h5.9d5m.com Open in urlscan Pro
2606:4700:3030::ac43:a4e5  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request index.html Show response h5.9d5m.com/	1 KB 2 KB	517ms 479ms	Document text/html	2606:4700:3030::ac43:a4e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://h5.9d5m.com/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:a4e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash df9a6929fe62a8be8a8c8fa9cb73ca15c05684f7b49d6e1ff976c776de1b7410 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8ec561233c420076-CDG content-encoding zstd content-md5 dfrOl5qtV2DK0SWqo5NVZw== content-type text/html date Tue, 03 Dec 2024 17:47:01 GMT last-modified Thu, 28 Nov 2024 03:27:15 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xBbkA%2BOPkEy7SatVvMzRr9U9p98STd6RmOzppay2ClhxTKo4zg5VyP0RnLk8QuKBaCvA3uw%2Bt6hgDQkBuOdxsTk%2FCmPL44Qr%2FEGTnAjhMcI82kSJz2dzqXvDTOzMF0p5wkdhYVeMSa8XeA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=23416&min_rtt=18901&rtt_var=10732&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4156&recv_bytes=4431&delivery_rate=655&cwnd=12000&unsent_bytes=0&cid=aed29ef698e2af75&ts=488&x=1" cfExtPri cfHdrFlush;dur=0 vary Accept-Encoding x-oss-hash-crc64ecma 15409160895296067568 x-oss-object-type Normal x-oss-request-id 674F4415DDDD1C31326066E5 x-oss-server-time 1 x-oss-storage-class Standard
GET H3	200	index.2da1efab.css h5.9d5m.com/static/	94 KB 26 KB	69ms 68ms	Stylesheet text/css	2606:4700:3030::ac43:a4e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://h5.9d5m.com/static/index.2da1efab.css Requested by Host: h5.9d5m.com URL: https://h5.9d5m.com/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:a4e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e97de9a247807f12d74101e9f736250b2410be4e1ed3d17ed875e4b08cf66c83 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://h5.9d5m.com/index.html Response headers content-md5 c65sWD0C14+B4/GIYKKJmg== x-oss-storage-class Standard content-encoding gzip cf-cache-status HIT age 459 x-oss-object-type Normal report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p1LKUACLt0cIyH1lcOjsZafXfFIsPqYbIrNXXeUcAoqpjcMjmzJTZhS6yJCY92bwz%2Br5uvgisnFRz%2FQZDktuCVx26P6qxIevKb9WY%2FsaXalj5BcR4%2BNiVeYWsChCLjSV4bGDJz%2FVf8y4lQ%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=22188&min_rtt=17435&rtt_var=8119&sent=26&recv=14&lost=0&retrans=0&sent_bytes=18025&recv_bytes=5403&delivery_rate=105821&cwnd=12000&unsent_bytes=0&cid=aed29ef698e2af75&ts=539&x=1", cfExtPri, cfHdrFlush;dur=13 date Tue, 03 Dec 2024 17:47:01 GMT x-oss-server-time 4 content-type text/css vary Accept-Encoding last-modified Thu, 28 Nov 2024 03:27:01 GMT priority u=0,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-oss-hash-crc64ecma 59594481168542590 cf-ray 8ec5612639a20076-CDG x-oss-request-id 6747E354DDDD1C3838829D7F server cloudflare
GET H2	200	client Show response accounts.google.com/gsi/	226 KB 86 KB	97ms 23ms	Script application/javascript	2a00:1450:4013:c1a::54 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/gsi/client Requested by Host: h5.9d5m.com URL: https://h5.9d5m.com/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4013:c1a::54 Groningen, Netherlands, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 13a408be604b43919c3e2b54ca300019d1575b93537ebceb350bec5f9fe522c8 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-IFEqLq9ieCb3A6htqV-Kmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://h5.9d5m.com/ Response headers content-security-policy script-src 'report-sample' 'nonce-IFEqLq9ieCb3A6htqV-Kmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http cache-control private, max-age=1800 content-encoding gzip cross-origin-resource-policy cross-origin report-to {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]} x-content-type-options nosniff expires Tue, 03 Dec 2024 17:47:01 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cross-origin-opener-policy-report-only same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1" date Tue, 03 Dec 2024 17:47:01 GMT x-xss-protection 0 content-type application/javascript; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site server ESF x-frame-options SAMEORIGIN
GET H3	200	chunk-vendors.3dcb3421.js Show response h5.9d5m.com/static/js/	908 KB 282 KB	86ms 86ms	Script application/javascript	2606:4700:3030::ac43:a4e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://h5.9d5m.com/static/js/chunk-vendors.3dcb3421.js Requested by Host: h5.9d5m.com URL: https://h5.9d5m.com/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:a4e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8f5b2ee5f074b0a566f8e427b876cd867d62d1645e787733bf5605c245cabbf0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://h5.9d5m.com/index.html Response headers content-md5 pylYgPwpm5utvcP2j11wuA== x-oss-storage-class Standard content-encoding gzip cf-cache-status HIT age 6152 x-oss-object-type Normal report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SdWdApWUPfzOu3IIv0UevkZYMLycwQ5kUohpOS6uScgfXpoCpqdGt9zjE5hgKvFHy99tnHT69XQedZomnuI4LJM1DuOEWUR4V84eKp9AcEMFGo0mdy659fd%2BcseNJrcG2Q7eNq%2Fo0RFqAA%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=22188&min_rtt=17435&rtt_var=8119&sent=26&recv=14&lost=0&retrans=0&sent_bytes=18025&recv_bytes=5403&delivery_rate=105821&cwnd=12000&unsent_bytes=0&cid=aed29ef698e2af75&ts=550&x=1", cfExtPri, cfHdrFlush;dur=2 date Tue, 03 Dec 2024 17:47:01 GMT x-oss-server-time 2 content-type application/javascript vary Accept-Encoding last-modified Thu, 28 Nov 2024 03:27:02 GMT priority u=1,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-oss-hash-crc64ecma 3999287286054153896 cf-ray 8ec5612639a40076-CDG x-oss-request-id 674945F64FEC50353056167C server cloudflare
