choigamedonclub.online Open in urlscan Pro
2606:4700:3030::ac43:94d3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://choigamedonclub.online/
Submission: On January 05 via api (January 5th 2024, 9:58:18 am UTC) from US — Scanned from US

Summary HTTP 63 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 13 IPs in 1 countries across 10 domains to perform 63 HTTP transactions. The main IP is 2606:4700:3030::ac43:94d3, located in United States and belongs to CLOUDFLARENET, US. The main domain is choigamedonclub.online.
TLS certificate: Issued by GTS CA 1P5 on January 5th 2024. Valid for: 3 months.

This is the only time choigamedonclub.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3030::ac43:94d3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
23	2606:4700:303... 2606:4700:3032::6815:518c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
1	2607:f8b0:400... 2607:f8b0:4004:c17::68	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::5f	15169 (GOOGLE) (GOOGLE)
12	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2607:f8b0:400... 2607:f8b0:4004:c17::5e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::5e	15169 (GOOGLE) (GOOGLE)
11	2a03:2880:f10... 2a03:2880:f103:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::cf	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::6815:16b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
63	13

1 2606:4700:3030::ac43:94d3 (United States)

ASN13335 (CLOUDFLARENET, US)

choigamedonclub.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700:3032::6815:518c (United States)

ASN13335 (CLOUDFLARENET, US)

okconde.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::68 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::cf (Washington, United States)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:16b8 (United States)

ASN13335 (CLOUDFLARENET, US)

authen.don1-ldp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	okconde.com okconde.com	874 KB
12	facebook.net connect.facebook.net — Cisco Umbrella Rank: 240	449 KB
11	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	354 B
6	gstatic.com fonts.gstatic.com www.gstatic.com	262 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115 storage.googleapis.com — Cisco Umbrella Rank: 682	3 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 438	38 KB
1	don1-ldp.com authen.don1-ldp.com lobby.don1-ldp.com Failed
1	google.com www.google.com — Cisco Umbrella Rank: 6	1 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1219	30 KB
1	choigamedonclub.online choigamedonclub.online	5 KB
63	10

	Domain	Requested by
23	okconde.com	choigamedonclub.online okconde.com
12	connect.facebook.net	choigamedonclub.online connect.facebook.net
11	www.facebook.com	choigamedonclub.online
5	fonts.gstatic.com	fonts.googleapis.com
2	storage.googleapis.com	code.jquery.com
2	cdn.jsdelivr.net	choigamedonclub.online
1	authen.don1-ldp.com	code.jquery.com
1	www.gstatic.com	www.google.com
1	fonts.googleapis.com	okconde.com
1	www.google.com	choigamedonclub.online
1	code.jquery.com	choigamedonclub.online
1	choigamedonclub.online
0	lobby.don1-ldp.com Failed	code.jquery.com
63	13

This site contains links to these domains. Also see Links.

Domain
fb.don1-ldp.com
group.don1-ldp.com
cskh.don1-ldp.com
don1.club
aomong.luadangchin.com
1.1.1.1
taidon1.club

Subject Issuer	Validity	Valid
choigamedonclub.online GTS CA 1P5	`2024-01-05` - `2024-04-04`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
okconde.com Cloudflare Inc ECC CA-3	`2023-09-22` - `2024-09-20`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-14` - `2024-01-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
storage.googleapis.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
don1-ldp.com GTS CA 1P5	`2023-11-08` - `2024-02-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://choigamedonclub.online/
Frame ID: B2D1C9E83D916AFE275CD96990CF31CF
Requests: 61 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DonClub ⭐️ Tải Don club - Game Đổi Thưởng Hot 2023

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

63
Requests

97 %
HTTPS

100 %
IPv6

10
Domains

13
Subdomains

13
IPs

1
Countries

1662 kB
Transfer

3495 kB
Size

1
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://fb.don1-ldp.com/

Search URL Search Domain Scan URL

URL: https://group.don1-ldp.com/

Search URL Search Domain Scan URL

URL: https://cskh.don1-ldp.com/

Search URL Search Domain Scan URL

URL: https://don1.club/

Search URL Search Domain Scan URL

URL: https://aomong.luadangchin.com/

Search URL Search Domain Scan URL

URL: https://1.1.1.1/

Search URL Search Domain Scan URL

URL: https://taidon1.club/
Title: Don Club

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
choigamedonclub.online/ 19 KB
5 KB 579ms
496ms Document
text/html 2606:4700:3030::ac43:94d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://choigamedonclub.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:94d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d9e95fb41e231f65deb60c2b4c4f7f7a0c62631dcd76490c316ae32b225a08b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 840adc6d28474bcc-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 05 Jan 2024 09:58:08 GMT
last-modified: Fri, 05 Jan 2024 07:38:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5E1tR%2BTxA0yB4%2FMwI8D2SjntW%2FraAm4luGw6n54M4BlQOc09uLZw6UKWNpq%2BCCZ2I%2Fyz4jsuL26jATpuIG%2B%2FmmBxeN0m85fYT402LweKFb%2BFpsuYGWmDqnAEH7k8UreuhRnPgpVlFjo1wjvJJD7aMqymt5q"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.1.3/dist/css/ 138 KB
23 KB 93ms
30ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.1.3/dist/css/bootstrap.min.css

Requested by

Host: choigamedonclub.online
URL: https://choigamedonclub.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://choigamedonclub.online/
Origin: https://choigamedonclub.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 05 Jan 2024 09:58:08 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5107075
x-jsd-version: 4.1.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23347
x-served-by: cache-fra-eddf8230071-FRA, cache-nyc-kteb1890070-NYC
x-jsd-version-type: version
etag: W/"22688-Z1/PKPn783E507LAtnb5b2AaQgM"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 style.css
okconde.com/assets/ 22 KB
5 KB 1038ms
959ms Stylesheet
text/css 2606:4700:3032::6815:518c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://okconde.com/assets/style.css?v=33
Requested by: Host: choigamedonclub.online
URL: https://choigamedonclub.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:518c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eae0d706eddb8583ad8c9511ad011b34736e97cc520ed5757c4a4e4be3c68330

