urlscan.io logo urlscan.io
SecurityTrails logo

aqcrgg.xyz Open in urlscan Pro
104.21.4.168  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://colliecorner.com/
Effective URL: https://aqcrgg.xyz/?t=1&p0=1cafn376&p1=%7B%7Bcampaign.name%7D%7D&p2=%7B%7Bcampaign.id%7D%7D&p3=%7B%7Badset.name%7D%...
Submission: On August 16 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 13 domains to perform 53 HTTP transactions. The main IP is 104.21.4.168, located in and belongs to CLOUDFLARENET, US. The main domain is aqcrgg.xyz.
TLS certificate: Issued by WE1 on August 16th 2024. Valid for: 3 months.
This is the only time aqcrgg.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 107.163.213.16 18978 (ENZUINC-)
3 107.163.163.254 18978 (ENZUINC-)
2 140.249.240.187 136195 (CHINATELE...)
2 104.21.4.168 13335 (CLOUDFLAR...)
6 52.95.177.0 16509 (AMAZON-02)
2 142.251.40.168 15169 (GOOGLE)
4 31.13.71.7 32934 (FACEBOOK)
5 31.13.71.36 32934 (FACEBOOK)
2 104.26.13.205 13335 (CLOUDFLAR...)
1 142.251.32.98 15169 (GOOGLE)
1 142.250.176.196 15169 (GOOGLE)
1 142.251.40.195 15169 (GOOGLE)
53 12
1    107.163.213.16 (United States)

ASN18978 (ENZUINC-, US)
colliecorner.com
3    107.163.163.254 (United States)

ASN18978 (ENZUINC-, US)
mustang303.cyou
2    140.249.240.187 (China)

ASN136195 (CHINATELECOM-QINGDAO-CLOUDBASE Qingdao, Shandong Province, P.R.China., CN)
s4.cnzz.com
c.cnzz.com
2    104.21.4.168 (None, )

ASN13335 (CLOUDFLARENET, US)
aqcrgg.xyz
6    52.95.177.0 (Jakarta, Indonesia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-3.amazonaws.com
appdv76.s3.ap-southeast-3.amazonaws.com
2    142.251.40.168 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f8.1e100.net
www.googletagmanager.com
4    31.13.71.7 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-lga3.fbcdn.net
connect.facebook.net
5    31.13.71.36 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-lga3.facebook.com
www.facebook.com
2    104.26.13.205 (None, )

ASN13335 (CLOUDFLARENET, US)
api.ipify.org
1    142.251.32.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.250.176.196 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f4.1e100.net
www.google.com
1    142.251.40.195 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f3.1e100.net
www.google.ca
Apex Domain
Subdomains		 Transfer
6 amazonaws.com
appdv76.s3.ap-southeast-3.amazonaws.com — Cisco Umbrella Rank: 848557
21 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
4 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
72 KB
3 mustang303.cyou
mustang303.cyou
1 KB
2 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2512
229 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
92 KB
2 aqcrgg.xyz
aqcrgg.xyz
9 KB
2 cnzz.com
s4.cnzz.com — Cisco Umbrella Rank: 93605
z3.cnzz.com Failed
c.cnzz.com — Cisco Umbrella Rank: 56240
11 KB
1 google.ca
www.google.ca — Cisco Umbrella Rank: 9677
64 B
1 google.com
www.google.com — Cisco Umbrella Rank: 10
64 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
1 KB
1 colliecorner.com
colliecorner.com
144 B
0 vofzhq.com Failed
www.vofzhq.com Failed
53 13
Domain Requested by
6 appdv76.s3.ap-southeast-3.amazonaws.com aqcrgg.xyz
5 www.facebook.com aqcrgg.xyz
4 connect.facebook.net appdv76.s3.ap-southeast-3.amazonaws.com
connect.facebook.net
3 mustang303.cyou
2 api.ipify.org appdv76.s3.ap-southeast-3.amazonaws.com
2 www.googletagmanager.com aqcrgg.xyz
2 aqcrgg.xyz mustang303.cyou
appdv76.s3.ap-southeast-3.amazonaws.com
1 www.google.ca
1 www.google.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 c.cnzz.com s4.cnzz.com
1 s4.cnzz.com mustang303.cyou
aqcrgg.xyz
1 colliecorner.com 1 redirects
0 www.vofzhq.com Failed aqcrgg.xyz
0 z3.cnzz.com Failed s4.cnzz.com
53 15

This site contains no links.

Subject Issuer Validity Valid
www.mustang303.cyou
R10		 2024-07-30 -
2024-10-28		 3 months crt.sh
*.cnzz.com
GlobalSign Organization Validation CA - SHA256 - G3		 2024-02-17 -
2025-03-20		 a year crt.sh
aqcrgg.xyz
WE1		 2024-08-16 -
2024-11-14		 3 months crt.sh
*.s3.ap-southeast-3.amazonaws.com
Amazon RSA 2048 M01		 2024-06-20 -
2025-06-02		 a year crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-26 -
2024-08-24		 3 months crt.sh
ipify.org
WE1		 2024-07-18 -
2024-10-16		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.ca
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://aqcrgg.xyz/?t=1&p0=1cafn376&p1=%7B%7Bcampaign.name%7D%7D&p2=%7B%7Bcampaign.id%7D%7D&p3=%7B%7Badset.name%7D%7D&p4=%7B%7Badset.id%7D%7D&p5=%7B%7Bad.name%7D%7D&p6=%7B%7Bad.id%7D%7D&label=gezi&fb_pixel_id=2621029394951596&fb_access_token=1&p0_android=1daahu2w&p0_ios=1dc0rw7q&channelCode=guanwang
Frame ID: 68D54AF3B046DD2742168242049BCF31
Requests: 53 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://colliecorner.com/ HTTP 302
    http://mustang303.cyou/ HTTP 307
    https://mustang303.cyou/ Page URL
  2. https://aqcrgg.xyz/?t=1&p0=1cafn376&p1={{campaign.name}}&p2={{campaign.id}}&p3={{adset.name}}&p... Page URL
  3. https://aqcrgg.xyz/?t=1&p0=1cafn376&p1=%7B%7Bcampaign.name%7D%7D&p2=%7B%7Bcampaign.id%7D%7D&p3=... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