GET H3	200	index.35d74654.js Show response h5.9d5m.com/static/js/	417 KB 103 KB	42ms 42ms	Script application/javascript	2606:4700:3030::ac43:a4e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://h5.9d5m.com/static/js/index.35d74654.js Requested by Host: h5.9d5m.com URL: https://h5.9d5m.com/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:a4e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 096f67910b557fe38abe5eeadf3d91fe80a348b6e6051bf3ad4a30c0c9c72fc4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://h5.9d5m.com/index.html Response headers content-md5 WL1N+PLbftIRFBbKvNGGdw== x-oss-storage-class Standard content-encoding gzip cf-cache-status HIT age 459 x-oss-object-type Normal report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZwCd%2F%2Bwhd2AERLWwzb8FkMCJJe2EriMU5uAC6q8FMyQDO22NrFpKmIIW5QqyNd4sq%2F2INPxnyanVdva1F%2FTN32hEmIyzoDSZm13lWPTyKwpmsJ5ynwyunShlpBxQkJ%2BGx6%2FTDeqpuv7Hhw%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=22188&min_rtt=17435&rtt_var=8119&sent=16&recv=14&lost=0&retrans=0&sent_bytes=6025&recv_bytes=5403&delivery_rate=105821&cwnd=12000&unsent_bytes=0&cid=aed29ef698e2af75&ts=534&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 03 Dec 2024 17:47:01 GMT x-oss-server-time 6 content-type application/javascript vary Accept-Encoding last-modified Thu, 28 Nov 2024 03:27:02 GMT priority u=1,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-oss-hash-crc64ecma 5968931587941100189 cf-ray 8ec5612639a60076-CDG x-oss-request-id 6747E3154E10BD39376288E6 server cloudflare
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/	239 KB 61 KB	46ms 8ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: h5.9d5m.com URL: https://h5.9d5m.com/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-r397nFFx' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://h5.9d5m.com/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Tue, 03 Dec 2024 17:47:01 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'nonce-r397nFFx' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=9, rtx=0, c=23, mss=1232, tbw=4561, tp=11, tpl=0, uplat=0, ullat=-1 pragma public x-fb-debug hnDU09u6Ew/GWW+22D4wI01Ed1DouDO7Vv0wvz2L+oKXNbMNR6lVVrg+57F5F2OAyMrJmff6dkvpfEOWyOSBig== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" x-fb-optimizer 0 document-policy force-load-at-top content-length 62107 x-xss-protection 0 origin-agent-cluster ?1
GET H2	200	gtm.js Show response www.googletagmanager.com/	225 KB 79 KB	98ms 33ms	Script application/javascript	2a00:1450:4001:81d::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-P3GRS3XD Requested by Host: h5.9d5m.com URL: https://h5.9d5m.com/static/js/chunk-vendors.3dcb3421.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 690127cbaab6fa29ecf5de1909b4cb25008ebb36ab6fc1e6a3c26691905a2b44 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://h5.9d5m.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],} expires Tue, 03 Dec 2024 17:47:01 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 03 Dec 2024 17:47:01 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Tue, 03 Dec 2024 17:11:49 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 80273 x-xss-protection 0 server Google Tag Manager
GET H3	200	pages-test_login-test_login.c3931b4d.js Show response h5.9d5m.com/static/js/	1 KB 2 KB	32ms 32ms	Script application/javascript	2606:4700:3030::ac43:a4e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://h5.9d5m.com/static/js/pages-test_login-test_login.c3931b4d.js Requested by Host: h5.9d5m.com URL: https://h5.9d5m.com/static/js/index.35d74654.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:a4e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 03e7597b73a1598c4be773b6a82125ca3ba267dc23b721b09e48730e7211523f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://h5.9d5m.com/index.html Response headers content-md5 zEGdcfcjDHurQyEyE93Glw== x-oss-storage-class Standard content-encoding gzip cf-cache-status HIT age 6084 x-oss-object-type Normal report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=82x7%2FvhBObOXqA8b5MZcigP2rePohiklCQk%2FHOCqRzor591nHcY4sUddGGnP3a2aWc6Ng3ezsw%2BY%2BM9QuobS6zB%2BT4IW7UYFDt2fz9jzmG5CxBKHGz22d6%2FtnixHqGNVhIxJqVsdgIXNGA%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=18944&min_rtt=17435&rtt_var=1650&sent=382&recv=96&lost=0&retrans=0&sent_bytes=436992&recv_bytes=10830&delivery_rate=8178884&cwnd=194100&unsent_bytes=0&cid=aed29ef698e2af75&ts=759&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 03 Dec 2024 17:47:01 GMT x-oss-server-time 3 content-type application/javascript vary Accept-Encoding last-modified Thu, 28 Nov 2024 03:27:10 GMT priority u=3,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-oss-hash-crc64ecma 8778254222248265095 cf-ray 8ec56127bbc10076-CDG x-oss-request-id 6747F90CDEAFFA30391D7901 server cloudflare