Request headers

accept-language: en-US,en;q=0.9
Referer: https://choigamedonclub.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 09:58:09 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 25 Sep 2023 04:17:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2b0ead724fb24b5b1c49671bc1e74247"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2B%2FzRnvo77aDc5E4Yng11okqAx%2Bt0lYyigdUZ4Sz11tVQxfAlbOwHHKk%2FKMt9DKPJfUNVvZAJ9Cp%2FR0zrzKDqGWQrgp%2Byt8FfbgbvDmVa0gSlmHc09fWpmUyaakfmPPh5BHPINnO5iP27w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=300
cf-ray: 840adc70cc534bd5-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo.png
okconde.com/images/ 423 KB
424 KB 1039ms
961ms Image
image/png 2606:4700:3032::6815:518c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://okconde.com/images/logo.png
Requested by: Host: choigamedonclub.online
URL: https://choigamedonclub.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:518c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 387729efb53ce8451feebe84fe444acfbf791f47584c00a20ffd58e8c99088ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://choigamedonclub.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 09:58:09 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 17 Nov 2023 05:21:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "558d6bd0bffcd906a3ed453e55ade4b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ggvyd3xOlR1YmU8gECJEBtGW4J6xyoq1OxcodR1sAx%2B0uCv%2FCZOp0SFLIYsYyrw3aSnEoN%2BUcm2J%2Fb8H6mRjoKElzgxKqdjbCzah0LWidPrfhfW51HLjyAMO2uRdP%2BvXjdK2xl1GdX62rA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 840adc70cc554bd5-BUF
alt-svc: h3=":443"; ma=86400
content-length: 433029

GET
H2 200 captcha-demo.png
okconde.com/images/ 5 KB
6 KB 1069ms
991ms Image
image/png 2606:4700:3032::6815:518c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://okconde.com/images/captcha-demo.png
Requested by: Host: choigamedonclub.online
URL: https://choigamedonclub.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:518c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8291669be52f8cbf4af90a3142b251b1e85f525a4d63febd0280080d45e298f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://choigamedonclub.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 09:58:09 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Sep 2023 16:18:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "80ff6a0064561a062b6af0b92b4bf952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YyZk%2BZd5jIKowReUWVP5S2QDWRdGr%2F%2Fe2Y2BPnl86woWI5AuE0%2FxO9aDG9oXsDmG7c4ZU1Lux3Kywu9PgrFgZZJndnFl8qu0ViW%2BXQLimXb3jEmsKUhcP7n3UlY7uRfyZ0C0652ppzvLSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 840adc70cc544bd5-BUF
alt-svc: h3=":443"; ma=86400
content-length: 5358

GET
H2 200 jquery-3.1.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 99ms
29ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.1.1.min.js
Requested by: Host: choigamedonclub.online
URL: https://choigamedonclub.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

Referer: https://choigamedonclub.online/
Origin: https://choigamedonclub.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 09:58:09 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1906273
x-cache: HIT, HIT
content-length: 30070
x-served-by: cache-lga21947-LGA, cache-nyc-kteb1890046-NYC
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1704448690.855720,VS0,VE0
etag: W/"28feccc0-152b5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 77, 792

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.1.3/dist/js/ 50 KB
15 KB 31ms
30ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.1.3/dist/js/bootstrap.min.js

Requested by

Host: choigamedonclub.online
URL: https://choigamedonclub.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://choigamedonclub.online/
Origin: https://choigamedonclub.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 05 Jan 2024 09:58:09 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5713151
x-jsd-version: 4.1.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 14930
x-served-by: cache-fra-eddf8230057-FRA, cache-nyc-kteb1890070-NYC
x-jsd-version-type: version
etag: W/"c75f-J6cbADg9Ye88SJMms1ZNaY/BInw"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 114ms
50ms Script
text/javascript 2607:f8b0:4004:c17::68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: choigamedonclub.online
URL: https://choigamedonclub.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::68 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c0a8f2cd747b6b9cd15d4007388817291906a6b8b1c70b2bc39a64e603809b77

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://choigamedonclub.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 09:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 05 Jan 2024 09:58:09 GMT

GET
H2 200 page_all.js Show response
okconde.com/assets/ 10 KB
3 KB 463ms
462ms Script
text/javascript 2606:4700:3032::6815:518c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://okconde.com/assets/page_all.js?v=33
Requested by: Host: choigamedonclub.online
URL: https://choigamedonclub.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:518c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d301372156fdf99c3af615a7a86753ee22622f6344576b7f6d8c05dc15fa2de

Request headers

accept-language: en-US,en;q=0.9
Referer: https://choigamedonclub.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 09:58:10 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 22 Nov 2023 17:36:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"e4ae669dce62867133acec412f4c4c17"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QbGp3oKzb4KJWmtGwZa5xn3xuN8HrvWuU8gbOv73N434NpjvlPci63UcprUPXAEeltgWIBCvrq29OawTllxHuJlNz0qfPv877Wt1yHi8I76Zli%2F398872zEOR2ysz0avS4QbTuMDv9l9PA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=300
cf-ray: 840adc77781f4bd5-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 27 KB
2 KB 104ms
40ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: okconde.com
URL: https://okconde.com/assets/style.css?v=33

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://okconde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 Jan 2024 09:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 08:38:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Jan 2024 09:58:09 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 98ms
33ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: choigamedonclub.online
URL: https://choigamedonclub.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fefd09307baf0332b143c3c14fb6851c10e354362510d85a0c43d7e3c479093c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://choigamedonclub.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 05 Jan 2024 09:58:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54345
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 6ey9bU7BT6ZtYlIbOkXfPYyulTFn1jwSlbxOY0PO05s2CXIvkn6BhV+R6qvcJ/ifnPWXG5VXsRhxtWjonQwYcQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bg.jpg
okconde.com/images/ 108 KB
108 KB 467ms
465ms Image
image/jpeg 2606:4700:3032::6815:518c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://okconde.com/images/bg.jpg
Requested by: Host: okconde.com
URL: https://okconde.com/assets/style.css?v=33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:518c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 171ddf8247318f4119721b026441046b5f91f6dddf02ed1f25385b5fc4bb2dd8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://okconde.com/assets/style.css?v=33
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 09:58:10 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Sep 2023 16:18:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4e50f01330c7ca0ecf80351c4e26f721"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2FcQp9qE4wyrLezPOdXr62tg4rF6RFgNGMJ7hqefF%2FAeSpJBQVla5DU7krgY0bw44PS7LMjS5Xe2TU8jWCjOy%2BtaFHuCSHs%2FQq3q94lJAzxpLRbaOie1mp0Qgm7GQvQMDmN8vfRd7tY1ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 840adc7778284bd5-BUF
alt-svc: h3=":443"; ma=86400
content-length: 110149

GET
H2 200 btn-search-fb.png
okconde.com/images/ 5 KB
6 KB 472ms
468ms Image
image/png 2606:4700:3032::6815:518c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://okconde.com/images/btn-search-fb.png
Requested by: Host: okconde.com
URL: https://okconde.com/assets/style.css?v=33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:518c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0589249182e2fd7e37a88ac5b51c9fd14998472b6420cfe40273a10b4641415d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://okconde.com/assets/style.css?v=33
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 09:58:10 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Sep 2023 16:18:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "40c60d01618ea010ac4f04a4c428a758"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ulDRPkhIjRK3k4nNnrGKdNPKUrjnKAeGEEhbMczHcdH1okmE8vN3zkrOOyU1wWLyfOHtp1OujUNc62xVKvVPhFdoSMKyoOGEg7RtIfZzfBQscmKQB06U%2Bfcn5SNpkohHPdgABndyrLptsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 840adc77782a4bd5-BUF
alt-svc: h3=":443"; ma=86400
content-length: 5540

