e27eb58cdf3037a80bc570a18cf45d5af64fd4f174aeb660184eded59982b5bd39 x-origin-response-time 19,23.32.16.71 cache-control max-age=0, no-cache, no-store pragma no-cache x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-2411231003323B7977DA670F90F5BD54-6A759584121FEF71-00 content-length 2259 x-parent-response-time 28,23.195.36.76 x-tt-logid 202411231003323B7977DA670F90F5BD54 server nginx
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	7 KB 3 KB	469ms 183ms	Script application/javascript	23.48.224.108 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CRN5B4RC77U9Q4TC54C0&lib=ttq Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.224.108 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-48-224-108.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 5d6f09b7f12164bd541e611ff94e8ccec576715477e348f844878b93a7c2aaa6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding gzip x-cache-remote TCP_MISS from a23-32-16-72.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) expires Sat, 23 Nov 2024 10:03:32 GMT server-timing cdn-cache; desc=MISS, edge; dur=40, origin; dur=19, inner; dur=1 x-cache TCP_MISS from a23-195-36-76.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) date Sat, 23 Nov 2024 10:03:32 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding x-akamai-request-id c812fff1.9b4e2dfb x-tt-trace-host 0165447f0139466249fe6fc15e5a2fb61968e0a2c9faeffb069029d0c03d5b6e9cc41a0c3d64cd0fc92d10e4d86785687a82581fb79a07890d7e22efde3bb3716600bc127ae59387f877122c16b080e399affc35d22ff2b6e064238b4dc2b2d8f043ce2e3364b2fb5a20f12d693e9ce2fe x-origin-response-time 19,23.32.16.72 cache-control max-age=0, no-cache, no-store pragma no-cache x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-241123100332FE86929627224BF7A47D-558EC3AF5A944E36-00 content-length 2378 x-parent-response-time 59,23.195.36.76 x-tt-logid 20241123100332FE86929627224BF7A47D server nginx
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	5 KB 3 KB	390ms 107ms	Script application/javascript	23.48.224.108 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CRQFDR3C77U40MO9H470&lib=ttq Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.224.108 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-48-224-108.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 059c8cc108ba9e367a1467e1c2d074a1eb8ba828a32536de1cf344ec5adc4ffb Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding gzip expires Sat, 23 Nov 2024 10:03:32 GMT server-timing inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=14 x-cache TCP_MISS from a23-195-36-76.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) date Sat, 23 Nov 2024 10:03:32 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding x-akamai-request-id 9b4e2df9 x-tt-trace-host 0165447f0139466249fe6fc15e5a2fb619db754da65b70f5756402043ed7cb358029511013cd15fb5a4727fd8764e7d0f242e81bf34955ebf7004e38c4b26d995fa44b45c63fd5a731ab0ca3e2bca3ceb1a53b1f024ad3ae5f6e27c0381b7a4499 x-origin-response-time 14,23.195.36.76 cache-control max-age=0, no-cache, no-store pragma no-cache x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-24112310033237E75ECDD9107CFBB83D-3A72BAF049064E5E-00 content-length 1821 x-tt-logid 2024112310033237E75ECDD9107CFBB83D server nginx
GET H/1.1	200 OK	events.js Show response s1.kwai.net/kos/s101/nlav11187/pixel/	10 KB 5 KB	678ms 106ms	Script application/javascript	43.152.136.170 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=259367136645613&lib=kwaiq Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.152.136.170 , Singapore, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software Lego Server / Resource Hash 273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers Content-MD5 xdyEdfWuJAvRR0tEZ9nn2A== Access-Control-Expose-Headers x-ks-request-id,x-ks-client-ip,Content-Length x-oss-storage-class Standard Content-Encoding gzip x-ks-client-ip 38.132.118.73 Etag "C5DC8475F5AE240BD1474B4467D9E7D8" x-oss-object-type Normal kwaisign NULL Expires Wed, 04 Dec 2024 02:11:34 GMT Date Mon, 04 Nov 2024 02:11:34 GMT x-oss-server-time 103 Last-Modified Mon, 27 May 2024 02:52:15 GMT Content-Type application/javascript Vary Accept-Encoding Cache-Control no-cache X-NWS-LOG-UUID 14875974617181080757 X-Ks-Cache Hit from 43.152.136.170 x-oss-hash-crc64ecma 13562747518461854989 Connection keep-alive Accept-Ranges bytes X-Ks-Request-ID 14875974617181080757 Access-Control-Allow-Origin * Content-Length 3744 x-oss-request-id 67282D567637E7343016D239 X-Cache-Lookup Cache Hit Server Lego Server
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	6 KB 3 KB	392ms 110ms	Script application/javascript	23.48.224.108 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CRRUHE3C77U3OBON8D80&lib=ttq Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.224.108 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-48-224-108.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 7aa8861e4074c733e4d5450d2d107b88d796360966e552892034a2682209af86 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding gzip expires Sat, 23 Nov 2024 10:03:32 GMT server-timing inner; dur=4, cdn-cache; desc=MISS, edge; dur=1, origin; dur=15 x-cache TCP_MISS from a23-195-36-76.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) date Sat, 23 Nov 2024 10:03:32 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding x-akamai-request-id 9b4e2dfd x-tt-trace-host 0165447f0139466249fe6fc15e5a2fb619db754da65b70f5756402043ed7cb3580cf59f4a90ce1b36d77fd7299a8aa76415e59caf0bb941c11ea09854a69b6611b42ed3214ce0c74a18cfe615e2dcc086c6f9b40063b54a76c86577db381083f08 x-origin-response-time 16,23.195.36.76 cache-control max-age=0, no-cache, no-store pragma no-cache x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-241123100332955EF976F6D16DF16EB6-7B99D15E76A526FB-00 content-length 2221 x-tt-logid 20241123100332955EF976F6D16DF16EB6 server nginx
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	5 KB 3 KB	490ms 209ms	Script application/javascript	23.48.224.108 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CRRUPOBC77U3OBON8DSG&lib=ttq Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.224.108 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-48-224-108.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 24e019c7d472a772d42827933ce2aaf413ec19ccd9e1a9b6649d95501d3b7e35 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding gzip x-cache-remote TCP_MISS from a23-32-16-73.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) expires Sat, 23 Nov 2024 10:03:33 GMT server-timing cdn-cache; desc=MISS, edge; dur=77, origin; dur=22, inner; dur=5 x-cache TCP_MISS from a23-195-36-76.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) date Sat, 23 Nov 2024 10:03:33 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding x-akamai-request-id c4eb7e14.9b4e2dfc x-tt-trace-host 0165447f0139466249fe6fc15e5a2fb61968e0a2c9faeffb069029d0c03d5b6e9cc925173104b186c390fcdf12b99bfcfe462bf09a5aea88017c2d205dc22c3e052b3445bbb46e4f21e8390270a197647d7d9d574dcfbc66be175a6cda1da6e9b64c1fc429a58b316266fed54e37317934 x-origin-response-time 23,23.32.16.73 cache-control max-age=0, no-cache, no-store pragma no-cache x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-24112310033201A4EF3AFAC2C606A92A-7638310E0FFAF1A7-00 content-length 1829 x-parent-response-time 97,23.195.36.76 x-tt-logid 2024112310033201A4EF3AFAC2C606A92A server nginx
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	7 KB 3 KB	124ms 106ms	Script application/javascript	23.48.224.108 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CRSH64JC77U41Q43R6TG&lib=ttq Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.224.108 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-48-224-108.deploy.static.akamaitechnologies.com Software nginx / Resource Hash fbf40ed29be0f10d18b7ce99837821b8bc84f8b760442b6294eee5810693759c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding gzip x-cache-remote TCP_MISS from a23-32-16-78.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) expires Sat, 23 Nov 2024 10:03:32 GMT server-timing cdn-cache; desc=MISS, edge; dur=7, origin; dur=9, inner; dur=4 x-cache TCP_MISS from a23-195-36-76.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) date Sat, 23 Nov 2024 10:03:32 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding x-akamai-request-id d53a7116.9b4e2e11 x-tt-trace-host 0165447f0139466249fe6fc15e5a2fb61968e0a2c9faeffb069029d0c03d5b6e9ca09dadbbed7a0709a4984cbaa29e537209e2b83f702585f7e994cbb8c79fe181d8b7db48f9819e9b0522b906f1fd07551ca96821435c19727e167f2dc63dc2e0c54eb8cd045c3a7165437dd35a309d48 x-origin-response-time 9,23.32.16.78 cache-control max-age=0, no-cache, no-store pragma no-cache x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-24112310033207284A4704FD56FA4A0D-42A0AACD422AB9CB-00 content-length 2265 x-parent-response-time 15,23.195.36.76 x-tt-logid 2024112310033207284A4704FD56FA4A0D server nginx
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	6 KB 3 KB	167ms 149ms	Script application/javascript	23.48.224.108 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CRSJJO3C77U3OBON9J0G&lib=ttq Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.224.108 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-48-224-108.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 477a7875539bfff269b3386ceb233f4a6b3d5e6ad7c6eb13a9f76efe4604c16f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding gzip x-cache-remote TCP_MISS from a23-48-100-103.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) expires Sat, 23 Nov 2024 10:03:32 GMT server-timing cdn-cache; desc=MISS, edge; dur=8, origin; dur=7, inner; dur=3 x-cache TCP_MISS from a23-195-36-76.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) date Sat, 23 Nov 2024 10:03:32 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding x-akamai-request-id 9d3e649b.9b4e2e12 x-tt-trace-host 0165447f0139466249fe6fc15e5a2fb61968e0a2c9faeffb069029d0c03d5b6e9cd35630c90637e3da7c4920190a2292ef7d7bc7570d27403e7ac007a1386739ffecfe7216277e9954c65888ee7828c25dd4538ca922f4515b111e650acb931a9cb8f6368568a16ef4cb39ceeb2fda38bc x-origin-response-time 7,23.48.100.103 cache-control max-age=0, no-cache, no-store pragma no-cache x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-241123100332D5C31676054EA0E66016-708D3A8A7C2B48B5-00 content-length 2258 x-parent-response-time 15,23.195.36.76 x-tt-logid 20241123100332D5C31676054EA0E66016 server nginx
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	6 KB 3 KB	122ms 104ms	Script application/javascript	23.48.224.108 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CRSJUL3C77UDN9PK50R0&lib=ttq Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.224.108 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-48-224-108.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 16d1367212ab36a38a43bb8dd0aed97eb771aece47328742775d0cfb52e50236 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding gzip expires Sat, 23 Nov 2024 10:03:32 GMT server-timing inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=14 x-cache TCP_MISS from a23-195-36-76.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) date Sat, 23 Nov 2024 10:03:32 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding x-akamai-request-id 9b4e2e13 x-tt-trace-host 0165447f0139466249fe6fc15e5a2fb619db754da65b70f5756402043ed7cb35801a77034d8c1aa0e97488bcd549233d7f3469369ee6431fb48a2983c9f324b62064ea30c5bc0701d4877aa0ce66b0c4cc98ea72f008f07bc9c68dc97de42a2d6f x-origin-response-time 14,23.195.36.76 cache-control max-age=0, no-cache, no-store pragma no-cache x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-241123100332E1FD9C8240E5DAEF19CC-403F330617F79A2F-00 content-length 2219 x-tt-logid 20241123100332E1FD9C8240E5DAEF19CC server nginx
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	5 KB 3 KB	213ms 195ms	Script application/javascript	23.48.224.108 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CRT8UD3C77UDN9PK6880&lib=ttq Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.224.108 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-48-224-108.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 7acf3b940344709323de46e7b2933a769871539a919445abb932728b0476ac2c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding gzip x-cache-remote TCP_MISS from a23-220-104-204.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) expires Sat, 23 Nov 2024 10:03:32 GMT server-timing cdn-cache; desc=MISS, edge; dur=8, origin; dur=7, inner; dur=4 x-cache TCP_MISS from a23-195-36-76.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) date Sat, 23 Nov 2024 10:03:32 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding x-akamai-request-id 9a3c89bf.9b4e2f96 x-tt-trace-host 0165447f0139466249fe6fc15e5a2fb61968e0a2c9faeffb069029d0c03d5b6e9cdde23dec98bf6b4594d2a1bafbd2003cafaee4973a7da6a8f10f8ea50cd316ba0414533f3008ca449d26434432f059a2bb5c3c4eacf422c08459a31d0c605171f19b29c2e2a7d4216a54639f3caa2d04 x-origin-response-time 7,23.220.104.204 cache-control max-age=0, no-cache, no-store pragma no-cache x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-241123100332EF2CC15E5CF11B2FFC5B-468A808267973ED9-00 x-parent-response-time 15,23.195.36.76 x-tt-logid 20241123100332EF2CC15E5CF11B2FFC5B server nginx
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	6 KB 3 KB	197ms 179ms	Script application/javascript	23.48.224.108 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CRT92LJC77UF26CU2VHG&lib=ttq Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.224.108 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-48-224-108.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 9b0b9fd55a395a3c816cb7f2b014e4906ab253d99dcef58d32d30ae07eaeff3e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding gzip expires Sat, 23 Nov 2024 10:03:32 GMT server-timing inner; dur=5, cdn-cache; desc=MISS, edge; dur=0, origin; dur=12 x-cache TCP_MISS from a23-195-36-76.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) date Sat, 23 Nov 2024 10:03:32 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding x-akamai-request-id 9b4e2f97 x-tt-trace-host 0165447f0139466249fe6fc15e5a2fb619db754da65b70f5756402043ed7cb35809f3082efe7d4cf68e72af5f1398692bd332688a849b096e1d7be33f1498a656ccccc67e14ca7a0403fd5c6cf8a26b8fbe0348c3ef98288cca09927d477dd865e x-origin-response-time 12,23.195.36.76 cache-control max-age=0, no-cache, no-store pragma no-cache x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-241123100332AD7FEBDB44607128F0D7-395B8CC077B55C28-00 content-length 1860 x-tt-logid 20241123100332AD7FEBDB44607128F0D7 server nginx
GET H2	202	bg-top.jpg kancilwin.makeup/bg/	0 366 B	195ms 176ms	Image text/html	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/bg/bg-top.jpg Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/assets/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/assets/css/style.css Response headers access-control-max-age 86400 cache-control no-store, max-age=0 access-control-allow-methods OPTIONS,GET,POST via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Error from cloudfront content-length 0 x-amz-cf-id wijzg1CYQ1LAKhZSSYLpLNf-YOyOqM6ngoZtacui4SbKLvGrzD9aOg== date Sat, 23 Nov 2024 10:03:32 GMT content-type text/html; charset=UTF-8 x-amz-cf-pop JFK50-P5 server CloudFront x-amzn-waf-action challenge
GET H2	202	bg-login.png kancilwin.makeup/tab/	0 367 B	211ms 192ms	Image text/html	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/tab/bg-login.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/assets/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/assets/css/style.css Response headers access-control-max-age 86400 cache-control no-store, max-age=0 access-control-allow-methods OPTIONS,GET,POST via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Error from cloudfront content-length 0 x-amz-cf-id 2faW0NCiq-vScKVrE6lJX0QLzZNG8CTQkuTOiWCSrwYxjLPSX2jluQ== date Sat, 23 Nov 2024 10:03:32 GMT content-type text/html; charset=UTF-8 x-amz-cf-pop JFK50-P5 server CloudFront x-amzn-waf-action challenge