POST H3	200	version Show response server.a72z.com/api/v1/h5/	70 B 703 B	280ms 280ms	XHR application/json	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://server.a72z.com/api/v1/h5/version?version=5.1.5 Requested by Host: h5.9d5m.com URL: https://h5.9d5m.com/static/js/chunk-vendors.3dcb3421.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d4de85babe89e88ed9fd4610561f556f28994c6dd48d9216144830c2bb08f96a Request headers Sdk-Type h5 Language en Authorization Bearer X Device-Type linux Network-Type unknown Device-Id 1a831f43-fa4d-4a60-b3bc-34bf77933cbb Anonymous-Uid 17332480217111g892BNTBVuNpN3KXHhWBuATnbxjvluU Content-Type application/json;charset=UTF-8 Device-Model PC Content-Security-Policy upgrade-insecure-requests User-Language en Referer https://h5.9d5m.com/ Wgt-Version 0.0.0 Request-Time 1733248021711 Sdk-Version 0.0.0 X-Sign 82f84e45952947f723c8fe143e697700 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 version 5.1.5 Response headers cache-control no-cache, private nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=goAee3fy9ZXsWTwFy6lFS6MGGjItoujnL%2BV1Y5d8tXKjXaztMw2C8qeJedUkTiVVSHPguezoNMJJDMQDIrYSfeY0uYKqKacyThp6pdtNCzIwg6KFAa5%2BzETHe6lPYWb%2Fx2BLTuOSOQ6LXueyRss%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ec5612c4acad9d0-FRA access-control-allow-origin * alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=8124&min_rtt=6213&rtt_var=2565&sent=19&recv=16&lost=0&retrans=0&sent_bytes=7129&recv_bytes=6438&delivery_rate=4321&cwnd=12000&unsent_bytes=0&cid=81f0e8ecf11ce00b&ts=989&x=1", cfHdrFlush;dur=0 date Tue, 03 Dec 2024 17:47:02 GMT content-type application/json vary Accept-Encoding server cloudflare
GET H3	200	icon_state_selected.png h5.9d5m.com/static/images/common/	7 KB 7 KB	32ms 31ms	Image image/png	2606:4700:3030::ac43:a4e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://h5.9d5m.com/static/images/common/icon_state_selected.png Requested by Host: h5.9d5m.com URL: https://h5.9d5m.com/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:a4e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 22e055f64b33f97793b9efe83ad2e12382d599351fb95d34d12cf70b7eb5b401 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://h5.9d5m.com/index.html Response headers content-md5 roP6JSWh9Iuk3lAzMKnrQg== x-oss-storage-class Standard cf-cache-status HIT etag "AE83FA2525A1F48BA4DE503330A9EB42" age 3445 x-oss-object-type Normal report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qaNvDsU5zWc4L95BFjNa4sLDj9WtGGVlnUkdNHNOByIpn9NHWQSjYvUKqXdX8UjowZp8Wm9qFBW%2FeXJTqqSkGRaFEnBNL4UeFz%2F0k5l4JJykntPYQKkBvogwEuf7zZmuepufJpPS2EuQVQ%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=18944&min_rtt=17435&rtt_var=1650&sent=386&recv=96&lost=0&retrans=0&sent_bytes=440089&recv_bytes=10830&delivery_rate=8178884&cwnd=194100&unsent_bytes=0&cid=aed29ef698e2af75&ts=768&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 03 Dec 2024 17:47:01 GMT x-oss-server-time 1 content-type image/png last-modified Thu, 28 Nov 2024 03:26:32 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-oss-hash-crc64ecma 4525457612215618941 cf-ray 8ec56127cbd40076-CDG accept-ranges bytes content-length 6707 x-oss-request-id 674BD2C8DC563B3430EBE399 server cloudflare
GET H3	200	icon_tutorial.png h5.9d5m.com/static/images/common/	580 B 1 KB	29ms 29ms	Image image/png	2606:4700:3030::ac43:a4e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://h5.9d5m.com/static/images/common/icon_tutorial.png Requested by Host: h5.9d5m.com URL: https://h5.9d5m.com/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:a4e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5bb4a84de8b1be0815802669ea3a674de6ffc0245c5c4ef08b9e1bd8b72d9fe2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://h5.9d5m.com/index.html Response headers content-md5 dCfgp6kLmC0NfttmIFTEDA== x-oss-storage-class Standard cf-cache-status HIT etag "7427E0A7A90B982D0D7EDB662054C40C" age 3828 x-oss-object-type Normal report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w4zvjGr4JGlufPrQzdq%2BoL454e1YMJag8OmdXcG19sTuRN0Dsf8bY4C2UM%2FofPuKp0J620vvOWopBO1iK%2BD4U2%2Bte0NfAjoaF2VN00ADMh9e8PAXlYF80YAXpuR4YePfK6ji0x9Nrj3tVQ%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=18944&min_rtt=17435&rtt_var=1650&sent=384&recv=96&lost=0&retrans=0&sent_bytes=438608&recv_bytes=10830&delivery_rate=8178884&cwnd=194100&unsent_bytes=0&cid=aed29ef698e2af75&ts=766&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 03 Dec 2024 17:47:01 GMT x-oss-server-time 1 content-type image/png last-modified Fri, 01 Nov 2024 02:58:58 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-oss-hash-crc64ecma 4084357108615782039 cf-ray 8ec56127cbd50076-CDG accept-ranges bytes content-length 580 x-oss-request-id 672B3E9F59018836387E0482 server cloudflare