GET
H2 200 group-vua.png
okconde.com/images/ 6 KB
6 KB 475ms
471ms Image
image/png 2606:4700:3032::6815:518c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://okconde.com/images/group-vua.png
Requested by: Host: okconde.com
URL: https://okconde.com/assets/style.css?v=33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:518c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c702d3869ffa7b499c41bfb3bb02c45d3a39ea19c922c26a76549d99a527f4d5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://okconde.com/assets/style.css?v=33
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 09:58:10 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Sep 2023 16:18:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "ca3e4030109d6d60f6840fadf0f35e8f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBMFoQMSR1O8BgULk97vir7puWa%2Bt0sBLKLW4BDU3GZIFB1zBVWNZgaUbgMgRFauc3Bnok9rYzLqVdinWy4LX%2B%2FOj%2BOXyLdJsuzOcszPhMVypMCM%2ButkKZEzldzH6LBQQN9Ci1vyGy7g%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 840adc77782c4bd5-BUF
alt-svc: h3=":443"; ma=86400
content-length: 5843

GET
H2 200 bvd-tach_0020_Group-9-copy.png
okconde.com/images/ 5 KB
6 KB 469ms
465ms Image
image/png 2606:4700:3032::6815:518c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://okconde.com/images/bvd-tach_0020_Group-9-copy.png
Requested by: Host: okconde.com
URL: https://okconde.com/assets/style.css?v=33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:518c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16c4aae4ff580354095cbaa5274db9c26121719e17575a94d0e06c7b3a952083

Request headers

accept-language: en-US,en;q=0.9
Referer: https://okconde.com/assets/style.css?v=33
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 09:58:10 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Sep 2023 16:18:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "d588ff4e9b6e11a5806193f2d1191c8c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VH12mZrrfrQub7plhQ7pxisPBCHVdkfU7dCnKDTnRNyeIILs8WMO1h0wzq014uZuy53Yt3LFD3xed32tH8I7FSovaDioZNcwj%2FX0zPPwLSEH8w6V5K4xUhl%2FAwJ1qvzsWnCmOk1Bt48HKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 840adc77782e4bd5-BUF
alt-svc: h3=":443"; ma=86400
content-length: 5471

GET
H2 200 slogan.png
okconde.com/images/ 20 KB
21 KB 388ms
384ms Image
image/png 2606:4700:3032::6815:518c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://okconde.com/images/slogan.png
Requested by: Host: okconde.com
URL: https://okconde.com/assets/style.css?v=33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:518c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 030dacfcb547b2428317d71eff99c9cf415d4a42b21586e0cdb7a49d0a85e212

Request headers

accept-language: en-US,en;q=0.9
Referer: https://okconde.com/assets/style.css?v=33
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 09:58:10 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Sep 2023 16:18:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "87c176e5a50cfd7aa70ef022b3471518"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HqxZNB5JbSdZmFAkoKaj4NQFDmHe9%2FLS6P%2B3b6%2BYtuReIFpVtNMs1NEfLpXh2ZULi8CkfiaEhjk7qATGw0pskn6Pe%2FtFg8KEospx2PRkzYSRQaCqG8gINKffTSAmk78gNwlEIBPig%2BvGPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 840adc77782f4bd5-BUF
alt-svc: h3=":443"; ma=86400
content-length: 20641

GET
H2 200 bg-login.png
okconde.com/images/ 86 KB
87 KB 462ms
458ms Image
image/png 2606:4700:3032::6815:518c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://okconde.com/images/bg-login.png
Requested by: Host: okconde.com
URL: https://okconde.com/assets/style.css?v=33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:518c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbc5062a9302935712667ae86c7dca7d50c0613f6aaff9ca40d5b0b05ba497b9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://okconde.com/assets/style.css?v=33
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 09:58:10 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Sep 2023 16:18:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "848052c896725c81184dd8fcef337343"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rHlrAGuTQfvkV5r0IpZR0zAYru5a4sl1H0CYcVbAJja4%2BqX5SxZd53EaOoZnuC0nK%2BefWJhhxPd1A9TZknWuNBGg7zPcp6EBmoSm%2FKLuzv%2FYgfI1i7RDaXrgZr0mQbOtQQGEinuhY4qGow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 840adc7778304bd5-BUF
alt-svc: h3=":443"; ma=86400
content-length: 88160

GET
H2 200 btn-dk-active-mb.png
okconde.com/images/ 33 KB
34 KB 470ms
466ms Image
image/png 2606:4700:3032::6815:518c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://okconde.com/images/btn-dk-active-mb.png
Requested by: Host: okconde.com
URL: https://okconde.com/assets/style.css?v=33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:518c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 230166eb4cd24b592522b41f941c17d901367a768ae5404abbbe6d3fb53f90a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://okconde.com/assets/style.css?v=33
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 09:58:10 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Sep 2023 16:18:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "f2f26bed908f8e37c651903cd36d8a8f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vNj6Y96H6aIQvCXhFQMgOBZlse7GNkrN98faGJVwFpfMH9QkQzvCMxJKhjUFXTIC7aXtAuT1%2BZ1L6bGLUs5faNgHCGBC1Zt2ycChxkaSpC1G9wGRcRFqkh9yasmMnFwN3fxHHtynS7xSbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 840adc7778314bd5-BUF
alt-svc: h3=":443"; ma=86400
content-length: 34170

GET
H2 200 bvd-tach_0003_Layer-59.png
okconde.com/images/ 2 KB
2 KB 921ms
918ms Image
image/png 2606:4700:3032::6815:518c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://okconde.com/images/bvd-tach_0003_Layer-59.png
Requested by: Host: okconde.com
URL: https://okconde.com/assets/style.css?v=33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:518c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38852a901b0268588930e25134f10a3e283d17e81c45771cd6d713284b1e0422

Request headers

accept-language: en-US,en;q=0.9
Referer: https://okconde.com/assets/style.css?v=33
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 09:58:10 GMT
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 16:18:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "e83a479108b8f2c7533abe63a5c070f2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eQqAice%2BMY%2B6%2FPsr2q9hCoX7nngkPjePUb6pvDNVgPQk%2FTr0UNNWWjj9efbgrcTL7jHwKPjcUDHNcGL0ixAalUtbwtq%2F1retrzJDYxMGB7LxZkiBbivEf4%2FFjFBh%2F%2Fy1IyFnHaMFd4F7UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 840adc7778324bd5-BUF
alt-svc: h3=":443"; ma=86400
content-length: 1859

