xn--mcki0a1j.xyz Open in urlscan Pro Puny
ベガスグ.xyz IDN
2606:4700:3032::6815:3f9  Public Scan

URL: https://xn--mcki0a1j.xyz/
Submission: On August 14 via api from US — Scanned from CA

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3032::6815:3f9, located in United States and belongs to CLOUDFLARENET, US. The main domain is xn--mcki0a1j.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 13th 2024. Valid for: 5 months.
This is the only time xn--mcki0a1j.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification


Live information

Domain & IP information

Apex Domain
Subdomains
Transfer
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
4 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
firebasestorage.googleapis.com — Cisco Umbrella Rank: 6369
195 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
77 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 26457
c.statcounter.com — Cisco Umbrella Rank: 15477
13 KB
1 cloudinary.com
res.cloudinary.com — Cisco Umbrella Rank: 4280
207 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
102 KB
1 xn--mcki0a1j.xyz
xn--mcki0a1j.xyz
4 KB
18 8
Domain Requested by
4 www.facebook.com xn--mcki0a1j.xyz
3 connect.facebook.net xn--mcki0a1j.xyz
connect.facebook.net
3 firebasestorage.googleapis.com xn--mcki0a1j.xyz
2 www.google-analytics.com www.googletagmanager.com
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com xn--mcki0a1j.xyz
1 res.cloudinary.com xn--mcki0a1j.xyz
1 www.googletagmanager.com xn--mcki0a1j.xyz
1 fonts.googleapis.com xn--mcki0a1j.xyz
1 xn--mcki0a1j.xyz
18 10

This site contains links to these domains. Also see Links.

Domain
9top.site
Subject Issuer Validity Valid
xn--mcki0a1j.xyz
Cloudflare Inc ECC CA-3
2024-08-13 -
2024-12-31
5 months crt.sh
upload.video.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.google-analytics.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2
2023-12-18 -
2025-01-13
a year crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA
2023-12-05 -
2025-01-03
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-05-23 -
2024-08-21
3 months crt.sh

This page contains 1 frames:

Primary Page: https://xn--mcki0a1j.xyz/
Frame ID: 60E5302217D0BEB8615C4312B5D39E5D
Requests: 18 HTTP requests in this frame

Screenshot

Page Title

VegasGG | VegasGG Pasti | Link VegasGG

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"

Overall confidence: 80%
Detected patterns
  • <img[^>]+\.cloudinary\.com

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter

Page Statistics

18
Requests

100 %
HTTPS

89 %
IPv6

8
Domains

10
Subdomains

9
IPs

3
Countries

603 kB
Transfer

1076 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
xn--mcki0a1j.xyz/
13 KB
4 KB
Document
General
Full URL
https://xn--mcki0a1j.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:3f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b089e8dcf8b3e57b71113fd24f5902ecacbb8ea1983cf7d4cb40cfde31c998bc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b301378b859a250-YYZ
content-encoding
br
content-type
text/html
date
Wed, 14 Aug 2024 09:56:38 GMT
last-modified
Wed, 14 Aug 2024 09:39:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z3DGF%2FCGN9q8Kg0JZV34ahGZQc37aEyPP9KgAvDrmBu1ecawTzwfn%2FtH7xyr64WuwXsFIuIiHaI%2BKG5MKOyZfbctzo%2FRBsm3C3U9i77gq1z0PmNAC37yQ%2FvBWpdXLWOyIFx9H0XCTitnncVEVCdB"}],"group":"cf-nel","max_age":604800}
server
cloudflare
css2
fonts.googleapis.com/
2 KB
977 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Oswald&display=swap
Requested by
Host: xn--mcki0a1j.xyz
URL: https://xn--mcki0a1j.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5bddb1d00c98a3623bd08ecdd521a4324328b4fd5d3700b6ddd1f0f66d6ebeb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://xn--mcki0a1j.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 14 Aug 2024 09:56:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 14 Aug 2024 08:49:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Aug 2024 09:56:38 GMT
js
www.googletagmanager.com/gtag/
308 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-14698WEFK6
Requested by
Host: xn--mcki0a1j.xyz
URL: https://xn--mcki0a1j.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
10d5427209c93614438fd38705a84eaab6fe300bb4b97a05e40afb06ed701d02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://xn--mcki0a1j.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:56:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104301
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 14 Aug 2024 09:56:38 GMT
logovegasgg2.webp
firebasestorage.googleapis.com/v0/b/assets-img.appspot.com/o/
54 KB
55 KB
Image
General
Full URL
https://firebasestorage.googleapis.com/v0/b/assets-img.appspot.com/o/logovegasgg2.webp?alt=media&token=9718d98d-e069-42e3-9233-b2374212bd37
Requested by
Host: xn--mcki0a1j.xyz
URL: https://xn--mcki0a1j.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
00e63d6f699118439310e236a4d1e7d90a83493c7eb46a6ba7f915147aa59ef4