GET H2	200	btn-bg.png kancilwin.makeup/tab/	5 KB 5 KB	280ms 262ms	Image image/png	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/tab/btn-bg.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/assets/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash b94d5846da02dc4aa4b1e00ba93edc8cde7099f2b79a6bb348a9e6b2d070102e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/assets/css/style.css Response headers etag "66a25fa5-146a" age 7142 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 5226 x-amz-cf-id GL5grldwj9AUUymmaPxEtLSTM1JyOgdd0idY7VXyrg1CaOhtin-3Jg== date Sat, 23 Nov 2024 08:04:29 GMT content-type image/png last-modified Thu, 25 Jul 2024 14:22:29 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	202	btn-deposit2.png kancilwin.makeup/tab/	0 366 B	194ms 176ms	Image text/html	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/tab/btn-deposit2.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/assets/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/assets/css/style.css Response headers access-control-max-age 86400 cache-control no-store, max-age=0 access-control-allow-methods OPTIONS,GET,POST via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Error from cloudfront content-length 0 x-amz-cf-id SGC9eO9qWvKXN0UP3f4j0F48-8jqw0cWjTDOz-w_FwF47G1taSMpuA== date Sat, 23 Nov 2024 10:03:32 GMT content-type text/html; charset=UTF-8 x-amz-cf-pop JFK50-P5 server CloudFront x-amzn-waf-action challenge
GET H2	202	bg-headmenu.jpg kancilwin.makeup/bg/	0 366 B	195ms 177ms	Image text/html	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/bg/bg-headmenu.jpg Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/assets/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/assets/css/style.css Response headers access-control-max-age 86400 cache-control no-store, max-age=0 access-control-allow-methods OPTIONS,GET,POST via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Error from cloudfront content-length 0 x-amz-cf-id _VhbzHYyOlMbgWuEh1SFFHuUanBjiwB5k7Xui2ANogt9JUVydha9FA== date Sat, 23 Nov 2024 10:03:32 GMT content-type text/html; charset=UTF-8 x-amz-cf-pop JFK50-P5 server CloudFront x-amzn-waf-action challenge
GET H2	200	bg-news.jpg kancilwin.makeup/bg/	17 KB 17 KB	216ms 200ms	Image image/jpeg	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/bg/bg-news.jpg Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/assets/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash f2809fb45de84d0ff449241d05f53c71beb517892c6478d17d06092dbc03e732 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/assets/css/style.css Response headers etag "66a25fa2-43b4" age 7142 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 17332 x-amz-cf-id fqBZVFa8fYwggjYAwzb6YFmc5lfs7WkjF5Rpc_GnBQ4fiEJg_T8_yA== date Sat, 23 Nov 2024 08:04:29 GMT content-type image/jpeg last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	ic-news.png kancilwin.makeup/tab/	3 KB 4 KB	262ms 245ms	Image image/png	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/tab/ic-news.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/assets/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash c496718d46823c627ecc27eb7c69235dd1ed53eb67bfc48ddea453fe416a4405 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/assets/css/style.css Response headers etag "66a25fa5-df5" age 7142 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 3573 x-amz-cf-id S1EYy5zWK5zQU7evSh2maHVkfXzocxErc01EnAPPpEPMZpgy_GGjYA== date Sat, 23 Nov 2024 08:04:29 GMT content-type image/png last-modified Thu, 25 Jul 2024 14:22:29 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	202	bg.jpg kancilwin.makeup/bg/	0 367 B	192ms 175ms	Image text/html	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/bg/bg.jpg Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/assets/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/assets/css/style.css Response headers access-control-max-age 86400 cache-control no-store, max-age=0 access-control-allow-methods OPTIONS,GET,POST via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Error from cloudfront content-length 0 x-amz-cf-id cTZglLfYuKFFA47EGOL04OkZIxqtW92CEegczvx34kj06PDxz_RqVw== date Sat, 23 Nov 2024 10:03:32 GMT content-type text/html; charset=UTF-8 x-amz-cf-pop JFK50-P5 server CloudFront x-amzn-waf-action challenge
GET H2	200	bg-main-jackpot.png kancilwin.makeup/bg/	21 KB 21 KB	261ms 244ms	Image image/png	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/bg/bg-main-jackpot.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/assets/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash d8d83546401a37d81cfd0f0403031c98c8012bc262a52433638f5accef434827 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/assets/css/style.css Response headers etag "66a25fa2-542c" age 7142 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 21548 x-amz-cf-id 1O5S6qD5Pu4NVr3U1rsbq5GBANtaAMkeLAlXPp51mFjpgKERWRU1Gg== date Sat, 23 Nov 2024 08:04:29 GMT content-type image/png last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H3	200	-W_8XJnvUD7dzB2Cy_gIaWMu.woff2 fonts.gstatic.com/s/prompt/v10/	17 KB 17 KB	198ms 106ms	Font font/woff2	172.253.63.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/prompt/v10/-W_8XJnvUD7dzB2Cy_gIaWMu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Prompt:wght@300&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f94.1e100.net Software sffe / Resource Hash d7cb2b3095a72ab6b3ef3001f08f00784b3127bd240c1b7a6c5d8da030878858 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://kancilwin.makeup Referer https://fonts.googleapis.com/ Response headers age 491908 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Mon, 17 Nov 2025 17:25:04 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 17 Nov 2024 17:25:04 GMT last-modified Wed, 27 Apr 2022 16:14:58 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 17280 x-xss-protection 0 server sffe
GET H2	202	bg-jackpot.png kancilwin.makeup/bg/	0 366 B	290ms 277ms	Image text/html	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/bg/bg-jackpot.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/assets/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/assets/css/style.css Response headers access-control-max-age 86400 cache-control no-store, max-age=0 access-control-allow-methods OPTIONS,GET,POST via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Error from cloudfront content-length 0 x-amz-cf-id vNi563WgP_7QEeiOcbyPG2RbaCY-9LLj484rqWox2pyoEavGMxzgqA== date Sat, 23 Nov 2024 10:03:32 GMT content-type text/html; charset=UTF-8 x-amz-cf-pop JFK50-P5 server CloudFront x-amzn-waf-action challenge
GET H2	200	bg-main-body.png kancilwin.makeup/bg/	21 KB 22 KB	332ms 318ms	Image image/png	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/bg/bg-main-body.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/assets/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 625b4a902cb51e91ec2b951fe5016012a1430db75cdf49759bcbdebe076f4ce7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/assets/css/style.css Response headers etag "66a25fa2-54ca" age 7142 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 21706 x-amz-cf-id qPSNgE5WP4xjgRNrXQIpJLb9SFnqMB0UxgsreNG7szO8eyomtsZGLw== date Sat, 23 Nov 2024 08:04:29 GMT content-type image/png last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	200	bg-topgame.png kancilwin.makeup/bg/	8 KB 9 KB	418ms 405ms	Image image/png	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/bg/bg-topgame.png Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/assets/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 504b13fa848131fc0dbca7f0fbfbb34cbbec22a54c1c17dfb93ddfb0c4f87afe Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/assets/css/style.css Response headers etag "66a25fa2-210c" age 7142 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 8460 x-amz-cf-id XCu07MNGO17fHwqX0irG_K9k67v_eA7Ak4AJnoNhpzI-l-8ySuWgnA== date Sat, 23 Nov 2024 08:04:29 GMT content-type image/png last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	202	bg-service.jpg kancilwin.makeup/bg/	0 366 B	288ms 276ms	Image text/html	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/bg/bg-service.jpg Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/assets/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/assets/css/style.css Response headers access-control-max-age 86400 cache-control no-store, max-age=0 access-control-allow-methods OPTIONS,GET,POST via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Error from cloudfront content-length 0 x-amz-cf-id W54nu6G8vBZE5mu_II69NWVfQ3FbN0gm8-C5zEWyjatjbE6eJfv81w== date Sat, 23 Nov 2024 10:03:32 GMT content-type text/html; charset=UTF-8 x-amz-cf-pop JFK50-P5 server CloudFront x-amzn-waf-action challenge
GET H2	200	bg2.jpg kancilwin.makeup/bg/	233 KB 233 KB	331ms 319ms	Image image/jpeg	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/bg/bg2.jpg Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/assets/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software nginx / PleskLin Resource Hash 28b7f74a39aca2ddca21ac9e05690a7a3229bc407ac21a5e0da556e498103823 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/assets/css/style.css Response headers etag "66a25fa2-3a204" age 7142 via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 238084 x-amz-cf-id Abdhn8OmWXBFALjcVWIVy2YyqXUhihy7VYqd36x0IZz5Nr2nQnQQkQ== date Sat, 23 Nov 2024 08:04:30 GMT content-type image/jpeg last-modified Thu, 25 Jul 2024 14:22:26 GMT server nginx x-amz-cf-pop JFK50-P5 x-powered-by PleskLin
GET H2	202	bg-seo.jpg kancilwin.makeup/bg/	0 367 B	294ms 282ms	Image text/html	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/bg/bg-seo.jpg Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/assets/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/assets/css/style.css Response headers access-control-max-age 86400 cache-control no-store, max-age=0 access-control-allow-methods OPTIONS,GET,POST via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Error from cloudfront content-length 0 x-amz-cf-id MoTZKG4lfHBpfvVNsA38BH83SnDM-TwC5bI97VDohHrXIk9oNLV6Mg== date Sat, 23 Nov 2024 10:03:32 GMT content-type text/html; charset=UTF-8 x-amz-cf-pop JFK50-P5 server CloudFront x-amzn-waf-action challenge
GET H2	202	bg-footer.jpg kancilwin.makeup/bg/	0 367 B	294ms 282ms	Image text/html	18.164.96.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://kancilwin.makeup/bg/bg-footer.jpg Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/assets/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-4.jfk50.r.cloudfront.net Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/assets/css/style.css Response headers access-control-max-age 86400 cache-control no-store, max-age=0 access-control-allow-methods OPTIONS,GET,POST via 1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Error from cloudfront content-length 0 x-amz-cf-id UTLQbxlKaR7CDqxWJKtBxIlsFkAkLACKgBzjTKVR6irH70T1wlT0YA== date Sat, 23 Nov 2024 10:03:32 GMT content-type text/html; charset=UTF-8 x-amz-cf-pop JFK50-P5 server CloudFront x-amzn-waf-action challenge
GET H2	200	ionicons.esm.js Show response unpkg.com/ionicons@5.0.0/dist/ionicons/	262 B 605 B	206ms 79ms	Script application/javascript	2606:4700::6811:f8cb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/ionicons@5.0.0/dist/ionicons/ionicons.esm.js Requested by Host: unpkg.com URL: https://unpkg.com/ionicons@5.0.0/dist/ionicons.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 28a06f4491def3fdc69ddefa5c850a2583ff312997aef3498e2f12e384c45115 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://kancilwin.makeup Referer https://kancilwin.makeup/ Response headers content-encoding br cf-cache-status HIT etag "106-2QVIn+WWfE7GzXgXZTPbiG+yGbs" age 1630337 x-content-type-options nosniff date Sat, 23 Nov 2024 10:03:33 GMT content-type application/javascript; charset=utf-8 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01JBVMSX1NR2QVN0SV41CKZH44-mia vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31536000 via 1.1 fly.io cf-ray 8e70547b2b6421eb-MIA access-control-allow-origin * server cloudflare
OPTIONS H2	403	api-bank-list.php apims.cerdikkancilwin-aman.xyz/assets/api-game/	0 0	339ms 104ms	Preflight text/html	18.238.55.25 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://apims.cerdikkancilwin-aman.xyz/assets/api-game/api-bank-list.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.55.25 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-55-25.jfk52.r.cloudfront.net Software CloudFront / Resource Hash Request headers Accept */* Access-Control-Request-Headers api-code Access-Control-Request-Method POST Origin https://kancilwin.makeup Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers content-length 919 content-type text/html date Sat, 23 Nov 2024 10:03:33 GMT server CloudFront via 1.1 ac80986150818f9f0ab3b6abae9b03e0.cloudfront.net (CloudFront) x-amz-cf-id LZcyyPIT-45hlLGjuPWnscsZFhZuObDUdfyyTE7duzXxocGPwMTobQ== x-amz-cf-pop JFK52-P4 x-cache Error from cloudfront
POST H2	403	api-check.php Show response apims.cerdikkancilwin-aman.xyz/assets/api-game/	919 B 1 KB	341ms 106ms	XHR text/html	18.238.55.25 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://apims.cerdikkancilwin-aman.xyz/assets/api-game/api-check.php Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/assets/js/lib/jquery-3.5.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.55.25 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-55-25.jfk52.r.cloudfront.net Software CloudFront / Resource Hash 0d2a62618c14b301564207777e413d37e327756d892187a4729e909925ee526a Request headers Referer https://kancilwin.makeup/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept application/json, text/javascript, */*; q=0.01 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers access-control-expose-headers * via 1.1 ac80986150818f9f0ab3b6abae9b03e0.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Error from cloudfront content-length 919 x-amz-cf-id KK8qQQL9LkynGm9Lr6G9eQC8r0VicydiT9Gt4Fu0JrrOkH-MP8EykA== date Sat, 23 Nov 2024 10:03:33 GMT content-type text/html x-amz-cf-pop JFK52-P4 server CloudFront
POST		api-bank-list.php apims.cerdikkancilwin-aman.xyz/assets/api-game/	0 0
POST		api-promotion.php apims.cerdikkancilwin-aman.xyz/assets/api-game/	0 0
POST		api-game.php apims.cerdikkancilwin-aman.xyz/assets/api-game/	0 0
POST		api-ranking.php apims.cerdikkancilwin-aman.xyz/assets/api-game/	0 0
OPTIONS H2	403	api-promotion.php apims.cerdikkancilwin-aman.xyz/assets/api-game/	0 0	336ms 107ms	Preflight text/html	18.238.55.25 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://apims.cerdikkancilwin-aman.xyz/assets/api-game/api-promotion.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.55.25 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-55-25.jfk52.r.cloudfront.net Software CloudFront / Resource Hash Request headers Accept */* Access-Control-Request-Headers api-code Access-Control-Request-Method POST Origin https://kancilwin.makeup Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers content-length 919 content-type text/html date Sat, 23 Nov 2024 10:03:33 GMT server CloudFront via 1.1 ac80986150818f9f0ab3b6abae9b03e0.cloudfront.net (CloudFront) x-amz-cf-id cUJ6Q-IZVGC03XiUh83_xmMwvsG0kwEeWY4Jhx9jsGouFre7Z6dyCQ== x-amz-cf-pop JFK52-P4 x-cache Error from cloudfront
OPTIONS H2	403	api-game.php apims.cerdikkancilwin-aman.xyz/assets/api-game/	0 0	333ms 105ms	Preflight text/html	18.238.55.25 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://apims.cerdikkancilwin-aman.xyz/assets/api-game/api-game.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.55.25 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-55-25.jfk52.r.cloudfront.net Software CloudFront / Resource Hash Request headers Accept */* Access-Control-Request-Headers api-code Access-Control-Request-Method POST Origin https://kancilwin.makeup Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers content-length 919 content-type text/html date Sat, 23 Nov 2024 10:03:33 GMT server CloudFront via 1.1 ac80986150818f9f0ab3b6abae9b03e0.cloudfront.net (CloudFront) x-amz-cf-id S-jH7BxMxSi38AcCO7ewhuuLDeNCciP8mIz7V-FDhlgWoZroeuioDw== x-amz-cf-pop JFK52-P4 x-cache Error from cloudfront