GET
H2 200 bg-input.png
okconde.com/images/ 28 KB
29 KB 472ms
468ms Image
image/png 2606:4700:3032::6815:518c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://okconde.com/images/bg-input.png
Requested by: Host: okconde.com
URL: https://okconde.com/assets/style.css?v=33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:518c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0cb44d494c69c8588f999198f9cdff4ac0e41cc4309bf14d8e66404556dbc07

Request headers

accept-language: en-US,en;q=0.9
Referer: https://okconde.com/assets/style.css?v=33
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 09:58:10 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Sep 2023 16:18:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "a90ea6bf5dc865359b8c9b3281b051b6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U0O%2BFeldkC%2BlN2eIQA%2BJAEIfmID7777u7q%2B0orbzNxUAq569MZAlv%2FbYnghZ9phrn4aujHqkgBs21jW4N%2FgV3Z7de4eI%2BXjhP9KcysFN%2FctsTH51PVZN9aoNefxwbpYnjPZu9GCwQ787SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 840adc7788344bd5-BUF
alt-svc: h3=":443"; ma=86400
content-length: 28881

GET
H2 200 bvd-tach_0002_Layer-60-copy.png
okconde.com/images/ 2 KB
2 KB 504ms
501ms Image
image/png 2606:4700:3032::6815:518c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://okconde.com/images/bvd-tach_0002_Layer-60-copy.png
Requested by: Host: okconde.com
URL: https://okconde.com/assets/style.css?v=33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:518c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f96a14bb46a411d2bb8248a63448d809eb169ccff12667a0afadd3a38ffd0fea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://okconde.com/assets/style.css?v=33
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 09:58:10 GMT
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 16:18:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "a18c21a7cdcd0f37b7d2123a14b2040e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BgrOJEo52fldfud%2FLBw2ehB0YQ4Aza1TqNfwMZZRbLVZ9ChJj%2F87oowP1%2FG70p0kmFqoj64AgzT7ZXc9O7gohtEmpskOsfgAlHKE3PgDSxREo245ajkWBkF%2Fba7k%2F9wxoqH5fpdHFMYIuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 840adc77a8574bd5-BUF
alt-svc: h3=":443"; ma=86400
content-length: 1983

GET
H2 200 bvd-tach_0001_Group-25.png
okconde.com/images/ 3 KB
3 KB 499ms
496ms Image
image/png 2606:4700:3032::6815:518c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://okconde.com/images/bvd-tach_0001_Group-25.png
Requested by: Host: okconde.com
URL: https://okconde.com/assets/style.css?v=33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:518c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd095f31796a46aa97b32202fd8dc47a8fa1514052d6e9cd18ad711a7a18bb26

Request headers

accept-language: en-US,en;q=0.9
Referer: https://okconde.com/assets/style.css?v=33
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 09:58:10 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Sep 2023 16:18:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "e6533c29b740383f0585c55b2fa406be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zvUQOi2ZC01FjYDxyyusSBAGQaiOWpiH7OKIb7WkZNYLFm1U4WakC%2B7O%2B6O6hSHP475S7XCrX2K6DxyRafTyNVgtYd2afkMR1zic3E%2FS0ntCu9mh7KGRmcbMSy39w55TA2mbpb8IY6fiSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 840adc77a8594bd5-BUF
alt-svc: h3=":443"; ma=86400
content-length: 2610

GET
H2 200 icon-captcha.png
okconde.com/images/ 2 KB
3 KB 499ms
497ms Image
image/png 2606:4700:3032::6815:518c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://okconde.com/images/icon-captcha.png
Requested by: Host: okconde.com
URL: https://okconde.com/assets/style.css?v=33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:518c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3693fa8ef649ca9e3755ec956886cc161506f008b926f4e3677da41dcd07065f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://okconde.com/assets/style.css?v=33
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 09:58:10 GMT
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 16:18:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "953adcf28ca83e55525123b04c2ff00a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CoVoAHvo6mlUTJ%2BsG65PxHspMUOhYjQHDQU742DEQvTbc3wh9%2BunNAxQKvrriuTBqpwLdZNWQIgovVm2VYeaEms5A6sz81dtnVeJbh4alpdm9TWiGOp3j%2Bt6zgwiuO%2Bgu%2FNIgxtoF1If%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 840adc77a85a4bd5-BUF
alt-svc: h3=":443"; ma=86400
content-length: 2446

GET
H2 200 refesh.png
okconde.com/images/ 2 KB
3 KB 489ms
486ms Image
image/png 2606:4700:3032::6815:518c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://okconde.com/images/refesh.png
Requested by: Host: okconde.com
URL: https://okconde.com/assets/style.css?v=33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:518c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96599935df001a0c0c01dc46ccf074e5131e4ee0c7ec878dd8ceae5f043e20e2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://okconde.com/assets/style.css?v=33
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 09:58:10 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Sep 2023 16:18:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4d510673e136936b0ed78da87eac2559"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=43CkgT58%2FG1o3GO90IeeFo70fRpmo0J1HV6c%2FJ%2FOa7LLDBa1OVv%2BMWU5eBZvc5KYh2QbDlUWmPXOSxMWTueTc%2BHOxi%2BgLMD5zyWPOeWtXO3QW33m%2BdeoMhcOnBQl99oTL9nrf8ltVQ7%2BOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 840adc77a85b4bd5-BUF
alt-svc: h3=":443"; ma=86400
content-length: 2333

GET
H2 200 bvd-tach_0000_Group-12.png
okconde.com/images/ 34 KB
34 KB 409ms
406ms Image
image/png 2606:4700:3032::6815:518c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://okconde.com/images/bvd-tach_0000_Group-12.png
Requested by: Host: okconde.com
URL: https://okconde.com/assets/style.css?v=33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:518c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03b87a2cb42492c47fe211ba0d5dc9802da5f2a9f76c68c68151e5d594941cbc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://okconde.com/assets/style.css?v=33
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 09:58:10 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Sep 2023 16:18:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "eea4185d30a5ca8b01185ee27d991aad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KUNPbsaSBH2DANpGW%2B9EJ8VbkbxKR4tox%2BJHv21DnWNSBIzEk%2FopKF9XM5Oxuxgt32z1d2BXOHUjMCLphtsAhMe9Edgr4zuIJQNcIFoUpNMGKeLe8DVPeNtk6Qf2IVycSzHAG5USj6krzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 840adc77a85c4bd5-BUF
alt-svc: h3=":443"; ma=86400
content-length: 34703

