www.bursa-shadow.xyz Open in urlscan Pro
172.67.150.47 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bursa-shadow.xyz/
Effective URL:
https://www.bursa-shadow.xyz/
Submission: On August 14 via api (August 14th 2024, 7:42:33 am UTC) from US — Scanned from US

Summary HTTP 126 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 9 domains to perform 126 HTTP transactions. The main IP is 172.67.150.47, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.bursa-shadow.xyz.
TLS certificate: Issued by WE1 on August 12th 2024. Valid for: 3 months.

This is the only time www.bursa-shadow.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 77	172.67.150.47 172.67.150.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	35.190.44.120 35.190.44.120	15169 (GOOGLE) (GOOGLE)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f00... 2a03:2880:f003:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
8	172.67.134.254 172.67.134.254	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2606:4700:303... 2606:4700:3034::6815:1c3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.197.10 172.67.197.10	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	157.240.229.1 157.240.229.1	32934 (FACEBOOK) (FACEBOOK)
8	2a03:2880:f10... 2a03:2880:f103:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1		() ()
2	157.240.229.35 157.240.229.35	32934 (FACEBOOK) (FACEBOOK)
1	23.48.203.199 23.48.203.199	() ()
2	23.61.11.170 23.61.11.170	() ()
126	14

77 172.67.150.47 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bursa-shadow.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.bursa-shadow.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.44.120 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 120.44.190.35.bc.googleusercontent.com

9996777888.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.67.134.254 (United States)

ASN13335 (CLOUDFLARENET, US)

www.p120p0p1mt.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:3034::6815:1c3 (United States)

ASN13335 (CLOUDFLARENET, US)

v1006.p120p0ap1.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.197.10 (United States)

ASN13335 (CLOUDFLARENET, US)

v1006.p1201nt.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.229.1 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 (None, )

ASN- ()

www.bursa-shadow.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.229.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-iad3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.48.203.199 (None, )

ASN- ()

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.61.11.170 (None, )

ASN- ()

api.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
78	bursa-shadow.xyz 1 redirects bursa-shadow.xyz www.bursa-shadow.xyz	1 MB
11	p120p0ap1.xyz v1006.p120p0ap1.xyz	7 KB
10	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	6 KB
8	p120p0p1mt.xyz www.p120p0p1mt.xyz — Cisco Umbrella Rank: 290991	2 KB
6	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	90 KB
5	9996777888.com 9996777888.com — Cisco Umbrella Rank: 261865	5 KB
3	livechatinc.com cdn.livechatinc.com api.livechatinc.com secure.livechatinc.com Failed	29 KB
1	p1201nt.xyz v1006.p1201nt.xyz	743 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	749 B
126	9

	Domain	Requested by
77	www.bursa-shadow.xyz	www.bursa-shadow.xyz
11	v1006.p120p0ap1.xyz	www.bursa-shadow.xyz
10	www.facebook.com	www.bursa-shadow.xyz
8	www.p120p0p1mt.xyz	www.bursa-shadow.xyz
6	connect.facebook.net	www.bursa-shadow.xyz connect.facebook.net
5	9996777888.com	www.bursa-shadow.xyz
2	api.livechatinc.com	cdn.livechatinc.com
1	cdn.livechatinc.com	www.bursa-shadow.xyz
1	v1006.p1201nt.xyz	www.bursa-shadow.xyz
1	cdnjs.cloudflare.com	www.bursa-shadow.xyz
1	bursa-shadow.xyz	1 redirects
0	secure.livechatinc.com Failed	cdn.livechatinc.com
126	12

This site contains links to these domains. Also see Links.

Domain
www.google.com
t.ly
wa.me
www.facebook.com
t.me
www.bursa33-win.com
33bursa.com
mbob.ws
bursagacor.site
www.bursa-jeep.wtf
www.bursa-jeep.xyz
www.bursa-jeep.lol

Subject Issuer	Validity	Valid
bursa-shadow.xyz WE1	`2024-08-12` - `2024-11-10`	3 months	crt.sh
9996777888.com WR3	`2024-08-01` - `2024-10-30`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-23` - `2024-08-21`	3 months	crt.sh
p120p0p1mt.xyz WE1	`2024-08-10` - `2024-11-08`	3 months	crt.sh
p120p0ap1.xyz WE1	`2024-08-10` - `2024-11-08`	3 months	crt.sh
p1201nt.xyz WE1	`2024-08-10` - `2024-11-08`	3 months	crt.sh
livechat.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-10` - `2025-07-10`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.bursa-shadow.xyz/
Frame ID: DBA9E3DB8F7147498AA3EE106A00DC92
Requests: 126 HTTP requests in this frame

Frame: https://www.bursa-shadow.xyz/~partytown/partytown-sandbox-sw.html?1723621346383
Frame ID: 10086F3C2A6BD236ADB603C65FAC3BEB
Requests: 2 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=14036814&group=0&embedded=1&widget_version=3&unique_groups=0
Frame ID: 175DCB8C03BC4AE7492BB84197825C9C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BURSA33 | Kunci Kemenangan Berlimpah

Page URL History Show full URLs

https://bursa-shadow.xyz/ HTTP 301
https://www.bursa-shadow.xyz/ Page URL

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

cdn\.livechatinc\.com/.*tracking\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Page Statistics

126
Requests

97 %
HTTPS

23 %
IPv6

9
Domains

12
Subdomains

14
IPs

2
Countries

1395 kB
Transfer

2970 kB
Size

3
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/chrome/
Title: browser chrome

Search URL Search Domain Scan URL

URL: https://t.ly/vpnwarp1111

Search URL Search Domain Scan URL

URL: https://wa.me/6282141151757

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/506452177801798

Search URL Search Domain Scan URL

URL: https://t.me/officialbursa33

Search URL Search Domain Scan URL

URL: https://t.ly/apkbursa33
Title: APK BURSA33

Search URL Search Domain Scan URL

URL: https://wa.me/6282114160716
Title: AGENT ABELIA TAN

Search URL Search Domain Scan URL

URL: https://www.bursa33-win.com/id/register?code=71DXVI27
Title: ⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️

Search URL Search Domain Scan URL

URL: http://33bursa.com/id/register?code=71DXVI27
Title: ➡️ DAFTAR & CLAIM FREESPIN SEKARANG!!!!!!!! ⬅️

Search URL Search Domain Scan URL

URL: https://mbob.ws/bursa33
Title: 🌐 LINK LOGIN 1

Search URL Search Domain Scan URL

URL: https://t.ly/probursa33
Title: 🌐 LINK LOGIN 2

Search URL Search Domain Scan URL

URL: https://t.ly/bursa33
Title: 🌐 LINK LOGIN 3

Search URL Search Domain Scan URL

URL: https://t.ly/sosmedbursa33
Title: 🌐 LINK ALTERNATIVE / CLAIM BONUS

Search URL Search Domain Scan URL

URL: https://bursagacor.site/
Title: 🌐 LINK BOCORAN TERUPDATE

Search URL Search Domain Scan URL

URL: https://www.bursa-jeep.wtf/
Title: 🌐 ALTERNATIF 1

Search URL Search Domain Scan URL

URL: https://www.bursa-jeep.xyz/
Title: 🌐 ALTERNATIF 2

Search URL Search Domain Scan URL

URL: https://www.bursa-jeep.lol/
Title: 🌐 ALTERNATIF 3

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bursa-shadow.xyz/ HTTP 301
https://www.bursa-shadow.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

126 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
www.bursa-shadow.xyz/
Redirect Chain

https://bursa-shadow.xyz/
https://www.bursa-shadow.xyz/

47 KB
13 KB

915ms
807ms

Document
text/html

172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bursa-shadow.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Next.js
Resource Hash: cbb062802014c6a3cb1d8bd9a80f26189b8e0d5a61ba98be046a04a2d63b9466

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8b2f4ed86d3a08f6-LAX
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 14 Aug 2024 07:42:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VOM2UBehNXwRvlIB0SQ3TRbl%2FigOLIzooY3JWJ1Q8YSxJ9nS0EeAqvtC293TZZSkfvcLBHvAgRm%2FSIg64P14qR6P3Lm7xAY77EfhacHlr9pJClLKsVFj%2BqLTD%2FzwG0t3s7YDuUOQJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Origin
via: kong/3.6.1
x-kong-proxy-latency: 1
x-kong-request-id: 9a9e403f19aaa01ecb583c63debf6a12
x-kong-upstream-latency: 116
x-powered-by: Next.js

Redirect headers

cache-control: max-age=3600
cf-ray: 8b2f4ed74be008f6-LAX
content-length: 167
content-type: text/html
date: Wed, 14 Aug 2024 07:42:23 GMT
expires: Wed, 14 Aug 2024 08:42:23 GMT
location: https://www.bursa-shadow.xyz/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iyP%2Fce47aS%2BUMwyQAPqLbAayL6L5JIOP6XHcFmrEpnmPJ6S7%2BXrej7m0CpBk4gFLOSyrnrPvhFjbwCNvKz0o005Xx6C7675C1qV3vzkza19%2F6OfCmHl6JfQlaZspT2EXX3wU"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 stylesheet.css
9996777888.com/fonts/ubuntu/ 2 KB
2 KB 255ms
62ms Stylesheet
text/css 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://9996777888.com/fonts/ubuntu/stylesheet.css
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 038ca57cd38ca42a389b32ded9cd71a197158b524f9badbd0554dbf102442fd2

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 05:47:18 GMT
age: 870907
x-guploader-uploadid: AHxI1nM5M7pg943WJqKOi9e7xJhzOe_Tyw-8Zb8MAu1hCBS57i2aC-xDbHrCXTwiZy6pg516p6I
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1824
last-modified: Tue, 07 May 2024 02:35:04 GMT
server: UploadServer
etag: "4a036c00b85465ee8d89033bc1666ec1"
x-goog-generation: 1715049304487625
x-goog-hash: crc32c=teVkiQ==, md5=SgNsALhUZe6NiQM7wWZuwQ==
access-control-allow-origin: *
content-type: text/css
cache-control: public, max-age=31536000
x-goog-stored-content-length: 1824
accept-ranges: bytes
expires: Mon, 04 Aug 2025 05:47:18 GMT

GET
H3 200 c92e076df86cb63a.css
www.bursa-shadow.xyz/_next/static/css/ 18 KB
3 KB 73ms
72ms Stylesheet
text/css 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bursa-shadow.xyz/_next/static/css/c92e076df86cb63a.css
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f15e7a61e07fd068dd923ee50a997f287f4988ecb42ffb94a166f75597d0f84

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:24 GMT
content-encoding: gzip
via: kong/3.6.1
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 114866
x-kong-proxy-latency: 5
x-kong-upstream-latency: 9
alt-svc: h3=":443"; ma=86400
x-kong-request-id: f7ba9d68e88316476bbfd81815061f71
last-modified: Tue, 06 Aug 2024 05:06:48 GMT
server: cloudflare
etag: W/"4912-19126152e40"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0iZ0IQjSuesJZYAneML1Nnt3EhBIn7BhGNMCvLt%2BmBYfsFrw3NgHYkBEJ9eEG4%2F95fXRiK5RbD7%2BhL%2BM11vWYlA%2BPbmtPGSXPUYi3oXPQn%2BjiWKQYjDt5o%2FVcKbvpcVrINZS8OmhTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
cf-ray: 8b2f4edd8a4108f6-LAX

GET
H3 200 broadcastchannel.js Show response
www.bursa-shadow.xyz/polyfill/ 2 KB
1 KB 690ms
687ms Script
application/javascript 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bursa-shadow.xyz/polyfill/broadcastchannel.js
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 948313c02ab32cc65a2619de088353df821967574cf752dc9a6b3fbf59e91571

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:25 GMT
content-encoding: gzip
via: kong/3.6.1
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-kong-upstream-latency: 6
alt-svc: h3=":443"; ma=86400
x-kong-request-id: 6df5d56e7e0c907f00bbaf44f4667643
last-modified: Mon, 05 Aug 2024 11:33:45 GMT
server: cloudflare
etag: W/"96d-191225115a8"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3t6O7i4mkw64POONqbKARGGWrMayZIcJ42G6g%2F5CjAeQWr0hq%2F8QoUwO4%2F8UmO%2FAtGLTUW%2F6M6xwdvJnKtRLQR0YZAAtqv0POc3br3vGZB3SOZjtsUhnKnt0MTRCOvtl7aJvVq%2BTKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 8b2f4eddca7f08f6-LAX

GET
H3 200 globalthis.js Show response
www.bursa-shadow.xyz/polyfill/ 196 B
832 B 690ms
686ms Script
application/javascript 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bursa-shadow.xyz/polyfill/globalthis.js
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9693391d461678be59d683100b1442f4ee65d2cf5bda3904fbf6232a7eb921ca

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:25 GMT
via: kong/3.6.1
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-kong-upstream-latency: 4
alt-svc: h3=":443"; ma=86400
x-kong-request-id: 3872e836b232331e87dc1e0c90076972
last-modified: Mon, 05 Aug 2024 11:33:45 GMT
server: cloudflare
etag: W/"c4-191225115a8"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pHqXvyruyRdBtAe9ZKsdlZeGgVubdUpyhU934kO4i0cpgykqpHy2BYGN3qkJKZGyFIh%2F%2BsxTex6ZEWdupk2tSm4dfnb77UNYLeyHAtQcfVuqxas3JVAIltPB7geghm1QckgiPMT%2BDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 8b2f4eddca8308f6-LAX

GET
H3 200 polyfill.min.js Show response
cdnjs.cloudflare.com/polyfill/v3/ 104 B
749 B 164ms
84ms Script
text/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/polyfill/v3/polyfill.min.js?features=IntersectionObserver

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:25 GMT
strict-transport-security: max-age=15780000
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1839942
alt-svc: h3=":443"; ma=86400
x-compress-hint: on
last-modified: Wed, 24 Jul 2024 00:36:43 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r4wJLk3qNb32Z569cCUHYxCQ4%2FFp0EJOq1%2FBB5swb%2BmFDTlHkeduKx5MeEApLTOs96%2BS1JGUQrG9griZ4%2BVSFnan7vDeK%2FD2GwTGsXP8xHw3KMLHcoIsza5SvrilcD2oYjYRXvop"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-polyfill-version: 3.111.0
cf-ray: 8b2f4ede4abfcf0e-SJC
expires: Wed, 21 Aug 2024 07:42:25 GMT

GET
H3 200 webpack-3562b76f201dc6c1.js Show response
www.bursa-shadow.xyz/_next/static/chunks/ 4 KB
3 KB 77ms
72ms Script
application/javascript 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bursa-shadow.xyz/_next/static/chunks/webpack-3562b76f201dc6c1.js
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e725512a930b9147e538c76aeeb81f51e4173fe56ae1136c0d3ba3e65bd908c5

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:24 GMT
content-encoding: gzip
via: kong/3.6.1
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2864
x-kong-proxy-latency: 0
x-kong-upstream-latency: 5
alt-svc: h3=":443"; ma=86400
x-kong-request-id: 4329006a42061b46e209ec00cbe0d77d
last-modified: Tue, 13 Aug 2024 13:02:10 GMT
server: cloudflare
etag: W/"110d-1914bd4e850"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LaYjxBOSJ1ue%2BG%2FnjAwRbpNMtZsQvAtcPjV%2FGuaf6YexKfF83Ka7NihRPXGV%2BUQGGIjnCX414NJP3XVcB19Fo4ufj7o2glY46Edzp8YXi285nAI5Gdg2yQs71pfh0yBs9%2FT5HBcgLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
cf-ray: 8b2f4eddca8708f6-LAX

GET
H3 200 framework-314c182fa7e2bf37.js Show response
www.bursa-shadow.xyz/_next/static/chunks/ 138 KB
45 KB 87ms
82ms Script
application/javascript 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bursa-shadow.xyz/_next/static/chunks/framework-314c182fa7e2bf37.js
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fff0bdb3f70b85b820a949503a24610fb007cf4582f1e67f4835a14de511d50f

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:24 GMT
content-encoding: gzip
via: kong/3.6.1
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2863
x-kong-proxy-latency: 1
x-kong-upstream-latency: 6
alt-svc: h3=":443"; ma=86400
x-kong-request-id: 62d97a7fe818ec0c85689c1081668646
last-modified: Tue, 13 Aug 2024 13:02:10 GMT
server: cloudflare
etag: W/"226cf-1914bd4e850"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iEazYy0zPQYyvY5MivR2O9y%2FIvxtsmwBIStQAZK0CgHJVnXEHxwqCPxw9Uf8PKOf%2FTfDrZYoM9OSOgx%2Fwu6wvURW8qsCVYMYgYwuXhhKLRHNsnRvm3sw9VxZMlmj8lVMzM4zHUf%2Bxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
cf-ray: 8b2f4eddca8a08f6-LAX

GET
H3 200 main-8aabd44d35e7008f.js Show response
www.bursa-shadow.xyz/_next/static/chunks/ 156 KB
45 KB 89ms
85ms Script
application/javascript 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bursa-shadow.xyz/_next/static/chunks/main-8aabd44d35e7008f.js
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b36742578328dd0f93190036ce283514e684054c11b1a8326c3c7c8863fa4e6c

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:24 GMT
content-encoding: gzip
via: kong/3.6.1
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2863
x-kong-proxy-latency: 1
x-kong-upstream-latency: 5
alt-svc: h3=":443"; ma=86400
x-kong-request-id: c7e4d23c4bdfb4635746d15bf15a8b0b
last-modified: Tue, 13 Aug 2024 13:02:10 GMT
server: cloudflare
etag: W/"270f2-1914bd4e850"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1zkdSEebIJRr3lvo8Mw2NPEQWBT9jdXoVTXId97G%2F%2FdfgLPN3pFSBzWZFaOPsu3%2BWNXPvNakcQ6X0sBRBUBHcqJ%2BnJ%2BoQXsdrmKJvIXCKarV1klY7EKDQNnYU2M5ksTC5PDwFW4YIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
cf-ray: 8b2f4eddca8b08f6-LAX

GET
H3 200 _app-2306765280e37997.js Show response
www.bursa-shadow.xyz/_next/static/chunks/pages/ 398 KB
116 KB 88ms
84ms Script
application/javascript 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bursa-shadow.xyz/_next/static/chunks/pages/_app-2306765280e37997.js
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d127b5675a269a3005e8000433a13cd07095f359b8712d0d6bc30a343b66fe3e