Request headers

Referer
https://xn--mcki0a1j.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:56:41 GMT
x-guploader-uploadid
AHxI1nMsXFofRJ5svifBs0mykMgNef33UsEvpP31HWHvJgL5G9ZVUHMqusqtAeyubtnElBwjWuxmsA-l7g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename*=utf-8''logovegasgg2.webp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55730
last-modified
Thu, 18 Jul 2024 05:34:01 GMT
server
UploadServer
etag
"26486cc75c87ccf5c2f50c990fbe9be0"
x-goog-generation
1721280841670376
content-type
image/webp
x-goog-hash
crc32c=CXwwkQ==, md5=Jkhsx1yHzPXC9QyZD76b4A==
cache-control
private, max-age=0
x-goog-stored-content-length
55730
x-goog-meta-firebasestoragedownloadtokens
9718d98d-e069-42e3-9233-b2374212bd37
accept-ranges
bytes
expires
Wed, 14 Aug 2024 09:56:41 GMT
adswdbesardibayrgg_j0utiz.jpg
res.cloudinary.com/dgrpmyqtz/image/upload/
206 KB
207 KB
Image
General
Full URL
https://res.cloudinary.com/dgrpmyqtz/image/upload/adswdbesardibayrgg_j0utiz.jpg
Requested by
Host: xn--mcki0a1j.xyz
URL: https://xn--mcki0a1j.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:141b:1c00:2587::523 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
6cb47c3ae81be10d234657f52ef692a3af42582f3d7ac53d2717d53be89ecc52
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://xn--mcki0a1j.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:56:38 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 13 Aug 2024 12:45:26 GMT
server
Cloudinary
etag
"9a783927c767460bc2debfe4bda70bbc"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=2592000
server-timing
cld-akam;dur=14;start=2024-08-14T09:56:38.742Z;desc=hit-near,rtt;dur=42,content-info;desc="width=1080,height=1080,bytes=211201,owidth=1080,oheight=1080,obytes=1460935,ef=(1,17)"
accept-ranges
bytes
timing-allow-origin
*
content-length
211201
x-request-id
b02452b2aee0bee3ecc62f31e8ad6e90
counter.js
www.statcounter.com/counter/
35 KB
13 KB
Script
General
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: xn--mcki0a1j.xyz
URL: https://xn--mcki0a1j.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.94.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6b293451a19dfb0f68649e5ceabac93b2d4155e64fe7f3e3af21a19984e2368

Request headers

Referer
https://xn--mcki0a1j.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:56:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 13 Aug 2024 18:13:15 GMT
server
cloudflare
age
27509
etag
W/"66bba23b-8c17"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
8b30137f8cc3aad4-YYZ
expires
Wed, 14 Aug 2024 14:18:09 GMT
fbevents.js
connect.facebook.net/en_US/
225 KB
60 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: xn--mcki0a1j.xyz
URL: https://xn--mcki0a1j.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://xn--mcki0a1j.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 14 Aug 2024 09:56:38 GMT
document-policy
force-load-at-top
x-fb-server-load
35
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58865
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=3, rtx=0, c=15, mss=1392, tbw=2807, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
ZrHSrgtm1uaXY4e9/SdYGEdI0Bs9DWIX4mDzlvTr1wvORiRoUiDRH0lAWaRC2k5z3AYg7A5SpZelNtGHdRBzNg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
zcomb.jpg
firebasestorage.googleapis.com/v0/b/assets-img.appspot.com/o/
134 KB
135 KB
Image
General
Full URL
https://firebasestorage.googleapis.com/v0/b/assets-img.appspot.com/o/zcomb.jpg?alt=media&token=05cca4d2-267e-4ff7-926e-ea5607398961
Requested by
Host: xn--mcki0a1j.xyz
URL: https://xn--mcki0a1j.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
bf71075b56da4be47d7c8b65fa1ccd3b5fd766b93c639bf42571ba1fe8d4e1c2