53
Requests

55 %
HTTPS

0 %
IPv6

13
Domains

15
Subdomains

12
IPs

4
Countries

213 kB
Transfer

1176 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://colliecorner.com/ HTTP 302
    http://mustang303.cyou/ HTTP 307
    https://mustang303.cyou/ Page URL
  2. https://aqcrgg.xyz/?t=1&p0=1cafn376&p1={{campaign.name}}&p2={{campaign.id}}&p3={{adset.name}}&p4={{adset.id}}&p5={{ad.name}}&p6={{ad.id}}&label=gezi&fb_pixel_id=2621029394951596&fb_access_token=1 Page URL
  3. https://aqcrgg.xyz/?t=1&p0=1cafn376&p1=%7B%7Bcampaign.name%7D%7D&p2=%7B%7Bcampaign.id%7D%7D&p3=%7B%7Badset.name%7D%7D&p4=%7B%7Badset.id%7D%7D&p5=%7B%7Bad.name%7D%7D&p6=%7B%7Bad.id%7D%7D&label=gezi&fb_pixel_id=2621029394951596&fb_access_token=1&p0_android=1daahu2w&p0_ios=1dc0rw7q&channelCode=guanwang Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://colliecorner.com/ HTTP 302
  • http://mustang303.cyou/ HTTP 307
  • https://mustang303.cyou/

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
mustang303.cyou/
Redirect Chain
  • https://colliecorner.com/
  • http://mustang303.cyou/
  • https://mustang303.cyou/
950 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mustang303.cyou/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.163.163.254 , United States, ASN18978 (ENZUINC-, US),
Reverse DNS
Software
nginx /
Resource Hash
3d8f9a1d91a9796989699652e63c438128ff4044057952b767792d0383f2efbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
950
content-type
text/html
date
Fri, 16 Aug 2024 16:24:47 GMT
etag
"66bf536b-3b6"
last-modified
Fri, 16 Aug 2024 13:26:03 GMT
server
nginx
strict-transport-security
max-age=31536000

Redirect headers

Location
https://mustang303.cyou/
Non-Authoritative-Reason
HttpsUpgrades
z.js
s4.cnzz.com/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.cnzz.com/z.js?id=1281337420&async=1
Requested by
Host: mustang303.cyou
URL: https://mustang303.cyou/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
140.249.240.187 , China, ASN136195 (CHINATELECOM-QINGDAO-CLOUDBASE Qingdao, Shandong Province, P.R.China., CN),
Reverse DNS
Software
Tengine /
Resource Hash
ac38fa2145cdda6a78e7706a8d819d86067a82bddb13d02e736ab36ce8f045b6

Request headers

Referer
https://mustang303.cyou/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 16:24:38 GMT
via
cache3.l2cn3135[54,54,304-0,H], cache65.l2cn3135[55,0], cache12.cn1209[0,0,200-0,H], cache11.cn1209[0,0]
server
Tengine
age
10
x-swift-cachetime
300
etag
W/"8396211108116174756"
ali-swift-global-savetime
1723825478
content-type
application/javascript
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
cache-control
public, max-age=300
x-swift-savetime
Fri, 16 Aug 2024 16:24:38 GMT
timing-allow-origin
*
content-length
10195
eagleid
8cf9f01f17238254884874761e
stat.htm
z3.cnzz.com/ 		0
0
c.js
c.cnzz.com/ 		906 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.cnzz.com/c.js?web_id=1281337420&t=z
Requested by
Host: s4.cnzz.com
URL: https://s4.cnzz.com/z.js?id=1281337420&async=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
140.249.240.187 , China, ASN136195 (CHINATELECOM-QINGDAO-CLOUDBASE Qingdao, Shandong Province, P.R.China., CN),
Reverse DNS
Software
Tengine /
Resource Hash
4e40caec07450755166c40ba51099f2807b4b2efc3d6252f59d26bc0be325e9e

Request headers

Referer
https://mustang303.cyou/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 16:20:19 GMT
via
cache3.l2cn3135[47,48,304-0,H], cache66.l2cn3135[49,0], cache5.cn1209[0,0,200-0,H], cache11.cn1209[1,0]
server
Tengine
age
268
x-swift-cachetime
321
etag
W/"17650835605665385536"
ali-swift-global-savetime
1723825220
content-type
application/javascript
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
cache-control
public, max-age=321
x-swift-savetime
Fri, 16 Aug 2024 16:20:20 GMT
timing-allow-origin
*
content-length
906
eagleid
8cf9f01f17238254888725048e
not-found-image.jpg
mustang303.cyou/ 		138 B
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mustang303.cyou/not-found-image.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.163.163.254 , United States, ASN18978 (ENZUINC-, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://mustang303.cyou/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 16:24:49 GMT
server
nginx
etag
"66a8c7e8-8a"
content-length
138
content-type
text/html
favicon.ico
mustang303.cyou/ 		138 B
218 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mustang303.cyou/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.163.163.254 , United States, ASN18978 (ENZUINC-, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://mustang303.cyou/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 16:24:49 GMT
server
nginx
etag
"66a8c7e8-8a"
content-length
138
content-type
text/html
/
aqcrgg.xyz/ 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aqcrgg.xyz/?t=1&p0=1cafn376&p1={{campaign.name}}&p2={{campaign.id}}&p3={{adset.name}}&p4={{adset.id}}&p5={{ad.name}}&p6={{ad.id}}&label=gezi&fb_pixel_id=2621029394951596&fb_access_token=1
Requested by
Host: mustang303.cyou
URL: https://mustang303.cyou/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.4.168 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa96c6cc0fb69f8989b73a2b607f5a5b1ee9d324304e71c446929cb0a45ef28f