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:24 GMT
content-encoding: gzip
via: kong/3.6.1
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2757
x-kong-proxy-latency: 1
x-kong-upstream-latency: 10
alt-svc: h3=":443"; ma=86400
x-kong-request-id: 9ed32720c522b751acaac278e4345b6a
last-modified: Tue, 13 Aug 2024 13:02:10 GMT
server: cloudflare
etag: W/"63815-1914bd4e850"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r8t6j%2BVI%2BNP9ozgDiFF%2BvC2QAgVEir2Ba5CByevzo1V1Ra3Y8grBvSBCObm3sA%2FXroS7NU4Fr77ZNWCZZ3xnR7KPz97RgMBjeJGcxEHoz5At1irmb%2BoUeVkHxZL%2BSEj3eQ0gXTZilw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
cf-ray: 8b2f4eddca8c08f6-LAX

GET
H3 200 3173-2e93c4ab5ddfcae5.js Show response
www.bursa-shadow.xyz/_next/static/chunks/ 12 KB
3 KB 116ms
111ms Script
application/javascript 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bursa-shadow.xyz/_next/static/chunks/3173-2e93c4ab5ddfcae5.js
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baf6f4bc1f12a6c4911e971a0487f141dd552a4e423287a6bfab5e2d99451293

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:24 GMT
content-encoding: gzip
via: kong/3.6.1
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 114866
x-kong-proxy-latency: 1
x-kong-upstream-latency: 3
alt-svc: h3=":443"; ma=86400
x-kong-request-id: 2c118728cb0a5c5070dcb86e869e1533
last-modified: Tue, 06 Aug 2024 05:06:48 GMT
server: cloudflare
etag: W/"31be-19126152e40"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C%2FjsuyZiH0cy2m5o9C0LRyxvHe1kvdqXgGwqUE2OSUFiLBP2rf5ZysmvGN7a3jWmbQpDNMPSG2Qg9VpgIpSSN5MJRzKuddyP%2BusP%2BFksmsDoOT%2F2YyaOrl3GtZiM9YaYhLPmaqz4Yw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
cf-ray: 8b2f4eddca8d08f6-LAX

GET
H3 200 9191-7ab73d2f06aa3c5b.js Show response
www.bursa-shadow.xyz/_next/static/chunks/ 56 KB
20 KB 139ms
135ms Script
application/javascript 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bursa-shadow.xyz/_next/static/chunks/9191-7ab73d2f06aa3c5b.js
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04e64879f3b3ab0aae5a074e7ef85e90fb4fbb0925d8b480658c932a0fc354eb

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:24 GMT
content-encoding: gzip
via: kong/3.6.1
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2756
x-kong-proxy-latency: 1
x-kong-upstream-latency: 6
alt-svc: h3=":443"; ma=86400
x-kong-request-id: 3a49587344f07c6e4592246c89430c67
last-modified: Tue, 13 Aug 2024 13:02:10 GMT
server: cloudflare
etag: W/"e16b-1914bd4e850"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IsLLEkdGfKEu4wP9%2B%2FvVrbkGe97ho9VMha0EJzF0it5xjsgY6%2FaqmhZX8DoxpYYiykQ1ZZdR%2BS94WvmEX6mQmNUuhs1JrIM41F8ATgj7%2BKEqBIppR2goCZiPY4mZtLUBqdfwChzquQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
cf-ray: 8b2f4eddca9008f6-LAX

GET
H3 200 5922-44ca62fcc42245fd.js Show response
www.bursa-shadow.xyz/_next/static/chunks/ 116 KB
38 KB 274ms
271ms Script
application/javascript 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bursa-shadow.xyz/_next/static/chunks/5922-44ca62fcc42245fd.js
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef7a924c9cc0d7ae4d00f829d7bb28a6d4211fa9e0e1e8a9560f609500727fab

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:24 GMT
content-encoding: gzip
via: kong/3.6.1
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 114866
x-kong-proxy-latency: 0
x-kong-upstream-latency: 4
alt-svc: h3=":443"; ma=86400
x-kong-request-id: ee893a7e9a2d891adb54fa07a3157f14
last-modified: Tue, 06 Aug 2024 05:06:48 GMT
server: cloudflare
etag: W/"1d0f2-19126152e40"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dl%2BUsCMo6lnerPdzfTQA5V0sAa9dCEA0tXZavXd865ZZ4pHfcca1e86u3z86VvvasA4YVTk3JnbvOel460l3BAN%2BBpP9WqK6pQzW3aSODsmJfk5Zuc9f%2BPqWpPKaPTDxQ6NEn7hHIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
cf-ray: 8b2f4eddca9108f6-LAX

GET
H3 200 7718-b8610afbf4d8cefd.js Show response
www.bursa-shadow.xyz/_next/static/chunks/ 170 KB
52 KB 299ms
296ms Script
application/javascript 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bursa-shadow.xyz/_next/static/chunks/7718-b8610afbf4d8cefd.js
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 903bcd6556fb4c6ff607bd1e27c0fff6f0d7f48366159983b3a0c6d62e74d26e

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:24 GMT
content-encoding: gzip
via: kong/3.6.1
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2458
x-kong-proxy-latency: 0
x-kong-upstream-latency: 13
alt-svc: h3=":443"; ma=86400
x-kong-request-id: 1df34d50524cf92e3f124f22ed6c1862
last-modified: Tue, 13 Aug 2024 13:02:10 GMT
server: cloudflare
etag: W/"2a658-1914bd4e850"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QZXKCR%2BSAaNCDrfU78LL92Oi0mABk9VEsgX4kZMWGleb85%2BTW6neSF%2FqYeZbriAxS3kilb6r7ARdwpyhHxuwKh%2FXVOpJvtsywX5TTR%2FgfU%2FOy2Cmap0KGmqM2oPdAB2g4zrlAAQKOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
cf-ray: 8b2f4eddca9208f6-LAX

GET
H3 200 5585-609ab5a48fc6362b.js Show response
www.bursa-shadow.xyz/_next/static/chunks/ 16 KB
7 KB 333ms
330ms Script
application/javascript 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bursa-shadow.xyz/_next/static/chunks/5585-609ab5a48fc6362b.js
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 334f9ee44f4129a350580488d55202961906ad9b5206d96d4acbe80eb80734d1

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:24 GMT
content-encoding: gzip
via: kong/3.6.1
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2458
x-kong-proxy-latency: 1
x-kong-upstream-latency: 11
alt-svc: h3=":443"; ma=86400
x-kong-request-id: 2e90824af3b7a2165b3f627888251e51
last-modified: Tue, 13 Aug 2024 13:02:10 GMT
server: cloudflare
etag: W/"3f5e-1914bd4e850"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2CKYGuaab7cLb6%2FjsdKruSwSbDX0TCDbcWw1tAntRfTfpx%2FMZ3%2FDzm1OrwKWoLRzfrzJXO3syKKoNCzCyhmy3O4D9VBUOxIQF0JEX3DM1GWO6D7Ckg0yLEnkqD1kzIJWjSmPz3Mmvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
cf-ray: 8b2f4eddca9408f6-LAX

GET
H3 200 8412-4b4e389b473beba7.js Show response
www.bursa-shadow.xyz/_next/static/chunks/ 16 KB
5 KB 333ms
330ms Script
application/javascript 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bursa-shadow.xyz/_next/static/chunks/8412-4b4e389b473beba7.js
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6255232b0253fd8956be4b31ae101aa7fc28f1e0d6609835723876f3785661ec

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:24 GMT
content-encoding: gzip
via: kong/3.6.1
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2458
x-kong-proxy-latency: 1
x-kong-upstream-latency: 10
alt-svc: h3=":443"; ma=86400
x-kong-request-id: 1e8f405f196c7e0fb2bd685609cad473
last-modified: Tue, 13 Aug 2024 13:02:10 GMT
server: cloudflare
etag: W/"3e45-1914bd4e850"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vfJM1Nr6HQf4tgpHg%2FNxq0WNY5fa2iWU%2BDF%2F2IHfge1L6NOblp2%2Fhyagq71S7fVAYxXgLEI1R16F6sxFjLT%2FORhg%2BHZwy2WrmyyI6bYXd4aJtP6jIqrHnYnGKTJGU0vYmnANPn8yKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
cf-ray: 8b2f4eddca9608f6-LAX

GET
H3 200 767-b635bd5c5ab7eab3.js Show response
www.bursa-shadow.xyz/_next/static/chunks/ 32 KB
10 KB 333ms
331ms Script
application/javascript 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bursa-shadow.xyz/_next/static/chunks/767-b635bd5c5ab7eab3.js
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12cc7fb5299b68290d3212be05198fb114e6fea8a57553b472b27e184fdf04d2

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:24 GMT
content-encoding: gzip
via: kong/3.6.1
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 114866
x-kong-proxy-latency: 0
x-kong-upstream-latency: 6
alt-svc: h3=":443"; ma=86400
x-kong-request-id: ef23e02e6c05492437ff035366ec3d33
last-modified: Tue, 06 Aug 2024 05:06:48 GMT
server: cloudflare
etag: W/"8137-19126152e40"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h7OuLDyD1GTJBUGvyxe6eZAyTeAoQCHWlLrIEsfiweY7YqLvuIUJCHNLOlAixIStSpyqEAaj56qRzSr8%2FQiXiHmoIt3Aw%2F5CN2tILORiQDCwSF7r4s20xuAoQmjpg6bANB9fr%2FJe6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
cf-ray: 8b2f4eddca9708f6-LAX

GET
H3 200 5285-74f37f365293a734.js Show response
www.bursa-shadow.xyz/_next/static/chunks/ 276 KB
86 KB 334ms
331ms Script
application/javascript 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bursa-shadow.xyz/_next/static/chunks/5285-74f37f365293a734.js
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4307ec863cc42893e956a41ec9ba83c778a876e74b4461cfa98ec73a0cf4d7f1

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:24 GMT
content-encoding: gzip
via: kong/3.6.1
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2458
x-kong-proxy-latency: 1
x-kong-upstream-latency: 13
alt-svc: h3=":443"; ma=86400
x-kong-request-id: 6a99fa083621295030511a6d1b396f59
last-modified: Tue, 13 Aug 2024 13:02:10 GMT
server: cloudflare
etag: W/"44fd8-1914bd4e850"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cXu%2FXUUjjwCBqiRUL5reA9sYgp8dwiGAVbJiWLqCUa4seR3t9me5lWk8DORpyptKCPFLUXAFprukSgOYEByqbqhyB3iMmwVSyqr9CoVZtG%2FrxSlA3PF5zFPB8yX8xjO5%2BLx3lTLnew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
cf-ray: 8b2f4eddca9908f6-LAX

GET
H3 200 8854-4cf537d6b12791b9.js Show response
www.bursa-shadow.xyz/_next/static/chunks/ 11 KB
4 KB 338ms
336ms Script
application/javascript 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bursa-shadow.xyz/_next/static/chunks/8854-4cf537d6b12791b9.js
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ed91c62ae26b3f56a1dcd3444bd5de51fec28438171b8c6b3780e5c8cbcbac9

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:24 GMT
content-encoding: gzip
via: kong/3.6.1
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2458
x-kong-proxy-latency: 1
x-kong-upstream-latency: 8
alt-svc: h3=":443"; ma=86400
x-kong-request-id: 43da19467853e747a8655c2e6ba53a01
last-modified: Tue, 13 Aug 2024 13:02:10 GMT
server: cloudflare
etag: W/"2d8a-1914bd4e850"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FKMPSCMxY2Kovv29TCatqx0QSpExXQGwEs6W6wLR04461r2agdB6nZNVb3ZL%2BTi6Jydf90rL%2BYKalYXuGjmK4gtf5EX8i9%2FBuegubpGjOETUqKsdBLhG4r4v2dejDB9yGPvG6QtNww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
cf-ray: 8b2f4eddca9b08f6-LAX

GET
H3 200 index-371938b459e59fc6.js Show response
www.bursa-shadow.xyz/_next/static/chunks/pages/ 75 KB
19 KB 337ms
335ms Script
application/javascript 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bursa-shadow.xyz/_next/static/chunks/pages/index-371938b459e59fc6.js
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d4f001dba9d0daff4527802ba245ea580390d0f8f057d94c0339c388e94e195

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:24 GMT
content-encoding: gzip
via: kong/3.6.1
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2458
x-kong-proxy-latency: 0
x-kong-upstream-latency: 11
alt-svc: h3=":443"; ma=86400
x-kong-request-id: 0487453523192c7ef804ea154d3e3914
last-modified: Tue, 13 Aug 2024 13:02:10 GMT
server: cloudflare
etag: W/"12b8e-1914bd4e850"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nGemcFZ6s%2FIXUWdNpId%2BqX9ejOuQ%2FS7YVSlDPfQM4nDi142jRcCoqiGEATdZ4cawDXNcvwSVX0ftC6xJ8xEikUhxa43qGY1glNSFYlsw5%2BzPigMqWLKoIsCqDUBQHDDxTvwVUFO%2FFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
cf-ray: 8b2f4eddca9c08f6-LAX

GET
H3 200 _buildManifest.js Show response
www.bursa-shadow.xyz/_next/static/wTPNXSSBDNmqYiTYGLHHQ/ 6 KB
2 KB 339ms
337ms Script
application/javascript 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bursa-shadow.xyz/_next/static/wTPNXSSBDNmqYiTYGLHHQ/_buildManifest.js
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fcc31537f9a0cfffd14beeca7b35f7fdc96c2f064133bbe44f04bb8635b72e5

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:24 GMT
content-encoding: gzip
via: kong/3.6.1
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2458
x-kong-proxy-latency: 1
x-kong-upstream-latency: 7
alt-svc: h3=":443"; ma=86400
x-kong-request-id: 06d5ae3916dcee5506d17d0539cc9622
last-modified: Tue, 13 Aug 2024 13:02:10 GMT
server: cloudflare
etag: W/"1721-1914bd4e850"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z55H9NvnfNFmif5m998%2FCqtJsEujdJAWtrqGwbOo0ZW%2BPdpGVuZSBJa0F0W7pQQZit3saTSBtzQuL25TF%2FhTUqFLufG3TeJDCCFxIpTe0KKgdPQ85pG8MLHGsQG2j4Lb1dtj9637vA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
cf-ray: 8b2f4eddca9e08f6-LAX

GET
H3 200 _ssgManifest.js Show response
www.bursa-shadow.xyz/_next/static/wTPNXSSBDNmqYiTYGLHHQ/ 91 B
760 B 338ms
336ms Script
application/javascript 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bursa-shadow.xyz/_next/static/wTPNXSSBDNmqYiTYGLHHQ/_ssgManifest.js
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:24 GMT
via: kong/3.6.1
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2458
x-kong-proxy-latency: 0
x-kong-upstream-latency: 10
alt-svc: h3=":443"; ma=86400
x-kong-request-id: d47eb244196d320eee593417753f4048
last-modified: Tue, 13 Aug 2024 13:02:19 GMT
server: cloudflare
etag: W/"5b-1914bd50b78"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qDT2SOpYf8eH9TxpI0YGByHDDGNC1swXLLmzfLPLsHC%2FIqTWoBVXAP8VHnQDle4ERnT0AdHrNHQldOxLUb%2Fn%2FtuAMPTYAqqP%2FFblrS0QPPdmE3RY8U%2B4LR46ujcEPFIuZyl5zrLTIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
cf-ray: 8b2f4eddcaa008f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 2 KB
2 KB 281ms
281ms Image
image/svg+xml 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2Fcommon%2Fweb-logo%2Fsplash-screen%2Fdefault.svg&w=414&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9f9cbf977fef23135ead628cc2823acc3fcb31b76626e473e9b8e321680f83a

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:25 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
content-encoding: gzip
cf-cache-status: DYNAMIC
via: kong/3.6.1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: HIT
x-kong-upstream-latency: 3
content-disposition: inline; filename="default.svg"
alt-svc: h3=":443"; ma=86400
x-kong-request-id: 7657a204bea2bb487ac8df4482f0d91b
server: cloudflare
etag: 6fnL+Xf+8jE16tYozCgjrMP8sxt2Ym5HPpuOMhaA+Do=
vary: Accept, Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a1Q1uYH2oayQS4Q00iR6K0kXKzUVpPw%2FsUzDzJH9orvOe8qLYM5KoagfM1zpIUFCgE3EyLSTE3k%2BF1eloBDXUzglppYrpfrDXofKookPDL0dhzqAikLvytnP2bWHm%2F%2BNauhwAyXPCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=3600, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4edd8a4508f6-LAX

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
60 KB 371ms
120ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 14 Aug 2024 07:42:25 GMT
document-policy: force-load-at-top
x-fb-server-load: 24
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58865
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=117, rtx=0, c=12, mss=1297, tbw=2807, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: c7LOlgsYnZ/aOrBwoxqBEeRbVq41epXuH9pC/sf9L/MszFlh4kcZigWoUFEOWLIU+GgKG3xo0HMNaFAPmHZ4Gg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 706689438275533 Show response
connect.facebook.net/signals/config/ 72 KB
14 KB 159ms
158ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/706689438275533?v=2.9.164&r=stable&domain=www.bursa-shadow.xyz&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

40fa496f2555057d58307c2c4fb51b02b564fa6cfa7108ea5820c2f984a488af

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 14 Aug 2024 07:42:25 GMT
document-policy: force-load-at-top
x-fb-server-load: 31
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=120, rtx=0, c=65, mss=1297, tbw=64405, tp=-1, tpl=-1, uplat=38, ullat=0
pragma: public
x-fb-debug: yZgEb4x+wVAv4eDzPWJq1Qx/+mfbvf90DVCcL4IoMw6v2E3YD959sqUP9KLQbeLaOwNyrT2NgpcIMGCe96R8Mw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 3033.1d5c6b02785f5dc4.js Show response
www.bursa-shadow.xyz/_next/static/chunks/ 24 KB
7 KB 70ms
70ms Script
application/javascript 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bursa-shadow.xyz/_next/static/chunks/3033.1d5c6b02785f5dc4.js
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/_next/static/chunks/webpack-3562b76f201dc6c1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7eb34fd31c995dc827594ac67e286fe80c03ff0a04e8a9ed15cf73b5ebbf7b7

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:25 GMT
content-encoding: gzip
via: kong/3.6.1
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 114861
x-kong-proxy-latency: 1
x-kong-upstream-latency: 4
alt-svc: h3=":443"; ma=86400
x-kong-request-id: 56b2f6584474ea2abb257d00263ac712
last-modified: Tue, 06 Aug 2024 05:06:48 GMT
server: cloudflare
etag: W/"5e94-19126152e40"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GCfA%2BR1yda6FX71SjJj4BZYMONoqV9iRLSXuSkU96aQs77Zu4paXm5enYKQgH9e9vT4LdUEU1BlB8pgN1jbf9HwmwuYEoB96pV8GNQh639dkZglLSEDnYQJLgsEmXn%2FpcUoE5SbhmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
cf-ray: 8b2f4ee2efbd08f6-LAX