Request headers

Referer
https://xn--mcki0a1j.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:56:41 GMT
x-guploader-uploadid
AHxI1nPA9_ZYmxbhq4POBVOszVbA6qRNDuKZo9MlC5thMc_GwqQ8wq3Fi5-CY5h7A4RAWgX9a8geJDYD9A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename*=utf-8''zcomb.jpg
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137122
last-modified
Tue, 16 Jul 2024 08:13:36 GMT
server
UploadServer
etag
"2878e6ed9418850df5f9861043bc1496"
x-goog-generation
1721117616548712
content-type
image/jpeg
x-goog-hash
crc32c=OK7LJQ==, md5=KHjm7ZQYhQ31+YYQQ7wUlg==
cache-control
private, max-age=0
x-goog-stored-content-length
137122
x-goog-meta-firebasestoragedownloadtokens
05cca4d2-267e-4ff7-926e-ea5607398961
accept-ranges
bytes
expires
Wed, 14 Aug 2024 09:56:41 GMT
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-14698WEFK6&gtm=45je48c0v9193123749za200&_p=1723629398687&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=485469246.1723629399&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723629398&sct=1&seg=0&dl=https%3A%2F%2Fxn--mcki0a1j.xyz%2F&dt=VegasGG%20%7C%20VegasGG%20Pasti%20%7C%20Link%20VegasGG&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1359
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-14698WEFK6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://xn--mcki0a1j.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Aug 2024 09:56:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xn--mcki0a1j.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
t.php
c.statcounter.com/
192 B
595 B
XHR
General
Full URL
https://c.statcounter.com/t.php?sc_project=13027144&u1=733434C1406B4FE43BBA59553C0F3799&java=1&security=29036e32&sc_snum=1&sess=99b877&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//xn--mcki0a1j.xyz/&t=VegasGG%20%7C%20VegasGG%20Pasti%20%7C%20Link%20VegasGG&invisible=1&sc_rum_e_s=1410&sc_rum_e_e=1420&sc_rum_f_s=0&sc_rum_f_e=1401&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.94.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