Request headers

Referer
https://mustang303.cyou/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b42c6db3ffdab0c-YYZ
content-encoding
br
content-type
text/html
date
Fri, 16 Aug 2024 16:24:49 GMT
last-modified
Fri, 16 Aug 2024 12:04:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FLOV588ueYJNPkzppAzFXN2%2B5iI1e7x2no970yBX%2Bv9FtH5ath9np7HlVX0uS3ZLcjc%2F9l4s%2BZFnBZ3LhohVSqfHcBH6TLJk9I8AGWFa8ytjiiq4pHxKl1aCy0xS"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
index.css
www.vofzhq.com//resource/save8/css/ 		0
0
clipboard.min.js
www.vofzhq.com//resource/save8/js/ 		0
0
jquery-2.2.4.min.js
www.vofzhq.com//resource/save8/js/ 		0
0
rem.js
www.vofzhq.com//resource/save8/js/ 		0
0
qrcode.min.js
www.vofzhq.com//resource/save8/js/ 		0
0
qrcode.min.js
www.vofzhq.com//resource/save9/assets/js/ 		0
0
import-scripts.js
appdv76.s3.ap-southeast-3.amazonaws.com/adjust/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appdv76.s3.ap-southeast-3.amazonaws.com/adjust/import-scripts.js
Requested by
Host: aqcrgg.xyz
URL: https://aqcrgg.xyz/?t=1&p0=1cafn376&p1={{campaign.name}}&p2={{campaign.id}}&p3={{adset.name}}&p4={{adset.id}}&p5={{ad.name}}&p6={{ad.id}}&label=gezi&fb_pixel_id=2621029394951596&fb_access_token=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.95.177.0 Jakarta, Indonesia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-3.amazonaws.com
Software
AmazonS3 /
Resource Hash
4ca6122030dea2d2e66cde8f69cc201e27169e9d96380e736e9224c9e320a4f6

Request headers

Referer
https://aqcrgg.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Fri, 16 Aug 2024 16:24:51 GMT
Last-Modified
Sun, 07 Jul 2024 03:32:15 GMT
Server
AmazonS3
x-amz-request-id
BMQAENXAHWXPQ3GG
ETag
"0a718bb010a4bc901c45eba9dad3b0a2"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript; charset=utf-8
Accept-Ranges
bytes
Content-Length
8988
x-amz-id-2
mxHlO7xUSesxlydU4PvhVl+zCKOnesQRJG3VbiyDVoEmxUeo+SOzqVARhvIsXXWm0tlWBM0Pn8w=
js
www.googletagmanager.com/gtag/ 		265 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-16652228266
Requested by
Host: aqcrgg.xyz
URL: https://aqcrgg.xyz/?t=1&p0=1cafn376&p1={{campaign.name}}&p2={{campaign.id}}&p3={{adset.name}}&p4={{adset.id}}&p5={{ad.name}}&p6={{ad.id}}&label=gezi&fb_pixel_id=2621029394951596&fb_access_token=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.168 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://aqcrgg.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 16:24:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93801
x-xss-protection
0
last-modified
Fri, 16 Aug 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 16 Aug 2024 16:24:50 GMT
7276.js
appdv76.s3.ap-southeast-3.amazonaws.com/download-app/ 		163 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://appdv76.s3.ap-southeast-3.amazonaws.com/download-app/7276.js
Requested by
Host: aqcrgg.xyz
URL: https://aqcrgg.xyz/?t=1&p0=1cafn376&p1={{campaign.name}}&p2={{campaign.id}}&p3={{adset.name}}&p4={{adset.id}}&p5={{ad.name}}&p6={{ad.id}}&label=gezi&fb_pixel_id=2621029394951596&fb_access_token=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.95.177.0 Jakarta, Indonesia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-3.amazonaws.com
Software
AmazonS3 /
Resource Hash
8873336f042197dc261911d8d4cd9b40c6143b88f1803cd86db865f57ad8d16e