GET H3	200	icon_invite.png h5.9d5m.com/static/images/common/	667 B 1 KB	36ms 35ms	Image image/png	2606:4700:3030::ac43:a4e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://h5.9d5m.com/static/images/common/icon_invite.png Requested by Host: h5.9d5m.com URL: https://h5.9d5m.com/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:a4e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ed5794e68bf62c106e7f63f7477644912858fba6af1148b46e53df2935cac7f6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://h5.9d5m.com/index.html Response headers content-md5 lsKfW/QTlhe+byeuILLSmQ== x-oss-storage-class Standard cf-cache-status HIT etag "96C29F5BF4139617BE6F27AE20B2D299" age 2628 x-oss-object-type Normal report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w4qETE2tRQ%2B6ExOO%2BUZzFKupWLwBhmr27%2BJeXKPUUy1FpD7r8SZkG4JPRZDGjRvbYX8hD5aJ09vytrV5uev4p2O37XAvzdj%2FDIZIJEHFxrVjhw2qHiCj8hsGBU%2FIk0hG7LTmN0BTKZEH3Q%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=18944&min_rtt=17435&rtt_var=1650&sent=395&recv=96&lost=0&retrans=0&sent_bytes=449363&recv_bytes=10830&delivery_rate=8178884&cwnd=194100&unsent_bytes=0&cid=aed29ef698e2af75&ts=770&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 03 Dec 2024 17:47:01 GMT x-oss-server-time 1 content-type image/png last-modified Fri, 01 Nov 2024 02:58:57 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-oss-hash-crc64ecma 15225301273166933759 cf-ray 8ec56127cbd60076-CDG accept-ranges bytes content-length 667 x-oss-request-id 6725961EDDDD1C3333C29906 server cloudflare
GET H3	200	activity_icon.png h5.9d5m.com/static/images/team/	2 KB 3 KB	38ms 38ms	Image image/png	2606:4700:3030::ac43:a4e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://h5.9d5m.com/static/images/team/activity_icon.png Requested by Host: h5.9d5m.com URL: https://h5.9d5m.com/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:a4e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5a5e96aa3612aebfee4eef0829a193126179320bfe9ee04a6bf9382a3220024d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://h5.9d5m.com/index.html Response headers content-md5 GQVujc7GkhjDywxnXAk3lA== x-oss-storage-class Standard cf-cache-status HIT etag "19056E8DCEC69218C3CB0C675C093794" age 2627 x-oss-object-type Normal report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HdJrpyddUgZT0mLTYfmEzAY2rR7Gi367Kdk9li822B2G14shI4jxt95RwtW5qMqTSRUEiijdr3PZ33PoQvT7iFS4k6jJn9ACWFXgPdfqL36yvqZlRWV569VrNoXj%2BMoRNWTcir2XbXlz%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=18944&min_rtt=17435&rtt_var=1650&sent=397&recv=96&lost=0&retrans=0&sent_bytes=450942&recv_bytes=10830&delivery_rate=8178884&cwnd=194100&unsent_bytes=0&cid=aed29ef698e2af75&ts=774&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 03 Dec 2024 17:47:01 GMT x-oss-server-time 1 content-type image/png last-modified Fri, 01 Nov 2024 02:59:15 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-oss-hash-crc64ecma 8580686725633497525 cf-ray 8ec56127cbd80076-CDG accept-ranges bytes content-length 2053 x-oss-request-id 6725A2AADEAFFA3030BE843D server cloudflare
GET H3	200	icon_me.png h5.9d5m.com/static/images/common/	633 B 1 KB	34ms 34ms	Image image/png	2606:4700:3030::ac43:a4e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://h5.9d5m.com/static/images/common/icon_me.png Requested by Host: h5.9d5m.com URL: https://h5.9d5m.com/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:a4e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d18dd47244780e50b824f9bf1c8d0d6b098edee73de6a8a9bf93507eb21719a7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://h5.9d5m.com/index.html Response headers content-md5 qYm2d3MUtIlGyeqFlXwQKg== x-oss-storage-class Standard cf-cache-status HIT etag "A989B6777314B48946C9EA85957C102A" age 3234 x-oss-object-type Normal report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ZYFrh2WvKov%2BDGe0Ht8AU%2F3Hj9vwEP8V5Cm5zTD9oODGqFkjzuyriiOMuoFzypro3MSiAhAo89%2F5uRE%2FgJLsB1QIbWtO%2FgAAQkDRBami%2F0V0XAK1sEdqm0EFWdyRBn18iXaeNAkiI9XDA%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=18944&min_rtt=17435&rtt_var=1650&sent=393&recv=96&lost=0&retrans=0&sent_bytes=447822&recv_bytes=10830&delivery_rate=8178884&cwnd=194100&unsent_bytes=0&cid=aed29ef698e2af75&ts=769&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 03 Dec 2024 17:47:01 GMT x-oss-server-time 1 content-type image/png last-modified Thu, 28 Nov 2024 03:26:32 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-oss-hash-crc64ecma 9903885363814163686 cf-ray 8ec56127cbdb0076-CDG accept-ranges bytes content-length 633 x-oss-request-id 67494CCF4E10BD3838AB517D server cloudflare
GET H3	200	8140457929394423 Show response connect.facebook.net/signals/config/	67 KB 13 KB	58ms 57ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/8140457929394423?v=2.9.176&r=stable&domain=h5.9d5m.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 0060067f1cb58b145d402d7f7fbe029af3e1d58bc5354292a2414b435ab99e50 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-gzUqJWkj' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://h5.9d5m.com/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Tue, 03 Dec 2024 17:47:01 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-gzUqJWkj' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=6, rtx=0, c=77, mss=1232, tbw=70417, tp=67, tpl=0, uplat=48, ullat=0 pragma public x-fb-debug 7fW6pZ6LFndl2ihmCiWJadTP8sa3D8KlErGPzXtr/RopEBz7pPr4xxgSmjxTvBU/ZSEDFGiD0Cmvjn5QFQDceQ== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