GET
H2 200 bvd-tach_0017_Group-23.png
okconde.com/images/ 53 KB
54 KB 490ms
488ms Image
image/png 2606:4700:3032::6815:518c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://okconde.com/images/bvd-tach_0017_Group-23.png
Requested by: Host: okconde.com
URL: https://okconde.com/assets/style.css?v=33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:518c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45473425e631d82d764637ad33b116524b9c4aa95f432a9d443b1d7eb11341b7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://okconde.com/assets/style.css?v=33
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 09:58:10 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Sep 2023 16:18:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6be08a26b6d3429f053967bcfcccd533"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qrsJNBT0n1LJPSiU085u7R5XWLk%2F6AmA1xjjOxuplaW59eiCUFkeXuPgEMk1jbcYysCpOmpLP8pHH%2Bh2ehq65zNZoxfFLbOwGHHp%2FLo4AjMY6sXlEQt9uEFda8UR9tZDPO8vI0q0T5AZTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 840adc77a85e4bd5-BUF
alt-svc: h3=":443"; ma=86400
content-length: 54432

GET
H2 200 bvd-tach_0019_Group-1.png
okconde.com/images/ 14 KB
15 KB 485ms
484ms Image
image/png 2606:4700:3032::6815:518c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://okconde.com/images/bvd-tach_0019_Group-1.png
Requested by: Host: okconde.com
URL: https://okconde.com/assets/style.css?v=33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:518c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb47c2a18fadf53c516c86a7b18e0790a5f9a75e042ab731cd3d69e12d6fae49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://okconde.com/assets/style.css?v=33
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 09:58:10 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Sep 2023 16:18:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "33c0bf0e10ce9662b7169cc20d790cef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HEqhBDamF4UjhFWwH0AwjiOCbIvcod%2FWibciCZ6d9n6XAEM20t%2BWN3kox8P60%2BhqOEdxtFUWltwVWbQV72i4NbCNwjU7yfntUNJ0OfFZxytS6KgEczzWMPyyLhAAwXE7OMd4jbrKhYGuJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 840adc77a85f4bd5-BUF
alt-svc: h3=":443"; ma=86400
content-length: 14845

GET
H2 200 title-3.png
okconde.com/images/ 3 KB
4 KB 880ms
879ms Image
image/png 2606:4700:3032::6815:518c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://okconde.com/images/title-3.png
Requested by: Host: okconde.com
URL: https://okconde.com/assets/style.css?v=33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:518c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 002b9087e24f0bd4f10213c6eeb7cf7dc6b4263a84a3de4b057a212e5896d758

Request headers

accept-language: en-US,en;q=0.9
Referer: https://okconde.com/assets/style.css?v=33
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 09:58:10 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Sep 2023 16:18:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "f965dfc28d41559e2a93eb84a9691b19"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FUBiLVr9O9KkYP62JulyPWyINaRj%2BsVahUa9p6iywppBSghoH%2BrlZWAhUds9doebkDWD8lRGY8Hkfhhqqi9kVLSMt1GPgnoL78R7A9eqIwWpcRHUTE6bEmkY8IrjdtHpvil0eCo%2ByJzX4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 840adc77a8614bd5-BUF
alt-svc: h3=":443"; ma=86400
content-length: 3379

GET
H2 200 btn-dns.png
okconde.com/images/ 18 KB
18 KB 496ms
495ms Image
image/png 2606:4700:3032::6815:518c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://okconde.com/images/btn-dns.png
Requested by: Host: okconde.com
URL: https://okconde.com/assets/style.css?v=33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:518c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 937a2269764295dcd16812780b6ebf7a5c3ec1a3d20d009c38e0f85ef53f0e4b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://okconde.com/assets/style.css?v=33
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 09:58:10 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Sep 2023 16:18:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "e5fadc6542585e5bd6c09fae5636d93a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LjavqdLxpUB9T9WARLT3%2F1fSdn%2BsUdWnVnB6ts3dJnViFVh3k%2B0xIJDCFmWvFv7DyztxqFhUtRmgKDDYscbtNtyfSVVjUqv7WqlUZk75kyV%2Fq78Ie%2Fd75dwIHAa6q0%2FAbJ0o%2FrN1%2BQcCvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 840adc77a8624bd5-BUF
alt-svc: h3=":443"; ma=86400
content-length: 18356

GET
H2 200 title-4.png
okconde.com/images/ 4 KB
5 KB 493ms
492ms Image
image/png 2606:4700:3032::6815:518c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://okconde.com/images/title-4.png
Requested by: Host: okconde.com
URL: https://okconde.com/assets/style.css?v=33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:518c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69efde014f137fb3dca322f1be4206e46a6dd9cf1b5f41019215c4c5d32ab292

Request headers

accept-language: en-US,en;q=0.9
Referer: https://okconde.com/assets/style.css?v=33
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 09:58:10 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Sep 2023 16:18:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "95d298c6b76d8453b96641711697b68a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hjgZ1GG%2FeTR%2FNSCVR0k2FtsxQvrWj92qza7EwRLieCdC2Q10t74D2ExZuqjVYU%2BIL%2Fs9AHg5Rsbht9Lnktpifp7cdPtphlHmvuovbs0MERHVzLAmUGP1cRsdfW04RbyG%2ByptETwBJAtDlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 840adc77a8654bd5-BUF
alt-svc: h3=":443"; ma=86400
content-length: 4373

GET
H2 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 105ms
39ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://choigamedonclub.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 21:26:30 GMT
x-content-type-options: nosniff
age: 131499
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11824
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jan 2025 21:26:30 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 97ms
31ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://choigamedonclub.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 22:30:34 GMT
x-content-type-options: nosniff
age: 127655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jan 2025 22:30:34 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 127ms
64ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://choigamedonclub.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 21:11:42 GMT
x-content-type-options: nosniff
age: 132387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jan 2025 21:11:42 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 137ms
76ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://choigamedonclub.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 20:56:15 GMT
x-content-type-options: nosniff
age: 133314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jan 2025 20:56:15 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 5 KB
6 KB 134ms
73ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://choigamedonclub.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 21:11:43 GMT
x-content-type-options: nosniff
age: 132386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5560
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jan 2025 21:11:43 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ 503 KB
202 KB 109ms
33ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://choigamedonclub.online/
Origin: https://choigamedonclub.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 06:36:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12124
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205927
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Jan 2025 06:36:06 GMT

GET
H2 200 24573851825563786 Show response
connect.facebook.net/signals/config/ 139 KB
36 KB 85ms
84ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/24573851825563786?v=2.9.139&r=stable&domain=choigamedonclub.online