OPTIONS
H3 204 /
www.p120p0p1mt.xyz/v2/public/promotion/daily-bonus/setting/ Frame 0
0 467ms
273ms Preflight 172.67.134.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.p120p0p1mt.xyz/v2/public/promotion/daily-bonus/setting/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.134.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-realm
Access-Control-Request-Method: GET
Origin: https://www.bursa-shadow.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: x-realm
access-control-allow-methods: GET,POST,HEAD,PUT,DELETE,PATCH
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8b2f4ee5395ecba2-LAX
date: Wed, 14 Aug 2024 07:42:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AjAoNpC5ABepjzVb%2BDVhvFF5LoV7QTJ1KGgHbMcmcPuMjuWU00PCtTU58wDb9cs34GsJ2EY7vUSZhjfti3m%2BVuJRCX6dRNVXBPQOiMBl%2BF3LD5T%2BnxxDyRpBvOOrZctd7Njlsp8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers, Origin

OPTIONS
H3 204 /
www.p120p0p1mt.xyz/v2/public/cms/floating-widget/ Frame 0
0 463ms
270ms Preflight 172.67.134.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.p120p0p1mt.xyz/v2/public/cms/floating-widget/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.134.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-realm
Access-Control-Request-Method: GET
Origin: https://www.bursa-shadow.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: x-realm
access-control-allow-methods: GET,POST,HEAD,PUT,DELETE,PATCH
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8b2f4ee53962cba2-LAX
date: Wed, 14 Aug 2024 07:42:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TBHbndh2ryC7kiJp62qXdMx1fYcJGqJXBiGRsbLKZXOlKIlNhyukEioxxgB%2Fhk8vHDwOorGRlEl4O%2F%2FoO4aF%2FvyGxNRzpQ3BrQyz5tfpr38onTPU2UfB4VdOqZpfMTLES2tr3ZE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
DATA 200
OK truncated
/ 595 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d92ec597e743f20ec3f62dc6cdd57b25b91c103ba15c3f534273fdd33cb24755

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 615 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf550c557560f4a60350b554fbfedb589cfe436620a30134db2e23a57ab4cd3b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 614 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5abb72a0c27d4ac4c284fe98d072deafa813a4043daff33259bd895beecb9bd

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 unleash Show response
www.bursa-shadow.xyz/api/ 14 B
665 B 288ms
286ms Fetch
application/json 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bursa-shadow.xyz/api/unleash?environment=default&appName=default&sessionId=763132622&properties%5BbrandCode%5D=V1006&properties%5Bapplication%5D=portal&properties%5Bservice%5D=portal-ui&properties%5Busername%5D=&properties%5BisLoggedIn%5D=false&userId=
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/_next/static/chunks/7718-b8610afbf4d8cefd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d92a0692609c57e1b3657bc1845d9944b6c64794720d49b0c515f87c5310f42

Request headers

Accept: application/json
Referer: https://www.bursa-shadow.xyz/
Authorization: *:production.c996169ede01b187d87658daa9523e6eab5ed5c115e2a3d8126922ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-kong-upstream-latency: 12
alt-svc: h3=":443"; ma=86400
content-length: 14
x-kong-request-id: b894280c1271046ad6fb79360670af27
server: cloudflare
etag: W/"e-s5xwV9+7QhSQAlOjSJ/Y5v+WCp4"
vary: Origin, Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j6b7xSBZ0357rtviuEob3%2BNxcD6lIrFPGm5B93QsgRsy7OioGa5RRwL9yJqoVyAlgFv1CMfQnTOmLyN4kH6E13EynAG9sAprH2melH6xs2PDATPVJN7cshsqhyTemKS8T5oFyhRy2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8b2f4ee3f8c708f6-LAX

GET
H2 200 / Show response
v1006.p120p0ap1.xyz/v1/public/maintenance/schedule/on-going/ 2 B
297 B 636ms
490ms XHR
application/json 2606:4700:3034::6815:1c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v1006.p120p0ap1.xyz/v1/public/maintenance/schedule/on-going/

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/_next/static/chunks/pages/_app-2306765280e37997.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:1c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
allow: GET, HEAD, OPTIONS
content-type: application/json
x-frame-options: DENY
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GGktUwnI6AXFYuFW5dw8t%2FoZz9z9PcnRgonsoLCdgGp%2FNJb8woKGqR1pZShPrazHvFpiZRiVHB1o3S%2B4r3i7zJ%2BCyy7Veha0SP6rkoILlYQhhSuBCpzAOioael2%2FqkB5isbRTdyk9levAajynxDuS8c4"}],"group":"cf-nel","max_age":604800}
cf-ray: 8b2f4ee4ea08103a-LAX
alt-svc: h3=":443"; ma=86400
content-length: 2

GET
H2 200 / Show response
v1006.p120p0ap1.xyz/v1/public/cms/web-images/ 336 B
471 B 630ms
485ms XHR
application/json 2606:4700:3034::6815:1c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v1006.p120p0ap1.xyz/v1/public/cms/web-images/

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/_next/static/chunks/pages/_app-2306765280e37997.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:1c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69484de2f31c1fb0223dd17f2a442a1acf371379bc531ccfaf00f1fecf6bf365

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 161
referrer-policy: same-origin
server: cloudflare
x-frame-options: DENY
allow: GET, HEAD, OPTIONS
content-type: application/json
vary: Accept-Encoding, Origin
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m01rfdr0EH0mlTMAYwwy6O3H3LQpFZYTLWAn6Y4oBUlN0%2BGAy%2B8Q9vAaamX%2B7XXOOPAuy3f3BGiuDIW68QDbojklS5v4WO2z5NS%2FwZggJg8u6iqChc3gQ9NJonp8NbPDE3oYWFqfQHNXUur0A1WZoCET"}],"group":"cf-nel","max_age":604800}
cf-ray: 8b2f4ee4ea09103a-LAX

GET
H2 200 / Show response
v1006.p120p0ap1.xyz/v1/public/notification/running-text/ 36 B
702 B 627ms
482ms XHR
application/json 2606:4700:3034::6815:1c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v1006.p120p0ap1.xyz/v1/public/notification/running-text/

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/_next/static/chunks/pages/_app-2306765280e37997.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:1c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55e1bf2b7127888f6df9e93d3c73a98788d938beb0c7c028834dd0f84e1d559b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Cookie, Origin
allow: GET, HEAD, OPTIONS
content-type: application/json
x-frame-options: DENY
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BigesTUbkKfLXg5UQUIVyE8SGSrxsWZjEsDL%2BdBa78P40xloM%2F8PLR%2BJiS4EfkC8wLvuULq4XHTNfH9UKNkl%2Fx3coXSBrRtGoGfBV52GuLL%2FoTabnRZPvDLM8Q%2FXDuZ6%2B%2B%2FOgETBKMoFWUcOMOarmxXZ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8b2f4ee4ea0a103a-LAX
alt-svc: h3=":443"; ma=86400
content-length: 36

GET
H2 200 / Show response
v1006.p120p0ap1.xyz/v1/public/cms/contact-settings/widget/ 1 KB
689 B 636ms
491ms XHR
application/json 2606:4700:3034::6815:1c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v1006.p120p0ap1.xyz/v1/public/cms/contact-settings/widget/

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/_next/static/chunks/pages/_app-2306765280e37997.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:1c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be87ec0db39a45f61f0d90d096ed98448b46d2af1094e67838c2773a38749cff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 390
referrer-policy: same-origin
server: cloudflare
x-frame-options: DENY
allow: GET, HEAD, OPTIONS
content-type: application/json
vary: Accept-Encoding, Origin
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F7Dwgh3UkWjvYFt9IRpl0ZLP7H%2Fw%2FA1UDriq4NT4U%2B421Z1TCGQ4M%2Fhk2NTfI5CTeGXk56JA4KKZsmGM82Xh5ZLaLhyGe%2B3zh3LAu9MZktASGPy4J5jWJfLYo%2BDZ1JqvwPjUC6Cl0vN6%2F7fQWaieTo7J"}],"group":"cf-nel","max_age":604800}
cf-ray: 8b2f4ee4ea0f103a-LAX

GET
H3 200 central-banners Show response
www.bursa-shadow.xyz/api/cobo/public/cms/ 2 KB
1 KB 694ms
690ms XHR
application/json 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bursa-shadow.xyz/api/cobo/public/cms/central-banners?page_type=home
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/_next/static/chunks/pages/_app-2306765280e37997.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2071083df023a10a4a958f2d5a800383b25167b1001623e98fd13fd856800142

Request headers

Accept: application/json, text/plain, */*
x-brand-token: 2nVYBURlI0WsHgDtGOe1OAVoc1Og7Gr0GPilt0CVszpQaJOz_qqV0keVceMivGvp6Q
Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-encoding: gzip
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 1
x-kong-upstream-latency: 22
alt-svc: h3=":443"; ma=86400
x-kong-request-id: 12668573611393637d48782405eadb0f
x-process-time: 7.41 ms
server: cloudflare
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FtAXqolHpotVgefMygYTdZU%2F79DUjp9cAh%2BRG9%2F3ttD%2Ffh8kAsAMrdozC2FSR6%2F%2BbvXHvgHoLjwD6P0ckRIN%2FQ1icTI%2BieAp58%2BvF3WJR5lq3p28r4Gw%2BHVdzPNIlzUyDNG3Co8Ngw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-credentials: true
cf-ray: 8b2f4ee408d008f6-LAX

GET
H2 200 / Show response
v1006.p120p0ap1.xyz/v1/public/cms/banners/ 15 KB
2 KB 689ms
546ms XHR
application/json 2606:4700:3034::6815:1c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v1006.p120p0ap1.xyz/v1/public/cms/banners/?pages=HOME

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/_next/static/chunks/pages/_app-2306765280e37997.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:1c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e127c6a216fb0ab95506f676015ec4377132f20c5104bcc1e67e3615b5b23295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1548
referrer-policy: same-origin
server: cloudflare
x-frame-options: DENY
allow: GET, POST, HEAD, OPTIONS
content-type: application/json
vary: Accept-Encoding, Origin
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lWVL5xfiEFDTdiuX8Ir4uFfJ4e8dvYLyfoI%2FdpZECPVBTu783TcHN3BrneqcC87v%2BXAfYORDTCE%2BK%2Fosvvlw4jDZs8bVtnOGQkcH0Ojq8Hmka%2B8%2FsxzPO7rjOFwIVzkf6mbFF2FZky6prIUkBmpVgmvb"}],"group":"cf-nel","max_age":604800}
cf-ray: 8b2f4ee4ea05103a-LAX

GET
H2 200 / Show response
v1006.p120p0ap1.xyz/v1/public/promotion/lucky-wheel/setting/ 407 B
606 B 627ms
484ms XHR
application/json 2606:4700:3034::6815:1c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v1006.p120p0ap1.xyz/v1/public/promotion/lucky-wheel/setting/

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/_next/static/chunks/pages/_app-2306765280e37997.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:1c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9be4dc6a9e1af292ea17316b194290fcf72b28a327e586fd7e0941fc5bc0f778

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 170
referrer-policy: same-origin
server: cloudflare
x-frame-options: DENY
allow: GET, HEAD, OPTIONS
content-type: application/json
vary: Accept-Encoding, Cookie, Origin
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TQPP21ykKp20BpMtdv3nfvTOf5IcHfekFj7VZ6iRnaykW1lcYj7lkh2ZmhGfLohAXV2owhTJJlLD73P6avWDBAE2SC1dSSaGCPsday0OzZyJ%2FE8H0zw1ewlI39bPvwMFRAmDxeQkf793CVT9W5KuN5fN"}],"group":"cf-nel","max_age":604800}
cf-ray: 8b2f4ee4ea04103a-LAX

GET
H3 200 / Show response
www.p120p0p1mt.xyz/v2/public/promotion/daily-bonus/setting/ 46 B
556 B 271ms
271ms XHR
application/json 172.67.134.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.p120p0p1mt.xyz/v2/public/promotion/daily-bonus/setting/
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/_next/static/chunks/pages/_app-2306765280e37997.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.134.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce7419921c329bbb15cd488c11d530fec1795083245459e27a3f98f751dcb382

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
X-Realm: V1006

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QXzWdo3vHBhv8tp88uuakd7%2FTBZo1i84fba4AImp7FZbxjoHfKIqJDGYM4SFkSa%2FJab5C8MJaE7p%2FoNKP8Bs9%2FbPNKI7LEGZw6Ge3Xj2KMVt%2FHvqJX4x20ordFzegPTxAdf%2FiOw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 8b2f4ee6fc9ccba2-LAX
alt-svc: h3=":443"; ma=86400
content-length: 46
x-request-id: 1904fb19-966e-4959-882b-56d228711bed

GET
H2 200 / Show response
v1006.p120p0ap1.xyz/v1/public/cms/floating-widget-setting/ 112 B
379 B 625ms
483ms XHR
application/json 2606:4700:3034::6815:1c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v1006.p120p0ap1.xyz/v1/public/cms/floating-widget-setting/

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/_next/static/chunks/pages/_app-2306765280e37997.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:1c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5df207a4b138b8e6d78d74b5308f1e5f127d7eedff363ebcc74dab5e769a7ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Cookie, Origin
allow: GET, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z5QFDcPfXzriIl8eqnFXlEY8IxfA5Ty%2F2UJDpacMy0ru1zRwH5DYOgs%2BsKrrVB6J9haM8ZgqAdsat24BxdNHf9GkajddNhtwl4qfDJ3z2AhpXiCzl1eQVaguuLUlbKIWKQSPcodXl4aRakl6%2F7y9nEKp"}],"group":"cf-nel","max_age":604800}
x-frame-options: DENY
cf-ray: 8b2f4ee4ea0d103a-LAX
alt-svc: h3=":443"; ma=86400

GET
H2 200 lucky-number-setting Show response
v1006.p120p0ap1.xyz/v1/public/cms/ 93 B
362 B 631ms
489ms XHR
application/json 2606:4700:3034::6815:1c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v1006.p120p0ap1.xyz/v1/public/cms/lucky-number-setting

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/_next/static/chunks/pages/_app-2306765280e37997.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:1c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64e79d5dc07cce34b3f7faeb270b811578cabe95fdd2a321831d1265c96dd4d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Cookie, Origin
allow: GET, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9V5zT6BzP54Fg5YURnftVfBhJ%2FsNiExbt6Ky7zQ%2FpGe3pTANcs2yP5G2BbSFNDb109cZ6GO7O1SXeec4%2FkoBBLrrKAKyHztOOCZuXAkwXwhhb7dd7iRd1goWqSKfK0gSfh6AVoYBRcc2O81i5wf%2FjXLK"}],"group":"cf-nel","max_age":604800}
x-frame-options: DENY
cf-ray: 8b2f4ee4ea07103a-LAX
alt-svc: h3=":443"; ma=86400

GET
H3 200 last-result Show response
v1006.p1201nt.xyz/v1/integration/public/veg/market/market-periods/ 212 B
743 B 566ms
486ms XHR
application/json 172.67.197.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v1006.p1201nt.xyz/v1/integration/public/veg/market/market-periods/last-result
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/_next/static/chunks/pages/_app-2306765280e37997.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.197.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43fb21da5d83672efe5296f6f790f828a6e79fe5c2c242773567470a83e378da

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6ax7n6EA8SUg0PcdghIH8Gzk9ZNZDL8t7F17Ie1BkOYSlGY4GycpDlJlahJUE%2Fc495bCWOnlgHAOm23u8Xb3E%2BmV2t4H18c7owMhre3RTEkKkBAelCWGRCOUcbz9N7WT%2BgaWHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 8b2f4ee488130fe4-LAX
alt-svc: h3=":443"; ma=86400
x-request-id: c03aa230-5a10-11ef-aa16-aabc1ac38304

GET
H3 200 game-cards Show response
www.bursa-shadow.xyz/api/cobo/brand/cms/ 663 B
920 B 695ms
693ms XHR
application/json 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bursa-shadow.xyz/api/cobo/brand/cms/game-cards
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/_next/static/chunks/pages/_app-2306765280e37997.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 976a23a3ee0f9ba6aa714ff0b86bca8b956dfaa76c7da8b1818e8ac5b8ef3cb3

Request headers

Accept: application/json, text/plain, */*
x-brand-token: 2nVYBURlI0WsHgDtGOe1OAVoc1Og7Gr0GPilt0CVszpQaJOz_qqV0keVceMivGvp6Q
Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
via: kong/3.6.1
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-kong-upstream-latency: 22
alt-svc: h3=":443"; ma=86400
x-kong-request-id: 839b7a3caaffe3550edd671717657421
x-process-time: 7.14 ms
server: cloudflare
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XqNw2nv%2FjazNl41a%2BCg7yv04Qo0IWKa1bAnExV%2FQ%2BROrmvAEsCEh1phKwHzny%2BArLXO0qeWbi4Vuk7U4EBvMYa4MTycIl%2BMy2r7xbP94Bu6L5hM8k5cSc5kv2z2Pa%2FJixGj1jj4u6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-credentials: true
cf-ray: 8b2f4ee408d308f6-LAX

GET
H3 200 / Show response
www.p120p0p1mt.xyz/v2/public/cms/floating-widget/ 446 B
713 B 273ms
271ms XHR
application/json 172.67.134.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.p120p0p1mt.xyz/v2/public/cms/floating-widget/
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/_next/static/chunks/pages/_app-2306765280e37997.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.134.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 531404bbf700a00cdd99412c3722152fa79470518b5a3efdf5b7b8e6352c8012

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
X-Realm: V1006

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Sk0hBHErMDZ908B2iTI0dz9SJByMUfp1KWb87s213OCrmzy1XTPoR0KWH3Chksj6nKnHU8647RvjmHRYXUPNYpwD7cGRzBbvvwKLJKDXG1ei4EG5CmZT%2B6ZrL9VH87jSGKtsws%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 8b2f4ee6fc99cba2-LAX
alt-svc: h3=":443"; ma=86400
x-request-id: 7b15135b-3db8-4d94-a5fd-2ac8bb30e701

GET
H3 200 status Show response
www.p120p0p1mt.xyz/v2/public/promotion/angpao/ 21 B
529 B 273ms
272ms XHR
application/json 172.67.134.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.p120p0p1mt.xyz/v2/public/promotion/angpao/status
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/_next/static/chunks/pages/_app-2306765280e37997.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.134.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe2f993fccec78a73fe440c92fc637167e2a74337f898889851ed581bf05e024