Request headers

Referer
https://aqcrgg.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Fri, 16 Aug 2024 16:24:51 GMT
Last-Modified
Thu, 15 Aug 2024 17:13:52 GMT
Server
AmazonS3
x-amz-request-id
BMQ2VXM947AHCF9H
ETag
"54c02eb502a9e7b32465840378866178"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
163
x-amz-id-2
gnKHwTbkuEKjDEWSb94Sz1L7jAevRA+lLHJGvGZDf281gkkgpU9fIidJa3Ia4TyHDhzLJ/MehC4=
9906-fb-adjust-android-ios.js
appdv76.s3.ap-southeast-3.amazonaws.com/adjust/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appdv76.s3.ap-southeast-3.amazonaws.com/adjust/9906-fb-adjust-android-ios.js
Requested by
Host: aqcrgg.xyz
URL: https://aqcrgg.xyz/?t=1&p0=1cafn376&p1={{campaign.name}}&p2={{campaign.id}}&p3={{adset.name}}&p4={{adset.id}}&p5={{ad.name}}&p6={{ad.id}}&label=gezi&fb_pixel_id=2621029394951596&fb_access_token=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.95.177.0 Jakarta, Indonesia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-3.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://aqcrgg.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Fri, 16 Aug 2024 16:24:51 GMT
Last-Modified
Sat, 20 Jul 2024 13:41:37 GMT
Server
AmazonS3
x-amz-request-id
BMQ3RZN82M4647B3
ETag
"373cc5280b601ddb10a7f4c2039fb805"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript; charset=utf-8
Accept-Ranges
bytes
Content-Length
10954
x-amz-id-2
cNIgHBozj9uG8TmuaAyNH5vFUkvTbp1Cgfpbfd3tyXzwnf09vXF5zclp1/klpyzg8Ter2eYsiyU=
fbevents.js
connect.facebook.net/en_US/ 		225 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: appdv76.s3.ap-southeast-3.amazonaws.com
URL: https://appdv76.s3.ap-southeast-3.amazonaws.com/adjust/import-scripts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://aqcrgg.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 16 Aug 2024 16:24:50 GMT
document-policy
force-load-at-top
x-fb-server-load
-2147483531
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58865
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=31, rtx=0, c=12, mss=1316, tbw=2770, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
1QerTY9ztpKsz2rcGtLY58x3g49CoWuSI2K74ilJev2V/KlEFXYMHKrVDRdVxN/Sm6CVgpwLPKIGhESvL0oTSg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
tr
www.facebook.com/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr?id=2621029394951596&ev=PageView&noscript=1
Requested by
Host: aqcrgg.xyz
URL: https://aqcrgg.xyz/?t=1&p0=1cafn376&p1={{campaign.name}}&p2={{campaign.id}}&p3={{adset.name}}&p4={{adset.id}}&p5={{ad.name}}&p6={{ad.id}}&label=gezi&fb_pixel_id=2621029394951596&fb_access_token=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-lga3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://aqcrgg.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=31, rtx=0, c=10, mss=1316, tbw=2761, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 16 Aug 2024 16:24:50 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
logo.png
www.vofzhq.com//resource/save8/img/ 		0
0
download.webp
www.vofzhq.com//resource/save8/img/ 		0
0
body.jpg
www.vofzhq.com//resource/save8/img/ 		0
0
footer.webp
www.vofzhq.com//resource/save8/img/ 		0
0
/
api.ipify.org/ 		22 B
155 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: appdv76.s3.ap-southeast-3.amazonaws.com
URL: https://appdv76.s3.ap-southeast-3.amazonaws.com/adjust/9906-fb-adjust-android-ios.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://aqcrgg.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 16:24:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
*
cf-ray
8b42c6e6ecedaab3-YYZ
content-length
22
Primary Request /
aqcrgg.xyz/ 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aqcrgg.xyz/?t=1&p0=1cafn376&p1=%7B%7Bcampaign.name%7D%7D&p2=%7B%7Bcampaign.id%7D%7D&p3=%7B%7Badset.name%7D%7D&p4=%7B%7Badset.id%7D%7D&p5=%7B%7Bad.name%7D%7D&p6=%7B%7Bad.id%7D%7D&label=gezi&fb_pixel_id=2621029394951596&fb_access_token=1&p0_android=1daahu2w&p0_ios=1dc0rw7q&channelCode=guanwang
Requested by
Host: appdv76.s3.ap-southeast-3.amazonaws.com
URL: https://appdv76.s3.ap-southeast-3.amazonaws.com/adjust/9906-fb-adjust-android-ios.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.4.168 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa96c6cc0fb69f8989b73a2b607f5a5b1ee9d324304e71c446929cb0a45ef28f