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b31bf8c45e5ea26091f6781c359098f3aea71b499861cd31015943a05ddc3af0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://choigamedonclub.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 05 Jan 2024 09:58:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: eo/Zsk85WPousyAq0aewdhomPmQ0tIQ+LHGthk9dbR2vDXt3biTwvI109CACE7GDrXE6Y0OyLQapo86LFpz7mA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 744821280344629 Show response
connect.facebook.net/signals/config/ 139 KB
36 KB 83ms
83ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/744821280344629?v=2.9.139&r=stable&domain=choigamedonclub.online

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

368eefd33a12cab9550ad6fdafc8957e72aadcf631ddf3a24c36d61305ff3388

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://choigamedonclub.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 05 Jan 2024 09:58:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: dNKCKjqWxsAhTnhJxoCf4dBsju4lCKpnlhr/Xcj5I7mvrRE94k0fCu5EWvpkY+d3Njykc/tyJxIvLPtVVTOOfA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 97ms
32ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=24573851825563786&ev=PageView&dl=https%3A%2F%2Fchoigamedonclub.online%2F&rl=&if=false&ts=1704448690124&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.1.1704448690122.1666327059&cs_est=true&ler=empty&it=1704448690008&coo=false&rqm=GET

Requested by

Host: choigamedonclub.online
URL: https://choigamedonclub.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://choigamedonclub.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 05 Jan 2024 09:58:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 1001297144305933 Show response
connect.facebook.net/signals/config/ 139 KB
36 KB 93ms
92ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1001297144305933?v=2.9.139&r=stable&domain=choigamedonclub.online

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a542f35850ed25567a9af8bd62a0e6a11368115881f58073f6d51db06cb9a5b7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://choigamedonclub.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 05 Jan 2024 09:58:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: MYL4y+KlvR4W5FXIskxe/8aHfz09HRN7aPVlpu9lmOCTIubNIRXQb6h7XpLtoEMHY2dxXv36NquQYjE1xZhyWw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 32ms
32ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=744821280344629&ev=PageView&dl=https%3A%2F%2Fchoigamedonclub.online%2F&rl=&if=false&ts=1704448690244&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.1.1704448690122.1666327059&cs_est=true&ler=empty&it=1704448690008&coo=false&rqm=GET

Requested by

Host: choigamedonclub.online
URL: https://choigamedonclub.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://choigamedonclub.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 05 Jan 2024 09:58:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

OPTIONS
H2 200 crimson.json
storage.googleapis.com/golali/ 0
0 297ms
232ms Preflight
text/html 2607:f8b0:4004:c1b::cf
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/golali/crimson.json
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::cf Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,content-type
Access-Control-Request-Method: GET
Origin: https://choigamedonclub.online
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Access-Control-Allow-Origin
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 05 Jan 2024 09:58:10 GMT
expires: Fri, 05 Jan 2024 09:58:10 GMT
server: UploadServer
x-guploader-uploadid: ABPtcPpHaZ-dMJMXOUKohlip9B5V1tac7cMzS7gahzbX5W8JUEiMrpN90eaxJEJYnyn-gFiLnsw

GET
H2 200 crimson.json Show response
storage.googleapis.com/golali/ 425 B
951 B 261ms
260ms XHR
application/json 2607:f8b0:4004:c1b::cf
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/golali/crimson.json
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.1.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::cf Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ccab073ff9434200d2102f3cf1f5110548bc6e215a5f39af801a358fdc69ea28

Request headers

Access-Control-Allow-Origin: *
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://choigamedonclub.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Fri, 05 Jan 2024 09:58:10 GMT
x-guploader-uploadid: ABPtcPrbRRCoqe-5JnALSfnoeiKnGQ22zrDlW1pMz_8mF1GgaNTGjXB6q4KfnbtAIjLgmq06h00
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 425
last-modified: Wed, 22 Nov 2023 17:25:22 GMT
server: UploadServer
etag: "33776abc9bd6bbddb6e43edd04ffabff"
x-goog-generation: 1700673922147128
content-type: application/json
access-control-allow-origin: *
x-goog-hash: crc32c=kpQISw==, md5=M3dqvJvWu9225D7dBP+r/w==
access-control-expose-headers: Access-Control-Allow-Origin, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=60
x-goog-stored-content-length: 425
accept-ranges: bytes
expires: Fri, 05 Jan 2024 09:59:10 GMT

GET
H3 200 1057254382258718 Show response
connect.facebook.net/signals/config/ 139 KB
36 KB 100ms
99ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1057254382258718?v=2.9.139&r=stable&domain=choigamedonclub.online

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5b78e232aa8997f1dc3b0e6d97c666a0167ed3e5740d4657d91bc049aac45a7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://choigamedonclub.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 05 Jan 2024 09:58:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: w4rTh+3fCoVGYncYxyI6cbq13ePISXw1NjKx0mD5ye7gtiWeUm+QPqrnlc2P9BpnhQZxuHfIlIMskVc9GUBU6A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 33ms
32ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1001297144305933&ev=PageView&dl=https%3A%2F%2Fchoigamedonclub.online%2F&rl=&if=false&ts=1704448690370&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.1.1704448690122.1666327059&cs_est=true&ler=empty&it=1704448690008&coo=false&rqm=GET

Requested by

Host: choigamedonclub.online
URL: https://choigamedonclub.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://choigamedonclub.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 05 Jan 2024 09:58:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 663311266009830 Show response
connect.facebook.net/signals/config/ 139 KB
36 KB 84ms
83ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/663311266009830?v=2.9.139&r=stable&domain=choigamedonclub.online

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

810da8ada9a130d19952e39edc5b5afb860c2fea7be1eed8ba410465e3859ead

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://choigamedonclub.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 05 Jan 2024 09:58:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: QZcXQ0qGyf1yAR555IW8H2VU950d65D6CNUkcPWBgtnyLD0Ua3xJnQ6T1laugikOO+TD3fflgfEwAr36Eg4zRg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 32ms
32ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1057254382258718&ev=PageView&dl=https%3A%2F%2Fchoigamedonclub.online%2F&rl=&if=false&ts=1704448690479&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.1.1704448690122.1666327059&cs_est=true&ler=empty&it=1704448690008&coo=false&rqm=GET

Requested by

Host: choigamedonclub.online
URL: https://choigamedonclub.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://choigamedonclub.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 05 Jan 2024 09:58:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 1717423038781151 Show response
connect.facebook.net/signals/config/ 139 KB
36 KB 83ms
83ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1717423038781151?v=2.9.139&r=stable&domain=choigamedonclub.online