OPTIONS H3	204	version server.a72z.com/api/v1/h5/	0 0	729ms 671ms	Preflight text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://server.a72z.com/api/v1/h5/version?version=5.1.5 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers anonymous-uid,authorization,content-security-policy,content-type,device-id,device-model,device-type,language,network-type,request-time,sdk-type,sdk-version,user-language,version,wgt-version,x-sign Access-Control-Request-Method POST Origin https://h5.9d5m.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers access-control-allow-headers anonymous-uid,authorization,content-security-policy,content-type,device-id,device-model,device-type,language,network-type,request-time,sdk-type,sdk-version,user-language,version,wgt-version,x-sign access-control-allow-methods POST access-control-allow-origin * access-control-max-age 0 alt-svc h3=":443"; ma=86400 cache-control no-cache, private cf-cache-status DYNAMIC cf-ray 8ec561281ae1d9d0-FRA content-type text/html; charset=UTF-8 date Tue, 03 Dec 2024 17:47:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TIH73IEQIKC94fPvVwVJ07BeW7bBExS6vrHxu7zcm8OWn7T3xBTufUa%2Fgl%2BVFKlhwol1hsN9q3E73sGzU%2FJkbbQ8KNetXN2sz9WIgbpcORPmlNomQt0bgQ9BkmyCDz2MM0CP6K4mxBcn7NYJMfQ%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=7928&min_rtt=6213&rtt_var=3850&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4228&recv_bytes=5010&delivery_rate=1647&cwnd=12000&unsent_bytes=0&cid=81f0e8ecf11ce00b&ts=708&x=1" cfHdrFlush;dur=0 vary Access-Control-Request-Method, Access-Control-Request-Headers
POST H2	200	collect Show response www.google-analytics.com/	35 B 644 B	40ms 14ms	XHR image/gif	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: h5.9d5m.com URL: https://h5.9d5m.com/static/js/chunk-vendors.3dcb3421.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 content-type text/plain Referer https://h5.9d5m.com/ Response headers report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],} x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 03 Dec 2024 17:47:01 GMT last-modified Sun, 17 May 1998 03:00:00 GMT content-type image/gif cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0 access-control-allow-origin https://h5.9d5m.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 35 server Golfe2
GET H3	200	pages-guide-guide.3bcbecec.js Show response h5.9d5m.com/static/js/	15 KB 5 KB	30ms 30ms	Script application/javascript	2606:4700:3030::ac43:a4e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://h5.9d5m.com/static/js/pages-guide-guide.3bcbecec.js Requested by Host: h5.9d5m.com URL: https://h5.9d5m.com/static/js/index.35d74654.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:a4e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b82472cf721edba5d90586545dbd4c00f42955d0eab87a2110c332b8b5c2aab3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://h5.9d5m.com/index.html Response headers content-md5 N3PFG5EAJYE0agS2R6f0gg== x-oss-storage-class Standard content-encoding gzip cf-cache-status HIT age 4297 x-oss-object-type Normal report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z3KduuAkdQ97QF0%2F5mCyjycD8hN7l%2F1LKLog3i%2B7XjCh57KAnHp6d63HELxh1vBV9p8b88T7CZpPa0y9b%2FZbdvL6ejR%2BoQ4HrOk6prk%2BV%2Fj%2Bhfr8xMVZfPucbvvt1dfsd4wP6QQxao5X0A%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=18894&min_rtt=17435&rtt_var=1155&sent=401&recv=100&lost=0&retrans=0&sent_bytes=453947&recv_bytes=11248&delivery_rate=488829&cwnd=194100&unsent_bytes=0&cid=aed29ef698e2af75&ts=806&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 03 Dec 2024 17:47:01 GMT x-oss-server-time 1 content-type application/javascript vary Accept-Encoding last-modified Thu, 28 Nov 2024 03:27:04 GMT priority u=3,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-oss-hash-crc64ecma 11202965027711966385 cf-ray 8ec561280c210076-CDG x-oss-request-id 674BD7A05901883638307AF8 server cloudflare
POST H3	200	lists Show response server.a72z.com/api/v1/customer-service/	1 KB 1 KB	255ms 254ms	XHR application/json	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://server.a72z.com/api/v1/customer-service/lists?version=5.1.5 Requested by Host: h5.9d5m.com URL: https://h5.9d5m.com/static/js/chunk-vendors.3dcb3421.