Request headers

Referer
https://aqcrgg.xyz/?t=1&p0=1cafn376&p1={{campaign.name}}&p2={{campaign.id}}&p3={{adset.name}}&p4={{adset.id}}&p5={{ad.name}}&p6={{ad.id}}&label=gezi&fb_pixel_id=2621029394951596&fb_access_token=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b42c6e68ac3ab0c-YYZ
content-encoding
br
content-type
text/html
date
Fri, 16 Aug 2024 16:24:51 GMT
last-modified
Fri, 16 Aug 2024 12:04:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ur0%2FZiI9p4%2FilhZ81gc1b1E4uxb3KBkYTOCmAnWJ9afgMByx57tOfPlMykL6g6FcL2wq6AHsyELlhtgjSkoVm4YehrLTergMDG8V5S5ZZKc5HcXDwKyNi4JzG23G"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
2621029394951596
connect.facebook.net/signals/config/ 		61 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2621029394951596?v=2.9.164&r=stable&domain=aqcrgg.xyz&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://aqcrgg.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 16 Aug 2024 16:24:51 GMT
document-policy
force-load-at-top
x-fb-server-load
25
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=31, rtx=0, c=64, mss=1316, tbw=64359, tp=-1, tpl=-1, uplat=133, ullat=0
pragma
public
x-fb-debug
VtnT0Z4QBiPmj5yHCOL+P2AE8VLT965jglq24zV+XQ91fPwauotJakaqafbxpl0c3Xjjf6rW7XQjGELf5qGk4w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/16652228266/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16652228266/?random=1723825491109&cv=11&fst=1723825491109&bg=ffffff&guid=ON&async=1&gtm=45be48e0za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Faqcrgg.xyz%2F%3Ft%3D1%26p0%3D1cafn376%26p1%3D%7B%7Bcampaign.name%7D%7D%26p2%3D%7B%7Bcampaign.id%7D%7D%26p3%3D%7B%7Badset.name%7D%7D%26p4%3D%7B%7Badset.id%7D%7D%26p5%3D%7B%7Bad.name%7D%7D%26p6%3D%7B%7Bad.id%7D%7D%26label%3Dgezi%26fb_pixel_id%3D2621029394951596%26fb_access_token%3D1&ref=https%3A%2F%2Fmustang303.cyou%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=2077184945.1723825491&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16652228266
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aqcrgg.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Aug 2024 16:24:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1465
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2621029394951596&ev=PageView&dl=https%3A%2F%2Faqcrgg.xyz%2F%3Ft%3D1%26p0%3D1cafn376%26p1%3D%257B%257Bcampaign.name%257D%257D%26p2%3D%257B%257Bcampaign.id%257D%257D%26p3%3D%257B%257Badset.name%257D%257D%26p4%3D%257B%257Badset.id%257D%257D%26p5%3D%257B%257Bad.name%257D%257D%26p6%3D%257B%257Bad.id%257D%257D%26label%3Dgezi%26fb_pixel_id%3D2621029394951596%26fb_access_token%3D_removed_&rl=https%3A%2F%2Fmustang303.cyou%2F&if=false&ts=1723825491239&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723825491237.1713114133996102&ler=other&cdl=API_unavailable&it=1723825491039&coo=false&up_url=fb_access_token&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-lga3.facebook.com
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://aqcrgg.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=31, rtx=0, c=10, mss=1316, tbw=3149, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 16 Aug 2024 16:24:51 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2621029394951596&ev=PageView&dl=https%3A%2F%2Faqcrgg.xyz%2F%3Ft%3D1%26p0%3D1cafn376%26p1%3D%257B%257Bcampaign.name%257D%257D%26p2%3D%257B%257Bcampaign.id%257D%257D%26p3%3D%257B%257Badset.name%257D%257D%26p4%3D%257B%257Badset.id%257D%257D%26p5%3D%257B%257Bad.name%257D%257D%26p6%3D%257B%257Bad.id%257D%257D%26label%3Dgezi%26fb_pixel_id%3D2621029394951596%26fb_access_token%3D_removed_&rl=https%3A%2F%2Fmustang303.cyou%2F&if=false&ts=1723825491239&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723825491237.1713114133996102&ler=other&cdl=API_unavailable&it=1723825491039&coo=false&up_url=fb_access_token&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-lga3.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://aqcrgg.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Fri, 16 Aug 2024 16:24:51 GMT
document-policy
force-load-at-top
x-fb-server-load
57
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7403774107946448014", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=31, rtx=0, c=10, mss=1316, tbw=3319, tp=-1, tpl=-1, uplat=151, ullat=0
pragma
no-cache
x-fb-debug
WZr5imqAHpDFNGBvOoHQH9loKf4ICVL5O3weU5+s7nJpqTBXhUw7e2oMKHoC8N/nQvcascSRylJjKjIkSzV8KQ==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7403774107946448014"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/16652228266/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/16652228266/?random=1723825491109&cv=11&fst=1723824000000&bg=ffffff&guid=ON&async=1&gtm=45be48e0za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Faqcrgg.xyz%2F%3Ft%3D1%26p0%3D1cafn376%26p1%3D%7B%7Bcampaign.name%7D%7D%26p2%3D%7B%7Bcampaign.id%7D%7D%26p3%3D%7B%7Badset.name%7D%7D%26p4%3D%7B%7Badset.id%7D%7D%26p5%3D%7B%7Bad.name%7D%7D%26p6%3D%7B%7Bad.id%7D%7D%26label%3Dgezi%26fb_pixel_id%3D2621029394951596%26fb_access_token%3D1&ref=https%3A%2F%2Fmustang303.cyou%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=2077184945.1723825491&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfi0aqXh37owovp9dAJVmlhYqvwdOpRA&random=3641105764&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f4.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aqcrgg.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Aug 2024 16:24:51 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/16652228266/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/16652228266/?random=1723825491109&cv=11&fst=1723824000000&bg=ffffff&guid=ON&async=1&gtm=45be48e0za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Faqcrgg.xyz%2F%3Ft%3D1%26p0%3D1cafn376%26p1%3D%7B%7Bcampaign.name%7D%7D%26p2%3D%7B%7Bcampaign.id%7D%7D%26p3%3D%7B%7Badset.name%7D%7D%26p4%3D%7B%7Badset.id%7D%7D%26p5%3D%7B%7Bad.name%7D%7D%26p6%3D%7B%7Bad.id%7D%7D%26label%3Dgezi%26fb_pixel_id%3D2621029394951596%26fb_access_token%3D1&ref=https%3A%2F%2Fmustang303.cyou%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=2077184945.1723825491&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfi0aqXh37owovp9dAJVmlhYqvwdOpRA&random=3641105764&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.195 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f3.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aqcrgg.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Aug 2024 16:24:51 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.css
www.vofzhq.com//resource/save8/css/ 		0
0
clipboard.min.js
www.vofzhq.com//resource/save8/js/ 		0
0
jquery-2.2.4.min.js
www.vofzhq.com//resource/save8/js/ 		0
0
rem.js
www.vofzhq.com//resource/save8/js/ 		0
0
qrcode.min.js
www.vofzhq.com//resource/save8/js/ 		0
0
qrcode.min.js
www.vofzhq.com//resource/save9/assets/js/ 		0
0
import-scripts.js
appdv76.s3.ap-southeast-3.amazonaws.com/adjust/ 		9 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://appdv76.s3.ap-southeast-3.amazonaws.com/adjust/import-scripts.js
Requested by
Host: aqcrgg.xyz
URL: https://aqcrgg.xyz/?t=1&p0=1cafn376&p1=%7B%7Bcampaign.name%7D%7D&p2=%7B%7Bcampaign.id%7D%7D&p3=%7B%7Badset.name%7D%7D&p4=%7B%7Badset.id%7D%7D&p5=%7B%7Bad.name%7D%7D&p6=%7B%7Bad.id%7D%7D&label=gezi&fb_pixel_id=2621029394951596&fb_access_token=1&p0_android=1daahu2w&p0_ios=1dc0rw7q&channelCode=guanwang
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.95.177.0 Jakarta, Indonesia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-3.amazonaws.com
Software
AmazonS3 /
Resource Hash
4ca6122030dea2d2e66cde8f69cc201e27169e9d96380e736e9224c9e320a4f6