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
X-Realm: V1006

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wedv4JORBrdtVLIyyzqh8mx4pCbPyxqYH4GrjJm1VM%2F0TEVdcKNPhAymTxqOoi%2FQBE2KebjPKNHH130H7jDeC1bZS88542OtjgIg%2F%2BuCpGmy7nDLk0laZEx5mS6dxpuSUQTv6lk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 8b2f4ee6fc9bcba2-LAX
alt-svc: h3=":443"; ma=86400
content-length: 21
x-request-id: ae5fbdb2-fbaf-41cb-91b3-9be01b5fcccf

GET
H2 200 / Show response
v1006.p120p0ap1.xyz/v1/public/cms/live-chat/active/ 1 KB
1 KB 690ms
550ms XHR
application/json 2606:4700:3034::6815:1c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v1006.p120p0ap1.xyz/v1/public/cms/live-chat/active/

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/_next/static/chunks/pages/_app-2306765280e37997.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:1c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44707a54350be47117976fe5315850f29bbe458284366a3a00fcc072d65b353c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 748
referrer-policy: same-origin
server: cloudflare
x-frame-options: DENY
allow: GET, HEAD, OPTIONS
content-type: application/json
vary: Accept-Encoding, Origin
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hSwjTHu4o2YK6v2UOO9q4QayePJTDRN9CyqM6RtlGLcAMxkS7WjyNVVj3FPyNPyuW%2FzlLKsnnoLbOdOTBp7uhsD9RMQLVUUYeqwMLI0lOaXhWlIyssUqYsZXSvM8l52FZhV9a27z45aUXDeidqFbh7fn"}],"group":"cf-nel","max_age":604800}
cf-ray: 8b2f4ee54a79103a-LAX

GET
H3 200 jackpot-settings Show response
www.p120p0p1mt.xyz/v2/public/cms/ 82 B
586 B 273ms
271ms XHR
application/json 172.67.134.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.p120p0p1mt.xyz/v2/public/cms/jackpot-settings
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/_next/static/chunks/pages/_app-2306765280e37997.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.134.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9430dafda9242ee792396dbbd5e7e3696a58c2f51a050987976c60f33e10d09d

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
X-Realm: V1006

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rcFrIk%2BBIFylYKjYV4pUvW%2BmFL6YLcmqdcVYXcpyEPGuvPzpixxvPexvO4Z7Cdr%2BixHA5KOa3JnYL9fb%2BJMkJ4%2Bd%2F4yob9g8kBmneXNb4WanzcTT5hsdJUL1ZKbYtJMKQEF%2BmvI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 8b2f4ee83f13cba2-LAX
alt-svc: h3=":443"; ma=86400
x-request-id: 49c5d150-8264-40af-804a-ced93ec254de

GET
H2 200 player-level Show response
v1006.p120p0ap1.xyz/v1/public/player/ 99 B
407 B 684ms
545ms XHR
application/json 2606:4700:3034::6815:1c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v1006.p120p0ap1.xyz/v1/public/player/player-level

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/_next/static/chunks/pages/_app-2306765280e37997.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:1c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

477f234e1b6f903e0de9ad58590d6f3a8b5bbaa8138759dfb33fd405e8b1dc5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
allow: GET, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=crgl41AgdkwbvssBeo9GU5NFejpkl3uRA25Y2XFajeQfM6wK6RG1r4zBhE7lT%2BLf3nd7%2Bg9Cw3ILmrs7AZZOOUtOj53F%2FiNcOJYrhGCUKUFD0EltAYPg0tM1e%2BM4oscvDu%2FlrdmO2NPRGOzmb1j9GaYz"}],"group":"cf-nel","max_age":604800}
x-frame-options: DENY
cf-ray: 8b2f4ee54a75103a-LAX
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 204 status
www.p120p0p1mt.xyz/v2/public/promotion/angpao/ Frame 0
0 464ms
271ms Preflight 172.67.134.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.p120p0p1mt.xyz/v2/public/promotion/angpao/status
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.134.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-realm
Access-Control-Request-Method: GET
Origin: https://www.bursa-shadow.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: x-realm
access-control-allow-methods: GET,POST,HEAD,PUT,DELETE,PATCH
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8b2f4ee53963cba2-LAX
date: Wed, 14 Aug 2024 07:42:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CPtOMYl8syeR5L40s4PE6m%2BulaAj7rIFpEgYUKiPcfVcwpSZNUlFzu%2FEhvkqG0Xm6G1oasWsHzcVAWHmpUo5Gh06UF9uAdDBNk8q1isvGJVDW8U0MyPFzf3ivYJ%2BBXxqsv8vMmA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers, Origin

OPTIONS
H3 204 jackpot-settings
www.p120p0p1mt.xyz/v2/public/cms/ Frame 0
0 665ms
474ms Preflight 172.67.134.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.p120p0p1mt.xyz/v2/public/cms/jackpot-settings
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.134.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-realm
Access-Control-Request-Method: GET
Origin: https://www.bursa-shadow.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: x-realm
access-control-allow-methods: GET,POST,HEAD,PUT,DELETE,PATCH
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8b2f4ee53961cba2-LAX
date: Wed, 14 Aug 2024 07:42:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vJbfiYOt5YTTEUBowSSIuindZFeybO11kBxd6I7eNjlvmN2MYMKgkBYwd6qV3mu%2FEy8QVK%2FSPyZOD083Z9soduOUGISKADEpL14cUz%2FxlKzi0LVnYrWP9AxmDraI3FPdkxg36dM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 5 KB
6 KB 280ms
279ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2Fcommon%2Fprovider%2Fpragmatic%2Fslotgame%2Factive.png%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=1080&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12f0dc8d8fa5653ced2bec2af06a67fd242d6aaf70d92a0ba424e55c33733246

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: HIT
x-kong-upstream-latency: 4
content-disposition: inline; filename="active.webp"
alt-svc: h3=":443"; ma=86400
content-length: 5238
x-kong-request-id: bfbb8964331f2e56a4b03e4ca6fe005e
server: cloudflare
etag: EvDcjY+lZTztK+wq8Gpn-SQtaq9w2SoLpCTlXDNzMkY=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7RUaq5WjTYN%2FouFLdCOPG5OjrIFqV2eYc8oqoRHl%2BbbDttukl31yChet4oRgTQ9YR0vCtJ3eQ1XzjQl0Go9gxxrEg%2FkFj1jxpxQWdWNb8Ey2kjS9C64EcsEmyNVYkbrzEMI6P%2F8FMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ee418db08f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 6 KB
7 KB 485ms
482ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2Fcommon%2Fprovider%2Fpragmatic%2Flivecasino%2Factive.png%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=1080&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2c7a6d45a347aa79b78fa051bb23c7b18d0b232c82f8767c7dbfaec7dc28d0d

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: HIT
x-kong-upstream-latency: 3
content-disposition: inline; filename="active.webp"
alt-svc: h3=":443"; ma=86400
content-length: 6564
x-kong-request-id: 4e65112933f5a81b1010fa569ea12c42
server: cloudflare
etag: 4sem1Fo0eqebePoFG7I8exjQsjLIL4dnx9v67H3CjQ0=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DBBvtjQekiS0lR2RbZMJfL5NdbXperSANZgpkFqcmtxaOm5HgIYB70WgWHwfZmLECrAUC4sHz4idwzekyp4d3fUQWyOy5G5%2FbuexCg3F7fIZD%2FmPBoYAIlHmSe5TMZ%2B0Q%2B1MQyhWrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ee418e308f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 4 KB
5 KB 687ms
683ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2Fcommon%2Fprovider%2Fpgsoft%2Fslotgame%2Factive.png%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=1080&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19dc898b7c67f851c90be0b09bba5f8b13c8132fee567bcd80422eec7201a454

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 1
x-nextjs-cache: HIT
x-kong-upstream-latency: 5
content-disposition: inline; filename="active.webp"
alt-svc: h3=":443"; ma=86400
content-length: 4570
x-kong-request-id: 8f374677464d3d76a834f66f9078e63a
server: cloudflare
etag: GdyJi3xn+FHJC+Cwm7pfixPIEy-uVnvNgEIu7HIBpFQ=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kt59sUBZGp3D84PzsTBBt7PWIzNBCSdY5kX38CQexkMjwoUMGp8bGd2BfJFRMg90ICLSoGoXZmbgMWURp%2FeXVlXrng1ehYtkp4O5KSbWeq1Nya333KemSYCB5tsc3nYZTzyXmVQ2RA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ee418e508f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 3 KB
3 KB 482ms
478ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2Fcommon%2Fprovider%2Fhabanero%2Fslotgame%2Factive.png%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=1080&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

552d7f9163c7686fddf3df7b0c4de7474542a179cc6167ed394757252042b6e3

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: HIT
x-kong-upstream-latency: 3
content-disposition: inline; filename="active.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2828
x-kong-request-id: cf17240f2b6ef10ea01604137c4f9c3e
server: cloudflare
etag: VS1-kWPHaG-d8997DE3nR0VCoXnMYWftOUdXJSBCtuM=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TcDeOrWPRPKzBrVGYpiLBJ4Xt%2FCdzi4aIxgygInaQZf4vauNDxqXnUpjM3NL%2FE0uYKzBQOgZzZquBMjcbtVE5BCgjlJQANFzuRGk%2BEodpCXWyfYoHjhSOovWZF1SmWHLqLe7Yl1Scw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ee418e708f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 5 KB
6 KB 482ms
479ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2Fcommon%2Fprovider%2Fspadegaming%2Fslotgame%2Factive.png%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=1080&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a8498ab49e086ba26f14e3ecbcabc4078ae8a55e50b77682c8f690530458d99

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 1
x-nextjs-cache: HIT
x-kong-upstream-latency: 3
content-disposition: inline; filename="active.webp"
alt-svc: h3=":443"; ma=86400
content-length: 5470
x-kong-request-id: 06b29b204f72ff1cb3175242bf46c42c
server: cloudflare
etag: OoSYq0nghrom8U4+y8q8QHiuilXlC3doLI9pBTBFjZk=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OletqxtY7N3XujRGuQBFGtndFLcD8mt%2Fpeu8Td5DfRwA0CBt519b8j%2Bkwcfh%2F1Hozz%2BAS2fr9xzjOhtvALdLu4vxb87Y4Qu0pVzxoRx2C2TukS2j2%2FdKs5MxjW03aJETeBJF6FWDRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ee418e908f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 7 KB
8 KB 484ms
480ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2Fcommon%2Fprovider%2Faegaming%2Fslotgame%2Factive.png%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=1080&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c59be0ff10874d94414d43b0020da7fdf3b878d7e393c372e0f9efba3aed1541

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 1
x-nextjs-cache: HIT
x-kong-upstream-latency: 4
content-disposition: inline; filename="active.webp"
alt-svc: h3=":443"; ma=86400
content-length: 7556
x-kong-request-id: 0141a04330cc69254327a81e19bc7014
server: cloudflare
etag: xZvg-xCHTZRBTUOwAg2n-fO4eNfjk8Ny4PnvujrtFUE=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lOqm308aUHgtAzjXeUoRARquWrAokjCy1486geGWiUdUpakUdKkShOFkRVNul8TGNMcgeIuCUzgMg6%2F1NTGFcPbt6xVOPl4ywOHXN%2BGQwARqMp8NQ%2BuS9TOSp7didVplrvFWjzCd9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ee418ea08f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 8 KB
9 KB 689ms
686ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2Fcommon%2Fprovider%2Faegaming%2Flivecasino%2Factive.png%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=1080&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca514578ce2cdc2cb2957544aefb0d97cb1e782ff06a4a2ac0e31a27cc6b4cf0

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: HIT
x-kong-upstream-latency: 4
content-disposition: inline; filename="active.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8224
x-kong-request-id: eb265f5c43ffeb787833650a6ec2d918
server: cloudflare
etag: ylFFeM4s3CyylXVErvsNl8seeC-wakoqwOMaJ8xrTPA=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b1AnWkhLyxbL2%2FUeiitegPIuYhSHYFxbOUP3RZb%2BpUK6I26%2BfGZpRGeODG7HhuMdidRcJFcHD6CXSxkpqfx9hDlxWfAJPASc9OShF6o3MDu0ZgoGp11dQv9JNJ9CiUbwTDBs01Kc%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ee418eb08f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 5 KB
5 KB 527ms
523ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2Fcommon%2Fprovider%2Fgmw%2Fslotgame%2Factive.png%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=1080&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

423bc169738a83f1a6998e95b37e517f4431d896ccdad9628f6a35b895c9d408

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: HIT
x-kong-upstream-latency: 4
content-disposition: inline; filename="active.webp"
alt-svc: h3=":443"; ma=86400
content-length: 4698
x-kong-request-id: 61e303078a13cc78c5b673547349897a
server: cloudflare
etag: QjvBaXOKg-GmmY6Vs35Rf0Qx2JbM2tlij2o1uJXJ1Ag=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BKZGpRMtTAPLuTjgohm014UzH4OUoeu7f01yQDOCxwf9xKpcs5LDBGlgDjwfdIr2JG3QWh6MmMgkh8%2BTohipR2hgq%2FFwsCilCJadfnbzJPRW9z0MKG9IU%2FEj%2FHiZW3bIc6gplsMC%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ee418ec08f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 7 KB
7 KB 685ms
682ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2Fcommon%2Fprovider%2Fsaba%2Fsportsbook%2Factive.png%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=1080&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11f651f2b33c5e9490f45714a97fe05cf211b0d82250a47a689b1123bfb5781e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: HIT
x-kong-upstream-latency: 3
content-disposition: inline; filename="active.webp"
alt-svc: h3=":443"; ma=86400
content-length: 6826
x-kong-request-id: b92ffb772ad88c0653b95a1107950c21
server: cloudflare
etag: EfZR8rM8XpSQ9FcUqX-gXPIRsNgiUKR6aJsRI7+1eB4=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=anLpfHsw1roBDNkmR0ZqNXzWk9vQf%2Bk5jtF5XwzMTBBSkkkkTth11cU4KgaXgdAZZU4hcvCu%2BFCtbj1d%2FQxEP9uJCwpe7Oty0aJNc0pPAhAjdub2fSeQvv5sPQvuJjFIW501pg20eA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ee418ed08f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 3 KB
4 KB 689ms
686ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2Fcommon%2Fprovider%2Fasiagaming%2Fslotgame%2Factive.png%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=1080&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be916154a95f7b3ef848b984276b45f90ed50d4c5e5eb135f9f29369ffd89bdb

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: HIT
x-kong-upstream-latency: 9
content-disposition: inline; filename="active.webp"
alt-svc: h3=":443"; ma=86400
content-length: 3280
x-kong-request-id: edfecf4e8610cd2185274e3aadba5933
server: cloudflare
etag: vpFhVKlfez74SLmEJ2tF+Q7VDUxeXrE1+fKTaf-Ym9s=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ul6Blr6b1Z7HJP%2BryKUqGYeGFGt64VWcp4S6raCJkgdr%2FvDUFDyMHTcAdz%2BXnvqNudoA4ooNAAXfQ1crFFhQaAEdOjO5BxHLicOJEvc1sryZrl2CuB0JDAtiROU%2FH9OREID63VjEcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ee418ee08f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 5 KB
6 KB 686ms
683ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2Fcommon%2Fprovider%2Fmicrogaming%2Fslotgame%2Factive.png%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=1080&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0243ebdc59eb7f61a940c0402e50fbd644b7ad1cfa6367e0dadf1ee375eae553

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: HIT
x-kong-upstream-latency: 8
content-disposition: inline; filename="active.webp"
alt-svc: h3=":443"; ma=86400
content-length: 4950
x-kong-request-id: 5dcd352264c95468a53639632ce55931
server: cloudflare
etag: AkPr3Fnrf2GpQMBALlD71kS3rRz6Y2fg2t8e43Xq5VM=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mVihUWVOFLvyeWk%2Bi%2BNgJ8YKoTu5JZO4cjwNO9kEkIPqG48wjGRKi6TaeVSvgV3u%2BaHLzS6EFjKRoxFgcFj2pNgf9u%2F0ZZ4qSgZb3uceDmbaHxo3DJ7T4aWTTXtRX8%2BTNfv1f0kf1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ee418f008f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 4 KB
4 KB 687ms
685ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2Fcommon%2Fprovider%2Fadvantplay%2Fslotgame%2Factive.png%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=1080&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46939c7839a3a43c366a786ba89e299e449dccf8120717f0bba38dec3c11cc2b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: HIT
x-kong-upstream-latency: 8
content-disposition: inline; filename="active.webp"
alt-svc: h3=":443"; ma=86400
content-length: 3628
x-kong-request-id: 3ace9d2b5d4ca9113c1207699bb1a132
server: cloudflare
etag: RpOceDmjpDw2anhrqJ4pnkSdzPgSBxfwu6ON7DwRzCs=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cHRZ%2B%2BogQstOtXWyTWWoOIxzRhxRGNZf9KwmMzTOCqTE6SiRmRk3izmdvn71YphFeOofQdORB9%2BUzd76CjmDi7dC1Z8WheqAVbNreMIdIp4aYLYABf1IxQwOl1hRPHYD%2B542NhS8iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ee418f108f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 1 KB
2 KB 686ms
683ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2Fcommon%2Fprovider%2Fspribe%2Fslotgame%2Factive.png%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=1080&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc0538cc06544f69b01bfb9a4a4488e45c8f8d9925743bbae39a541f44b09f61

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: HIT
x-kong-upstream-latency: 6
content-disposition: inline; filename="active.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1374
x-kong-request-id: 7619a71beb5b9e0ea934574f7dcb423c
server: cloudflare
etag: -AU4zAZUT2mwG-uaSkSI5FyPjZkldDu645pUH0Swn2E=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1dmFpxi11DmdcR9AqgTz%2BsVAsk%2BwZsCpTJl9ykAmBDPfJEktWE%2FFRLWD4zlcXxP%2BQ4SwoqwIqOOHRu20K677ruCaWDcrRD8cgr%2FDIA8dSUvbXQI9MA4sOvgDoIhQdA8K46BbbMqcRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ee418f208f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 6 KB
7 KB 686ms
684ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2Fcommon%2Fprovider%2Fslot88%2Fslotgame%2Factive.png%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=1080&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6de7c5e4d1b2e964c9d17b8ef236418b49b5b1bc4a581c88f4c675c78f6191ee