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9b717f5cf6742968c379cff6eb6904fd412b503b9c773ca09cf62154219c44fb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://choigamedonclub.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 05 Jan 2024 09:58:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: K+DpmXgz8wBmJaGgGF9sZgTYI4cXMxTYZOb6S7hDDNuApCG0r4KtkE4//lY+vg5EKiiJqGAnyidm0qhRhvHmdw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 33ms
32ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=663311266009830&ev=PageView&dl=https%3A%2F%2Fchoigamedonclub.online%2F&rl=&if=false&ts=1704448690574&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.1.1704448690122.1666327059&cs_est=true&ler=empty&it=1704448690008&coo=false&rqm=GET

Requested by

Host: choigamedonclub.online
URL: https://choigamedonclub.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://choigamedonclub.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 05 Jan 2024 09:58:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 675555778083328 Show response
connect.facebook.net/signals/config/ 139 KB
36 KB 88ms
88ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/675555778083328?v=2.9.139&r=stable&domain=choigamedonclub.online

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

57cfad8fd0dd74f4d42d36cab649e05cac0c3aa03e87f81e6e59fbb613e3a51d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://choigamedonclub.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 05 Jan 2024 09:58:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 8XJ0W/DhiLy8dSn+uk+XtiGm9ND8HuywhRrSv2e2umhYqc13dVTn1h2bUfNmfnwMNDkiBMGnqvoRIckf/9KbPw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 33ms
32ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1717423038781151&ev=PageView&dl=https%3A%2F%2Fchoigamedonclub.online%2F&rl=&if=false&ts=1704448690667&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.1.1704448690122.1666327059&cs_est=true&ler=empty&it=1704448690008&coo=false&rqm=GET

Requested by

Host: choigamedonclub.online
URL: https://choigamedonclub.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://choigamedonclub.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 05 Jan 2024 09:58:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 1025864085140028 Show response
connect.facebook.net/signals/config/ 139 KB
36 KB 90ms
89ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1025864085140028?v=2.9.139&r=stable&domain=choigamedonclub.online

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7c2adbd22e855de1cf5c05ca60a3b36cce2281fc19e2acf7df18ca392eaef4b7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://choigamedonclub.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 05 Jan 2024 09:58:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: RJFdml+paz3sxw0rW0JRDjtpxl3aBqVEkNmXQO4MCyZmKAJ6MQodJaHd1l8dnp3nzlA7Uv3L0stwo77V76/Akg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 32ms
32ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=675555778083328&ev=PageView&dl=https%3A%2F%2Fchoigamedonclub.online%2F&rl=&if=false&ts=1704448690766&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.1.1704448690122.1666327059&cs_est=true&ler=empty&it=1704448690008&coo=false&rqm=GET

Requested by

Host: choigamedonclub.online
URL: https://choigamedonclub.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://choigamedonclub.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 05 Jan 2024 09:58:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

OPTIONS
H2 403 get
authen.don1-ldp.com/w-portapi/captcha/ 0
0 131ms
34ms Preflight
text/html 2606:4700:3037::6815:16b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://authen.don1-ldp.com/w-portapi/captcha/get

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:16b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://choigamedonclub.online
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=15
cf-ray: 840adc7e7a5b4bbd-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 05 Jan 2024 09:58:10 GMT
expires: Fri, 05 Jan 2024 09:58:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vg5kCTL7QYWdC4LI2d3ZS5LRN%2FdCFhX4jybjAyG0EGLAn786yGtiBECjHeOHEC2GfsYt7Ez%2BCiTRas2WhAdePOnvYEDe1vZ48u2Z5bLoD3W%2FAiI6L2gvSg7A%2BvORAf2%2BNUvLlKaErrKrKXlLLfnRyFzy"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET get
authen.don1-ldp.com/w-portapi/captcha/ 0
0

GET referrerNRU
lobby.don1-ldp.com/nru/ 0
0

GET
H3 200 747475247414882 Show response
connect.facebook.net/signals/config/ 141 KB
36 KB 83ms
83ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/747475247414882?v=2.9.139&r=stable&domain=choigamedonclub.online

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

71ea21ab6e5c9f5e6c0fe9f578fcffbec1e9dea2c461d7f0cb9b3616332487f4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://choigamedonclub.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 05 Jan 2024 09:58:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 2xc/87lRoiZuAeBsy2mnmQ8EmH8N9M0ZM8AYbfCDuj2Xjp9wsRBFrl/A5BeAotzWfa1tnGLQ1p/rn/X6iVGU3Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 32ms
32ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1025864085140028&ev=PageView&dl=https%3A%2F%2Fchoigamedonclub.online%2F&rl=&if=false&ts=1704448690865&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.1.1704448690122.1666327059&cs_est=true&ler=empty&it=1704448690008&coo=false&rqm=GET

Requested by

Host: choigamedonclub.online
URL: https://choigamedonclub.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://choigamedonclub.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 05 Jan 2024 09:58:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 2144644439216601 Show response
connect.facebook.net/signals/config/ 130 KB
34 KB 92ms
92ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2144644439216601?v=2.9.139&r=stable&domain=choigamedonclub.online

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

889657adf8d1297be7b9e55cbe10a434dd86b78a168e12a598ae26ab1d7f290e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://choigamedonclub.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 05 Jan 2024 09:58:11 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: IfN5BIANcaklecNsVoKmU7FNg1KPNpIkQrZ2UM6yI9MC3kiRynQ58+GarRyJqpfhtD/twwbmOJNMkxO46SN/CA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 33ms
32ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=747475247414882&ev=PageView&dl=https%3A%2F%2Fchoigamedonclub.online%2F&rl=&if=false&ts=1704448690960&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.1.1704448690122.1666327059&cs_est=true&ler=empty&it=1704448690008&coo=false&rqm=GET

Requested by

Host: choigamedonclub.online
URL: https://choigamedonclub.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://choigamedonclub.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 05 Jan 2024 09:58:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 1052344919337479 Show response
connect.facebook.net/signals/config/ 141 KB
36 KB 101ms
100ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1052344919337479?v=2.9.139&r=stable&domain=choigamedonclub.online

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

89cf4e8ed838f73809ccee40519fd4e41a4000e35022ec5a78323667e5736365

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://choigamedonclub.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 05 Jan 2024 09:58:11 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 5MDu1DJBz7OgkEJwzUB3lIw9O8Sm/vURtztAuRcdSAD32QbGhlQTUIjXdbDocwso1uE3UMFsv/Ga6mdhYFz++w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 33ms
32ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2144644439216601&ev=PageView&dl=https%3A%2F%2Fchoigamedonclub.online%2F&rl=&if=false&ts=1704448691061&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.1.1704448690122.1666327059&ler=empty&it=1704448690008&coo=false&rqm=GET