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e460abcc78e5185c0fcb179a8fbc1d6ec0384ac379d008fbd2fe6be87fa301eb Request headers Sdk-Type h5 Language en Authorization Bearer X Device-Type linux Network-Type unknown Device-Id 1a831f43-fa4d-4a60-b3bc-34bf77933cbb Anonymous-Uid 17332480217111g892BNTBVuNpN3KXHhWBuATnbxjvluU Content-Type application/json;charset=UTF-8 Device-Model PC Content-Security-Policy upgrade-insecure-requests User-Language en Referer https://h5.9d5m.com/ Wgt-Version 0.0.0 Request-Time 1733248021795 Sdk-Version 0.0.0 X-Sign 06b95b70e8c9a5bddfff4513ec2e5d9b User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 version 5.1.5 Response headers cache-control no-cache, private nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G0vSevQCd7L8nMY40ECYOq9b%2Bcv1%2BYQRRAaPADxIqSyk1I8Xc8aBBUa4EnZT2yDaqioSSCqX5%2Fx%2FjT8Bs3T0e4qFbDOMW%2FdcOr7NOsp0nGie5TFse69jzRCbYMtCr2HVrOUeKPE%2FvmKReXarKjc%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ec5612c5b19d9d0-FRA access-control-allow-origin * alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=7756&min_rtt=6213&rtt_var=2439&sent=17&recv=15&lost=0&retrans=0&sent_bytes=6021&recv_bytes=6395&delivery_rate=2708&cwnd=12000&unsent_bytes=0&cid=81f0e8ecf11ce00b&ts=970&x=1", cfHdrFlush;dur=0 date Tue, 03 Dec 2024 17:47:02 GMT content-type application/json vary Accept-Encoding server cloudflare
GET H3	200	logo.png h5.9d5m.com/static/images/common/	15 KB 16 KB	30ms 29ms	Image image/png	2606:4700:3030::ac43:a4e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://h5.9d5m.com/static/images/common/logo.png Requested by Host: h5.9d5m.com URL: https://h5.9d5m.com/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:a4e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7fb5756ddfa004530d9d39a6b11564ad03d05f39582924f5f1d20ade189b9cd2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://h5.9d5m.com/index.html Response headers content-md5 PeFwH1aFDrx6m59vYSYTfg== x-oss-storage-class Standard cf-cache-status HIT etag "3DE1701F56850EBC7A9B9F6F6126137E" age 4157 x-oss-object-type Normal report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SoqxTks8II9NSjHUOhJ9b9cJgnAZcefbcxPb5QssDeRrlVUS4c1jyKmeHMpoUbTlNpsXyqO2bdBL8xJ8BzqcENMJ6TGyYKiCdHn4%2BuO9uhdxy07U%2FQdI0GoB6PtX3pfuTWtD0ABgPFRn1g%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=18808&min_rtt=17435&rtt_var=1039&sent=407&recv=102&lost=0&retrans=0&sent_bytes=459469&recv_bytes=11642&delivery_rate=166085&cwnd=194100&unsent_bytes=0&cid=aed29ef698e2af75&ts=848&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 03 Dec 2024 17:47:01 GMT x-oss-server-time 2 content-type image/png last-modified Fri, 01 Nov 2024 02:58:58 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-oss-hash-crc64ecma 11663673363843612512 cf-ray 8ec561284c720076-CDG accept-ranges bytes content-length 15833 x-oss-request-id 6732D6A64E10BD36365FE82C server cloudflare
OPTIONS H3	204	lists server.a72z.com/api/v1/customer-service/	0 0	652ms 652ms	Preflight text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://server.a72z.com/api/v1/customer-service/lists?version=5.1.5 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers anonymous-uid,authorization,content-security-policy,content-type,device-id,device-model,device-type,language,network-type,request-time,sdk-type,sdk-version,user-language,version,wgt-version,x-sign Access-Control-Request-Method POST Origin https://h5.9d5m.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers access-control-allow-headers anonymous-uid,authorization,content-security-policy,content-type,device-id,device-model,device-type,language,network-type,request-time,sdk-type,sdk-version,user-language,version,wgt-version,x-sign access-control-allow-methods POST access-control-allow-origin * access-control-max-age 0 alt-svc h3=":443"; ma=86400 cache-control no-cache, private cf-cache-status DYNAMIC cf-ray 8ec561283b6bd9d0-FRA content-type text/html; charset=UTF-8 date Tue, 03 Dec 2024 17:47:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b57EOFCgWzkqjNjn%2ByABvkHnyA%2FTgEyDqWRFIT0iiODWWSQkLcje4DYwfhHEmm9qwCy1%2F32KrPqBdxJxZuq81EMN6G5FrVq%2BQ3WudCEOQHjxGwYNKTKJfumBdxhyGBDmwLxk2sUYdhEIzmfeM0o%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=7928&min_rtt=6213&rtt_var=3850&sent=14&recv=11&lost=0&retrans=0&sent_bytes=5117&recv_bytes=5010&delivery_rate=1647&cwnd=12000&unsent_bytes=0&cid=81f0e8ecf11ce00b&ts=715&x=1" cfHdrFlush;dur=0 vary Access-Control-Request-Method, Access-Control-Request-Headers
POST H2	200	collect Show response www.google-analytics.com/	35 B 103 B	15ms 14ms	XHR image/gif	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: h5.9d5m.com URL: https://h5.9d5m.com/static/js/chunk-vendors.3dcb3421.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 content-type text/plain Referer https://h5.9d5m.com/ Response headers report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],} x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 03 Dec 2024 17:47:01 GMT last-modified Sun, 17 May 1998 03:00:00 GMT content-type image/gif cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0 access-control-allow-origin https://h5.9d5m.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 35 server Golfe2