OPTIONS H2	403	api-ranking.php apims.cerdikkancilwin-aman.xyz/assets/api-game/	0 0	332ms 105ms	Preflight text/html	18.238.55.25 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://apims.cerdikkancilwin-aman.xyz/assets/api-game/api-ranking.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.55.25 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-55-25.jfk52.r.cloudfront.net Software CloudFront / Resource Hash Request headers Accept */* Access-Control-Request-Headers api-code Access-Control-Request-Method POST Origin https://kancilwin.makeup Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers content-length 919 content-type text/html date Sat, 23 Nov 2024 10:03:33 GMT server CloudFront via 1.1 ac80986150818f9f0ab3b6abae9b03e0.cloudfront.net (CloudFront) x-amz-cf-id hV301yYOGzPHdbxNKqnbWz7LP9CCMUiV_cII3XMTlJ7F6-heePE8aw== x-amz-cf-pop JFK52-P4 x-cache Error from cloudfront
GET H3	200	525469816636464 Show response connect.facebook.net/signals/config/	76 KB 15 KB	175ms 174ms	Script application/x-javascript	157.240.241.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/525469816636464?v=2.9.176&r=stable&domain=kancilwin.makeup&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-lga3.fbcdn.net Software / Resource Hash be9f8e8438f8561095200eac488ff096dd7170228613492493db649c175f7a5a Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-JI6q6Nzn' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 23 Nov 2024 10:03:33 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'nonce-JI6q6Nzn' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=118, rtx=0, c=80, mss=1232, tbw=74155, tp=71, tpl=0, uplat=55, ullat=0 pragma public x-fb-debug BgVy9Bw2no1ofUBl8EcQjjspJBs5GBl6h6gx2wyByNz/MoaSAMoLUiZlLYX/SiQe5xgkrAVrYzMWl+0lL97hsw== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H2	200	main.MWQ3ODVjY2ZhMA.js Show response analytics.tiktok.com/i18n/pixel/static/	344 KB 95 KB	105ms 99ms	Script application/javascript	23.48.224.108 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/main.MWQ3ODVjY2ZhMA.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CRQFDR3C77U40MO9H470&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.224.108 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-48-224-108.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 4f9fab1dba389fa19212a3c7cf89445cee3f9b26ffc4ff940f4f83668d11e44f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers x-cache TCP_HIT from a23-195-36-76.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) vary Accept-Encoding cache-control public, max-age=31536000, immutable content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=7 x-tt-trace-id 00-241119122647D74F765271F82F144CBB-1996DBC240D98369-00 content-length 96715 date Sat, 23 Nov 2024 10:03:33 GMT content-type application/javascript; charset=UTF-8 x-tt-logid 20241119122647D74F765271F82F144CBB server nginx x-akamai-request-id 9b4e31e9 x-tt-trace-host 01165a9eac4777bb474333274e4a65766abec3a7688268536e7e549fdca2bba15b4b75626124d7c444258148f013425c8eee5d2906d17fb298bca7dadcb172d32d6878e15dcbe3d472bd73acabcfbdfd2d0800cc35a1e1a112bca66d83907e3e8b
GET H2	200	main.MWQ3ODVjY2ZhMQ.js Show response analytics.tiktok.com/i18n/pixel/static/	350 KB 97 KB	237ms 233ms	Script application/javascript	23.48.224.108 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/main.MWQ3ODVjY2ZhMQ.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CRRUHE3C77U3OBON8D80&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.224.108 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-48-224-108.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 0ccf8087035715f328a898cbdde68feb8767287a798c46990644128436b7a26b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers x-cache TCP_MEM_HIT from a23-195-36-76.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) vary Accept-Encoding cache-control public, max-age=31536000, immutable content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4 x-tt-trace-id 00-2411191226456BC9E339C10658164AA1-1690DEFE3F9B1E50-00 content-length 98527 date Sat, 23 Nov 2024 10:03:33 GMT content-type application/javascript; charset=UTF-8 x-tt-logid 202411191226456BC9E339C10658164AA1 server nginx x-akamai-request-id 9b4e31ea x-tt-trace-host 01d427769e1c0b7fbbe35686392a93b1aed0e88dcd4c858fa69a739fde991d759ea3a3b7018a120f411b88690cd08e1afd9f4d9b159a90ee24fd6e41634a90c240e078c53ca25498fa2e3a95785bc9e295f5e55124dac9dc22d9e233354c301dc5
GET H2	200	p-af480238.js Show response unpkg.com/ionicons@5.0.0/dist/ionicons/	9 KB 5 KB	70ms 70ms	Script application/javascript	2606:4700::6811:f8cb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/ionicons@5.0.0/dist/ionicons/p-af480238.js Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 35a79935107f53fa3b2f923363b50be53bd42e446f64f457c5e74a526bfa29b9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://kancilwin.makeup Referer https://unpkg.com/ionicons@5.0.0/dist/ionicons/ionicons.esm.js Response headers content-encoding br cf-cache-status HIT etag "232c-uchF0l8mHJgXmaMGCPlWLIIn3tc" age 304519 x-content-type-options nosniff date Sat, 23 Nov 2024 10:03:33 GMT content-type application/javascript; charset=utf-8 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01JD356K5T1N24SP20DRP5HYQM-mia vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31536000 via 1.1 fly.io cf-ray 8e70547bbb8c21eb-MIA access-control-allow-origin * server cloudflare
GET H2	200	get_dynamic_configuration Show response api.livechatinc.com/v3.6/customer/action/	387 B 606 B	482ms 162ms	Script application/javascript	23.200.88.74 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=14248812&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fkancilwin.makeup%2F&channel_type=code&origin=livechat&implementation_type=manual_channels&jsonp=__kdx3su5x83 Requested by Host: cdn.livechatinc.com URL: https://cdn.livechatinc.com/tracking.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.200.88.74 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-200-88-74.deploy.static.akamaitechnologies.com Software / Resource Hash 5f1f4046f713c861b412dbf378421a4968eae1c38b25ce44f9b49cf23eec9562 Security Headers Name Value Content-Security-Policy frame-ancestors https://kancilwin.makeup/; X-Frame-Options allow-from https://kancilwin.makeup/ Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-security-policy frame-ancestors https://kancilwin.makeup/; content-length 387 date Sat, 23 Nov 2024 10:03:33 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding cross-origin-resource-policy cross-origin x-frame-options allow-from https://kancilwin.makeup/
GET H2	200	p-vsz5ekad.entry.js Show response unpkg.com/ionicons@5.0.0/dist/ionicons/	4 KB 2 KB	70ms 70ms	Script application/javascript	2606:4700::6811:f8cb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/ionicons@5.0.0/dist/ionicons/p-vsz5ekad.entry.js Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0ec3da80f3d285712b9b5d0ee81c7ea121b1eb1f1c6b1588edd0d41aac54cf8b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://kancilwin.makeup Referer https://unpkg.com/ionicons@5.0.0/dist/ionicons/p-af480238.js Response headers content-encoding br cf-cache-status HIT etag "e34-Tn/fBtCpAXg6tUKDGbgozKhyxLU" age 1814533 x-content-type-options nosniff date Sat, 23 Nov 2024 10:03:33 GMT content-type application/javascript; charset=utf-8 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01JBP54RRZRQCGYQ6C63AAX1KT-mia vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31536000 via 1.1 fly.io cf-ray 8e70547c3ba321eb-MIA access-control-allow-origin * server cloudflare
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/	239 KB 0	1ms 0ms	Script application/x-javascript	157.240.241.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KCR4BMGC Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-lga3.fbcdn.net Software / Resource Hash 527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-FyJk8zF2' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 23 Nov 2024 10:03:32 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'nonce-FyJk8zF2' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=117, rtx=0, c=24, mss=1232, tbw=8215, tp=13, tpl=0, uplat=0, ullat=-1 pragma public x-fb-debug G97yss9vsG8wuqTI0eSIzU8TZ1wjP0xbnbmK8TTR+4kCgm//3id2qr1DseZeEMcbMQLtxtuHX10lKR/xqq22cw== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top content-length 62107 x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	437744435950640 Show response connect.facebook.net/signals/config/	261 KB 82 KB	257ms 256ms	Script application/x-javascript	157.240.241.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/437744435950640?v=2.9.176&r=stable&domain=kancilwin.makeup&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C134%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C126%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-lga3.fbcdn.net Software / Resource Hash 13dbb1b67e35825135cb13a27bf8d2ac2bc7536ebfb5e43909bdad576e29501b Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-lcKfIJOb' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 23 Nov 2024 10:03:33 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'nonce-lcKfIJOb' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=117, rtx=0, c=93, mss=1232, tbw=90363, tp=88, tpl=0, uplat=137, ullat=0 pragma public x-fb-debug 1hmYZDCD5YKVTMv4Zt5CjSr4gN5Itfw7+GawtZ3bGS05G89Ys9Qqo7ExY6gSepurejRCSlYNx27sFlYnqQ0DCA== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	/ www.facebook.com/tr/	0 19 B	254ms 119ms	Image text/plain	31.13.71.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=525469816636464&ev=PageView&dl=https%3A%2F%2Fkancilwin.makeup%2F&rl=&if=false&ts=1732356213207&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732356213203.762830359375669533&cs_est=true&ler=empty&cdl=API_unavailable&it=1732356212996&coo=false&rqm=GET Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-lga3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality GOOD; q=0.7, rtt=117, rtx=0, c=24, mss=1232, tbw=8264, tp=14, tpl=0, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Sat, 23 Nov 2024 10:03:33 GMT content-type text/plain server proxygen-bolt priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 196 B	338ms 203ms	Image image/png	31.13.71.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=525469816636464&ev=PageView&dl=https%3A%2F%2Fkancilwin.makeup%2F&rl=&if=false&ts=1732356213207&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732356213203.762830359375669533&cs_est=true&ler=empty&cdl=API_unavailable&it=1732356212996&coo=false&rqm=FGET Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-lga3.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440413280063342330"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440413280063342330"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 23 Nov 2024 10:03:33 GMT content-type image/png vary Accept-Encoding x-fb-debug WQCh9PntnGL5YZ1C0XFqjWG+p6pf7Aj6JFCjYgYIJTfl96azsxZJObElgJ9S1Asa3YzfMJwl6MEXTKWewx/3gA== priority u=3,i x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7440413280063342330", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; nel {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01} cache-control private, no-store, no-cache, must-revalidate cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=117, rtx=0, c=24, mss=1232, tbw=8584, tp=16, tpl=0, uplat=85, ullat=0 pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H2	200	p-763ce0c6.js Show response unpkg.com/ionicons@5.0.0/dist/ionicons/	766 B 674 B	73ms 73ms	Script application/javascript	2606:4700::6811:f8cb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/ionicons@5.0.0/dist/ionicons/p-763ce0c6.js Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b5c476b63f6e5134d4e0287dde58239d74a195ce57555f0c0dd3b2ddf148da70 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://kancilwin.makeup Referer https://unpkg.com/ionicons@5.0.0/dist/ionicons/p-vsz5ekad.entry.js Response headers content-encoding br cf-cache-status HIT etag "2fe-nFoH10sI1sMZTGbQl1tybJVCa9k" age 874064 x-content-type-options nosniff date Sat, 23 Nov 2024 10:03:33 GMT content-type application/javascript; charset=utf-8 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01JCJ61MTANT6KAWR3QYJG8BS4-mia vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31536000 via 1.1 fly.io cf-ray 8e70547ccbda21eb-MIA access-control-allow-origin * server cloudflare
POST H3	200	getGrayInfo Show response ads.mythad.com/rest/n/adintl/gray/	202 B 210 B	503ms 384ms	XHR application/json	23.219.36.236 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo Requested by Host: s1.kwai.net URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=259367136645613&lib=kwaiq Protocol H3 Security QUIC, , AES_256_GCM Server 23.219.36.236 Chicago, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-219-36-236.deploy.static.akamaitechnologies.com Software / Resource Hash 1e50ab526b518cfe2460a886b133ee0c248102934a8326c8fb0e9b5253bda56b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type application/json Referer https://kancilwin.makeup/ Response headers content-encoding gzip access-control-allow-credentials true quic-version 0x00000001 access-control-allow-origin https://kancilwin.makeup alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 191 date Sat, 23 Nov 2024 10:03:34 GMT content-type application/json;charset=UTF-8 vary Accept-Encoding
OPTIONS H2	200	getGrayInfo ads.mythad.com/rest/n/adintl/gray/	0 0	855ms 346ms	Preflight	2600:141b:1c00:f::172c:c9ca AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:1c00:f::172c:c9ca Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://kancilwin.makeup Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin https://kancilwin.makeup access-control-max-age 1800 allow GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH content-length 0 date Sat, 23 Nov 2024 10:03:34 GMT
POST H3	200	getGrayInfo Show response ads.mythad.com/rest/n/adintl/gray/	202 B 210 B	507ms 385ms	XHR application/json	23.219.36.236 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo Requested by Host: s1.kwai.net URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=258613892563653&lib=kwaiq Protocol H3 Security QUIC, , AES_256_GCM Server 23.219.36.236 Chicago, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-219-36-236.deploy.static.akamaitechnologies.com Software / Resource Hash ecebfabdfcfae5b97294b0c764669b6080fdd196903bb52afa0220e58b55f362 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type application/json Referer https://kancilwin.makeup/ Response headers content-encoding gzip access-control-allow-credentials true quic-version 0x00000001 access-control-allow-origin https://kancilwin.makeup alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 191 date Sat, 23 Nov 2024 10:03:34 GMT content-type application/json;charset=UTF-8 vary Accept-Encoding
OPTIONS H2	200	getGrayInfo ads.mythad.com/rest/n/adintl/gray/	0 0	852ms 346ms	Preflight	2600:141b:1c00:f::172c:c9ca AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:1c00:f::172c:c9ca Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://kancilwin.makeup Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin https://kancilwin.makeup access-control-max-age 1800 allow GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 0 date Sat, 23 Nov 2024 10:03:34 GMT