Referer
https://xn--mcki0a1j.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:56:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://xn--mcki0a1j.xyz
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
8b3013803d07aad4-YYZ
expires
Mon, 26 Jul 1997 05:00:00 GMT
873439124716056
connect.facebook.net/signals/config/
70 KB
14 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/873439124716056?v=2.9.164&r=stable&domain=xn--mcki0a1j.xyz&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e56d2f1c38f726c5bd4e265d59181b063d6022ed4acc6a1970b8a2cb4483eda0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://xn--mcki0a1j.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 14 Aug 2024 09:56:39 GMT
document-policy
force-load-at-top
x-fb-server-load
53
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=63, mss=1392, tbw=64407, tp=-1, tpl=-1, uplat=88, ullat=0
pragma
public
x-fb-debug
mOR8g0dcKBXvs5SOSHuxajctRknx0Oy9z7RGKXx6YogECAo4QyJNFH1klUHzBOnIyilzaSKaFC9XZGK2+CfWPg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
1520999851855318
connect.facebook.net/signals/config/
25 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1520999851855318?v=2.9.164&r=stable&domain=xn--mcki0a1j.xyz&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C195%2C194%2C196%2C201%2C202%2C203%2C199%2C191%2C128%2C130%2C158%2C190%2C192%2C119%2C152%2C141%2C146%2C184%2C185%2C125%2C227%2C113%2C123%2C228%2C160%2C116%2C230%2C161%2C132%2C120%2C149%2C144
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7d4e8f3ac936b85fc7cf34738ea53bd9006d55336892ade25014a20be3bf1c2c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://xn--mcki0a1j.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 14 Aug 2024 09:56:39 GMT
document-policy
force-load-at-top
x-fb-server-load
30
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=44, rtx=0, c=23, mss=1232, tbw=5591, tp=10, tpl=0, uplat=123, ullat=0
pragma
public
x-fb-debug
jugkGT5fy/Xj/hgrfoXCDZi3OaGd7Jr8mkkjZdnwLa8dZChxrKE/haiHshIEa0n3fQh2IZMnYc/VRqw3FdOG4g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
273 B
Image
General
Full URL
https://www.facebook.com/tr/?id=873439124716056&ev=PageView&dl=https%3A%2F%2Fxn--mcki0a1j.xyz%2F&rl=&if=false&ts=1723629399504&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723629399463.60180726511694760&cs_est=true&ler=empty&cdl=API_unavailable&it=1723629399140&coo=false&rqm=GET
Requested by
Host: xn--mcki0a1j.xyz
URL: https://xn--mcki0a1j.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10e:83:face:b00c:0:25de Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://xn--mcki0a1j.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=2, rtx=0, c=10, mss=1392, tbw=2816, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 14 Aug 2024 09:56:40 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
850 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=873439124716056&ev=PageView&dl=https%3A%2F%2Fxn--mcki0a1j.xyz%2F&rl=&if=false&ts=1723629399504&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723629399463.60180726511694760&cs_est=true&ler=empty&cdl=API_unavailable&it=1723629399140&coo=false&rqm=FGET
Requested by
Host: xn--mcki0a1j.xyz
URL: https://xn--mcki0a1j.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10e:83:face:b00c:0:25de Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://xn--mcki0a1j.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Wed, 14 Aug 2024 09:56:40 GMT
document-policy
force-load-at-top
x-fb-server-load
28
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402931905378116084", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=4, rtx=0, c=10, mss=1392, tbw=6454, tp=-1, tpl=-1, uplat=168, ullat=0
pragma
no-cache
x-fb-debug
nTLv/Hye9GeDfFbPbh/U0aVfoJnztAmK0HgazLgheL8Xm+BCCQz4sKw5V3fCug1bBb9LsJ7qsh4HAWop4H+n5A==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402931905378116084"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
32 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1520999851855318&ev=PageView&dl=https%3A%2F%2Fxn--mcki0a1j.xyz%2F&rl=&if=false&ts=1723629399718&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723629399463.60180726511694760&cs_est=true&ler=empty&cdl=API_unavailable&it=1723629399140&coo=false&rqm=GET
Requested by
Host: xn--mcki0a1j.xyz
URL: https://xn--mcki0a1j.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10e:83:face:b00c:0:25de Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://xn--mcki0a1j.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=2, rtx=0, c=10, mss=1392, tbw=2816, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 14 Aug 2024 09:56:40 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
3 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1520999851855318&ev=PageView&dl=https%3A%2F%2Fxn--mcki0a1j.xyz%2F&rl=&if=false&ts=1723629399718&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723629399463.60180726511694760&cs_est=true&ler=empty&cdl=API_unavailable&it=1723629399140&coo=false&rqm=FGET
Requested by
Host: xn--mcki0a1j.xyz
URL: https://xn--mcki0a1j.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10e:83:face:b00c:0:25de Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://xn--mcki0a1j.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Wed, 14 Aug 2024 09:56:40 GMT
document-policy
force-load-at-top
x-fb-server-load
37
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402931905457759408", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1392, tbw=3165, tp=-1, tpl=-1, uplat=126, ullat=0
pragma
no-cache
x-fb-debug
AdoqstkUn/W8duLZa8Q6DpJDSkUcnF1P+wpUwAZBaft7Xuq1datsay5ZMPHllvjXgmg3ogIS6SPYhGc51AH/UA==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402931905457759408"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
ggicon.ico
firebasestorage.googleapis.com/v0/b/assets-img.appspot.com/o/
4 KB
5 KB
Other
General
Full URL
https://firebasestorage.googleapis.com/v0/b/assets-img.appspot.com/o/ggicon.ico?alt=media&token=2a3a1930-bbe4-45d9-bce8-005e232bed53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
d7471bc599b1e65c16ad7765abf21a5439d9cb22df2e07ed668d4744ffcd5ecc