GET H2	200	js Show response www.googletagmanager.com/gtag/	325 KB 108 KB	17ms 16ms	Script application/javascript	2a00:1450:4001:81d::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-3269GENXS8&l=dataLayer&cx=c&gtm=45He4bk0v9194922600za200 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3GRS3XD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash eda6b395728767329103f9d24550391fa14aea023bcc3c25d40d27b2cc6feab9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://h5.9d5m.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Tue, 03 Dec 2024 17:47:01 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 03 Dec 2024 17:47:01 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 109892 x-xss-protection 0 server Google Tag Manager
GET H3	200	/ www.facebook.com/tr/	0 19 B	16ms 7ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=8140457929394423&ev=PageView&dl=https%3A%2F%2Fh5.9d5m.com%2Findex.html%23%2Fpages%2Fguide%2Fguide&rl=&if=false&ts=1733248021825&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1733248021824.170118611483670569&ler=empty&cdl=API_unavailable&it=1733248021737&coo=false&rqm=GET Requested by Host: h5.9d5m.com URL: https://h5.9d5m.com/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://h5.9d5m.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4508, tp=10, tpl=0, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Tue, 03 Dec 2024 17:47:01 GMT content-type text/plain server proxygen-bolt priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 192 B	161ms 152ms	Image image/png	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=8140457929394423&ev=PageView&dl=https%3A%2F%2Fh5.9d5m.com%2Findex.html%23%2Fpages%2Fguide%2Fguide&rl=&if=false&ts=1733248021825&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1733248021824.170118611483670569&ler=empty&cdl=API_unavailable&it=1733248021737&coo=false&rqm=FGET Requested by Host: h5.9d5m.com URL: https://h5.9d5m.com/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://h5.9d5m.com/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7444243567292633714"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Tue, 03 Dec 2024 17:47:01 GMT content-type image/png vary Accept-Encoding x-fb-debug VE8BL/0DR5LXc9baXaXIrVRfN99Fn6ltyecsy+oGuzh/8cfGIaYmyuiK+8qAbKMSXzsTOrnmecZcabFUmqcscg== priority u=3,i x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7444243567292633714", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; cache-control private, no-store, no-cache, must-revalidate x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=4876, tp=13, tpl=0, uplat=130, ullat=0 cross-origin-opener-policy same-origin-allow-popups pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
POST H2	204	collect region1.google-analytics.com/g/	0 0	74ms 29ms	Fetch text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-3269GENXS8&gtm=45je4bk0v9194924555z89194922600za200zb9194922600&_p=1733248021696&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1988590927.1733248022&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733248021&sct=1&seg=0&dl=https%3A%2F%2Fh5.9d5m.com%2Findex.html&dt=guide&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=935 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-3269GENXS8&l=dataLayer&cx=c&gtm=45He4bk0v9194922600za200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://h5.9d5m.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://h5.9d5m.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 03 Dec 2024 17:47:01 GMT content-type text/plain server Golfe2
POST H2	204	collect region1.google-analytics.com/g/	0 0	70ms 30ms	Fetch text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-JM8TLKDW7Z&gtm=45je4bk0v9194924555z89194922600za200zb9194922600&_p=1733248021696&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1988590927.1733248022&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733248021&sct=1&seg=0&dl=https%3A%2F%2Fh5.9d5m.com%2Findex.html&dt=guide&en=page_view&_fv=1&_ss=1&tfd=940 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-3269GENXS8&l=dataLayer&cx=c&gtm=45He4bk0v9194922600za200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://h5.9d5m.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://h5.9d5m.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 03 Dec 2024 17:47:01 GMT content-type text/plain server Golfe2
POST H2	204	collect region1.google-analytics.com/g/	0 0	53ms 31ms	Fetch text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-3269GENXS8&gtm=45je4bk0v9194924555z89194922600za200zb9194922600&_p=1733248021696&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1988590927.1733248022&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sid=1733248021&sct=1&seg=0&dl=https%3A%2F%2Fh5.9d5m.com%2Findex.html&dt=guide&_s=2&tfd=960 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-3269GENXS8&l=dataLayer&cx=c&gtm=45He4bk0v9194922600za200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://h5.9d5m.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://h5.9d5m.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 03 Dec 2024 17:47:01 GMT content-type text/plain server Golfe2