GET H2	200	identify_45dd5971.js Show response analytics.tiktok.com/i18n/pixel/static/	146 KB 39 KB	94ms 93ms	Script application/javascript	23.48.224.108 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ3ODVjY2ZhMA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.224.108 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-48-224-108.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers x-cache TCP_MEM_HIT from a23-195-36-76.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) vary Accept-Encoding cache-control public, max-age=31536000, immutable content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=15 x-tt-trace-id 00-24111505023471184E5894DE981AFF75-254B9EF354E335B6-00 content-length 39341 date Sat, 23 Nov 2024 10:03:33 GMT content-type application/javascript; charset=UTF-8 x-tt-logid 2024111505023471184E5894DE981AFF75 server nginx x-akamai-request-id 9b4e37e3 x-tt-trace-host 019da7bd06e912e229762c12209c342f6f58e50ad7bb32fe20a2e042211cbf81b6167b1696ccc5587daa49b17901c60261589a5cb5b99f7bd0f7201fb25a01e22ad13c6208ed229f198109a7edd2b0f7be0e6bbceeeedb2517feb9edc4a5c7dd09
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 876 B	140ms 136ms	Ping text/plain	23.48.224.108 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ3ODVjY2ZhMA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.224.108 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-48-224-108.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://kancilwin.makeup/ Response headers x-cache-remote TCP_MISS from a23-48-100-124.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE expires Sat, 23 Nov 2024 10:03:33 GMT server-timing cdn-cache; desc=MISS, edge; dur=22, origin; dur=20, inner; dur=16 x-cache TCP_MISS from a23-195-36-76.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) date Sat, 23 Nov 2024 10:03:33 GMT x-akamai-request-id ea43a1bd.9b4e38f8 access-control-allow-headers Authorization,* x-tt-trace-host 0165447f0139466249fe6fc15e5a2fb61968e0a2c9faeffb069029d0c03d5b6e9cc5bb180c6468f364526cd3b47c4e89d971cf188035c00500d2e9ff54bb0f1bf889e19ec54f9b578f34234fe333d0e87357d0e34baf4d384075035b1cd6c1aa6bef57c2643b78df297e200f25e5a22a53 x-origin-response-time 20,23.48.100.124 cache-control max-age=0, no-cache, no-store pragma no-cache x-tt-trace-tag id=16;cdn-cache=miss;type=dyn access-control-allow-origin * x-tt-trace-id 00-24112310033330A6569CF13176E2CA15-2D71F4FA21E9398D-00 content-length 0 x-parent-response-time 32,23.195.36.76 x-tt-logid 2024112310033330A6569CF13176E2CA15 server nginx
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 719 B	128ms 123ms	Ping text/plain	23.48.224.108 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ3ODVjY2ZhMA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.224.108 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-48-224-108.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://kancilwin.makeup/ Response headers access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE expires Sat, 23 Nov 2024 10:03:33 GMT server-timing inner; dur=19, cdn-cache; desc=MISS, edge; dur=6, origin; dur=26 x-cache TCP_MISS from a23-195-36-76.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) date Sat, 23 Nov 2024 10:03:33 GMT x-akamai-request-id 9b4e38f9 access-control-allow-headers Authorization,* x-tt-trace-host 0165447f0139466249fe6fc15e5a2fb619db754da65b70f5756402043ed7cb35809531e44acdbf52622a4a6e88d314c2cd386766ec2e1d2dccafcdf6448d041d42fee4a10918d65af83dd1b66bf98be98441f87563f7704d3c514190b1292c3916 x-origin-response-time 26,23.195.36.76 cache-control max-age=0, no-cache, no-store pragma no-cache x-tt-trace-tag id=16;cdn-cache=miss;type=dyn access-control-allow-origin * x-tt-trace-id 00-241123100333054BC8D9BD8D63E94AC3-3467FA6183055B56-00 content-length 0 x-tt-logid 20241123100333054BC8D9BD8D63E94AC3 server nginx
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 717 B	125ms 121ms	Ping text/plain	23.48.224.108 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ3ODVjY2ZhMA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.224.108 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-48-224-108.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://kancilwin.makeup/ Response headers access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE expires Sat, 23 Nov 2024 10:03:33 GMT server-timing inner; dur=16, cdn-cache; desc=MISS, edge; dur=3, origin; dur=25 x-cache TCP_MISS from a23-195-36-76.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) date Sat, 23 Nov 2024 10:03:33 GMT x-akamai-request-id 9b4e38fd access-control-allow-headers Authorization,* x-tt-trace-host 0165447f0139466249fe6fc15e5a2fb619db754da65b70f5756402043ed7cb358006ffba4ca97bf6a70e3500632d87197c7640e8c7aec234cfcbd0696e71c32381a1ce7918327392496ae37cd675540556f2b75c8dec8b76c5770420c515e9b184 x-origin-response-time 25,23.195.36.76 cache-control max-age=0, no-cache, no-store pragma no-cache x-tt-trace-tag id=16;cdn-cache=miss;type=dyn access-control-allow-origin * x-tt-trace-id 00-2411231003337D79E6F9A9893203BB58-71B347A345F61E50-00 content-length 0 x-tt-logid 202411231003337D79E6F9A9893203BB58 server nginx
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 718 B	152ms 147ms	Ping text/plain	23.48.224.108 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ3ODVjY2ZhMA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.224.108 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-48-224-108.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://kancilwin.makeup/ Response headers access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE expires Sat, 23 Nov 2024 10:03:33 GMT server-timing inner; dur=20, cdn-cache; desc=MISS, edge; dur=13, origin; dur=29 x-cache TCP_MISS from a23-195-36-76.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) date Sat, 23 Nov 2024 10:03:33 GMT x-akamai-request-id 9b4e390f access-control-allow-headers Authorization,* x-tt-trace-host 0165447f0139466249fe6fc15e5a2fb619db754da65b70f5756402043ed7cb358016f6208134c21b8e7b25331270c69f602d241e9f14c80aaeaa5f77ab1723916bbbaed527dc88cc5de98e2f25542edb81d5c9b1d4e32f89c9fd25cd5d9b112485 x-origin-response-time 29,23.195.36.76 cache-control max-age=0, no-cache, no-store pragma no-cache x-tt-trace-tag id=16;cdn-cache=miss;type=dyn access-control-allow-origin * x-tt-trace-id 00-241123100333F07A1DFEE4C1E40095B2-5EBA691871D37078-00 content-length 0 x-tt-logid 20241123100333F07A1DFEE4C1E40095B2 server nginx
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 875 B	378ms 374ms	Ping text/plain	23.48.224.108 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ3ODVjY2ZhMA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.224.108 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-48-224-108.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://kancilwin.makeup/ Response headers x-cache-remote TCP_MISS from a23-32-16-72.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE expires Sat, 23 Nov 2024 10:03:33 GMT server-timing cdn-cache; desc=MISS, edge; dur=24, origin; dur=254, inner; dur=243 x-cache TCP_MISS from a23-195-36-76.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) date Sat, 23 Nov 2024 10:03:33 GMT x-akamai-request-id c8130c4c.9b4e3910 access-control-allow-headers Authorization,* x-tt-trace-host 0165447f0139466249fe6fc15e5a2fb61968e0a2c9faeffb069029d0c03d5b6e9cc41a0c3d64cd0fc92d10e4d86785687a7543d28a6758694396cc52d6fbbced9843d6a3994bbe6be4500fcc1c1bf93b59b22bae94f4baf09561044b9a2cb6b1e6d87c4ce8a9f6c17a3900e14c44e6b1d6 x-origin-response-time 254,23.32.16.72 cache-control max-age=0, no-cache, no-store pragma no-cache x-tt-trace-tag id=16;cdn-cache=miss;type=dyn access-control-allow-origin * x-tt-trace-id 00-241123100333862A43AC794B4AF05381-092E66FE0E06AFB3-00 content-length 0 x-parent-response-time 274,23.195.36.76 x-tt-logid 20241123100333862A43AC794B4AF05381 server nginx
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 876 B	130ms 126ms	Ping text/plain	23.48.224.108 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ3ODVjY2ZhMA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.224.108 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-48-224-108.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://kancilwin.makeup/ Response headers x-cache-remote TCP_MISS from a23-220-104-213.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE expires Sat, 23 Nov 2024 10:03:33 GMT server-timing cdn-cache; desc=MISS, edge; dur=13, origin; dur=20, inner; dur=17 x-cache TCP_MISS from a23-195-36-76.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) date Sat, 23 Nov 2024 10:03:33 GMT x-akamai-request-id db2ff667.9b4e3911 access-control-allow-headers Authorization,* x-tt-trace-host 0165447f0139466249fe6fc15e5a2fb61968e0a2c9faeffb069029d0c03d5b6e9c010f6f9eec0ef3c7fcf536becf4e17b9b0f4fb52b9fac8709bc0dca6197a5eafd07267cdce677b82488a0805409c63c2e933f21a89145674f5cfa40a9f196ddea5a3f4f2257aa16f1c4102e1d687fa6d x-origin-response-time 20,23.220.104.213 cache-control max-age=0, no-cache, no-store pragma no-cache x-tt-trace-tag id=16;cdn-cache=miss;type=dyn access-control-allow-origin * x-tt-trace-id 00-241123100333CF10C28447FDAFFDFD17-1A64AED6488A832F-00 content-length 0 x-parent-response-time 27,23.195.36.76 x-tt-logid 20241123100333CF10C28447FDAFFDFD17 server nginx
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 874 B	133ms 129ms	Ping text/plain	23.48.224.108 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ3ODVjY2ZhMA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.224.108 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-48-224-108.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://kancilwin.makeup/ Response headers x-cache-remote TCP_MISS from a23-220-104-204.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE expires Sat, 23 Nov 2024 10:03:33 GMT server-timing cdn-cache; desc=MISS, edge; dur=15, origin; dur=21, inner; dur=18 x-cache TCP_MISS from a23-195-36-76.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) date Sat, 23 Nov 2024 10:03:33 GMT x-akamai-request-id 9a3c9213.9b4e3912 access-control-allow-headers Authorization,* x-tt-trace-host 0165447f0139466249fe6fc15e5a2fb61968e0a2c9faeffb069029d0c03d5b6e9cdde23dec98bf6b4594d2a1bafbd2003cfea443aa96a5831c90090cb0c038774442fd68d7ce179b3b87485cb2da742c353edd8aa42fc50af0627ae522041eea70358ecb60d9c10ec6271d967de6b1e571 x-origin-response-time 21,23.220.104.204 cache-control max-age=0, no-cache, no-store pragma no-cache x-tt-trace-tag id=16;cdn-cache=miss;type=dyn access-control-allow-origin * x-tt-trace-id 00-24112310033325D09A6FAC706CF46BC5-3DB0E80E4F4A032A-00 content-length 0 x-parent-response-time 30,23.195.36.76 x-tt-logid 2024112310033325D09A6FAC706CF46BC5 server nginx
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 875 B	206ms 201ms	Ping text/plain	23.48.224.108 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ3ODVjY2ZhMA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.224.108 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-48-224-108.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://kancilwin.makeup/ Response headers x-cache-remote TCP_MISS from a23-32-16-78.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE expires Sat, 23 Nov 2024 10:03:33 GMT server-timing cdn-cache; desc=MISS, edge; dur=37, origin; dur=64, inner; dur=60 x-cache TCP_MISS from a23-195-36-76.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) date Sat, 23 Nov 2024 10:03:33 GMT x-akamai-request-id d53a78f6.9b4e3913 access-control-allow-headers Authorization,* x-tt-trace-host 0165447f0139466249fe6fc15e5a2fb61968e0a2c9faeffb069029d0c03d5b6e9ca09dadbbed7a0709a4984cbaa29e5372aa883e25e6bf54df52f533e721b5a9828906b8879cfa06e967bcb40e53a86450b83e3e96b6e641ce99ddbe71a69bd24c465ed266dc44dfa7648a6c7614ed9d80 x-origin-response-time 64,23.32.16.78 cache-control max-age=0, no-cache, no-store pragma no-cache x-tt-trace-tag id=16;cdn-cache=miss;type=dyn access-control-allow-origin * x-tt-trace-id 00-241123100333D4E53438965774F31B35-7531F9CF3B33C575-00 content-length 0 x-parent-response-time 97,23.195.36.76 x-tt-logid 20241123100333D4E53438965774F31B35 server nginx
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 872 B	187ms 182ms	Ping text/plain	23.48.224.108 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ3ODVjY2ZhMA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.224.108 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-48-224-108.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://kancilwin.makeup/ Response headers x-cache-remote TCP_MISS from a23-32-16-68.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE expires Sat, 23 Nov 2024 10:03:33 GMT server-timing cdn-cache; desc=MISS, edge; dur=74, origin; dur=17, inner; dur=13 x-cache TCP_MISS from a23-195-36-76.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) date Sat, 23 Nov 2024 10:03:33 GMT x-akamai-request-id f95d380e.9b4e3914 access-control-allow-headers Authorization,* x-tt-trace-host 0165447f0139466249fe6fc15e5a2fb61968e0a2c9faeffb069029d0c03d5b6e9c7076e1a1b326477dcc5fa2d52f4b0d4058480daecccc8b84fad2cc9ac6e01c71e211f71dbbba4825a9620c273b207a1c328538c5f5791458c27189f6ec6839be915c7b5b91b8b27295228d52a6b24088 x-origin-response-time 17,23.32.16.68 cache-control max-age=0, no-cache, no-store pragma no-cache x-tt-trace-tag id=16;cdn-cache=miss;type=dyn access-control-allow-origin * x-tt-trace-id 00-2411231003331EF7F5F1AF8F90E35274-76A571473B233031-00 content-length 0 x-parent-response-time 38,23.195.36.76 x-tt-logid 202411231003331EF7F5F1AF8F90E35274 server nginx
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 875 B	267ms 263ms	Ping text/plain	23.48.224.108 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ3ODVjY2ZhMA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.224.108 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-48-224-108.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://kancilwin.makeup/ Response headers x-cache-remote TCP_MISS from a23-32-16-92.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE expires Sat, 23 Nov 2024 10:03:33 GMT server-timing cdn-cache; desc=MISS, edge; dur=63, origin; dur=103, inner; dur=94 x-cache TCP_MISS from a23-195-36-76.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) date Sat, 23 Nov 2024 10:03:33 GMT x-akamai-request-id 30bb56.9b4e3915 access-control-allow-headers Authorization,* x-tt-trace-host 0165447f0139466249fe6fc15e5a2fb61968e0a2c9faeffb069029d0c03d5b6e9c270c9164ab7dd946f4f955d095c6f92c73d6ab4f7316f4ff86fe11519a710bd4d2a4d84be4d66487cd7650b9be0698244e1a6df4fd5b679fe6521a86be30a7600385198dcd30715cd8d438d769d7993e x-origin-response-time 103,23.32.16.92 cache-control max-age=0, no-cache, no-store pragma no-cache x-tt-trace-tag id=16;cdn-cache=miss;type=dyn access-control-allow-origin * x-tt-trace-id 00-241123100333DA647142C07AA7EDA489-1051EBC53766E41E-00 content-length 0 x-parent-response-time 114,23.195.36.76 x-tt-logid 20241123100333DA647142C07AA7EDA489 server nginx
GET H2	200	close-circle.svg Show response unpkg.com/ionicons@5.0.0/dist/ionicons/svg/	370 B 427 B	71ms 71ms	Fetch image/svg+xml	2606:4700::6811:f8cb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/ionicons@5.0.0/dist/ionicons/svg/close-circle.svg Requested by Host: unpkg.com URL: https://unpkg.com/ionicons@5.0.0/dist/ionicons/p-vsz5ekad.entry.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e03bf00efa78064f183519f25f8560fe55f779b15f0b7a366074e5a9860b60c3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding br cf-cache-status HIT etag "172-5hpn/NLdkYMNuVMULY4iRPcqygc" age 1304330 x-content-type-options nosniff date Sat, 23 Nov 2024 10:03:33 GMT content-type image/svg+xml last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01JC5BPQ29SFF5350PVK9V9N2W-mia vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31536000 via 1.1 fly.io cf-ray 8e70547ddc2521eb-MIA access-control-allow-origin * server cloudflare
GET H3	200	907306738114513 Show response connect.facebook.net/signals/config/	28 KB 3 KB	179ms 179ms	Script application/x-javascript	157.240.241.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/907306738114513?v=2.9.176&r=stable&domain=kancilwin.makeup&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C134%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C126%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128%2C158%2C225%2C226%2C224%2C179%2C138 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-lga3.fbcdn.net Software / Resource Hash 45451d9d6f691b07badf519c105c9bff7f0df8a628ea8222df9b75e946798c8d Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-54F53vP5' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 23 Nov 2024 10:03:33 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'nonce-54F53vP5' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" x-fb-connection-quality GOOD; q=0.7, rtt=117, rtx=0, c=143, mss=1232, tbw=176907, tp=161, tpl=0, uplat=59, ullat=0 pragma public x-fb-debug BZzjktAk2JIbDMJucVV0hR3Gp4G0eyv1ExXfe40wi2dWwugBkvWjU++DyN6xV8ldIKKW8bke8YgoVJmvBFWXRg== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