Request headers

Referer
https://xn--mcki0a1j.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 09:56:43 GMT
x-guploader-uploadid
AHxI1nNZff2emzow_fax0hFZAG9V_89Yju5bmvC_opk2x5lIKpv2vJpCzxx0ySQObUWtG6ty-fw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename*=utf-8''ggicon.ico
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4286
last-modified
Tue, 16 Jul 2024 08:01:32 GMT
server
UploadServer
etag
"7ddc70cb7acaf2414797cce864bb301a"
x-goog-generation
1721116892656710
content-type
image/x-icon
x-goog-hash
crc32c=OAnawA==, md5=fdxwy3rK8kFHl8zoZLswGg==
cache-control
private, max-age=0
x-goog-stored-content-length
4286
x-goog-meta-firebasestoragedownloadtokens
2a3a1930-bbe4-45d9-bce8-005e232bed53
accept-ranges
bytes
expires
Wed, 14 Aug 2024 09:56:43 GMT
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-14698WEFK6&gtm=45je48c0v9193123749za200&_p=1723629398687&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=485469246.1723629399&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1723629398&sct=1&seg=0&dl=https%3A%2F%2Fxn--mcki0a1j.xyz%2F&dt=VegasGG%20%7C%20VegasGG%20Pasti%20%7C%20Link%20VegasGG&en=scroll&epn.percent_scrolled=90&_et=8&tfd=6386
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-14698WEFK6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://xn--mcki0a1j.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Aug 2024 09:56:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xn--mcki0a1j.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer function| fbq function| _fbq number| sc_project number| sc_invisible string| sc_security object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| _statcounter

6 Cookies

Domain/Path Name / Value
.xn--mcki0a1j.xyz/ Name: _ga
Value: GA1.1.485469246.1723629399
.xn--mcki0a1j.xyz/ Name: _ga_14698WEFK6
Value: GS1.1.1723629398.1.0.1723629398.0.0.0
.xn--mcki0a1j.xyz/ Name: sc_is_visitor_unique
Value: rx13027144.1723629399.733434C1406B4FE43BBA59553C0F3799.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc13027144.1723629399.0
.statcounter.com/ Name: is_visitor_unique
Value: 1723629399188689057
.xn--mcki0a1j.xyz/ Name: _fbp
Value: fb.1.1723629399463.60180726511694760

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.statcounter.com
connect.facebook.net
firebasestorage.googleapis.com
fonts.googleapis.com
res.cloudinary.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.statcounter.com
xn--mcki0a1j.xyz
104.20.94.138
2600:141b:1c00:2587::523
2606:4700:3032::6815:3f9
2607:f8b0:4006:807::200a
2607:f8b0:4006:80e::200e
2607:f8b0:4006:81c::200a
2607:f8b0:4006:824::2008
2a03:2880:f00e:13:face:b00c:0:3
2a03:2880:f10e:83:face:b00c:0:25de
00e63d6f699118439310e236a4d1e7d90a83493c7eb46a6ba7f915147aa59ef4
10d5427209c93614438fd38705a84eaab6fe300bb4b97a05e40afb06ed701d02
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
5bddb1d00c98a3623bd08ecdd521a4324328b4fd5d3700b6ddd1f0f66d6ebeb4
6cb47c3ae81be10d234657f52ef692a3af42582f3d7ac53d2717d53be89ecc52
7d4e8f3ac936b85fc7cf34738ea53bd9006d55336892ade25014a20be3bf1c2c
a6b293451a19dfb0f68649e5ceabac93b2d4155e64fe7f3e3af21a19984e2368
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b089e8dcf8b3e57b71113fd24f5902ecacbb8ea1983cf7d4cb40cfde31c998bc
bf71075b56da4be47d7c8b65fa1ccd3b5fd766b93c639bf42571ba1fe8d4e1c2
d7471bc599b1e65c16ad7765abf21a5439d9cb22df2e07ed668d4744ffcd5ecc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56d2f1c38f726c5bd4e265d59181b063d6022ed4acc6a1970b8a2cb4483eda0
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415