Request headers

Referer
https://aqcrgg.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Fri, 16 Aug 2024 16:24:51 GMT
Last-Modified
Sun, 07 Jul 2024 03:32:15 GMT
Server
AmazonS3
x-amz-request-id
BMQAENXAHWXPQ3GG
ETag
"0a718bb010a4bc901c45eba9dad3b0a2"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript; charset=utf-8
Accept-Ranges
bytes
Content-Length
8988
x-amz-id-2
mxHlO7xUSesxlydU4PvhVl+zCKOnesQRJG3VbiyDVoEmxUeo+SOzqVARhvIsXXWm0tlWBM0Pn8w=
js
www.googletagmanager.com/gtag/ 		265 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-16652228266
Requested by
Host: aqcrgg.xyz
URL: https://aqcrgg.xyz/?t=1&p0=1cafn376&p1=%7B%7Bcampaign.name%7D%7D&p2=%7B%7Bcampaign.id%7D%7D&p3=%7B%7Badset.name%7D%7D&p4=%7B%7Badset.id%7D%7D&p5=%7B%7Bad.name%7D%7D&p6=%7B%7Bad.id%7D%7D&label=gezi&fb_pixel_id=2621029394951596&fb_access_token=1&p0_android=1daahu2w&p0_ios=1dc0rw7q&channelCode=guanwang
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.168 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
c9ea5090eb11c22426eee71d9bb6460c532634a8f0dc74a13cf481b23cbe0b4f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://aqcrgg.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 16:24:50 GMT
content-encoding
br
last-modified
Fri, 16 Aug 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93801
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 16 Aug 2024 16:24:50 GMT
7276.js
appdv76.s3.ap-southeast-3.amazonaws.com/download-app/ 		163 B
0 		Script
General
Check archive.org
Download Go to
Full URL
https://appdv76.s3.ap-southeast-3.amazonaws.com/download-app/7276.js
Requested by
Host: aqcrgg.xyz
URL: https://aqcrgg.xyz/?t=1&p0=1cafn376&p1=%7B%7Bcampaign.name%7D%7D&p2=%7B%7Bcampaign.id%7D%7D&p3=%7B%7Badset.name%7D%7D&p4=%7B%7Badset.id%7D%7D&p5=%7B%7Bad.name%7D%7D&p6=%7B%7Bad.id%7D%7D&label=gezi&fb_pixel_id=2621029394951596&fb_access_token=1&p0_android=1daahu2w&p0_ios=1dc0rw7q&channelCode=guanwang
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.95.177.0 Jakarta, Indonesia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-3.amazonaws.com
Software
AmazonS3 /
Resource Hash
8873336f042197dc261911d8d4cd9b40c6143b88f1803cd86db865f57ad8d16e

Request headers

Referer
https://aqcrgg.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Fri, 16 Aug 2024 16:24:51 GMT
Last-Modified
Thu, 15 Aug 2024 17:13:52 GMT
Server
AmazonS3
x-amz-request-id
BMQ2VXM947AHCF9H
ETag
"54c02eb502a9e7b32465840378866178"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
163
x-amz-id-2
gnKHwTbkuEKjDEWSb94Sz1L7jAevRA+lLHJGvGZDf281gkkgpU9fIidJa3Ia4TyHDhzLJ/MehC4=
9906-fb-adjust-android-ios.js
appdv76.s3.ap-southeast-3.amazonaws.com/adjust/ 		11 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://appdv76.s3.ap-southeast-3.amazonaws.com/adjust/9906-fb-adjust-android-ios.js
Requested by
Host: aqcrgg.xyz
URL: https://aqcrgg.xyz/?t=1&p0=1cafn376&p1=%7B%7Bcampaign.name%7D%7D&p2=%7B%7Bcampaign.id%7D%7D&p3=%7B%7Badset.name%7D%7D&p4=%7B%7Badset.id%7D%7D&p5=%7B%7Bad.name%7D%7D&p6=%7B%7Bad.id%7D%7D&label=gezi&fb_pixel_id=2621029394951596&fb_access_token=1&p0_android=1daahu2w&p0_ios=1dc0rw7q&channelCode=guanwang
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.95.177.0 Jakarta, Indonesia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-3.amazonaws.com
Software
AmazonS3 /
Resource Hash
265c3d8883026544f74ab8aeb82e949fa7f1930f6843add4f3eb8db8998e5cc2