POST H3	404	events Show response capig.stape.my/	32 B 686 B	655ms 405ms	XHR text/plain	172.67.179.235 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://capig.stape.my/events Requested by Host: connect.facebook.net URL: https://connect.facebook.net/signals/config/437744435950640?v=2.9.176&r=stable&domain=kancilwin.makeup&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C134%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C126%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.179.235 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 442b2a355ab5b646bc7ea6858a5d80f5c2e1be216ba9b9a584a937a8c862b6cc Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://kancilwin.makeup/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status DYNAMIC access-control-allow-credentials true report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eXTPoqlLpJE2kzuKLOraCDKY1612GR3AZOI%2Bsr71L0gqNwuuhcliNDlX4DsUmTU%2B1ZS2bl%2Ff9pfkvK9BZ0DWKy3V26SEe78nqCqEm2tapT4FULAr5LV9H9EaOv1OmuaGag%3D%3D"}],"group":"cf-nel","max_age":604800} via 1.1 google cf-ray 8e7054805c3adaf1-MIA access-control-allow-origin https://kancilwin.makeup alt-svc h3=":443"; ma=86400 content-length 58 server-timing cfL4;desc="?proto=QUIC&rtt=60422&sent=14&recv=12&lost=0&retrans=0&sent_bytes=4227&recv_bytes=4895&delivery_rate=320&cwnd=12000&unsent_bytes=0&cid=95be54a84722859a&ts=484&x=1", cfHdrFlush;dur=0 date Sat, 23 Nov 2024 10:03:34 GMT vary origin, accept-encoding server cloudflare
GET H3	200	/ www.facebook.com/tr/	0 16 B	118ms 118ms	Image text/plain	31.13.71.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=437744435950640&ev=PageView&dl=https%3A%2F%2Fkancilwin.makeup%2F&rl=&if=false&ts=1732356213542&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732356213203.762830359375669533&cs_est=true&ler=empty&cdl=API_unavailable&eid=ob3_plugin-set_a83d5f8c627f943380dfdf7ad33ad10a885c874e4e70ee8d176d08fb5dff5cba&it=1732356212996&coo=false&rqm=GET Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-lga3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality GOOD; q=0.7, rtt=116, rtx=0, c=26, mss=1232, tbw=12284, tp=26, tpl=0, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Sat, 23 Nov 2024 10:03:33 GMT content-type text/plain server proxygen-bolt priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 192 B	157ms 156ms	Image image/png	31.13.71.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=437744435950640&ev=PageView&dl=https%3A%2F%2Fkancilwin.makeup%2F&rl=&if=false&ts=1732356213542&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732356213203.762830359375669533&cs_est=true&ler=empty&cdl=API_unavailable&eid=ob3_plugin-set_a83d5f8c627f943380dfdf7ad33ad10a885c874e4e70ee8d176d08fb5dff5cba&it=1732356212996&coo=false&rqm=FGET Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-lga3.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440413281425904189"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440413281425904189"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 23 Nov 2024 10:03:33 GMT content-type image/png vary Accept-Encoding x-fb-debug ns4mV/o0EK3xKQJRtnCjSuqeVrc3VnJmjEKibgfDosgpSybH0WpF9FtCvHh6D2cMrbyETnLIzWbSFnAS4o1Mvg== priority u=3,i x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7440413281425904189", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; nel {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01} cache-control private, no-store, no-cache, must-revalidate cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=116, rtx=0, c=29, mss=1232, tbw=12444, tp=28, tpl=0, uplat=36, ullat=0 pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H2	200	get_configuration Show response api.livechatinc.com/v3.4/customer/action/	5 KB 2 KB	274ms 274ms	Script application/javascript	23.200.88.74 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=10c5f2ef-2915-42e3-8cb4-c30bcb191d09&version=911.0.3.335.347.191.4.5.4.48.3.19.6&group_id=0&jsonp=__lc_static_config Requested by Host: cdn.livechatinc.com URL: https://cdn.livechatinc.com/tracking.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.200.88.74 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-200-88-74.deploy.static.akamaitechnologies.com Software / Resource Hash 2114c74303b9d208d727952bf9f2d7848c038313c22143db3c4e8e9879ab0f63 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers cache-control public, max-age=600 content-encoding gzip cross-origin-resource-policy cross-origin deprecation 2024-11-30 expires Sat, 23 Nov 2024 10:13:33 GMT content-length 1827 date Sat, 23 Nov 2024 10:03:33 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding
POST H2	200	act analytics.tiktok.com/api/v2/pixel/	0 720 B	286ms 284ms	Ping text/plain	23.48.224.108 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel/act Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ3ODVjY2ZhMA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.224.108 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-48-224-108.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://kancilwin.makeup/ Response headers access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE expires Sat, 23 Nov 2024 10:03:33 GMT server-timing inner; dur=174, cdn-cache; desc=MISS, edge; dur=10, origin; dur=182 x-cache TCP_MISS from a23-195-36-76.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-) date Sat, 23 Nov 2024 10:03:33 GMT x-akamai-request-id 9b4e4173 access-control-allow-headers Authorization,* x-tt-trace-host 0165447f0139466249fe6fc15e5a2fb619db754da65b70f5756402043ed7cb358082083d73eac4e2f55eb0471c0a175bb8950e50b9468d14a852fe6950836eba187bd9b8370232606242ce424de7533368cb1d2b0e6a1cf6d4275edfd6b37228fb x-origin-response-time 182,23.195.36.76 cache-control max-age=0, no-cache, no-store pragma no-cache x-tt-trace-tag id=16;cdn-cache=miss;type=dyn access-control-allow-origin * x-tt-trace-id 00-2411231003333783F5917D9460F036E8-4FFF02FE630A1E83-00 content-length 0 x-tt-logid 202411231003333783F5917D9460F036E8 server nginx
GET H3	200	1757208674815141 Show response connect.facebook.net/signals/config/	28 KB 3 KB	172ms 171ms	Script application/x-javascript	157.240.241.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1757208674815141?v=2.9.176&r=stable&domain=kancilwin.makeup&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C134%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C126%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128%2C158%2C225%2C226%2C224%2C179%2C138 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-lga3.fbcdn.net Software / Resource Hash ca8e3223d16e73cf7645fb0dd9dde663e89fc705b8c05e01f04f8210966f4f65 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-5iSvgm5J' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 23 Nov 2024 10:03:33 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'nonce-5iSvgm5J' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=117, rtx=0, c=143, mss=1232, tbw=181019, tp=166, tpl=0, uplat=51, ullat=1 pragma public x-fb-debug lVhFLrhEHmPhQDPNT8/MufSPHzihgxKTWxm6PfERDHpMQh2QA5lu0jMS/J75D9JIT1mtNRdkSdQx6Sbz/O/6iA== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	/ www.facebook.com/tr/	0 16 B	120ms 119ms	Image text/plain	31.13.71.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=907306738114513&ev=PageView&dl=https%3A%2F%2Fkancilwin.makeup%2F&rl=&if=false&ts=1732356213765&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732356213203.762830359375669533&cs_est=true&ler=empty&cdl=API_unavailable&it=1732356212996&coo=false&rqm=GET Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-lga3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality GOOD; q=0.7, rtt=116, rtx=0, c=30, mss=1232, tbw=13628, tp=32, tpl=0, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Sat, 23 Nov 2024 10:03:33 GMT content-type text/plain server proxygen-bolt priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 195 B	147ms 146ms	Image image/png	31.13.71.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=907306738114513&ev=PageView&dl=https%3A%2F%2Fkancilwin.makeup%2F&rl=&if=false&ts=1732356213765&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732356213203.762830359375669533&cs_est=true&ler=empty&cdl=API_unavailable&it=1732356212996&coo=false&rqm=FGET Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-lga3.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440413280214546797"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440413280214546797"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 23 Nov 2024 10:03:33 GMT content-type image/png vary Accept-Encoding x-fb-debug ZbkqakCjNatSgQw4XJdhZb+4WLyVCUvh5vkRVQ+pbR4fPctJL3VGXAjzcmAAYnfTTBu4aU0LrHQo0i1Dte2AIw== priority u=3,i x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7440413280214546797", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; nel {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01} cache-control private, no-store, no-cache, must-revalidate cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=116, rtx=0, c=30, mss=1232, tbw=13836, tp=35, tpl=0, uplat=23, ullat=0 pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top cross-origin-opener-policy-report-only restrict-properties;report-to="coop_report" x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	501584855753365 Show response connect.facebook.net/signals/config/	29 KB 3 KB	317ms 315ms	Script application/x-javascript	157.240.241.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/501584855753365?v=2.9.176&r=stable&domain=kancilwin.makeup&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C134%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C126%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128%2C158%2C225%2C226%2C224%2C179%2C138 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-lga3.fbcdn.net Software / Resource Hash 4de9ed2d2917fe4bd4832db06ba7a2c79a52c13b9fa81e2c1ed4147ab9296724 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-QqDy6Au1' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 23 Nov 2024 10:03:34 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'nonce-QqDy6Au1' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" x-fb-connection-quality GOOD; q=0.7, rtt=118, rtx=0, c=143, mss=1232, tbw=185100, tp=172, tpl=0, uplat=187, ullat=0 pragma public x-fb-debug XpkgP51umDaQ2AzZwhGwKY0/ELAC9cW9/WPzZD7Wmhi8/t/L60FhVjPs1R45DKK1b6NbbFegDm/rYFbyMU2diA== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	/ www.facebook.com/tr/	0 16 B	160ms 159ms	Image text/plain	31.13.71.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1757208674815141&ev=PageView&dl=https%3A%2F%2Fkancilwin.makeup%2F&rl=&if=false&ts=1732356213947&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732356213203.762830359375669533&cs_est=true&ler=empty&cdl=API_unavailable&it=1732356212996&coo=false&rqm=GET Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-lga3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality GOOD; q=0.7, rtt=117, rtx=0, c=31, mss=1232, tbw=15052, tp=39, tpl=0, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Sat, 23 Nov 2024 10:03:34 GMT content-type text/plain server proxygen-bolt priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 194 B	192ms 191ms	Image image/png	31.13.71.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1757208674815141&ev=PageView&dl=https%3A%2F%2Fkancilwin.makeup%2F&rl=&if=false&ts=1732356213947&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732356213203.762830359375669533&cs_est=true&ler=empty&cdl=API_unavailable&it=1732356212996&coo=false&rqm=FGET Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-lga3.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440413284768437703"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440413284768437703"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 23 Nov 2024 10:03:34 GMT content-type image/png vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7440413284768437703", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; nel {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01} cache-control private, no-store, no-cache, must-revalidate cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=117, rtx=0, c=31, mss=1232, tbw=15244, tp=41, tpl=0, uplat=26, ullat=0 pragma no-cache x-fb-debug NMaWCYngDHD3NJeXkz8ar4WDD3aFM7U48iBLgK7c1Gkl3iTCmBTgoUUEF480qtL6Eoi8mO6wY4xpq1VFbxrAXw== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H/1.1	200 OK	core.js Show response s1.kwai.net/kos/s101/nlav11187/pixel/core/	290 KB 77 KB	120ms 119ms	Script application/javascript	43.152.136.170 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=259367136645613&lib=kwaiq Requested by Host: s1.kwai.net URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=259367136645613&lib=kwaiq Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.152.136.170 , Singapore, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software Lego Server / Resource Hash c8da6b8870aeb38f2ff3528402fc81a4960ab5c86f629e3526d6b36f96a92e87 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers Content-MD5 i6zSW0hdN+sW3Egwa6IiGg== Access-Control-Expose-Headers x-ks-request-id,x-ks-client-ip,Content-Length x-oss-storage-class Standard Content-Encoding gzip x-ks-client-ip 38.132.118.73 x-oss-object-type Normal kwaisign NULL Expires Sat, 23 Nov 2024 02:57:15 GMT Date Thu, 24 Oct 2024 02:57:15 GMT x-oss-server-time 31 Last-Modified Wed, 11 Sep 2024 08:21:14 GMT Content-Type application/javascript Vary Accept-Encoding Cache-Control no-cache X-NWS-LOG-UUID 14912613473153704525 X-Ks-Cache Hit from 43.152.136.170 x-oss-hash-crc64ecma 1814864409054748518 Connection keep-alive Accept-Ranges bytes X-Ks-Request-ID 14912613473153704525 Access-Control-Allow-Origin * Content-Length 77865 x-oss-request-id 6719B78B65C09037323FAE25 X-Cache-Lookup Cache Hit Server Lego Server