Requested by

Host: choigamedonclub.online
URL: https://choigamedonclub.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://choigamedonclub.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 05 Jan 2024 09:58:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 32ms
32ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1052344919337479&ev=PageView&dl=https%3A%2F%2Fchoigamedonclub.online%2F&rl=&if=false&ts=1704448691173&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.1.1704448690122.1666327059&cs_est=true&ler=empty&it=1704448690008&coo=false&rqm=GET

Requested by

Host: choigamedonclub.online
URL: https://choigamedonclub.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://choigamedonclub.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 05 Jan 2024 09:58:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: authen.don1-ldp.com
URL: https://authen.don1-ldp.com/w-portapi/captcha/get

Domain: lobby.don1-ldp.com
URL: https://lobby.don1-ldp.com/nru/referrerNRU?referrer=

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.choigamedonclub.online/	1970-01-20 19:37:04	Name: _fbp Value: fb.1.1704448690122.1666327059

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/747475247414882?v=2.9.139&r=stable&domain=choigamedonclub.online(Line 137) Message: Unrecognized feature: 'attribution-reporting'.
javascript	error	URL: https://choigamedonclub.online/ Message: Access to XMLHttpRequest at 'https://lobby.don1-ldp.com/nru/referrerNRU?referrer=' from origin 'https://choigamedonclub.online' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://lobby.don1-ldp.com/nru/referrerNRU?referrer= Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://choigamedonclub.online/ Message: Access to XMLHttpRequest at 'https://authen.don1-ldp.com/w-portapi/captcha/get' from origin 'https://choigamedonclub.online' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://authen.don1-ldp.com/w-portapi/captcha/get Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

authen.don1-ldp.com
cdn.jsdelivr.net
choigamedonclub.online
code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
lobby.don1-ldp.com
okconde.com
storage.googleapis.com
www.facebook.com
www.google.com
www.gstatic.com
authen.don1-ldp.com
lobby.don1-ldp.com
2606:4700:3030::ac43:94d3
2606:4700:3032::6815:518c
2606:4700:3037::6815:16b8
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c17::68
2607:f8b0:4004:c1b::cf
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
2a04:4e42:400::649
2a04:4e42::485
002b9087e24f0bd4f10213c6eeb7cf7dc6b4263a84a3de4b057a212e5896d758
030dacfcb547b2428317d71eff99c9cf415d4a42b21586e0cdb7a49d0a85e212
03b87a2cb42492c47fe211ba0d5dc9802da5f2a9f76c68c68151e5d594941cbc
0589249182e2fd7e37a88ac5b51c9fd14998472b6420cfe40273a10b4641415d
16c4aae4ff580354095cbaa5274db9c26121719e17575a94d0e06c7b3a952083
171ddf8247318f4119721b026441046b5f91f6dddf02ed1f25385b5fc4bb2dd8
230166eb4cd24b592522b41f941c17d901367a768ae5404abbbe6d3fb53f90a3
368eefd33a12cab9550ad6fdafc8957e72aadcf631ddf3a24c36d61305ff3388
3693fa8ef649ca9e3755ec956886cc161506f008b926f4e3677da41dcd07065f
387729efb53ce8451feebe84fe444acfbf791f47584c00a20ffd58e8c99088ea
38852a901b0268588930e25134f10a3e283d17e81c45771cd6d713284b1e0422
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
3d9e95fb41e231f65deb60c2b4c4f7f7a0c62631dcd76490c316ae32b225a08b
45473425e631d82d764637ad33b116524b9c4aa95f432a9d443b1d7eb11341b7
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
57cfad8fd0dd74f4d42d36cab649e05cac0c3aa03e87f81e6e59fbb613e3a51d
5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55
69efde014f137fb3dca322f1be4206e46a6dd9cf1b5f41019215c4c5d32ab292
71ea21ab6e5c9f5e6c0fe9f578fcffbec1e9dea2c461d7f0cb9b3616332487f4
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7c2adbd22e855de1cf5c05ca60a3b36cce2281fc19e2acf7df18ca392eaef4b7
810da8ada9a130d19952e39edc5b5afb860c2fea7be1eed8ba410465e3859ead
8291669be52f8cbf4af90a3142b251b1e85f525a4d63febd0280080d45e298f2
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
889657adf8d1297be7b9e55cbe10a434dd86b78a168e12a598ae26ab1d7f290e
89cf4e8ed838f73809ccee40519fd4e41a4000e35022ec5a78323667e5736365
8d301372156fdf99c3af615a7a86753ee22622f6344576b7f6d8c05dc15fa2de
937a2269764295dcd16812780b6ebf7a5c3ec1a3d20d009c38e0f85ef53f0e4b
96599935df001a0c0c01dc46ccf074e5131e4ee0c7ec878dd8ceae5f043e20e2
9b717f5cf6742968c379cff6eb6904fd412b503b9c773ca09cf62154219c44fb
a542f35850ed25567a9af8bd62a0e6a11368115881f58073f6d51db06cb9a5b7
b31bf8c45e5ea26091f6781c359098f3aea71b499861cd31015943a05ddc3af0
bd095f31796a46aa97b32202fd8dc47a8fa1514052d6e9cd18ad711a7a18bb26
c0a8f2cd747b6b9cd15d4007388817291906a6b8b1c70b2bc39a64e603809b77
c702d3869ffa7b499c41bfb3bb02c45d3a39ea19c922c26a76549d99a527f4d5
cbc5062a9302935712667ae86c7dca7d50c0613f6aaff9ca40d5b0b05ba497b9
ccab073ff9434200d2102f3cf1f5110548bc6e215a5f39af801a358fdc69ea28
d5b78e232aa8997f1dc3b0e6d97c666a0167ed3e5740d4657d91bc049aac45a7
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eae0d706eddb8583ad8c9511ad011b34736e97cc520ed5757c4a4e4be3c68330
eb47c2a18fadf53c516c86a7b18e0790a5f9a75e042ab731cd3d69e12d6fae49
f0cb44d494c69c8588f999198f9cdff4ac0e41cc4309bf14d8e66404556dbc07
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f96a14bb46a411d2bb8248a63448d809eb169ccff12667a0afadd3a38ffd0fea
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
fefd09307baf0332b143c3c14fb6851c10e354362510d85a0c43d7e3c479093c

choigamedonclub.online Open in urlscan Pro 2606:4700:3030::ac43:94d3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

63 Requests

97 %HTTPS

100 %IPv6

10 Domains

13 Subdomains

13 IPs

1 Countries

1662 kBTransfer

3495 kBSize

1 Cookies

7 Outgoing links

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

choigamedonclub.online Open in urlscan Pro
2606:4700:3030::ac43:94d3 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

97 %
HTTPS

100 %
IPv6

10
Domains

13
Subdomains

13
IPs

1
Countries

1662 kB
Transfer

3495 kB
Size

1
Cookies

63 HTTP transactions
0 data transactions