Request headers

Referer
https://aqcrgg.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Fri, 16 Aug 2024 16:24:51 GMT
Last-Modified
Sat, 20 Jul 2024 13:41:37 GMT
Server
AmazonS3
x-amz-request-id
BMQ3RZN82M4647B3
ETag
"373cc5280b601ddb10a7f4c2039fb805"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript; charset=utf-8
Accept-Ranges
bytes
Content-Length
10954
x-amz-id-2
cNIgHBozj9uG8TmuaAyNH5vFUkvTbp1Cgfpbfd3tyXzwnf09vXF5zclp1/klpyzg8Ter2eYsiyU=
fbevents.js
connect.facebook.net/en_US/ 		225 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: appdv76.s3.ap-southeast-3.amazonaws.com
URL: https://appdv76.s3.ap-southeast-3.amazonaws.com/adjust/import-scripts.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://aqcrgg.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 16 Aug 2024 16:24:50 GMT
document-policy
force-load-at-top
x-fb-server-load
-2147483531
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58865
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=31, rtx=0, c=12, mss=1316, tbw=2770, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
1QerTY9ztpKsz2rcGtLY58x3g49CoWuSI2K74ilJev2V/KlEFXYMHKrVDRdVxN/Sm6CVgpwLPKIGhESvL0oTSg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
tr
www.facebook.com/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr?id=2621029394951596&ev=PageView&noscript=1
Requested by
Host: aqcrgg.xyz
URL: https://aqcrgg.xyz/?t=1&p0=1cafn376&p1=%7B%7Bcampaign.name%7D%7D&p2=%7B%7Bcampaign.id%7D%7D&p3=%7B%7Badset.name%7D%7D&p4=%7B%7Badset.id%7D%7D&p5=%7B%7Bad.name%7D%7D&p6=%7B%7Bad.id%7D%7D&label=gezi&fb_pixel_id=2621029394951596&fb_access_token=1&p0_android=1daahu2w&p0_ios=1dc0rw7q&channelCode=guanwang
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-lga3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://aqcrgg.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=34, rtx=0, c=23, mss=1232, tbw=4345, tp=9, tpl=0, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 16 Aug 2024 16:24:51 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
logo.png
www.vofzhq.com//resource/save8/img/ 		0
0
download.webp
www.vofzhq.com//resource/save8/img/ 		0
0
body.jpg
www.vofzhq.com//resource/save8/img/ 		0
0
footer.webp
www.vofzhq.com//resource/save8/img/ 		0
0
/
api.ipify.org/ 		22 B
74 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: appdv76.s3.ap-southeast-3.amazonaws.com
URL: https://appdv76.s3.ap-southeast-3.amazonaws.com/adjust/9906-fb-adjust-android-ios.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2748e2d09b32ae3fb1aa8d0f14810397758dccd4d05141defda1beec33f6d8fc