GET H3	200	1084128126630433 Show response connect.facebook.net/signals/config/	29 KB 3 KB	224ms 223ms	Script application/x-javascript	157.240.241.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1084128126630433?v=2.9.176&r=stable&domain=kancilwin.makeup&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C134%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C126%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128%2C158%2C225%2C226%2C224%2C179%2C138 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-lga3.fbcdn.net Software / Resource Hash 42838b63186c1a5d57ff0b5cc168a37ba50361f6ff8ac0bf76629237a079fe10 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-Pg3zjMVy' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 23 Nov 2024 10:03:34 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'nonce-Pg3zjMVy' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=125, rtx=0, c=143, mss=1232, tbw=189308, tp=177, tpl=0, uplat=54, ullat=0 pragma public x-fb-debug sthrTzIE61xj6EFngXkGjCRuIdHCh5bfCgYOZB7LowRwbyUA3OzZ9CKgj+FmJH20LemT5CgYQksgcunjPleEtw== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	/ www.facebook.com/tr/	0 16 B	135ms 132ms	Image text/plain	31.13.71.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=501584855753365&ev=PageView&dl=https%3A%2F%2Fkancilwin.makeup%2F&rl=&if=false&ts=1732356214278&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732356213203.762830359375669533&cs_est=true&ler=empty&cdl=API_unavailable&it=1732356212996&coo=false&rqm=GET Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-lga3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality GOOD; q=0.7, rtt=127, rtx=0, c=33, mss=1232, tbw=16668, tp=46, tpl=0, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Sat, 23 Nov 2024 10:03:34 GMT content-type text/plain server proxygen-bolt priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 194 B	173ms 170ms	Image image/png	31.13.71.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=501584855753365&ev=PageView&dl=https%3A%2F%2Fkancilwin.makeup%2F&rl=&if=false&ts=1732356214278&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732356213203.762830359375669533&cs_est=true&ler=empty&cdl=API_unavailable&it=1732356212996&coo=false&rqm=FGET Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-lga3.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440413285316667063"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440413285316667063"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 23 Nov 2024 10:03:34 GMT content-type image/png vary Accept-Encoding x-fb-debug TMWrXLpPPVa4MkpqrpkzuYiCsZWwJAi8as5xvdIHFiVOXEfMrislTK99xVNzQqGnLW6xwU1EhkgBpYQtnA2H9w== priority u=3,i x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7440413285316667063", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; nel {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01} cache-control private, no-store, no-cache, must-revalidate cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=127, rtx=0, c=33, mss=1232, tbw=16828, tp=48, tpl=0, uplat=22, ullat=0 pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H/1.1	200 OK	core.js Show response s1.kwai.net/kos/s101/nlav11187/pixel/core/	290 KB 77 KB	121ms 118ms	Script application/javascript	43.152.136.170 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=258613892563653&lib=kwaiq Requested by Host: s1.kwai.net URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=258613892563653&lib=kwaiq Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.152.136.170 , Singapore, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software Lego Server / Resource Hash c8da6b8870aeb38f2ff3528402fc81a4960ab5c86f629e3526d6b36f96a92e87 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers Content-MD5 i6zSW0hdN+sW3Egwa6IiGg== Access-Control-Expose-Headers x-ks-request-id,x-ks-client-ip,Content-Length x-oss-storage-class Standard Content-Encoding gzip x-ks-client-ip 38.132.118.73 x-oss-object-type Normal kwaisign NULL Expires Sat, 23 Nov 2024 02:57:15 GMT Date Thu, 24 Oct 2024 02:57:15 GMT x-oss-server-time 31 Last-Modified Wed, 11 Sep 2024 08:21:14 GMT Content-Type application/javascript Vary Accept-Encoding Cache-Control no-cache X-NWS-LOG-UUID 16403317026243629648 X-Ks-Cache Hit from 43.152.136.170 x-oss-hash-crc64ecma 1814864409054748518 Connection keep-alive Accept-Ranges bytes X-Ks-Request-ID 16403317026243629648 Access-Control-Allow-Origin * Content-Length 77865 x-oss-request-id 6719B78B65C09037323FAE25 X-Cache-Lookup Cache Hit Server Lego Server
GET H3	200	2230770460655242 Show response connect.facebook.net/signals/config/	28 KB 3 KB	264ms 263ms	Script application/x-javascript	157.240.241.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/2230770460655242?v=2.9.176&r=stable&domain=kancilwin.makeup&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C134%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C126%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128%2C158%2C225%2C226%2C224%2C179%2C138 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-lga3.fbcdn.net Software / Resource Hash a2293b9f15b72cc010fbd460da7f140d9b0fa91d392009afc286bdf3c93f946f Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-mtoWzRwq' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 23 Nov 2024 10:03:34 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'nonce-mtoWzRwq' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=129, rtx=0, c=143, mss=1232, tbw=193500, tp=183, tpl=0, uplat=50, ullat=0 pragma public x-fb-debug kw9gZO4gqD03OldUL17fJ3sStv7xKWA9fTpcr9Q1rGPt46mOYhEIfF4T1ftbWnJb101E0c4IbJxYaB2MLcylaA== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	/ www.facebook.com/tr/	0 16 B	264ms 263ms	Image text/plain	31.13.71.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1084128126630433&ev=PageView&dl=https%3A%2F%2Fkancilwin.makeup%2F&rl=&if=false&ts=1732356214516&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732356213203.762830359375669533&cs_est=true&ler=empty&cdl=API_unavailable&it=1732356212996&coo=false&rqm=GET Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-lga3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality GOOD; q=0.7, rtt=131, rtx=0, c=34, mss=1232, tbw=19071, tp=54, tpl=0, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Sat, 23 Nov 2024 10:03:34 GMT content-type text/plain server proxygen-bolt priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 192 B	264ms 263ms	Image image/png	31.13.71.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1084128126630433&ev=PageView&dl=https%3A%2F%2Fkancilwin.makeup%2F&rl=&if=false&ts=1732356214516&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732356213203.762830359375669533&cs_est=true&ler=empty&cdl=API_unavailable&it=1732356212996&coo=false&rqm=FGET Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-lga3.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440413285678258809"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440413285678258809"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 23 Nov 2024 10:03:34 GMT content-type image/png vary Accept-Encoding x-fb-debug Xm85v2zOkgi003FdcEeFAG8AEvmmutMdAzEcdD1hwhb5OKZWqWywjQcAqy1DZbf97ybRqEKHrn5EFK2TharncQ== priority u=3,i x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7440413285678258809", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; nel {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01} cache-control private, no-store, no-cache, must-revalidate cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=131, rtx=0, c=34, mss=1232, tbw=19231, tp=56, tpl=0, uplat=26, ullat=0 pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
POST H2	200	radar Show response logsdk.kwai-pro.com/rest/wd/common/log/collect/	66 B 277 B	790ms 360ms	XHR text/plain	23.219.36.239 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel Requested by Host: s1.kwai.net URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=258613892563653&lib=kwaiq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.219.36.239 Chicago, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-219-36-239.deploy.static.akamaitechnologies.com Software / Resource Hash 9ca17ad89980d42a79c07fa471245713321333f3fe05955b534a6e1231e6cfc8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://kancilwin.makeup/ Response headers access-control-allow-origin https://kancilwin.makeup alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 66 date Sat, 23 Nov 2024 10:03:35 GMT content-type text/plain;charset=UTF-8 access-control-allow-credentials true
GET H3	200	getPixelConfig Show response ads.mythad.com/rest/n/adintl/ad/	788 B 509 B	404ms 401ms	XHR application/json	23.219.36.236 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://ads.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=258613892563653&pageId=pageId-1732356214550-4679662837639 Requested by Host: s1.kwai.net URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=258613892563653&lib=kwaiq Protocol H3 Security QUIC, , AES_256_GCM Server 23.219.36.236 Chicago, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-219-36-236.deploy.static.akamaitechnologies.com Software / Resource Hash 97ed313f8da93f386d137e31582d3149804829676087264a17332a221e7868ef Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding gzip access-control-allow-credentials true quic-version 0x00000001 access-control-allow-origin https://kancilwin.makeup alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 489 date Sat, 23 Nov 2024 10:03:34 GMT content-type application/json;charset=UTF-8 vary Accept-Encoding
GET H3	200	getPixelConfig Show response ads.mythad.com/rest/n/adintl/ad/	755 B 475 B	414ms 413ms	XHR application/json	23.219.36.236 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://ads.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=259367136645613&pageId=pageId-1732356214550-4679662837639 Requested by Host: s1.kwai.net URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=258613892563653&lib=kwaiq Protocol H3 Security QUIC, , AES_256_GCM Server 23.219.36.236 Chicago, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-219-36-236.deploy.static.akamaitechnologies.com Software / Resource Hash 26a5651c6415507ffe6500dc3f2fa63b51b31d21520876caf8c36a0a1538d2fc Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding gzip access-control-allow-credentials true quic-version 0x00000001 access-control-allow-origin https://kancilwin.makeup alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 455 date Sat, 23 Nov 2024 10:03:34 GMT content-type application/json;charset=UTF-8 vary Accept-Encoding
GET H3	200	865628485670498 Show response connect.facebook.net/signals/config/	28 KB 3 KB	205ms 203ms	Script application/x-javascript	157.240.241.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/865628485670498?v=2.9.176&r=stable&domain=kancilwin.makeup&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C134%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C126%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128%2C158%2C225%2C226%2C224%2C179%2C138 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-lga3.fbcdn.net Software / Resource Hash 27bd503f498a2b7e95d18e19e4f5accf1430b6a13aa17bc8d98e3068fda8ede0 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-7BytLuys' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 23 Nov 2024 10:03:34 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'nonce-7BytLuys' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=128, rtx=0, c=143, mss=1232, tbw=197676, tp=190, tpl=0, uplat=82, ullat=0 pragma public x-fb-debug tGcVrIKYSWGYW732Nx6AECEJTwqwwHULsC7+BRH+whmhDlwXHBaLiatC0+ugq5uVtk1BWL+QlgGEOJkelF+hIg== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	/ www.facebook.com/tr/	0 16 B	162ms 160ms	Image text/plain	31.13.71.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=2230770460655242&ev=PageView&dl=https%3A%2F%2Fkancilwin.makeup%2F&rl=&if=false&ts=1732356214795&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732356213203.762830359375669533&cs_est=true&ler=empty&cdl=API_unavailable&it=1732356212996&coo=false&rqm=GET Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-lga3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality GOOD; q=0.7, rtt=137, rtx=0, c=35, mss=1232, tbw=20383, tp=60, tpl=0, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Sat, 23 Nov 2024 10:03:34 GMT content-type text/plain server proxygen-bolt priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 193 B	173ms 172ms	Image image/png	31.13.71.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2230770460655242&ev=PageView&dl=https%3A%2F%2Fkancilwin.makeup%2F&rl=&if=false&ts=1732356214795&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732356213203.762830359375669533&cs_est=true&ler=empty&cdl=API_unavailable&it=1732356212996&coo=false&rqm=FGET Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-lga3.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440413286100511617"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440413286100511617"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 23 Nov 2024 10:03:34 GMT content-type image/png vary Accept-Encoding x-fb-debug leilLDBDCxMEBUzcfb5fZWi67zZn2aZoUBdDBqCOHsJv5FnbpV9+t756VKPalh3PUzd1C7N29KdvOjVjW0kGow== priority u=3,i x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7440413286100511617", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; nel {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01} cache-control private, no-store, no-cache, must-revalidate cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=137, rtx=0, c=35, mss=1232, tbw=20543, tp=62, tpl=0, uplat=32, ullat=0 pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
POST H2	200	radar Show response logsdk.kwai-pro.com/rest/wd/common/log/collect/	70 B 192 B	506ms 503ms	XHR text/plain	23.219.36.239 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel Requested by Host: s1.kwai.net URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=258613892563653&lib=kwaiq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.219.36.239 Chicago, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-219-36-239.deploy.static.akamaitechnologies.com Software / Resource Hash bca223949b3c1067536b05f195eae79058ea9df3acd23618b1a87887be7ba572 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://kancilwin.makeup/ Response headers access-control-allow-origin https://kancilwin.makeup content-length 70 date Sat, 23 Nov 2024 10:03:35 GMT content-type text/plain;charset=UTF-8 access-control-allow-credentials true
POST H3	200	api Show response ads.mythad.com/log/common/co/	2 KB 1005 B	330ms 329ms	XHR application/json	23.219.36.236 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://ads.mythad.com/log/common/co/api Requested by Host: s1.kwai.net URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=258613892563653&lib=kwaiq Protocol H3 Security QUIC, , AES_256_GCM Server 23.219.36.236 Chicago, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-219-36-236.deploy.static.akamaitechnologies.com Software / Resource Hash 1a1c37c46726f1237465b89379bee8a4c14114d66e2fa5700027e88f2c7751ee Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type application/json Referer https://kancilwin.makeup/ Response headers content-encoding gzip access-control-allow-credentials true quic-version 0x00000001 access-control-allow-origin https://kancilwin.makeup alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 986 date Sat, 23 Nov 2024 10:03:35 GMT content-type application/json;charset=utf-8 vary Accept-Encoding
OPTIONS H3	200	api ads.mythad.com/log/common/co/	0 0	467ms 459ms	Preflight	23.219.36.236 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://ads.mythad.com/log/common/co/api Protocol H3 Security QUIC, , AES_256_GCM Server 23.219.36.236 Chicago, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-219-36-236.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://kancilwin.makeup Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin https://kancilwin.makeup access-control-max-age 1800 allow GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 0 date Sat, 23 Nov 2024 10:03:35 GMT quic-version 0x00000001
GET H/1.1	200 OK	checkPixel.js Show response s1.kwai.net/kos/s101/nlav11187/pixel/core/	126 KB 40 KB	150ms 148ms	Script application/javascript	43.152.136.170 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://s1.kwai.net/kos/s101/nlav11187/pixel/core/checkPixel.js?sdkid=258613892563653&lib=kwaiq Requested by Host: s1.kwai.net URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=258613892563653&lib=kwaiq Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.152.136.170 , Singapore, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software Lego Server / Resource Hash a3a4b8a8111fe31596e204f6898e7d2e15ba5ee5bfe4542a3a208ddc96829951 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers Content-MD5 AW9CEWCiJefwVj7zcti69w== Access-Control-Expose-Headers x-ks-request-id,x-ks-client-ip,Content-Length x-oss-storage-class Standard Content-Encoding gzip x-ks-client-ip 38.132.118.73 x-oss-object-type Normal kwaisign NULL Expires Wed, 23 Oct 2024 14:48:54 GMT Date Mon, 23 Sep 2024 14:48:54 GMT x-oss-server-time 35 Last-Modified Mon, 27 May 2024 07:18:27 GMT Content-Type application/javascript Vary Accept-Encoding Cache-Control no-cache X-NWS-LOG-UUID 2031196951600609941 X-Ks-Cache Hit from 43.152.136.170 x-oss-hash-crc64ecma 11760214008123873659 Connection keep-alive Accept-Ranges bytes X-Ks-Request-ID 2031196951600609941 Access-Control-Allow-Origin * Content-Length 39769 x-oss-request-id 66F17FD5C592313632F5E14C X-Cache-Lookup Cache Hit Server Lego Server