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: HIT
x-kong-upstream-latency: 3
content-disposition: inline; filename="active.webp"
alt-svc: h3=":443"; ma=86400
content-length: 5990
x-kong-request-id: 44c86636862e90374049ae7f32c73605
server: cloudflare
etag: befF5NGy6WTJ0XuO8jZBi0m1sbxKWByI9MZ1x49hke4=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bm5ZpkTrHjHDJo64G44noqN%2BEaBREOtNVEe4Tsh8F%2BV6%2BfY78vGb6dLv5Px47I8wpyOaTZvTPen%2BxBizg8xCFT8aXOxJJtZ2i%2F9VqW2%2BlGAMd72d5lfZ03N%2BXCMPuf8VEnMAfu69vA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ee418f308f6-LAX

GET
H3 200 1510052642946834 Show response
connect.facebook.net/signals/config/ 40 KB
7 KB 178ms
176ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1510052642946834?v=2.9.164&r=stable&domain=www.bursa-shadow.xyz&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C195%2C194%2C196%2C201%2C202%2C203%2C199%2C191%2C128%2C130%2C158%2C190%2C192%2C119%2C152%2C141%2C146%2C184%2C185%2C125%2C227%2C113%2C123%2C124%2C228%2C160%2C116%2C230%2C161%2C132%2C120%2C149%2C144

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

2944339f863ae41b654a639dae13440a0a799d97f31f5abaf7dd248d6bf1e336

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 14 Aug 2024 07:42:26 GMT
document-policy: force-load-at-top
x-fb-server-load: 44
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=26, mss=1232, tbw=8266, tp=17, tpl=0, uplat=55, ullat=0
pragma: public
x-fb-debug: QKW2LLz4SoqigJkaqq0tnuVLshjFOHFITG6iCH3zsKThN4L5YAXYGCV0HR8M52wRBwn/3V3og5MrkV+XS3OIbg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
270 B 368ms
120ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=706689438275533&ev=PageView&dl=https%3A%2F%2Fwww.bursa-shadow.xyz%2F&rl=&if=false&ts=1723621345926&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723621345922.90597354920969157&cs_est=true&ler=empty&cdl=API_unavailable&it=1723621345565&coo=false&rqm=GET

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=10, mss=1297, tbw=2861, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Aug 2024 07:42:26 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 409ms
162ms Image
image/png 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=706689438275533&ev=PageView&dl=https%3A%2F%2Fwww.bursa-shadow.xyz%2F&rl=&if=false&ts=1723621345926&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723621345922.90597354920969157&cs_est=true&ler=empty&cdl=API_unavailable&it=1723621345565&coo=false&rqm=FGET

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Wed, 14 Aug 2024 07:42:26 GMT
document-policy: force-load-at-top
x-fb-server-load: 32
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402897312647704783", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=10, mss=1297, tbw=3207, tp=-1, tpl=-1, uplat=37, ullat=0
pragma: no-cache
x-fb-debug: bp7bE7wBeWQlkbglTyjHvnQ02Y6wqbwa3bIpVy5aF0X2TKptLPusqxWfvzEU8nukIPSEWLN7jUK4lKuUM3umhA==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402897312647704783"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 463793653222941 Show response
connect.facebook.net/signals/config/ 26 KB
3 KB 167ms
165ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/463793653222941?v=2.9.164&r=stable&domain=www.bursa-shadow.xyz&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C195%2C194%2C196%2C201%2C202%2C203%2C199%2C191%2C128%2C130%2C158%2C190%2C192%2C119%2C152%2C141%2C146%2C184%2C185%2C125%2C227%2C113%2C123%2C124%2C228%2C160%2C116%2C230%2C161%2C132%2C120%2C149%2C144%2C142%2C168%2C154%2C115

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

820b76aa9f514662ecb6e1ccb8f1acaeafa67ccf9b70e8e1a2caa1cf99c7624b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 14 Aug 2024 07:42:26 GMT
document-policy: force-load-at-top
x-fb-server-load: 32
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=34, mss=1232, tbw=17658, tp=26, tpl=0, uplat=46, ullat=0
pragma: public
x-fb-debug: FB3G36oivoSPjexPnMMXNcCtvzMOdnOaAzgxtSe2Bqm/VX+u/wTOAAvyovEtJ/Y9MULJ4gNuJOyKFfhdmMaBuw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 178ms
121ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1510052642946834&ev=PageView&dl=https%3A%2F%2Fwww.bursa-shadow.xyz&rl=&if=false&ts=1723621346118&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723621345922.90597354920969157&cs_est=true&ler=empty&cdl=API_unavailable&pm=1&hrl=cb48bf&it=1723621345565&coo=false&cs_cc=1&cas=8055465757901823%2C8325494117485471%2C8317797758252858&rqm=GET

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=10, mss=1297, tbw=2861, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Aug 2024 07:42:26 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
847 B 292ms
235ms Image
image/png 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1510052642946834&ev=PageView&dl=https%3A%2F%2Fwww.bursa-shadow.xyz&rl=&if=false&ts=1723621346118&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723621345922.90597354920969157&cs_est=true&ler=empty&cdl=API_unavailable&pm=1&hrl=cb48bf&it=1723621345565&coo=false&cs_cc=1&cas=8055465757901823%2C8325494117485471%2C8317797758252858&rqm=FGET

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Wed, 14 Aug 2024 07:42:26 GMT
document-policy: force-load-at-top
x-fb-server-load: 27
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402897313588177086", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=10, mss=1297, tbw=6493, tp=-1, tpl=-1, uplat=46, ullat=0
pragma: no-cache
x-fb-debug: reVruHgFrM4/PakAnV4oSh0/GI28KuWjxxdNiIWzUq04LPvyyQ0mYEyL7q5rjVTqMOE8PSa4Ykqt2BPA8kc6ug==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402897313588177086"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET unleash
www.bursa-shadow.xyz/api/ 0
0

GET
H3 200 510542231373170 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 173ms
172ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/510542231373170?v=2.9.164&r=stable&domain=www.bursa-shadow.xyz&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C195%2C194%2C196%2C201%2C202%2C203%2C199%2C191%2C128%2C130%2C158%2C190%2C192%2C119%2C152%2C141%2C146%2C184%2C185%2C125%2C227%2C113%2C123%2C124%2C228%2C160%2C116%2C230%2C161%2C132%2C120%2C149%2C144%2C142%2C168%2C154%2C115

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

b54bfc6f661dc0c1f5ac839095d783cdfb9279a3a4712e3b0299a34ae6d693fb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 14 Aug 2024 07:42:26 GMT
document-policy: force-load-at-top
x-fb-server-load: 30
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=36, mss=1232, tbw=21114, tp=30, tpl=0, uplat=51, ullat=0
pragma: public
x-fb-debug: YIKnZ0xXzwKZSk42cWh/gSH09yNes+mbWNo7xjoAe46NAJRvOmjonRdFf+DEGFTp6zpvp1jEeZB9TowblUw/NQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
98 B 120ms
119ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=463793653222941&ev=PageView&dl=https%3A%2F%2Fwww.bursa-shadow.xyz%2F&rl=&if=false&ts=1723621346293&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723621345922.90597354920969157&cs_est=true&ler=empty&cdl=API_unavailable&it=1723621345565&coo=false&rqm=GET

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=14, mss=1297, tbw=7432, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Aug 2024 07:42:26 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
847 B 134ms
133ms Image
image/png 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=463793653222941&ev=PageView&dl=https%3A%2F%2Fwww.bursa-shadow.xyz%2F&rl=&if=false&ts=1723621346293&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723621345922.90597354920969157&cs_est=true&ler=empty&cdl=API_unavailable&it=1723621345565&coo=false&rqm=FGET

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Wed, 14 Aug 2024 07:42:26 GMT
document-policy: force-load-at-top
x-fb-server-load: 35
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402897313187126399", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=17, mss=1297, tbw=7574, tp=-1, tpl=-1, uplat=14, ullat=0
pragma: no-cache
x-fb-debug: FaPkDFioCqFk7NTh5lD74zMtjKraDWVFuvFfujjhKZ38mu/AKmsSKZSmkKawjqxoDv34CzwgrnX3Tkp7u53h9g==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402897313187126399"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200 partytown-sandbox-sw.html Show response
www.bursa-shadow.xyz/~partytown/ Frame 1008 32 KB
0 7ms
6ms Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bursa-shadow.xyz/~partytown/partytown-sandbox-sw.html?1723621346383
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/
Protocol: HTTP/1.1
Security: QUIC, , AES_128_GCM
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 434d6172fdc75671b06da7b1b812d72ddfc93e7cef70bd107d95ef969522c8ce

Request headers

Referer: https://www.bursa-shadow.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store
content-type: text/html

GET
BLOB 200
OK 6b12e8b9-1a7b-47a2-b1e1-bb046a6a67be
https://www.bursa-shadow.xyz/ Frame 1008 23 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bursa-shadow.xyz/6b12e8b9-1a7b-47a2-b1e1-bb046a6a67be
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79be8eece9f9386885a1d234860a9813cab55ed33adb5aef99323972ec54f5f0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 23663
Content-Type: text/javascript

GET
H3 200 1909817749462697 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 198ms
196ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1909817749462697?v=2.9.164&r=stable&domain=www.bursa-shadow.xyz&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C195%2C194%2C196%2C201%2C202%2C203%2C199%2C191%2C128%2C130%2C158%2C190%2C192%2C119%2C152%2C141%2C146%2C184%2C185%2C125%2C227%2C113%2C123%2C124%2C228%2C160%2C116%2C230%2C161%2C132%2C120%2C149%2C144%2C142%2C168%2C154%2C115

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

76c95e19b60d065666b897db2028d61d35762f271e61b86a518b41941fb41101

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 14 Aug 2024 07:42:26 GMT
document-policy: force-load-at-top
x-fb-server-load: 40
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=39, mss=1232, tbw=24474, tp=34, tpl=0, uplat=76, ullat=0
pragma: public
x-fb-debug: GosCBf2wF6jkMONMsllJBIyeRerhmgpqM7V/S8RwrBmaA+K6cuOxWrxY0rOIoms5+T4n1pTpGPnpKkMRp6VQcg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
98 B 122ms
119ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=510542231373170&ev=PageView&dl=https%3A%2F%2Fwww.bursa-shadow.xyz%2F&rl=&if=false&ts=1723621346477&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723621345922.90597354920969157&cs_est=true&ler=empty&cdl=API_unavailable&it=1723621345565&coo=false&rqm=GET

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=121, rtx=0, c=26, mss=1297, tbw=8491, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Aug 2024 07:42:26 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
847 B 137ms
135ms Image
image/png 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=510542231373170&ev=PageView&dl=https%3A%2F%2Fwww.bursa-shadow.xyz%2F&rl=&if=false&ts=1723621346477&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723621345922.90597354920969157&cs_est=true&ler=empty&cdl=API_unavailable&it=1723621345565&coo=false&rqm=FGET

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Wed, 14 Aug 2024 07:42:26 GMT
document-policy: force-load-at-top
x-fb-server-load: 50
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402897312714786723", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=121, rtx=0, c=26, mss=1297, tbw=8633, tp=-1, tpl=-1, uplat=17, ullat=0
pragma: no-cache
x-fb-debug: hJkTK3x6DawO83YaHoJ7xsi5IRIQB16XbuYkPdydlK5PEH+3oVCNbh57WGeqtX95X31IXsl4G0kQoevOwc2qkg==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402897312714786723"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 2 KB
3 KB 277ms
275ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2Fcommon%2Fprovider%2Fevolution%2Flivecasino%2Factive.png%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=1080&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6ac89af96a5dd5049dc8b1ac36c8d015aff2057dec1b715285c2892190dfd08

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: HIT
x-kong-upstream-latency: 3
content-disposition: inline; filename="active.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1856
x-kong-request-id: 660a9e281437b862a6f794033be89467
server: cloudflare
etag: tqyJr5al3VBJ3Isaw2yNAVr-IFfewbcVKFwokhkN-Qg=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZNQaJwPEmjA3XO95xVgZ%2FH9aGVwkmR5P2ohva0hfmmm%2BLfBXDvI%2FR%2FkHf23kdVX4DTZ2SwUc5HkcspeMvyO0%2FEu5cYY9mmoBRbPmeeuuQBLKueZXPH7OpoCiEk878hunrOuPM7uU%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ee7dc6508f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 4 KB
5 KB 276ms
274ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2Fcommon%2Fprovider%2Fsbo%2Fslotgame%2Factive.png%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=1080&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83d42eb1bb99f7869cd1945b4ff0320443b08198f48ff9f83963e123d1294549

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: HIT
x-kong-upstream-latency: 3
content-disposition: inline; filename="active.webp"
alt-svc: h3=":443"; ma=86400
content-length: 4144
x-kong-request-id: 364730346d4c1316d5942a2ac4436339
server: cloudflare
etag: g9QusbuZ94ac0ZRbT-AyBEOwgZj0j-n4OWPhI9EpRUk=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6bG%2FmkdwnOVh256bs6%2BBRGuq69OuVsUce7yU1t0Wioxkt1jKeVsmbZ%2FRb7oPCglOP9oc33CNRfeUdWmrNy01iE8l0gR37ENDRKIBAFh0yLBLG4X%2FfCi0vT0sMal72j7NJguoTnisCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ee7dc6708f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 2 KB
3 KB 284ms
282ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2Fcommon%2Fprovider%2Fnlc%2Fslotgame%2Factive.png%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=1080&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08fbb69251d0d9811fe00d26a32d056c788170871c553f051a494f79316675c3

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 1
x-nextjs-cache: HIT
x-kong-upstream-latency: 4
content-disposition: inline; filename="active.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2148
x-kong-request-id: 738d3327c031c038ec5d141ae78f1c1b
server: cloudflare
etag: CPu2klHQ2YEf4A0moy0FbHiBcIccVT8FGklPeTFmdcM=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ZIK9nIrbx038%2FqfwbE2gvsf80i7KuQvmWMSbZXLlTaoiebKKUAeK186Vx5eYt1NzZe54O7SEKokT3Y7RYPvSAtAqLscD%2FakiyrllQlsn2PS%2FvwS5uu2YGRGcLE4Wq0ZX%2FFI3Kvi3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ee7dc6808f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 2 KB
3 KB 285ms
283ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2Fcommon%2Fprovider%2Fveg%2Ftogel%2Factive.png%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=1080&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

555b196771926a74f87944e9d4b47c09adcf85a164ce5a96be9507cad8c39ae3

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: HIT
x-kong-upstream-latency: 4
content-disposition: inline; filename="active.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2072
x-kong-request-id: 3e68922700f71502addd613ac3826072
server: cloudflare
etag: VVsZZ3GSanT4eUTp1LR8Ca3PhaFkzlqWvpUHytjDmuM=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Sqg3sx%2FunsmC4QrCv48o4mF4O06yMQBziFsJePqGQf19k87BWCbE%2FtQxv5uaLyyYuwX85hE28WyALqIWAf7minhZemZVJ%2F5o%2BIxYz2cURkZi5X2%2Bwm5ElzlyviZ3xlOwUVHNQw1oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ee7dc6908f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 2 KB
3 KB 287ms
285ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2Fcommon%2Fprovider%2Fpinnacle%2Fsportsbook%2Factive.png%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=1080&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5806ebb5ab1b1e5e3abb0f5ed91eaa6b7ad07e076be191b9b42403f040756df3

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: HIT
x-kong-upstream-latency: 4
content-disposition: inline; filename="active.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1984
x-kong-request-id: 5afce72f0aea5a016f38af389bb55520
server: cloudflare
etag: WAbrtasbHl46uw9e2R6qa3rQfgdr4ZG5tCQD8EB1bfM=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=792py72EdjgdfmFanY7mRnVV6JWq360NKfGkyycNM0eV1eiHzwr%2B3f%2FFwH9qc0ILrL5GvWw%2BG1MmqBfgggSKWB81XnJIWDFeJFXy4hyp0Jf%2BTJm6liwpthzVNsdcR5cc7nNJ7g4uIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ee7dc6a08f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 1 KB
2 KB 285ms
284ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2Fcommon%2Fprovider%2Fjili%2Fslotgame%2Factive.png%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=1080&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08e305ae4501093013a5743ceb558b599306bbb98bbb1487fe4ef8a8e17dc2fa

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: HIT
x-kong-upstream-latency: 2
content-disposition: inline; filename="active.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1396
x-kong-request-id: 4f955a33c998fd1db1936c4c9a489655
server: cloudflare
etag: COMFrkUBCTATpXQ861WLWZMGu7mLuxSH-k74qOF9wvo=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dLvCSbSpikzkVtEF2vCI9Qt9jFUMkxEOpOywL9JgVGhsBqU1jamoEoiMKb3F%2Fh3gJ0vrgmGAT0LS4BGebhXgBkoal2T0vxrTaEWHdoR%2FGx1TDyVMJ9l4D91fj%2FLrhwCIjJAEtQuSRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ee7dc6b08f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 4 KB
5 KB 285ms
284ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2Fcommon%2Fprovider%2Fsmartsoft%2Ffishhunter%2Factive.png%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=1080&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30a84703e7839eeaa64422db759630f21c7bfc0a4d40274f18df6063c182e991

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: HIT
x-kong-upstream-latency: 4
content-disposition: inline; filename="active.webp"
alt-svc: h3=":443"; ma=86400
content-length: 4024
x-kong-request-id: fe5dcc314dbfcf26467617412d785d5d
server: cloudflare
etag: MKhHA+eDnuqmRCLbdZYw8hx7-ApNQCdPGN9gY8GC6ZE=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2t8j%2F2QZY6id03nBSBfAkhmZnuIZUocTFbPWYPqhFghGYeK67oWUe1ZYy2iiEYbx%2FJ4kyj5JOE5tgtnNQrWQNlmpGFhtUROGTEU4Lq76%2FZby9GmJIPq8gog%2BG%2F4ABxjzzWxfpgIe2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ee7dc6e08f6-LAX

GET
H3 304 unleash
www.bursa-shadow.xyz/api/ 0
0 293ms
283ms Fetch 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bursa-shadow.xyz/api/unleash?environment=default&appName=default&sessionId=763132622&properties%5BbrandCode%5D=V1006&properties%5Bapplication%5D=portal&properties%5Bservice%5D=portal-ui&properties%5Busername%5D=&properties%5BisLoggedIn%5D=false&userId=
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/_next/static/chunks/7718-b8610afbf4d8cefd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: application/json
Referer: https://www.bursa-shadow.xyz/
If-None-Match: W/"e-s5xwV9+7QhSQAlOjSJ/Y5v+WCp4"
Authorization: *:production.c996169ede01b187d87658daa9523e6eab5ed5c115e2a3d8126922ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 1
x-kong-upstream-latency: 11
alt-svc: h3=":443"; ma=86400
x-kong-request-id: 0b43b77b9965af18d5ad257377eb2c5c
server: cloudflare
etag: W/"e-s5xwV9+7QhSQAlOjSJ/Y5v+WCp4"
vary: Origin, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MGXLoZlXHM8zL9MloM4EGmkaABSA4jH5Yd8GIE2nBnuJbtFRcvb31I7%2BlCmDqgDGaok1UB01vi7D4Qq82aymGq7d8bNkiajnONN9t%2BoacoN4QI%2BLRF9MXfT9ZxgNXKw72fifkM0IVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8b2f4ee82cbc08f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 5 KB
6 KB 275ms
275ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2FV1006%2Fimages%2Flogo_icon%2Fweb_logo%2Fdark_1719049109.46949_logo%20bssss%20euroooo.png%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=1080&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