GET H3	404	favicon.ico h5.9d5m.com/	356 B 1016 B	31ms 31ms	Other application/xml	2606:4700:3030::ac43:a4e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://h5.9d5m.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:a4e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c6de1a0dbdfef3e0d0a620faf43b1c09db9629f849bf9fd069c43fdca9dc00d4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://h5.9d5m.com/index.html Response headers content-encoding zstd cf-cache-status HIT age 13 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fh%2BWcxNdNk9kqITm8lNU7Xx7VwNoX9Q58C%2Fia1LFvlZMdhgqeLxBpCvdSwgNa5Qct%2FVmOh2%2BURSEDMRiNh6Ja1uzPCVupEYpYmWo%2BiDik21MlfY%2BI3fLqt7MhDU29NpQ7iXNNoq0kp%2FMCg%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=18545&min_rtt=17435&rtt_var=1047&sent=423&recv=105&lost=0&retrans=0&sent_bytes=476545&recv_bytes=12214&delivery_rate=603843&cwnd=194100&unsent_bytes=0&cid=aed29ef698e2af75&ts=1086&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 03 Dec 2024 17:47:02 GMT x-oss-server-time 1 content-type application/xml x-oss-ec 0026-00000001 vary Accept-Encoding priority u=1,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8ec56129bf420076-CDG x-oss-request-id 674F4409D2EE98303834FCA8 server cloudflare
GET H3	200	nP16KABtPQPg42Ti.png cdn.e8va.com/resource-files/2023-04-13/	9 KB 10 KB	97ms 45ms	Image image/png	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.e8va.com/resource-files/2023-04-13/nP16KABtPQPg42Ti.png Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4bdbdb5d68509e4ebf29fa9f24dc4dae021816422745fcca96d9527dc5604073 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://h5.9d5m.com/ Response headers content-md5 8Pb7HAXXWVYjaG6HePNVmg== x-oss-storage-class Standard cf-cache-status HIT etag "F0F6FB1C05D7595623686E8778F3559A" age 5559 x-oss-object-type Normal report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s0OZM3I1OxKu%2FHk0lhy0HAPWLHtZf7tBMIN3PzgsNp8yHwmTOGFlt7jBqxq1NTPD8DE00%2F3C%2BNgwYh5I9qmqxdbDzc1cB9m9%2F4HgkGuFzS42Y%2BlHYRFOP3e0JjWgzr3t0jXVrNihI6JHOf0%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=25523&min_rtt=25491&rtt_var=9621&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4125&recv_bytes=4266&delivery_rate=114493&cwnd=12000&unsent_bytes=0&cid=223bd7c0ce945111&ts=54&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 03 Dec 2024 17:47:02 GMT x-oss-server-time 3 content-type image/png last-modified Sun, 01 Sep 2024 06:27:02 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-oss-hash-crc64ecma 16101840501010951116 cf-ray 8ec5612e5e21be4c-CPH accept-ranges bytes content-length 9574 x-oss-request-id 66F504465901883031FF3606 server cloudflare

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| coverSupport function| fbq function| _fbq object| default_gsi object| _F_toggles object| google object| webpackJsonp object| __uniConfig object| __uniRoutes function| UniApp object| UniViewJSBridge object| UniServiceJSBridge object| uni object| wx function| getApp function| getCurrentPages object| regeneratorRuntime object| dataLayer object| closure_lm_84967 object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.9d5m.com/	1970-01-21 03:37:04	Name: _fbp Value: fb.1.1733248021824.170118611483670569
			.9d5m.com/	1970-01-21 11:03:28	Name: _ga Value: GA1.1.1988590927.1733248022
			.9d5m.com/	1970-01-21 11:03:28	Name: _ga_3269GENXS8 Value: GS1.1.1733248021.1.0.1733248021.0.0.0
			.9d5m.com/	1970-01-21 11:03:28	Name: _ga_JM8TLKDW7Z Value: GS1.1.1733248021.1.0.1733248021.0.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://h5.9d5m.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
cdn.e8va.com
connect.facebook.net
h5.9d5m.com
region1.google-analytics.com
server.a72z.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
2001:4860:4802:34::36
2606:4700:3030::ac43:a4e5
2a00:1450:4001:81d::2008
2a00:1450:4001:830::200e
2a00:1450:4013:c1a::54
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3121::3
0060067f1cb58b145d402d7f7fbe029af3e1d58bc5354292a2414b435ab99e50
03e7597b73a1598c4be773b6a82125ca3ba267dc23b721b09e48730e7211523f
096f67910b557fe38abe5eeadf3d91fe80a348b6e6051bf3ad4a30c0c9c72fc4
13a408be604b43919c3e2b54ca300019d1575b93537ebceb350bec5f9fe522c8
22e055f64b33f97793b9efe83ad2e12382d599351fb95d34d12cf70b7eb5b401
4bdbdb5d68509e4ebf29fa9f24dc4dae021816422745fcca96d9527dc5604073
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
5a5e96aa3612aebfee4eef0829a193126179320bfe9ee04a6bf9382a3220024d
5bb4a84de8b1be0815802669ea3a674de6ffc0245c5c4ef08b9e1bd8b72d9fe2
690127cbaab6fa29ecf5de1909b4cb25008ebb36ab6fc1e6a3c26691905a2b44
7fb5756ddfa004530d9d39a6b11564ad03d05f39582924f5f1d20ade189b9cd2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8f5b2ee5f074b0a566f8e427b876cd867d62d1645e787733bf5605c245cabbf0
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b82472cf721edba5d90586545dbd4c00f42955d0eab87a2110c332b8b5c2aab3
c6de1a0dbdfef3e0d0a620faf43b1c09db9629f849bf9fd069c43fdca9dc00d4
d18dd47244780e50b824f9bf1c8d0d6b098edee73de6a8a9bf93507eb21719a7
d4de85babe89e88ed9fd4610561f556f28994c6dd48d9216144830c2bb08f96a
df9a6929fe62a8be8a8c8fa9cb73ca15c05684f7b49d6e1ff976c776de1b7410
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e460abcc78e5185c0fcb179a8fbc1d6ec0384ac379d008fbd2fe6be87fa301eb
e97de9a247807f12d74101e9f736250b2410be4e1ed3d17ed875e4b08cf66c83
ed5794e68bf62c106e7f63f7477644912858fba6af1148b46e53df2935cac7f6
eda6b395728767329103f9d24550391fa14aea023bcc3c25d40d27b2cc6feab9