POST H3	200	api Show response ads.mythad.com/log/common/co/	2 KB 1004 B	322ms 319ms	XHR application/json	23.219.36.236 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://ads.mythad.com/log/common/co/api Requested by Host: s1.kwai.net URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=258613892563653&lib=kwaiq Protocol H3 Security QUIC, , AES_256_GCM Server 23.219.36.236 Chicago, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-219-36-236.deploy.static.akamaitechnologies.com Software / Resource Hash 8577e01fc42ae02dba74353e248831b768122c1e52913b539e915b24a89e614f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type application/json Referer https://kancilwin.makeup/ Response headers content-encoding gzip access-control-allow-credentials true quic-version 0x00000001 access-control-allow-origin https://kancilwin.makeup alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 985 date Sat, 23 Nov 2024 10:03:35 GMT content-type application/json;charset=utf-8 vary Accept-Encoding
OPTIONS H3	200	api ads.mythad.com/log/common/co/	0 0	453ms 452ms	Preflight	23.219.36.236 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://ads.mythad.com/log/common/co/api Protocol H3 Security QUIC, , AES_256_GCM Server 23.219.36.236 Chicago, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-219-36-236.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://kancilwin.makeup Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin https://kancilwin.makeup access-control-max-age 1800 allow GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 0 date Sat, 23 Nov 2024 10:03:35 GMT quic-version 0x00000001
GET H3	200	2263711927361015 Show response connect.facebook.net/signals/config/	25 KB 3 KB	197ms 196ms	Script application/x-javascript	157.240.241.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/2263711927361015?v=2.9.176&r=stable&domain=kancilwin.makeup&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C134%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C126%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128%2C158%2C225%2C226%2C224%2C179%2C138 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-lga3.fbcdn.net Software / Resource Hash 938fbe71a939722521fb1e39363bd605ef960752e3ab2670cd3e527c02e7c292 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-N87RrICd' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 23 Nov 2024 10:03:35 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'nonce-N87RrICd' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=130, rtx=0, c=143, mss=1232, tbw=201772, tp=196, tpl=0, uplat=49, ullat=0 pragma public x-fb-debug SWc1MB8OE6OKbK7UoPCjC/gk8JZ/fQ9a+A+rSxc/tt+5sNjVYNqG0vhxROoET8UjjGLnTM9vt5cwviv6f9qiVQ== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	/ www.facebook.com/tr/	0 16 B	155ms 153ms	Image text/plain	31.13.71.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=865628485670498&ev=PageView&dl=https%3A%2F%2Fkancilwin.makeup%2F&rl=&if=false&ts=1732356215017&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732356213203.762830359375669533&cs_est=true&ler=empty&cdl=API_unavailable&it=1732356212996&coo=false&rqm=GET Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-lga3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality GOOD; q=0.7, rtt=134, rtx=0, c=37, mss=1232, tbw=21743, tp=67, tpl=0, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Sat, 23 Nov 2024 10:03:35 GMT content-type text/plain server proxygen-bolt priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 194 B	166ms 165ms	Image image/png	31.13.71.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=865628485670498&ev=PageView&dl=https%3A%2F%2Fkancilwin.makeup%2F&rl=&if=false&ts=1732356215017&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732356213203.762830359375669533&cs_est=true&ler=empty&cdl=API_unavailable&it=1732356212996&coo=false&rqm=FGET Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-lga3.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440413290522254038"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440413290522254038"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 23 Nov 2024 10:03:35 GMT content-type image/png vary Accept-Encoding x-fb-debug HHBBgXhxe+GUCNcU7ZSmggsn0vECueHsNCWOLG1wNLcPoiMg1LiEqP5iP8pST+cnWT52VPfqyCBVkTrc61iyQg== priority u=3,i x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7440413290522254038", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; nel {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01} cache-control private, no-store, no-cache, must-revalidate cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=134, rtx=0, c=37, mss=1232, tbw=21935, tp=69, tpl=0, uplat=21, ullat=0 pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	1464759980879083 Show response connect.facebook.net/signals/config/	28 KB 3 KB	172ms 171ms	Script application/x-javascript	157.240.241.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1464759980879083?v=2.9.176&r=stable&domain=kancilwin.makeup&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C134%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C126%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128%2C158%2C225%2C226%2C224%2C179%2C138 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-lga3.fbcdn.net Software / Resource Hash f49400df7728e534b1250b661979bbc8e41d91b3037fedefd61e31ffc8cfee04 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-q7WzGsTK' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 23 Nov 2024 10:03:35 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'nonce-q7WzGsTK' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=130, rtx=0, c=143, mss=1232, tbw=205644, tp=202, tpl=0, uplat=51, ullat=0 pragma public x-fb-debug IzeKhKBvazIfEyEYW35G4OmBoPvq7blmuExweMhC12anwDegVYvOetM72CkoRp/8WhnMARBEBzuntPiTPNBRMA== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	/ www.facebook.com/tr/	0 16 B	121ms 120ms	Image text/plain	31.13.71.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=2263711927361015&ev=PageView&dl=https%3A%2F%2Fkancilwin.makeup%2F&rl=&if=false&ts=1732356215317&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732356213203.762830359375669533&ler=empty&cdl=API_unavailable&it=1732356212996&coo=false&rqm=GET Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-lga3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality GOOD; q=0.7, rtt=130, rtx=0, c=38, mss=1232, tbw=23167, tp=74, tpl=0, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Sat, 23 Nov 2024 10:03:35 GMT content-type text/plain server proxygen-bolt priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 193 B	161ms 160ms	Image image/png	31.13.71.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2263711927361015&ev=PageView&dl=https%3A%2F%2Fkancilwin.makeup%2F&rl=&if=false&ts=1732356215317&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732356213203.762830359375669533&ler=empty&cdl=API_unavailable&it=1732356212996&coo=false&rqm=FGET Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-lga3.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440413288672197271"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440413288672197271"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 23 Nov 2024 10:03:35 GMT content-type image/png vary Accept-Encoding x-fb-debug s0O76RSQDDH3BXHLShHTNYRsi6OJOv2Z6A8AWXHr83x9b7Y3W4OQ9xO9E9xPyEV63bviTSeRbcqK506ecuw8yQ== priority u=3,i x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7440413288672197271", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; nel {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01} cache-control private, no-store, no-cache, must-revalidate cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=130, rtx=0, c=38, mss=1232, tbw=23327, tp=76, tpl=0, uplat=40, ullat=0 pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
OPTIONS H3	200	checkPixelCompress ads.mythad.com/rest/n/adintl/ad/	0 0	323ms 322ms	Preflight	23.219.36.236 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://ads.mythad.com/rest/n/adintl/ad/checkPixelCompress Protocol H3 Security QUIC, , AES_256_GCM Server 23.219.36.236 Chicago, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-219-36-236.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://kancilwin.makeup Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin https://kancilwin.makeup access-control-max-age 1800 allow GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 0 date Sat, 23 Nov 2024 10:03:35 GMT quic-version 0x00000001
POST H3	200	checkPixelCompress Show response ads.mythad.com/rest/n/adintl/ad/	146 B 164 B	1268ms 1021ms	XHR application/json	23.219.36.236 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://ads.mythad.com/rest/n/adintl/ad/checkPixelCompress Requested by Host: s1.kwai.net URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/checkPixel.js?sdkid=258613892563653&lib=kwaiq Protocol H3 Security QUIC, , AES_256_GCM Server 23.219.36.236 Chicago, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-219-36-236.deploy.static.akamaitechnologies.com Software / Resource Hash f8805ce1e28f1d20e8d4064bd1cab15687410c2d3ab249c3d327c72238d99301 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type application/json Referer https://kancilwin.makeup/ Response headers content-encoding gzip access-control-allow-credentials true quic-version 0x00000001 access-control-allow-origin https://kancilwin.makeup alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 145 date Sat, 23 Nov 2024 10:03:36 GMT content-type application/json;charset=UTF-8 vary Accept-Encoding
GET H3	200	3446518312315130 Show response connect.facebook.net/signals/config/	28 KB 3 KB	175ms 175ms	Script application/x-javascript	157.240.241.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/3446518312315130?v=2.9.176&r=stable&domain=kancilwin.makeup&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C134%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C126%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128%2C158%2C225%2C226%2C224%2C179%2C138 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-lga3.fbcdn.net Software / Resource Hash a6a1a13871e8ae9e87bb60e4613244d42cc64ccb6e8910f5411ca9bb5b00c85d Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-L0NVMDbi' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 23 Nov 2024 10:03:35 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'nonce-L0NVMDbi' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=127, rtx=0, c=143, mss=1232, tbw=209724, tp=207, tpl=0, uplat=55, ullat=0 pragma public x-fb-debug QK0FD9j9WKUh1TfVjahgAv/8Q5uISxGJ+NkLPCJMkV9h/DcdqegW/znJ0wujnJBawUBbrewrPky3pIyqPPdpwQ== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	/ www.facebook.com/tr/	0 16 B	125ms 124ms	Image text/plain	31.13.71.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1464759980879083&ev=PageView&dl=https%3A%2F%2Fkancilwin.makeup%2F&rl=&if=false&ts=1732356215497&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732356213203.762830359375669533&cs_est=true&ler=empty&cdl=API_unavailable&it=1732356212996&coo=false&rqm=GET Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-lga3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality GOOD; q=0.7, rtt=126, rtx=0, c=39, mss=1232, tbw=24511, tp=80, tpl=0, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Sat, 23 Nov 2024 10:03:35 GMT content-type text/plain server proxygen-bolt priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 193 B	144ms 144ms	Image image/png	31.13.71.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1464759980879083&ev=PageView&dl=https%3A%2F%2Fkancilwin.makeup%2F&rl=&if=false&ts=1732356215497&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732356213203.762830359375669533&cs_est=true&ler=empty&cdl=API_unavailable&it=1732356212996&coo=false&rqm=FGET Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-lga3.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440413289251438559"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440413289251438559"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 23 Nov 2024 10:03:35 GMT content-type image/png vary Accept-Encoding x-fb-debug JFQqSkjFB1MiTs7qlKjVOVItOjtzWXokahU5KZf5/sO9GTdM0Wix02TNWxRurF75HAOL43v52GyRO9yBIsVttA== priority u=3,i x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7440413289251438559", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; nel {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01} cache-control private, no-store, no-cache, must-revalidate cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=126, rtx=0, c=39, mss=1232, tbw=24671, tp=82, tpl=0, uplat=25, ullat=0 pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
POST H2	200	radar Show response logsdk.kwai-pro.com/rest/wd/common/log/collect/	72 B 194 B	324ms 319ms	XHR text/plain	23.219.36.239 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel Requested by Host: s1.kwai.net URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=258613892563653&lib=kwaiq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.219.36.239 Chicago, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-219-36-239.deploy.static.akamaitechnologies.com Software / Resource Hash db83762e896f4a7ac32879db298bee9b265ea2b11662438eed0004b21637c1bd Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://kancilwin.makeup/ Response headers access-control-allow-origin https://kancilwin.makeup content-length 72 date Sat, 23 Nov 2024 10:03:35 GMT content-type text/plain;charset=UTF-8 access-control-allow-credentials true
GET H3	200	1051309733448537 Show response connect.facebook.net/signals/config/	28 KB 3 KB	163ms 162ms	Script application/x-javascript	157.240.241.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1051309733448537?v=2.9.176&r=stable&domain=kancilwin.makeup&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C134%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C126%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128%2C158%2C225%2C226%2C224%2C179%2C138 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-lga3.fbcdn.net Software / Resource Hash b6357a55893f0599e20b9b15857cfbafba2f5f56b938f7ab02d09d1c4b1fd252 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-Ux1AQEoa' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 23 Nov 2024 10:03:35 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'nonce-Ux1AQEoa' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=125, rtx=0, c=143, mss=1232, tbw=213772, tp=212, tpl=0, uplat=44, ullat=0 pragma public x-fb-debug d1Vmt84voLHTGwnPmHmFQPHEziAQvdGJxTnvQJktfYRaL3YQFNMPdD6FTh/XBLGBN6bQ9cvKhzVPWFcZuyEWXQ== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	/ www.facebook.com/tr/	0 19 B	126ms 118ms	Image text/plain	31.13.71.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=3446518312315130&ev=PageView&dl=https%3A%2F%2Fkancilwin.makeup%2F&rl=&if=false&ts=1732356215686&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732356213203.762830359375669533&cs_est=true&ler=empty&cdl=API_unavailable&it=1732356212996&coo=false&rqm=GET Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-lga3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality GOOD; q=0.7, rtt=123, rtx=0, c=40, mss=1232, tbw=25855, tp=86, tpl=0, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Sat, 23 Nov 2024 10:03:35 GMT content-type text/plain server proxygen-bolt priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 194 B	151ms 144ms	Image image/png	31.13.71.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=3446518312315130&ev=PageView&dl=https%3A%2F%2Fkancilwin.makeup%2F&rl=&if=false&ts=1732356215686&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732356213203.762830359375669533&cs_est=true&ler=empty&cdl=API_unavailable&it=1732356212996&coo=false&rqm=FGET Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-lga3.