405df2de564151d7988779684cbfa66402228b25892c9ae94afc9400c8a89fbb

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: HIT
x-kong-upstream-latency: 3
content-disposition: inline; filename="dark_1719049109.webp"
alt-svc: h3=":443"; ma=86400
content-length: 4984
x-kong-request-id: 58498619b3d1f97de926010e63f60632
server: cloudflare
etag: QF3y3lZBUdeYh3loTL+mZAIiiyWJLJrpSvyUAMion7s=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q2zMVklCIMQxVE2vwCJwt0OqDixosTc41VHu27rrRKrc%2BTQIFcAyky8dqHQNe3tRBS8tpAvGoWBbeC2XCLxiAi8Z6MXXzTkvvOQ%2FmD8wQKbH4FdPcDwhio%2BL6nA7znwFtUQwwCAF0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ee82cb208f6-LAX

GET
DATA 200
OK truncated
/ 614 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23083c07697d1915803821d0276a8aec5a85b9f6b7cd66d5e794dc8c2a1f8391

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 976 B
2 KB 276ms
275ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2FV1006%2Fimages%2Fcontact%2Fsocialmedia%2F11%2Fdark_1719235401.182676.png%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=32&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acd3a02f2a031b7c8bcb68a230b1017333401a57d53d307c01d6d5dae172e7f2

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: HIT
x-kong-upstream-latency: 3
content-disposition: inline; filename="dark_1719235401.webp"
alt-svc: h3=":443"; ma=86400
content-length: 976
x-kong-request-id: f09bf226814dd91b1adbd270b41e494b
server: cloudflare
etag: rNOgLyoDG3yLy2iiMLEBczNAGlfVPTB8AdbV2uFy5-I=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tf3BzuxlJWHSzStf0aPtnWu3dXgz%2FviihZKvSVZKmsbTE%2BWYSvFL69mw6UFkRJtFdfg8z4J5N8%2FoLlgHkt0rO2bPi0zhxuoEl6Tr6jsS6uDY%2Bx3yscuUMom3vpyFlSE3QyNmnbkb7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ee83cc508f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 1012 B
1 KB 279ms
278ms Image
image/svg+xml 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2FV1006%2Fimages%2Fcontact%2Fsosmed%2F3%2Fwhatsapp_dark.svg%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=32&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee56d16a45dc9fa9d73560e09f58f217c3e8a3b995ae4eaf149bc679743d2b37

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-kong-proxy-latency: 1
x-nextjs-cache: HIT
x-kong-upstream-latency: 3
content-disposition: inline; filename="whatsapp_dark.svg"
alt-svc: h3=":443"; ma=86400
x-kong-request-id: 0382b76e810edc3eeb2ed31645e8557a
server: cloudflare
vary: Accept, Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u3ppJhOGMNciAAtaE21DYN4ico6mDOXjZAeeo28hvdiZTgBnQUmCNRs03OxtGFfFq96%2FP%2BpaSAA73Ma4b7yVaLRH27QSkczKcD0iwT5k2ruHJMksnMDXRKeHIrYRkI6lkg8NSajOCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=3600, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ee83cc708f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 473 B
1 KB 279ms
277ms Image
image/svg+xml 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2FV1006%2Fimages%2Fcontact%2Fsosmed%2F1%2Ffacebook_dark.svg%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=32&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78d33d4b7bec61a37239998a92aa748bd40588e22d73df597e1f9f090bcb79ff

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-kong-proxy-latency: 0
x-nextjs-cache: HIT
x-kong-upstream-latency: 3
content-disposition: inline; filename="facebook_dark.svg"
alt-svc: h3=":443"; ma=86400
x-kong-request-id: d59ff92609cf797dc5b6862d28282d11
server: cloudflare
vary: Accept, Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B4GYM0hbpMFEwnBEjiSSaD54ZJeLxuQxkXhnqj1IGb53Lpo%2F5fvmpYHojpvlziD%2BwBS6x6o%2FdhLQIcnlW%2FjoUqKidPmn0q657QI8sLvtRuKL%2BmVd3MMfAhFSCf%2B0mnPi01xYAqKlkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=3600, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ee83cc808f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 448 B
1 KB 276ms
276ms Image
image/svg+xml 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2FV1006%2Fimages%2Fcontact%2Fsosmed%2F5%2Ftelegram_dark.svg%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=32&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e4d212a98e6c3dec796f1ad4343ca32494065744a22f2d9272891498fb4cf80

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-kong-proxy-latency: 0
x-nextjs-cache: HIT
x-kong-upstream-latency: 2
content-disposition: inline; filename="telegram_dark.svg"
alt-svc: h3=":443"; ma=86400
x-kong-request-id: d54c821e08081853d6ac482babb4e540
server: cloudflare
vary: Accept, Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sV3V78j9PvrMWa6mHedydzkmfXvylvouf9CGb0qoCC9DLUb7usEUrUpmAPPbAwTQ%2FHNSDoFwrzxQnVT53006HLRduejVhosuFsodhWjUZhG5He4aF%2Buu3%2B%2B15krLzqZjFZ1z%2FibRDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=3600, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ee83cca08f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 54 KB
55 KB 277ms
277ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2FV1006%2Fimages%2Fbanner%2F26%2F1713546171.720957_banner_desktop_a_id.jpeg%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=1080&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/_next/static/chunks/main-8aabd44d35e7008f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0b3908fefeddf64b8a8b12533f73fb83939ff34a72d89b122fa4daa4c6498f4

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: HIT
x-kong-upstream-latency: 3
content-disposition: inline; filename="1713546171.webp"
alt-svc: h3=":443"; ma=86400
content-length: 55368
x-kong-request-id: 26fe0c1ccff36252506a5604fb4a8f3a
server: cloudflare
etag: 0LOQj+-t32S4qLElM-c-uDk5-zSnLYmxIvpNqkxkmPQ=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PtN3futpSC2bn164gpZsr7w%2F%2BwI3GrubZ9Q%2FFvINWO2LRhbyCFgeUNi%2BMH8L9zmTvsxAG4xYYKiG0EHy%2BiSxW%2B6dxCOw2Hli9KrWRWqs1hJD3nr6bdpdFMDMW3pElX3YHOoBcU7NKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ee8ad3408f6-LAX

GET
H3 200 top-games Show response
www.bursa-shadow.xyz/api/cobo/brand/transaction/ 2 KB
1000 B 393ms
392ms XHR
application/json 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bursa-shadow.xyz/api/cobo/brand/transaction/top-games?category=POPULAR_SLOT_GAME&gamecategory=slotgame&brand_code=V1006
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/_next/static/chunks/pages/_app-2306765280e37997.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27550a07ac8a2605aced2dd1c044e3893e4a9a0772d294368be9221dcaa9d5f7

Request headers

Accept: application/json, text/plain, */*
x-brand-token: 2nVYBURlI0WsHgDtGOe1OAVoc1Og7Gr0GPilt0CVszpQaJOz_qqV0keVceMivGvp6Q
Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:27 GMT
content-encoding: gzip
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-kong-upstream-latency: 23
alt-svc: h3=":443"; ma=86400
x-kong-request-id: d7fb7a2526179f2fa6ff747b928dd356
x-process-time: 9.90 ms
server: cloudflare
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MklZaU4cyCTGp2ApJYCi5uQae1BDKDm%2FYQMEWZUDWWfi4UFkRvqLAyDC%2BIlur34UuFLCWYqH3E%2Fss%2Ft7A%2BUeh5dNiX17LIx4UNAN3aRtkhGNnoCgWdK8bqsXjonaBkjGvTeyk64s5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-credentials: true
cf-ray: 8b2f4ee8bd4c08f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 6 KB
7 KB 331ms
330ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2Fcommon%2Fprovider%2Fcq9%2Fslotgame%2Factive.png%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=1080&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8cc93d0ca1810125a5f089420323a7cd7ef77a61fa1d95a352d544b509eb3fd

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: HIT
x-kong-upstream-latency: 3
content-disposition: inline; filename="active.webp"
alt-svc: h3=":443"; ma=86400
content-length: 5950
x-kong-request-id: 45fe5815257a8a104d683c0df3959b76
server: cloudflare
etag: qMyT0MoYEBJaXwiUIDI6fNfvd6YfodlaNS1US1Ces-0=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DvgI3bg2OC0WGbaTwv%2BIC5dMQbIZ5kE%2BSmhAMnXPtrTiR3ADa4asYtpavugJ5tSWRVWVp010Q1sxUQTDgxWNlkIB5lsFMPeeabvFgtLJnppcDHejimq22yMtebC42oHP3V450kBwSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ee8cd5c08f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 11 KB
12 KB 328ms
327ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=%2Fimages%2Ffooter%2Fasf-logo.webp%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=1080&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1bef9ac48c10e3f421f8edb1de2ecc27c537a1e51fd02097080ea820a53f895

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: HIT
x-kong-upstream-latency: 3
content-disposition: inline; filename="asf-logo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 11074
x-kong-request-id: 4901e578644e341e1b8a1d5cd546690e
server: cloudflare
etag: 4b75rEjBDj9CH47bHeLswnxTeh5R-QIJcIDqggpT+JU=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MiAuCMo3RTM4bvrIpwdosRwMZcVvgxB6U5wPXz2Vw61CVzdrKNJpsS%2B0irTzf3C9TMGDW8nOi1psGwBtuyZHsRdAmub2N4EIAeHEO2sd%2Fmfk%2FmNa7SkZb2fqDIryeT6KVxlfEQOgYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ee8cd6108f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 4 KB
4 KB 461ms
460ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=%2Fimages%2Ffooter%2Fpagcor-logo.webp%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=414&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea5f64eb7d1f5721f11ec41f18b9c923e6817c3b40de4fec97381fcb9aee01c1

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:27 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: HIT
x-kong-upstream-latency: 1
content-disposition: inline; filename="pagcor-logo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 3802
x-kong-request-id: a3d3293ed2429e785128e04a63a6f879
server: cloudflare
etag: 6l9k630fVyHxHsQfGLnJI+aBfDtA3k-slzgfy5ruAcE=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bID%2Bf2Ciu1JEKaazeWdUIYLterDVrXvJ8tvKNVH2cXrprDuFQQSlGZ3M9dW5OAq4oOU1KzfRq2OqvuKEkl4HIKaHkVgZ4NiCbBgQ7NREr5pPeSKN%2Fa5aDpf0uiVJRkijEM1RXqr7Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ee8cd6408f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 65 KB
66 KB 336ms
335ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2FV1006%2Fimages%2Fbanner%2F45%2F1721827441.728473_banner_desktop_a_id.jpeg%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=1080&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

068b6fdfc8286a604ce430996f19d87fb0c4e84896e25d6a1343c70849f3ea24

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: HIT
x-kong-upstream-latency: 4
content-disposition: inline; filename="1721827441.webp"
alt-svc: h3=":443"; ma=86400
content-length: 66370
x-kong-request-id: a7322d575621107cfa766471dbbcc91b
server: cloudflare
etag: Botv38goamBM5DCZbxnYf7DE6EiW4l1qE0PHCEnz6iQ=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zopxrQ8ZVrILJ8Xf2Mwx8%2BaJEwkT8mH32BxbPPD723%2Ba%2F1ot3wFYtErl8PlYsZRxf8m4IgJPlkR9Swkkv%2FrlCLBiWUWb0Ie9oL3j%2By0lYD1ksaPd0YILutEXZLVFBtXPaVChwJFxyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ee8cd6508f6-LAX

GET
H3 200 2732.c30d7e327540b07d.js Show response
www.bursa-shadow.xyz/_next/static/chunks/ 25 KB
8 KB 72ms
72ms Script
application/javascript 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bursa-shadow.xyz/_next/static/chunks/2732.c30d7e327540b07d.js
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/_next/static/chunks/webpack-3562b76f201dc6c1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8029db521e6e1ac3193bac37d625cab545f09d56f13b2ec141354b7b27b608a

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:26 GMT
content-encoding: gzip
via: kong/3.6.1
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2457
x-kong-proxy-latency: 0
x-kong-upstream-latency: 4
alt-svc: h3=":443"; ma=86400
x-kong-request-id: fd44f52541f8b14b22b4d13e354e6e69
last-modified: Tue, 13 Aug 2024 13:02:10 GMT
server: cloudflare
etag: W/"6243-1914bd4e850"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XtIiHzg8Byqu%2FOz8MmNO5tHRWFI%2FN0wLExRtZreXMG5J1E6MviTWw7QvD0KtfwNBfIvckHkSj0UGLcz4vRTG3ldsTUkhIVkL1uRnK2iyv8f3HaUb%2F4U%2BNxXiM%2F%2FPyfGVnMFRbV3VWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
cf-ray: 8b2f4ee8ed7708f6-LAX

GET
DATA 200
OK truncated
/ 614 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2369b3a69f5fc091ad43c720299b94e54bbd902d04ad060e959c7593aff86673

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 614 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e5bec432f2c762a8b8ef80927463365d76750de8f0207687d87661b69473c87

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 122 KB
123 KB 403ms
402ms Image
image/gif 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=%2Fimages%2Fwidgets%2Flucky-wheel-icon.gif%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=414&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b65664555800673aedf9a00a77fb8dbd62a09d8b83f9c66118816339cd0dc99

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:27 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 1
x-nextjs-cache: HIT
x-kong-upstream-latency: 4
content-disposition: inline; filename="lucky-wheel-icon.gif"
alt-svc: h3=":443"; ma=86400
content-length: 125373
x-kong-request-id: 002cbe1b6f25a149c0a0cf47d7273941
server: cloudflare
etag: i2VmRVWABnOu35oAp3+429YqCdi4P5xmEYgWM5zQ3Jk=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2SK0IOArzf3EBsDpdWdMSEo919kNcLO%2B446t7DhBofMFOM7BzJPRCpmSoh%2FW2fQ08hddW59EUQFIMgdwpc0UfGD%2FJh%2FvVcEZH1ZcH2heco6jLWuJ3lKZ5bYO4sB3j1pTkIUohtxADA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ee92db008f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 101 KB
102 KB 532ms
531ms Image
image/gif 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=%2Fimages%2Fwidgets%2Frtp-icon.gif%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=414&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

830ac19c2169567d88187c27c48cdca381efa8298a8977693c3067f67713f852

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:27 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: HIT
x-kong-upstream-latency: 4
content-disposition: inline; filename="rtp-icon.gif"
alt-svc: h3=":443"; ma=86400
content-length: 103318
x-kong-request-id: 953c407966a044436ab50c18db3a990e
server: cloudflare
etag: gwrBnCFpVn2IGHwnxIzco4HvqCmKiXdpPDBn9ncT+FI=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yT94Z4hX7qt1vlc%2FtjXzeRO7F7u1FQ%2BdD1bCnxkuq%2BBdovBUWNZPoGGecQUKGpdHLK6B7yj9cWftnIEFdytDVrTFP9lrZ5%2F0S6RfBL4uAEC2V1mYvcou5h%2BeRQ2qiHf3WEqgDsjOcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ee92db208f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 106 KB
107 KB 404ms
402ms Image
image/gif 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=%2Fimages%2Fwidgets%2Flucky-number-icon.gif%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=414&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ae863c4599ffff4cb2c24757c4d1af1f23cbcb024ec5e7a288b444523c4cc36

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:27 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: HIT
x-kong-upstream-latency: 4
content-disposition: inline; filename="lucky-number-icon.gif"
alt-svc: h3=":443"; ma=86400
content-length: 108836
x-kong-request-id: 9f57337131385b491ebb4a45c555400d
server: cloudflare
etag: KuhjxFmf--TLLCR1fE0a8fI8vLAk7F56KItERSPEzDY=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=do6rlIA5TgiFx41QrS0g1sNGMH%2F2em5oAgOLyAQb%2B6aLqZXhP4rAHExl76zczeZTzYvpX8X7mv2J0pfrhGma3bXsei8EaL1Xr7HqDIp8i20aJzMKBnUKrbjX3oiYEfLkOnlA4ztFKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ee92db308f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 21 KB
22 KB 531ms
529ms Image
image/gif 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=%2Fimages%2Fwidgets%2Ffeedback-icon.gif%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=414&q=75

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93b4448ea5b0db7a40cefd3aac29065365f5364d5a02725b1faa5b7fbf394e2d

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:27 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: HIT
x-kong-upstream-latency: 2
content-disposition: inline; filename="feedback-icon.gif"
alt-svc: h3=":443"; ma=86400
content-length: 21520
x-kong-request-id: 8b1acf53b71d4925ced03405324dfc2a
server: cloudflare
etag: k7REjqWw23pAzv06rCkGU2X1Nk1aAnJbH6pbf785Ti0=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zu9QSG0lJm3x%2FMwbhLPxBsAJADR2VLWlHkVABOPB%2BRjklmCMinpUeDx%2FP2LLEgoR2BLk%2FeKgsUjsBJzOU2cLDnOrM3Yuo4FVKIxf9xvCsh5CUXxMn0tNYtlfIJUC%2FWkybt0hwzNVcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ee92db408f6-LAX

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 120ms
120ms Image
text/plain 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1909817749462697&ev=PageView&dl=https%3A%2F%2Fwww.bursa-shadow.xyz%2F&rl=&if=false&ts=1723621346739&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723621345922.90597354920969157&cs_est=true&ler=empty&cdl=API_unavailable&it=1723621345565&coo=false&rqm=GET

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=119, rtx=0, c=26, mss=1232, tbw=8296, tp=17, tpl=0, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Aug 2024 07:42:26 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 180ms
180ms Image
image/png 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1909817749462697&ev=PageView&dl=https%3A%2F%2Fwww.bursa-shadow.xyz%2F&rl=&if=false&ts=1723621346739&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723621345922.90597354920969157&cs_est=true&ler=empty&cdl=API_unavailable&it=1723621345565&coo=false&rqm=FGET