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440413290546308226"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440413290546308226"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 23 Nov 2024 10:03:35 GMT content-type image/png vary Accept-Encoding x-fb-debug yu1KJ5JyuYNZC0eYi3yoXYj3/M7y/UJ0NBCcQAy6AOhHJDx0EBAtB28f11RMxALMKTDBnspE9AFEOBwL8XedjA== priority u=3,i x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7440413290546308226", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; nel {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01} cache-control private, no-store, no-cache, must-revalidate cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=123, rtx=0, c=40, mss=1232, tbw=26047, tp=88, tpl=0, uplat=25, ullat=0 pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	1640202483588755 Show response connect.facebook.net/signals/config/	28 KB 3 KB	178ms 177ms	Script application/x-javascript	157.240.241.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1640202483588755?v=2.9.176&r=stable&domain=kancilwin.makeup&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C134%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C126%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128%2C158%2C225%2C226%2C224%2C179%2C138 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-lga3.fbcdn.net Software / Resource Hash 743737137df8b78c9b89d7d6d001489896e68853df1ea4c70aab02f393f90d2a Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-bkc49Tvw' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 23 Nov 2024 10:03:35 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'nonce-bkc49Tvw' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=123, rtx=0, c=143, mss=1232, tbw=217820, tp=217, tpl=0, uplat=57, ullat=0 pragma public x-fb-debug UqvLe7Nq0ZtXUQzbuoBdFdrNT9ZMWJJA1+/JATTDA+/RoaG+skitCTaY+idnS8LiCCJ4EbrjAJXUX/n+j8slJA== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top cross-origin-opener-policy-report-only restrict-properties;report-to="coop_report" x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	/ www.facebook.com/tr/	0 22 B	122ms 120ms	Image text/plain	31.13.71.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1051309733448537&ev=PageView&dl=https%3A%2F%2Fkancilwin.makeup%2F&rl=&if=false&ts=1732356215857&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732356213203.762830359375669533&cs_est=true&ler=empty&cdl=API_unavailable&it=1732356212996&coo=false&rqm=GET Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-lga3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality GOOD; q=0.7, rtt=121, rtx=0, c=41, mss=1232, tbw=27231, tp=92, tpl=0, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Sat, 23 Nov 2024 10:03:35 GMT content-type text/plain server proxygen-bolt priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 198 B	144ms 143ms	Image image/png	31.13.71.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1051309733448537&ev=PageView&dl=https%3A%2F%2Fkancilwin.makeup%2F&rl=&if=false&ts=1732356215857&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732356213203.762830359375669533&cs_est=true&ler=empty&cdl=API_unavailable&it=1732356212996&coo=false&rqm=FGET Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-lga3.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440413289110506270"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440413289110506270"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 23 Nov 2024 10:03:35 GMT content-type image/png vary Accept-Encoding x-fb-debug ZJ5JRSdWRY61gqoIMQJ6iK45VvKTMi0QztWtpWnscMw5ovU+kE6UPykXXK+sH7GaAnMFr8RHDFOb37jtY5szWQ== priority u=3,i x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7440413289110506270", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; nel {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01} cache-control private, no-store, no-cache, must-revalidate cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=121, rtx=0, c=41, mss=1232, tbw=27423, tp=94, tpl=0, uplat=24, ullat=0 pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	1115528080093760 Show response connect.facebook.net/signals/config/	25 KB 3 KB	175ms 175ms	Script application/x-javascript	157.240.241.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1115528080093760?v=2.9.176&r=stable&domain=kancilwin.makeup&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C134%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C126%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128%2C158%2C225%2C226%2C224%2C179%2C138 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-lga3.fbcdn.net Software / Resource Hash c60b2030741b0cc15a69463d5f9e7bb451dd5476c4ca73efa8d5a79b5e1caf73 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-JFN2qzZm' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 23 Nov 2024 10:03:36 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'nonce-JFN2qzZm' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=122, rtx=0, c=143, mss=1232, tbw=221932, tp=222, tpl=0, uplat=54, ullat=0 pragma public x-fb-debug 0a6rqddnbUxM45CcAZACL43JiR/VV+e/8Rx5ESD50EGsYQoaRmypRUrVF4sJ9reJOOQsdte78BcAm1PkrxLgtA== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	/ www.facebook.com/tr/	0 23 B	120ms 119ms	Image text/plain	31.13.71.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1640202483588755&ev=PageView&dl=https%3A%2F%2Fkancilwin.makeup%2F&rl=&if=false&ts=1732356216042&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732356213203.762830359375669533&cs_est=true&ler=empty&cdl=API_unavailable&it=1732356212996&coo=false&rqm=GET Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-lga3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality GOOD; q=0.7, rtt=119, rtx=0, c=41, mss=1232, tbw=28607, tp=98, tpl=0, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Sat, 23 Nov 2024 10:03:36 GMT content-type text/plain server proxygen-bolt priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 199 B	143ms 143ms	Image image/png	31.13.71.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1640202483588755&ev=PageView&dl=https%3A%2F%2Fkancilwin.makeup%2F&rl=&if=false&ts=1732356216042&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732356213203.762830359375669533&cs_est=true&ler=empty&cdl=API_unavailable&it=1732356212996&coo=false&rqm=FGET Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-lga3.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440413294719709970"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440413294719709970"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 23 Nov 2024 10:03:36 GMT content-type image/png vary Accept-Encoding x-fb-debug bzSFTGXG3c+YNB35Bt7gNlWj4U+G8ohEKc6M17IypKaZjp8UlGg9Z0GZmsVyiqqfVl6oyxpeeaJbPopwIMQNOw== priority u=3,i x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7440413294719709970", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; nel {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01} cache-control private, no-store, no-cache, must-revalidate cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=119, rtx=0, c=41, mss=1232, tbw=28799, tp=100, tpl=0, uplat=23, ullat=0 pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	1270663050641784 Show response connect.facebook.net/signals/config/	28 KB 3 KB	190ms 189ms	Script application/x-javascript	157.240.241.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1270663050641784?v=2.9.176&r=stable&domain=kancilwin.makeup&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C134%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C126%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128%2C158%2C225%2C226%2C224%2C179%2C138 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-lga3.fbcdn.net Software / Resource Hash 4de9f7f8d8052df0708200518b6909d2970aba80804655138d2ef41a5ef18d87 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-8s6ATppU' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 23 Nov 2024 10:03:36 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'nonce-8s6ATppU' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=121, rtx=0, c=143, mss=1232, tbw=225756, tp=227, tpl=0, uplat=71, ullat=0 pragma public x-fb-debug DnGoW0NmYpGUG1p7PtvZLYhCdHhZKmdcSmVCifs2WNzXgottYB3LAcLdr/bOXOv8xnP3Yh+qV8UV0WNLQdaV0w== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	/ www.facebook.com/tr/	0 23 B	119ms 118ms	Image text/plain	31.13.71.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1115528080093760&ev=PageView&dl=https%3A%2F%2Fkancilwin.makeup%2F&rl=&if=false&ts=1732356216223&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732356213203.762830359375669533&ler=empty&cdl=API_unavailable&it=1732356212996&coo=false&rqm=GET Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-lga3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality GOOD; q=0.7, rtt=118, rtx=0, c=41, mss=1232, tbw=29983, tp=104, tpl=0, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Sat, 23 Nov 2024 10:03:36 GMT content-type text/plain server proxygen-bolt priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 202 B	140ms 140ms	Image image/png	31.13.71.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1115528080093760&ev=PageView&dl=https%3A%2F%2Fkancilwin.makeup%2F&rl=&if=false&ts=1732356216223&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732356213203.762830359375669533&ler=empty&cdl=API_unavailable&it=1732356212996&coo=false&rqm=FGET Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-lga3.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440413294337808304"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440413294337808304"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 23 Nov 2024 10:03:36 GMT content-type image/png vary Accept-Encoding x-fb-debug DWVupAf1FKzQ6T+veib31Cg2kIGffZn7b1nIR5sF1uhacQMENAJvyVFvfuRIrZ0I9IG1Gz1hbuh77DDuWILuMA== priority u=3,i x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7440413294337808304", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; nel {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01} cache-control private, no-store, no-cache, must-revalidate cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=118, rtx=0, c=41, mss=1232, tbw=30175, tp=106, tpl=0, uplat=20, ullat=0 pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	/ www.facebook.com/tr/	0 23 B	119ms 118ms	Image text/plain	31.13.71.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1270663050641784&ev=PageView&dl=https%3A%2F%2Fkancilwin.makeup%2F&rl=&if=false&ts=1732356216421&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732356213203.762830359375669533&cs_est=true&ler=empty&cdl=API_unavailable&it=1732356212996&coo=false&rqm=GET Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-lga3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality GOOD; q=0.7, rtt=118, rtx=0, c=41, mss=1232, tbw=31359, tp=110, tpl=0, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Sat, 23 Nov 2024 10:03:36 GMT content-type text/plain server proxygen-bolt priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 208 B	155ms 153ms	Image image/png	31.13.71.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1270663050641784&ev=PageView&dl=https%3A%2F%2Fkancilwin.makeup%2F&rl=&if=false&ts=1732356216421&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732356213203.762830359375669533&cs_est=true&ler=empty&cdl=API_unavailable&it=1732356212996&coo=false&rqm=FGET Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-lga3.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440413293180735439"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440413293180735439"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sat, 23 Nov 2024 10:03:36 GMT content-type image/png vary Accept-Encoding x-fb-debug evfP8dhY7VdO+k/iKL2tbLgOBs9okk79mozO2JVfPmxtRgthR2cSrup9o6ohpuXoPMw3Vrztt2z4xXWnyh6bfQ== priority u=3,i x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7440413293180735439", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; nel {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01} cache-control private, no-store, no-cache, must-revalidate cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=118, rtx=0, c=41, mss=1232, tbw=33231, tp=119, tpl=0, uplat=32, ullat=0 pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	/ www.facebook.com/tr/	0 23 B	120ms 119ms	Image text/plain	31.13.71.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=437744435950640&ev=Lead&dl=https%3A%2F%2Fkancilwin.makeup%2F&rl=&if=false&ts=1732356216424&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.1.1732356213203.762830359375669533&ler=empty&cdl=API_unavailable&eid=ob3_plugin-set_c672bda4c208b1dd966d82be5f4f77d864b89cbd90288f7d4bc6e34947d0dbc4&it=1732356212996&coo=false&tm=1&rqm=GET Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-lga3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality GOOD; q=0.7, rtt=118, rtx=0, c=41, mss=1232, tbw=31695, tp=115, tpl=0, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Sat, 23 Nov 2024 10:03:36 GMT content-type text/plain server proxygen-bolt priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 208 B	146ms 146ms	Image image/png	31.13.71.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=437744435950640&ev=Lead&dl=https%3A%2F%2Fkancilwin.makeup%2F&rl=&if=false&ts=1732356216424&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.1.1732356213203.762830359375669533&ler=empty&cdl=API_unavailable&eid=ob3_plugin-set_c672bda4c208b1dd966d82be5f4f77d864b89cbd90288f7d4bc6e34947d0dbc4&it=1732356212996&coo=false&tm=1&rqm=FGET Requested by Host: kancilwin.makeup URL: https://kancilwin.makeup/ Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-lga3.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://kancilwin.makeup/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440413293135838589"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440413293135838589"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x3a159006431b7b2e","source_keys":["1"]}],"aggregatable_values":{"1":10922},"aggregatable_source_registration_time":"exclude","filters":{"3":["26946666758257831"]},"debug_reporting":true,"debug_key":"2130587427921056297"} date Sat, 23 Nov 2024 10:03:36 GMT content-type image/png vary Accept-Encoding x-fb-debug WUSXi3nbarM50NdwVmcKvW8alym0v6JJr3n3DXPaQ20aJFqWfAnUSY6ConvDy28WMXOvcC6kE3sCbNydGZpKFw== priority u=3,i x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7440413293135838589", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; nel {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01} cache-control private, no-store, no-cache, must-revalidate cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=118, rtx=0, c=41, mss=1232, tbw=31887, tp=117, tpl=0, uplat=25, ullat=0 pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
POST H3	200	radar Show response logsdk.kwai-pro.com/rest/wd/common/log/collect/	72 B 89 B	333ms 331ms	XHR text/plain	23.219.36.239 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel Requested by Host: s1.kwai.net URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=258613892563653&lib=kwaiq Protocol H3 Security QUIC, , AES_256_GCM Server 23.219.36.239 Chicago, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-219-36-239.deploy.static.akamaitechnologies.com Software / Resource Hash 2142f43612f3bacafb21580aaad9e2070ffff3b9c15c3e468a8350000c6200c6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://kancilwin.makeup/ Response headers access-control-allow-origin https://kancilwin.makeup alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 72 date Sat, 23 Nov 2024 10:03:36 GMT content-type text/plain;charset=UTF-8 access-control-allow-credentials true quic-version 0x00000001
GET		GAMBARFAVICON.jpg contoh.linkpenyimpananfavicon.com/img/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

apims.cerdikkancilwin-aman.xyz

URL

https://apims.cerdikkancilwin-aman.xyz/assets/api-game/api-bank-list.php

Domain

apims.cerdikkancilwin-aman.xyz

URL

https://apims.cerdikkancilwin-aman.xyz/assets/api-game/api-promotion.php

Domain

apims.cerdikkancilwin-aman.xyz

URL

https://apims.cerdikkancilwin-aman.xyz/assets/api-game/api-game.php

Domain

apims.cerdikkancilwin-aman.xyz

URL

https://apims.cerdikkancilwin-aman.xyz/assets/api-game/api-ranking.php

Domain

contoh.linkpenyimpananfavicon.com

URL

https://contoh.linkpenyimpananfavicon.com/img/GAMBARFAVICON.jpg