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Wed, 14 Aug 2024 07:42:26 GMT
document-policy: force-load-at-top
x-fb-server-load: 26
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402897313252380466", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=119, rtx=0, c=26, mss=1232, tbw=8664, tp=20, tpl=0, uplat=59, ullat=0
pragma: no-cache
x-fb-debug: ea8gUq8uL8YL49m7/jcJS1I/eDcZje72W/jubkImHMcOz5mnhDFgs2qVvHfTMI5d0TEFPsZV0dUHbsiM1odZzQ==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402897313252380466"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
v1006.p120p0ap1.xyz/v1/public/transaction/jackpot-winner/ 52 B
500 B 281ms
279ms XHR
application/json 2606:4700:3034::6815:1c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v1006.p120p0ap1.xyz/v1/public/transaction/jackpot-winner/

Requested by

Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/_next/static/chunks/pages/_app-2306765280e37997.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:1c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0595424161ea863805d9b92c0e52d7aa1e3c46ec58cd8f0d6933759006a5fb74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:27 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Cookie, Origin
allow: GET, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6cVNC65%2F%2FlRfdxDReJ0ssBTRN8tJtUkEzXNg8fdM%2BYABmpQ94mKuwk%2FIGQ8U8g1uuRPlDTwZFkA7MREhRZblgQFABgh5zoqXfRcqCJUZNoWfRGJDCdH93g01puH35zqLWSfJ07bgcq8HLlnLnqyhou6E"}],"group":"cf-nel","max_age":604800}
x-frame-options: DENY
cf-ray: 8b2f4ee9eec6103a-LAX
alt-svc: h3=":443"; ma=86400

GET
H2 200 1713356315.730988_favicon.png
9996777888.com/V1006/images/logo_icon/web_favicon/ 2 KB
2 KB 214ms
211ms Other
image/png 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://9996777888.com/V1006/images/logo_icon/web_favicon/1713356315.730988_favicon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 88f7366f3cb305e3131c7b93138912013de04e5578f6d4791b9a5ee0a7282f06

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:27 GMT
age: 0
x-guploader-uploadid: AHxI1nMTlXa9FKkTSlIe3S55k9b4ShtQYcYhidyAno_SoH4VecLbIhefNPGO932dAbjubw46ooU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2099
last-modified: Wed, 17 Apr 2024 12:18:36 GMT
server: UploadServer
etag: "18a29f3bc351212bd6701e9d807311ea"
x-goog-generation: 1713356316115183
x-goog-hash: crc32c=0bLjTA==, md5=GKKfO8NRISvWcB6dgHMR6g==
access-control-allow-origin: *
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 2099
accept-ranges: bytes
expires: Wed, 14 Aug 2024 08:42:27 GMT

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 10 KB
11 KB 284ms
282ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2Fcommon%2Fgames%2Fpragmatic%2Fslotgame%2Fvs20olympx%2Fvs20olympx.png%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=1080&q=75

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

807f623d2f7bd276204985c84f3b4d925caee13241958192f5bbbaa182899d5e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:27 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: HIT
x-kong-upstream-latency: 3
content-disposition: inline; filename="vs20olympx.webp"
alt-svc: h3=":443"; ma=86400
content-length: 10532
x-kong-request-id: ae1ae83b5afa0165211e09170e74775d
server: cloudflare
etag: gH9iPS970nYgSYXITztNklyu4TJBlYGS9bu6oYKJnV4=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h8t93XZdqhuAVZRP9sUdtNDAHhezO1mHlPwQHNHYwtJWbjlMVk28gB2VM%2Fd4OiFEJaKaBtJ47sBX6JjeGDbH18ScXnYb1d0KgUzxsMLhy7sssfB9Vdi3q7JyIt0kXKiA3QuMh%2F1jLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4eebe8b508f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 3 KB
4 KB 286ms
284ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2Fcommon%2Fprovider%2Fpragmatic%2Fslotgame%2Fshort.png%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=1080&q=75

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

339c8a118e9e0e8faebc68bb59710b0e450e8e953334c2d2cb8c524a3299d7be

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:27 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: MISS
x-kong-upstream-latency: 14
content-disposition: inline; filename="short.webp"
alt-svc: h3=":443"; ma=86400
content-length: 3218
x-kong-request-id: b5d3677b2dfd60553ba4d11f3f9a174b
server: cloudflare
etag: M5yKEY6eDo+uvGi7WXELDkUOjpUzNMLSy4xSSjKZ174=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w25gg4ZkZyv1WFxevYJGeja3Skz%2B0m3s8mxubT49KMrdmZlm1hT%2BB1hzlLjClG4w1hsq4llAm6fhqco8bS11D214h4LjA1Jv2E%2B%2FX1vj0S3olj3xVKlBFGqnE%2FKGkxOfz74XTzflkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4eebe8b908f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 26 KB
27 KB 275ms
274ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2Fcommon%2Fgames%2Fpgsoft%2Fslotgame%2Fmahjong-ways%2Fmahjong-ways.webp%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=1080&q=75

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9140226f625f802d7f7f5f4bb770cb3ba688f49d0ae5b80d9ba452bbacf3693b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:27 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: HIT
x-kong-upstream-latency: 3
content-disposition: inline; filename="mahjong-ways.webp"
alt-svc: h3=":443"; ma=86400
content-length: 26796
x-kong-request-id: fa492f05ce222c2a547b966e7eb4465a
server: cloudflare
etag: kUAib2JfgC1-f19Lt3DLO6aI9J0K5bgNm6RSu6zzaTs=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zLX6WcwpipiJUPh63dHkvOwhdLi4u09aSB1jm7yJAyS6eVMo%2FvDrJYzQ0396KmcAZSeAt0oSL9CUKeQHZDVLTax%2BeYMJAv18i5K6jjbEtKhspNQ4FRPdMOhMJQEdIq7hEX5w7lQaTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4eebe8ba08f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 6 KB
6 KB 279ms
278ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2Fcommon%2Fprovider%2Fpgsoft%2Fslotgame%2Fshort.png%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=1080&q=75

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7102ac835ba16181283e555060c287c06a590ae4466e32ae04a35e9bc496a494

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:27 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: HIT
x-kong-upstream-latency: 4
content-disposition: inline; filename="short.webp"
alt-svc: h3=":443"; ma=86400
content-length: 5636
x-kong-request-id: 0bb9bc1ad6cdc748e9511e5e9cd99a47
server: cloudflare
etag: cQKsg1uhYYEoPlVQYMKHwGpZCuRGbjKuBKNem8SWpJQ=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Eh9z%2BkuHRYEo173xSunrAs%2BYNiwXww4JE3d0xNdWYHBlfOA6e7xGhlqVoN1M2O%2BXLq1pdPmcwzguEzCxzHgkgdS7l3ngFtcmn%2FY0Wm94VwMigRLHNdFqdQmOKTkL8wqTWubS6ivJCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4eebe8bc08f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 27 KB
28 KB 377ms
375ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2Fcommon%2Fgames%2Fpgsoft%2Fslotgame%2Fmahjong-ways2%2Fmahjong-ways2.webp%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=1080&q=75

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6750ae198c588a25064efb9b142b1f20d1778e88a87804c4a7856bed0bde3dbc

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:27 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: MISS
x-kong-upstream-latency: 103
content-disposition: inline; filename="mahjong-ways2.webp"
alt-svc: h3=":443"; ma=86400
content-length: 27430
x-kong-request-id: f1e15252f8476661b036da5a6fae770a
server: cloudflare
etag: Z1CuGYxYiiUGTvubFCsfINF3joioeATEp4Vr7QvePbw=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3FZwlghEqdsguUp0ly26eFAwHqC8o%2BwWD7iq%2BKcelQwfIwXOO4%2B3s6eMoILt8H8SzFyaaEqQgfc%2FKWVAbDbKn3Yf34e7FuW9uUm7eKIxmsVWCSUSaoCXqHyY9josR6qD2HuTFeVTsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4eebe8bd08f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 7 KB
8 KB 280ms
279ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2Fcommon%2Fgames%2Fpragmatic%2Fslotgame%2Fvs20olympgate%2Fvs20olympgate.webp%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=1080&q=75

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2037f36e7c7962498430c022e79ebe3cd8fc5d5e07405605340e877a862b0c8

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:27 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: HIT
x-kong-upstream-latency: 6
content-disposition: inline; filename="vs20olympgate.webp"
alt-svc: h3=":443"; ma=86400
content-length: 7084
x-kong-request-id: 2f72bb399ba9113d105eb7505909e43f
server: cloudflare
etag: wgN-NufHliSYQwwCLnnr482PxdXgdAVgU0Dod6hisMg=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aVtm5K%2BVf8hcosIOz%2BhCTvxoDb7tST6evCqrGojfe7Ucm8QEOtEPLVC1gxQhO%2BH4G9ea%2F1kGd%2FI7fhJCYXhHVqX9mmgAuzv4mrg8OA%2BIRuJCe80XQ%2BNqTy9jg1l24i5FlG3YGzjZfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4eebe8be08f6-LAX

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 11 KB
12 KB 332ms
331ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2Fcommon%2Fgames%2Fpragmatic%2Fslotgame%2Fvs20starlightx%2Fvs20starlightx.png%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=1080&q=75

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

075ae4228d04753646100642090de7d06183ec558d51fae78df3479cdae68886

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:27 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: MISS
x-kong-upstream-latency: 53
content-disposition: inline; filename="vs20starlightx.webp"
alt-svc: h3=":443"; ma=86400
content-length: 11066
x-kong-request-id: 2f75a50301a338532cd2a03ae227f22f
server: cloudflare
etag: B1rkIo0EdTZGEAZCCQ3n0GGD7FWNUfrnjfNHnNrmiIY=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5pKFefjF2dRlv46T3WGpu6pi7Q3Uy3YzwTEpaUAzPCsAeLi2FmHty1YC33UM4GRcImxJoyCZ%2FYxb3rA1IOyMU16o5gmxPAtdv7%2F6kAJwJ8UIhAorJNhGiJ7q07yPxtqjnB82NqwFVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4eebe8c008f6-LAX

GET
H2 200 1713356315.730988_favicon.png
9996777888.com/V1006/images/logo_icon/web_favicon/ 2 KB
0 0ms
0ms Other
image/png 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://9996777888.com/V1006/images/logo_icon/web_favicon/1713356315.730988_favicon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 88f7366f3cb305e3131c7b93138912013de04e5578f6d4791b9a5ee0a7282f06

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:27 GMT
age: 0
x-guploader-uploadid: AHxI1nMTlXa9FKkTSlIe3S55k9b4ShtQYcYhidyAno_SoH4VecLbIhefNPGO932dAbjubw46ooU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2099
last-modified: Wed, 17 Apr 2024 12:18:36 GMT
server: UploadServer
etag: "18a29f3bc351212bd6701e9d807311ea"
x-goog-generation: 1713356316115183
x-goog-hash: crc32c=0bLjTA==, md5=GKKfO8NRISvWcB6dgHMR6g==
access-control-allow-origin: *
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 2099
accept-ranges: bytes
expires: Wed, 14 Aug 2024 08:42:27 GMT

GET
H2 200 1713356315.730988_favicon.png
9996777888.com/V1006/images/logo_icon/web_favicon/ 2 KB
0 0ms
0ms Other
image/png 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://9996777888.com/V1006/images/logo_icon/web_favicon/1713356315.730988_favicon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 88f7366f3cb305e3131c7b93138912013de04e5578f6d4791b9a5ee0a7282f06

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:27 GMT
age: 0
x-guploader-uploadid: AHxI1nMTlXa9FKkTSlIe3S55k9b4ShtQYcYhidyAno_SoH4VecLbIhefNPGO932dAbjubw46ooU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2099
last-modified: Wed, 17 Apr 2024 12:18:36 GMT
server: UploadServer
etag: "18a29f3bc351212bd6701e9d807311ea"
x-goog-generation: 1713356316115183
x-goog-hash: crc32c=0bLjTA==, md5=GKKfO8NRISvWcB6dgHMR6g==
access-control-allow-origin: *
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 2099
accept-ranges: bytes
expires: Wed, 14 Aug 2024 08:42:27 GMT

GET
H2 200 1713356315.730988_favicon.png
9996777888.com/V1006/images/logo_icon/web_favicon/ 2 KB
0 0ms
0ms Other
image/png 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://9996777888.com/V1006/images/logo_icon/web_favicon/1713356315.730988_favicon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 88f7366f3cb305e3131c7b93138912013de04e5578f6d4791b9a5ee0a7282f06

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:27 GMT
age: 0
x-guploader-uploadid: AHxI1nMTlXa9FKkTSlIe3S55k9b4ShtQYcYhidyAno_SoH4VecLbIhefNPGO932dAbjubw46ooU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2099
last-modified: Wed, 17 Apr 2024 12:18:36 GMT
server: UploadServer
etag: "18a29f3bc351212bd6701e9d807311ea"
x-goog-generation: 1713356316115183
x-goog-hash: crc32c=0bLjTA==, md5=GKKfO8NRISvWcB6dgHMR6g==
access-control-allow-origin: *
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 2099
accept-ranges: bytes
expires: Wed, 14 Aug 2024 08:42:27 GMT

GET
H3 304 unleash
www.bursa-shadow.xyz/api/ 0
0 281ms
281ms Fetch 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bursa-shadow.xyz/api/unleash?environment=default&appName=default&sessionId=763132622&properties%5BbrandCode%5D=V1006&properties%5Bapplication%5D=portal&properties%5Bservice%5D=portal-ui&properties%5Busername%5D=&properties%5BisLoggedIn%5D=false&userId=
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/_next/static/chunks/7718-b8610afbf4d8cefd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: application/json
Referer: https://www.bursa-shadow.xyz/
If-None-Match: W/"e-s5xwV9+7QhSQAlOjSJ/Y5v+WCp4"
Authorization: *:production.c996169ede01b187d87658daa9523e6eab5ed5c115e2a3d8126922ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:28 GMT
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-kong-upstream-latency: 10
alt-svc: h3=":443"; ma=86400
x-kong-request-id: ecbc0309854ebf64c79b6b6983772a10
server: cloudflare
etag: W/"e-s5xwV9+7QhSQAlOjSJ/Y5v+WCp4"
vary: Origin, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fJCDrZRS5WaABh%2BAJ98TEVsPOt%2FHoKhtlO9MgtH57%2F%2Be8%2BsQXccsqeQqzZeH6Fnfezoa7wYu1EJFY2DAl4iWdSv10ZsiwN9nHqpHwx2tvlwhrEiMtPTnPbY8CMfA4W8%2BtXKZMjIQ1g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8b2f4eefac8308f6-LAX

GET
H3 200 1650.ed998d44876e78c9.js Show response
www.bursa-shadow.xyz/_next/static/chunks/ 3 KB
2 KB 72ms
71ms Script
application/javascript 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bursa-shadow.xyz/_next/static/chunks/1650.ed998d44876e78c9.js
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/_next/static/chunks/webpack-3562b76f201dc6c1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbf2d1e45ce4f4561bc55b161629d871eadfa52aff16c667cc8991023eb4f5df

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:27 GMT
content-encoding: gzip
via: kong/3.6.1
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 114859
x-kong-proxy-latency: 1
x-kong-upstream-latency: 4
alt-svc: h3=":443"; ma=86400
x-kong-request-id: 407b7530a39aef34d0d6ac27d3486221
last-modified: Tue, 06 Aug 2024 05:06:48 GMT
server: cloudflare
etag: W/"d56-19126152e40"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rahAMq7p41VicIz8Vnjas%2Blb1hhf1dlkqNCtOIfvBhnJAjtOyhLpaG8O3anFOcZti2UXD79%2FNJCG2ScLDD02JsPo9pbOZmXJxIZ2IcJRVy9AceMuoudT3A9GgkCZ%2BMWUuKQSj2nX6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
cf-ray: 8b2f4ef07d5908f6-LAX

POST
H3 200 metrics Show response
www.bursa-shadow.xyz/api/unleash/client/ 2 B
725 B 283ms
282ms Fetch
text/plain 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bursa-shadow.xyz/api/unleash/client/metrics
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/_next/static/chunks/7718-b8610afbf4d8cefd.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json
Referer: https://www.bursa-shadow.xyz/
Authorization: *:production.c996169ede01b187d87658daa9523e6eab5ed5c115e2a3d8126922ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 14 Aug 2024 07:42:28 GMT
ratelimit-reset: 60
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 1
x-kong-upstream-latency: 10
ratelimit-limit: 6000
alt-svc: h3=":443"; ma=86400
content-length: 2
x-kong-request-id: d962c9766efd5a6dc62bb6431a86fc2e
ratelimit-policy: 6000;w=60
server: cloudflare
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary: Origin, Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=td1PlT%2FbHRVBBFc9rhfSfsdqxJrGzFkMhfEMo7QmGCUg9AwsX9t1YDON9THP6Ixk%2FiOxe3dI8dTpwhByLHlif%2FwT3EBxZRc4Iq3fGFoyx9dPNIdOCZdzdJ14XTha9pofv2M%2FbqIiTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-credentials: true
cf-ray: 8b2f4ef08d6508f6-LAX
ratelimit-remaining: 5999

GET
DATA 200
OK truncated
/ 616 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7625e1e784e824e5b60f6aed434332c89aa7031d871e82cd5cb16b03f075a54d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 47 KB
48 KB 276ms
275ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2FV1006%2Fimages%2Fpopup%2F1%2F1718008717.048783_banner_desktop_a.jpeg%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=640&q=75

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a74f860161939fd1f3e59ed14a371196b5cb1168268931e87ede3a2ccbf7a10

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:28 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-nextjs-cache: HIT
x-kong-upstream-latency: 3
content-disposition: inline; filename="1718008717.webp"
alt-svc: h3=":443"; ma=86400
content-length: 48380
x-kong-request-id: 6f462310c06cf62d4196267970de6d7d
server: cloudflare
etag: KnT4YBYZOf0fPlntFKNxGWtcsRaCaJMeh+3josy-ehA=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eBxNFDJTLJSMMniwOwnCNNute%2F19E%2BmFoEaji%2FxUwQUm287cszyzWgv1mcgDgUZoD3gLXDzPQsDtbKIDiUcKEj8t97GvDxG3rzhWIyu5nWrFZVcFvozeG857SEFNpUJGpzuTOqOMqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4ef12dcf08f6-LAX

GET
H3 200 64-63c69fc7b9878c13.js Show response
www.bursa-shadow.xyz/_next/static/chunks/ 11 KB
4 KB 69ms
69ms Script
application/javascript 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bursa-shadow.xyz/_next/static/chunks/64-63c69fc7b9878c13.js
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/_next/static/chunks/webpack-3562b76f201dc6c1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a6e02b6a1de9d12700706cbd24be306aa3014e3cecafae7cae45d832a366e9a

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:31 GMT
content-encoding: gzip
via: kong/3.6.1
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2457
x-kong-proxy-latency: 1
x-kong-upstream-latency: 6
alt-svc: h3=":443"; ma=86400
x-kong-request-id: c4a68764839c44633665946dc3ae2001
last-modified: Tue, 13 Aug 2024 13:02:10 GMT
server: cloudflare
etag: W/"2d53-1914bd4e850"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=37MiKY%2F523hKq%2BsdfwGlpDgwulLfZcl%2BZK7gHetxwnfQJG8OkejFGTvmW3QUIqU8vB66jX0OHaovKdKS6bowN%2B6hiD5qpyaNdAjv%2FGMpRcQhCBRj%2Fl8eLyaeB079yXKZI2ZR72UNmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
cf-ray: 8b2f4f07edb708f6-LAX

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 83 KB
27 KB 506ms
118ms Script
application/javascript 23.48.203.199

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/_next/static/chunks/64-63c69fc7b9878c13.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.203.199 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5aee496e3f118d3e1485e0d564ead4d2c4cd387047f70f501041a425aa0380c4

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: Qa49Acwj3b.MulOTsvFZhPHgGWbfWUu1
content-encoding: br
date: Wed, 14 Aug 2024 07:42:32 GMT
x-amz-cf-pop: IAD79-C3
x-amz-server-side-encryption: AES256
cross-origin-resource-policy: cross-origin
content-length: 26849
last-modified: Wed, 14 Aug 2024 07:34:34 GMT
server: AmazonS3
etag: W/"bf6cfbb2f8a09204a751cdc3192f32e1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=28800
x-amz-cf-id: mYv9MqMrN-ReM-2L0Fw2LEAD8ES0R7BTJYLxTpxCjN7DBhkklbcEmQ==
expires: Wed, 14 Aug 2024 15:42:32 GMT

GET
H2 200 get_dynamic_configuration Show response
api.livechatinc.com/v3.6/customer/action/ 385 B
611 B 534ms
170ms Script
application/javascript 23.61.11.170

General

Check archive.org

Show headers Download Go to

Full URL

https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=14036814&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fwww.bursa-shadow.xyz%2F&channel_type=code&implementation_type=%40livechat%2Fwidget-react&jsonp=__qcu270rnx5

Requested by

Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.61.11.170 -, , ASN (),

Reverse DNS

Software

Resource Hash

68f3bbaf144dd28ec1972c2bce910a9cb88700623f8793d139147e0dd82e4074

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.bursa-shadow.xyz/;
X-Frame-Options	allow-from https://www.bursa-shadow.xyz/

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://www.bursa-shadow.xyz/;
date: Wed, 14 Aug 2024 07:42:32 GMT
cross-origin-resource-policy: cross-origin
content-length: 385
vary: Accept-Encoding
x-frame-options: allow-from https://www.bursa-shadow.xyz/
content-type: application/javascript; charset=UTF-8

GET
H3 200 image
www.bursa-shadow.xyz/_next/ 40 KB
0 276ms
276ms Image
image/webp 172.67.150.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bursa-shadow.xyz/_next/image?url=https%3A%2F%2F9996777888.com%2FV1006%2Fimages%2Fbanner%2F44%2F1720873084.356334_banner_desktop_a_id.jpeg%3Fv%3D2%26host%3Dwww.bursa-shadow.xyz&w=1080&q=75

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:32 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
via: kong/3.6.1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 1
x-nextjs-cache: HIT
x-kong-upstream-latency: 2
content-disposition: inline; filename="1720873084.webp"
alt-svc: h3=":443"; ma=86400
content-length: 66670
x-kong-request-id: f05b741477f39734ce96c304e4257833
server: cloudflare
etag: 43f1S0kfM64l18OsdfO3R-+M+I6yHGzfoOimxWh7+I0=
vary: Accept, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0WDTblSUWvpgdFKf26XNZ2KptjohXGpGwN8B2siGC2BhxhGFU%2Fm2SNSZIhAjlraqGSpIRYL9hlbe3Wb6Rpnxda3T06rXxPIuTZozcVZ605B3wfaVEvsGteK1IOGGfE769hxyhAWEyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-expose-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cache-control: public, max-age=31536000, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2f4f0ebc7508f6-LAX

GET
H2 200 get_configuration Show response
api.livechatinc.com/v3.4/customer/action/ 5 KB
2 KB 248ms
248ms Script
application/javascript 23.61.11.170

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=ba2b17b6-afb3-4fa2-bfc4-64c235a4a808&version=986.0.1.298.33.461.2.1.1.27.1.6.1&group_id=0&jsonp=__lc_static_config
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.61.11.170 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 367c7e850186d1beca0e10722d5b224dbd91555c84fc0692242cf9ba792b9838

Request headers

Referer: https://www.bursa-shadow.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 07:42:33 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
deprecation: 2024-11-30
cache-control: public, max-age=600
cross-origin-resource-policy: cross-origin
content-length: 1888
expires: Wed, 14 Aug 2024 07:52:33 GMT

GET open_chat
secure.livechatinc.com/customer/action/ Frame 175D 0
0

GET get_localization
api.livechatinc.com/v3.4/customer/action/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.bursa-shadow.xyz
URL: https://www.bursa-shadow.xyz/api/unleash?environment=default&appName=default&sessionId=763132622&properties%5BbrandCode%5D=V1006&properties%5Bapplication%5D=portal&properties%5Bservice%5D=portal-ui&properties%5Busername%5D=&properties%5BisLoggedIn%5D=false&userId=

Domain: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=14036814&group=0&embedded=1&widget_version=3&unique_groups=0

Domain: api.livechatinc.com
URL: https://api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=ba2b17b6-afb3-4fa2-bfc4-64c235a4a808&version=470b74842e9d45ce9f156d1d5a957bad_10fd7fd28ddd5bc551000b65afcf5b3d&language=id&group_id=0&jsonp=__lc_localization

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bursa-shadow.xyz/	1970-01-21 00:56:37	Name: _fbp Value: fb.1.1723621345922.90597354920969157
.bursa-shadow.xyz/	1970-01-21 08:23:01	Name: _ga_9ND913YD71 Value: GS1.1.1723621347.1.0.1723621347.0.0.0
.bursa-shadow.xyz/	1970-01-21 08:23:01	Name: _ga Value: GA1.1.295534430.1723621348

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9996777888.com
api.livechatinc.com
bursa-shadow.xyz
cdn.livechatinc.com
cdnjs.cloudflare.com
connect.facebook.net
secure.livechatinc.com
v1006.p1201nt.xyz
v1006.p120p0ap1.xyz
www.bursa-shadow.xyz
www.facebook.com
www.p120p0p1mt.xyz
api.livechatinc.com
secure.livechatinc.com
www.bursa-shadow.xyz

104.17.25.14
157.240.229.1
157.240.229.35
172.67.134.254
172.67.150.47
172.67.197.10
23.48.203.199
23.61.11.170
2606:4700:3034::6815:1c3
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
35.190.44.120
0243ebdc59eb7f61a940c0402e50fbd644b7ad1cfa6367e0dadf1ee375eae553
038ca57cd38ca42a389b32ded9cd71a197158b524f9badbd0554dbf102442fd2
04e64879f3b3ab0aae5a074e7ef85e90fb4fbb0925d8b480658c932a0fc354eb
0595424161ea863805d9b92c0e52d7aa1e3c46ec58cd8f0d6933759006a5fb74
068b6fdfc8286a604ce430996f19d87fb0c4e84896e25d6a1343c70849f3ea24
075ae4228d04753646100642090de7d06183ec558d51fae78df3479cdae68886
08e305ae4501093013a5743ceb558b599306bbb98bbb1487fe4ef8a8e17dc2fa
08fbb69251d0d9811fe00d26a32d056c788170871c553f051a494f79316675c3
11f651f2b33c5e9490f45714a97fe05cf211b0d82250a47a689b1123bfb5781e
12cc7fb5299b68290d3212be05198fb114e6fea8a57553b472b27e184fdf04d2
12f0dc8d8fa5653ced2bec2af06a67fd242d6aaf70d92a0ba424e55c33733246
19dc898b7c67f851c90be0b09bba5f8b13c8132fee567bcd80422eec7201a454
1a6e02b6a1de9d12700706cbd24be306aa3014e3cecafae7cae45d832a366e9a
1e4d212a98e6c3dec796f1ad4343ca32494065744a22f2d9272891498fb4cf80
2071083df023a10a4a958f2d5a800383b25167b1001623e98fd13fd856800142
23083c07697d1915803821d0276a8aec5a85b9f6b7cd66d5e794dc8c2a1f8391
2369b3a69f5fc091ad43c720299b94e54bbd902d04ad060e959c7593aff86673
27550a07ac8a2605aced2dd1c044e3893e4a9a0772d294368be9221dcaa9d5f7
2944339f863ae41b654a639dae13440a0a799d97f31f5abaf7dd248d6bf1e336
2a74f860161939fd1f3e59ed14a371196b5cb1168268931e87ede3a2ccbf7a10
2ae863c4599ffff4cb2c24757c4d1af1f23cbcb024ec5e7a288b444523c4cc36
2d92a0692609c57e1b3657bc1845d9944b6c64794720d49b0c515f87c5310f42
2e5bec432f2c762a8b8ef80927463365d76750de8f0207687d87661b69473c87
30a84703e7839eeaa64422db759630f21c7bfc0a4d40274f18df6063c182e991
334f9ee44f4129a350580488d55202961906ad9b5206d96d4acbe80eb80734d1
339c8a118e9e0e8faebc68bb59710b0e450e8e953334c2d2cb8c524a3299d7be
367c7e850186d1beca0e10722d5b224dbd91555c84fc0692242cf9ba792b9838
3a8498ab49e086ba26f14e3ecbcabc4078ae8a55e50b77682c8f690530458d99
405df2de564151d7988779684cbfa66402228b25892c9ae94afc9400c8a89fbb
40fa496f2555057d58307c2c4fb51b02b564fa6cfa7108ea5820c2f984a488af
423bc169738a83f1a6998e95b37e517f4431d896ccdad9628f6a35b895c9d408
4307ec863cc42893e956a41ec9ba83c778a876e74b4461cfa98ec73a0cf4d7f1
434d6172fdc75671b06da7b1b812d72ddfc93e7cef70bd107d95ef969522c8ce
43fb21da5d83672efe5296f6f790f828a6e79fe5c2c242773567470a83e378da
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44707a54350be47117976fe5315850f29bbe458284366a3a00fcc072d65b353c
46939c7839a3a43c366a786ba89e299e449dccf8120717f0bba38dec3c11cc2b
477f234e1b6f903e0de9ad58590d6f3a8b5bbaa8138759dfb33fd405e8b1dc5c
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
4ed91c62ae26b3f56a1dcd3444bd5de51fec28438171b8c6b3780e5c8cbcbac9
531404bbf700a00cdd99412c3722152fa79470518b5a3efdf5b7b8e6352c8012
552d7f9163c7686fddf3df7b0c4de7474542a179cc6167ed394757252042b6e3
555b196771926a74f87944e9d4b47c09adcf85a164ce5a96be9507cad8c39ae3
55e1bf2b7127888f6df9e93d3c73a98788d938beb0c7c028834dd0f84e1d559b
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5806ebb5ab1b1e5e3abb0f5ed91eaa6b7ad07e076be191b9b42403f040756df3
5aee496e3f118d3e1485e0d564ead4d2c4cd387047f70f501041a425aa0380c4
5d4f001dba9d0daff4527802ba245ea580390d0f8f057d94c0339c388e94e195
5df207a4b138b8e6d78d74b5308f1e5f127d7eedff363ebcc74dab5e769a7ac4
5f15e7a61e07fd068dd923ee50a997f287f4988ecb42ffb94a166f75597d0f84
6255232b0253fd8956be4b31ae101aa7fc28f1e0d6609835723876f3785661ec
64e79d5dc07cce34b3f7faeb270b811578cabe95fdd2a321831d1265c96dd4d5
6750ae198c588a25064efb9b142b1f20d1778e88a87804c4a7856bed0bde3dbc
68f3bbaf144dd28ec1972c2bce910a9cb88700623f8793d139147e0dd82e4074
69484de2f31c1fb0223dd17f2a442a1acf371379bc531ccfaf00f1fecf6bf365
6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2
6de7c5e4d1b2e964c9d17b8ef236418b49b5b1bc4a581c88f4c675c78f6191ee
7102ac835ba16181283e555060c287c06a590ae4466e32ae04a35e9bc496a494
7625e1e784e824e5b60f6aed434332c89aa7031d871e82cd5cb16b03f075a54d
76c95e19b60d065666b897db2028d61d35762f271e61b86a518b41941fb41101
78d33d4b7bec61a37239998a92aa748bd40588e22d73df597e1f9f090bcb79ff
79be8eece9f9386885a1d234860a9813cab55ed33adb5aef99323972ec54f5f0
807f623d2f7bd276204985c84f3b4d925caee13241958192f5bbbaa182899d5e
820b76aa9f514662ecb6e1ccb8f1acaeafa67ccf9b70e8e1a2caa1cf99c7624b
830ac19c2169567d88187c27c48cdca381efa8298a8977693c3067f67713f852
83d42eb1bb99f7869cd1945b4ff0320443b08198f48ff9f83963e123d1294549
88f7366f3cb305e3131c7b93138912013de04e5578f6d4791b9a5ee0a7282f06
8b65664555800673aedf9a00a77fb8dbd62a09d8b83f9c66118816339cd0dc99
903bcd6556fb4c6ff607bd1e27c0fff6f0d7f48366159983b3a0c6d62e74d26e
9140226f625f802d7f7f5f4bb770cb3ba688f49d0ae5b80d9ba452bbacf3693b
93b4448ea5b0db7a40cefd3aac29065365f5364d5a02725b1faa5b7fbf394e2d
9430dafda9242ee792396dbbd5e7e3696a58c2f51a050987976c60f33e10d09d
948313c02ab32cc65a2619de088353df821967574cf752dc9a6b3fbf59e91571
9693391d461678be59d683100b1442f4ee65d2cf5bda3904fbf6232a7eb921ca
976a23a3ee0f9ba6aa714ff0b86bca8b956dfaa76c7da8b1818e8ac5b8ef3cb3
9be4dc6a9e1af292ea17316b194290fcf72b28a327e586fd7e0941fc5bc0f778
9fcc31537f9a0cfffd14beeca7b35f7fdc96c2f064133bbe44f04bb8635b72e5
a5abb72a0c27d4ac4c284fe98d072deafa813a4043daff33259bd895beecb9bd
a8cc93d0ca1810125a5f089420323a7cd7ef77a61fa1d95a352d544b509eb3fd
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
acd3a02f2a031b7c8bcb68a230b1017333401a57d53d307c01d6d5dae172e7f2
b36742578328dd0f93190036ce283514e684054c11b1a8326c3c7c8863fa4e6c
b54bfc6f661dc0c1f5ac839095d783cdfb9279a3a4712e3b0299a34ae6d693fb
b6ac89af96a5dd5049dc8b1ac36c8d015aff2057dec1b715285c2892190dfd08
baf6f4bc1f12a6c4911e971a0487f141dd552a4e423287a6bfab5e2d99451293
be87ec0db39a45f61f0d90d096ed98448b46d2af1094e67838c2773a38749cff
be916154a95f7b3ef848b984276b45f90ed50d4c5e5eb135f9f29369ffd89bdb
bf550c557560f4a60350b554fbfedb589cfe436620a30134db2e23a57ab4cd3b
c2037f36e7c7962498430c022e79ebe3cd8fc5d5e07405605340e877a862b0c8
c59be0ff10874d94414d43b0020da7fdf3b878d7e393c372e0f9efba3aed1541
c7eb34fd31c995dc827594ac67e286fe80c03ff0a04e8a9ed15cf73b5ebbf7b7
ca514578ce2cdc2cb2957544aefb0d97cb1e782ff06a4a2ac0e31a27cc6b4cf0
cbb062802014c6a3cb1d8bd9a80f26189b8e0d5a61ba98be046a04a2d63b9466
ce7419921c329bbb15cd488c11d530fec1795083245459e27a3f98f751dcb382
d0b3908fefeddf64b8a8b12533f73fb83939ff34a72d89b122fa4daa4c6498f4
d127b5675a269a3005e8000433a13cd07095f359b8712d0d6bc30a343b66fe3e
d92ec597e743f20ec3f62dc6cdd57b25b91c103ba15c3f534273fdd33cb24755
ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be
e127c6a216fb0ab95506f676015ec4377132f20c5104bcc1e67e3615b5b23295
e1bef9ac48c10e3f421f8edb1de2ecc27c537a1e51fd02097080ea820a53f895
e2c7a6d45a347aa79b78fa051bb23c7b18d0b232c82f8767c7dbfaec7dc28d0d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e725512a930b9147e538c76aeeb81f51e4173fe56ae1136c0d3ba3e65bd908c5
e8029db521e6e1ac3193bac37d625cab545f09d56f13b2ec141354b7b27b608a
e9f9cbf977fef23135ead628cc2823acc3fcb31b76626e473e9b8e321680f83a
ea5f64eb7d1f5721f11ec41f18b9c923e6817c3b40de4fec97381fcb9aee01c1
ee56d16a45dc9fa9d73560e09f58f217c3e8a3b995ae4eaf149bc679743d2b37
ef7a924c9cc0d7ae4d00f829d7bb28a6d4211fa9e0e1e8a9560f609500727fab
fbf2d1e45ce4f4561bc55b161629d871eadfa52aff16c667cc8991023eb4f5df
fc0538cc06544f69b01bfb9a4a4488e45c8f8d9925743bbae39a541f44b09f61
fe2f993fccec78a73fe440c92fc637167e2a74337f898889851ed581bf05e024
fff0bdb3f70b85b820a949503a24610fb007cf4582f1e67f4835a14de511d50f

www.bursa-shadow.xyz Open in urlscan Pro 172.67.150.47 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

126 Requests

97 %HTTPS

23 %IPv6

9 Domains

12 Subdomains

14 IPs

2 Countries

1395 kBTransfer

2970 kBSize

3 Cookies

17 Outgoing links

Page URL History

Redirected requests

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bursa-shadow.xyz Open in urlscan Pro
172.67.150.47 Public Scan

Screenshot
Live screenshot

Full Image

126
Requests

97 %
HTTPS

23 %
IPv6

9
Domains

12
Subdomains

14
IPs

2
Countries

1395 kB
Transfer

2970 kB
Size

3
Cookies

126 HTTP transactions
7 data transactions