Request headers

Referer
https://aqcrgg.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 16:24:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
*
cf-ray
8b42c6eb483daab3-YYZ
content-length
22
2621029394951596
connect.facebook.net/signals/config/ 		61 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2621029394951596?v=2.9.164&r=stable&domain=aqcrgg.xyz&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
cc8fb4cb3fcd27df0c606ccedb91cad227a3f9959d3ecb03a82a5e3605c9cc84
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://aqcrgg.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 16 Aug 2024 16:24:51 GMT
document-policy
force-load-at-top
x-fb-server-load
25
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=31, rtx=0, c=64, mss=1316, tbw=64359, tp=-1, tpl=-1, uplat=133, ullat=0
pragma
public
x-fb-debug
VtnT0Z4QBiPmj5yHCOL+P2AE8VLT965jglq24zV+XQ91fPwauotJakaqafbxpl0c3Xjjf6rW7XQjGELf5qGk4w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
z.js
s4.cnzz.com/ 		0
0
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2621029394951596&ev=PageView&dl=https%3A%2F%2Faqcrgg.xyz%2F%3Ft%3D1%26p0%3D1cafn376%26p1%3D%257B%257Bcampaign.name%257D%257D%26p2%3D%257B%257Bcampaign.id%257D%257D%26p3%3D%257B%257Badset.name%257D%257D%26p4%3D%257B%257Badset.id%257D%257D%26p5%3D%257B%257Bad.name%257D%257D%26p6%3D%257B%257Bad.id%257D%257D%26label%3Dgezi%26fb_pixel_id%3D2621029394951596%26fb_access_token%3D_removed_%26p0_android%3D1daahu2w%26p0_ios%3D1dc0rw7q%26channelCode%3Dguanwang&rl=https%3A%2F%2Faqcrgg.xyz%2F%3Ft%3D1%26p0%3D1cafn376%26p1%3D%257B%257Bcampaign.name%257D%257D%26p2%3D%257B%257Bcampaign.id%257D%257D%26p3%3D%257B%257Badset.name%257D%257D%26p4%3D%257B%257Badset.id%257D%257D%26p5%3D%257B%257Bad.name%257D%257D%26p6%3D%257B%257Bad.id%257D%257D%26label%3Dgezi%26fb_pixel_id%3D2621029394951596%26fb_access_token%3D_removed_&if=false&ts=1723825491740&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723825491237.1713114133996102&ler=other&cdl=API_unavailable&it=1723825491719&coo=false&up_url=fb_access_token&up_url=fb_access_token&rqm=GET
Requested by
Host: aqcrgg.xyz
URL: https://aqcrgg.xyz/?t=1&p0=1cafn376&p1=%7B%7Bcampaign.name%7D%7D&p2=%7B%7Bcampaign.id%7D%7D&p3=%7B%7Badset.name%7D%7D&p4=%7B%7Badset.id%7D%7D&p5=%7B%7Bad.name%7D%7D&p6=%7B%7Bad.id%7D%7D&label=gezi&fb_pixel_id=2621029394951596&fb_access_token=1&p0_android=1daahu2w&p0_ios=1dc0rw7q&channelCode=guanwang
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-lga3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://aqcrgg.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=34, rtx=0, c=23, mss=1232, tbw=4761, tp=13, tpl=0, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 16 Aug 2024 16:24:51 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		0
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/16652228266/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
z3.cnzz.com
URL
https://z3.cnzz.com/stat.htm?id=1281337420&r=&lg=en-ca&ntime=none&cnzz_eid=441095318-1723825489-&showp=1600x1200&p=https%3A%2F%2Fmustang303.cyou%2F&t=Page%20Not%20Found&umuuid=1915c018354581-0ed0d1000474e2-10462c6f-1d4c00-1915c018355384&h=1
Domain
www.vofzhq.com
URL
https://www.vofzhq.com//resource/save8/css/index.css
Domain
www.vofzhq.com
URL
https://www.vofzhq.com//resource/save8/js/clipboard.min.js
Domain
www.vofzhq.com
URL
https://www.vofzhq.com//resource/save8/js/jquery-2.2.4.min.js
Domain
www.vofzhq.com
URL
https://www.vofzhq.com//resource/save8/js/rem.js
Domain
www.vofzhq.com
URL
https://www.vofzhq.com//resource/save8/js/qrcode.min.js
Domain
www.vofzhq.com
URL
https://www.vofzhq.com//resource/save9/assets/js/qrcode.min.js
Domain
www.vofzhq.com
URL
https://www.vofzhq.com//resource/save8/img/logo.png
Domain
www.vofzhq.com
URL
https://www.vofzhq.com//resource/save8/img/download.webp
Domain
www.vofzhq.com
URL
https://www.vofzhq.com//resource/save8/img/body.jpg
Domain
www.vofzhq.com
URL
https://www.vofzhq.com//resource/save8/img/footer.webp
Domain
www.vofzhq.com
URL
https://www.vofzhq.com//resource/save8/css/index.css
Domain
www.vofzhq.com
URL
https://www.vofzhq.com//resource/save8/js/clipboard.min.js
Domain
www.vofzhq.com
URL
https://www.vofzhq.com//resource/save8/js/jquery-2.2.4.min.js
Domain
www.vofzhq.com
URL
https://www.vofzhq.com//resource/save8/js/rem.js
Domain
www.vofzhq.com
URL
https://www.vofzhq.com//resource/save8/js/qrcode.min.js
Domain
www.vofzhq.com
URL
https://www.vofzhq.com//resource/save9/assets/js/qrcode.min.js
Domain
www.vofzhq.com
URL
https://www.vofzhq.com//resource/save8/img/logo.png
Domain
www.vofzhq.com
URL
https://www.vofzhq.com//resource/save8/img/download.webp
Domain
www.vofzhq.com
URL
https://www.vofzhq.com//resource/save8/img/body.jpg
Domain
www.vofzhq.com
URL
https://www.vofzhq.com//resource/save8/img/footer.webp
Domain
s4.cnzz.com
URL
https://s4.cnzz.com/z.js?id=1281337420&async=1
Domain
www.facebook.com
URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2621029394951596&ev=PageView&dl=https%3A%2F%2Faqcrgg.xyz%2F%3Ft%3D1%26p0%3D1cafn376%26p1%3D%257B%257Bcampaign.name%257D%257D%26p2%3D%257B%257Bcampaign.id%257D%257D%26p3%3D%257B%257Badset.name%257D%257D%26p4%3D%257B%257Badset.id%257D%257D%26p5%3D%257B%257Bad.name%257D%257D%26p6%3D%257B%257Bad.id%257D%257D%26label%3Dgezi%26fb_pixel_id%3D2621029394951596%26fb_access_token%3D_removed_%26p0_android%3D1daahu2w%26p0_ios%3D1dc0rw7q%26channelCode%3Dguanwang&rl=https%3A%2F%2Faqcrgg.xyz%2F%3Ft%3D1%26p0%3D1cafn376%26p1%3D%257B%257Bcampaign.name%257D%257D%26p2%3D%257B%257Bcampaign.id%257D%257D%26p3%3D%257B%257Badset.name%257D%257D%26p4%3D%257B%257Badset.id%257D%257D%26p5%3D%257B%257Bad.name%257D%257D%26p6%3D%257B%257Bad.id%257D%257D%26label%3Dgezi%26fb_pixel_id%3D2621029394951596%26fb_access_token%3D_removed_&if=false&ts=1723825491740&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723825491237.1713114133996102&ler=other&cdl=API_unavailable&it=1723825491719&coo=false&up_url=fb_access_token&up_url=fb_access_token&rqm=FGET
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16652228266/?random=1723825491781&cv=11&fst=1723825491781&bg=ffffff&guid=ON&async=1&gtm=45be48e0za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Faqcrgg.xyz%2F%3Ft%3D1%26p0%3D1cafn376%26p1%3D%257B%257Bcampaign.name%257D%257D%26p2%3D%257B%257Bcampaign.id%257D%257D%26p3%3D%257B%257Badset.name%257D%257D%26p4%3D%257B%257Badset.id%257D%257D%26p5%3D%257B%257Bad.name%257D%257D%26p6%3D%257B%257Bad.id%257D%257D%26label%3Dgezi%26fb_pixel_id%3D2621029394951596%26fb_access_token%3D1%26p0_android%3D1daahu2w%26p0_ios%3D1dc0rw7q%26channelCode%3Dguanwang&ref=https%3A%2F%2Faqcrgg.xyz%2F%3Ft%3D1%26p0%3D1cafn376%26p1%3D%7B%7Bcampaign.name%7D%7D%26p2%3D%7B%7Bcampaign.id%7D%7D%26p3%3D%7B%7Badset.name%7D%7D%26p4%3D%7B%7Badset.id%7D%7D%26p5%3D%7B%7Bad.name%7D%7D%26p6%3D%7B%7Bad.id%7D%7D%26label%3Dgezi%26fb_pixel_id%3D2621029394951596%26fb_access_token%3D1&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=2077184945.1723825491&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| urlParams string| fb_pixel_id function| fbq function| _fbq function| gtag object| dataLayer object| downloadLink string| fb_access_token function| getCookie function| buildURL function| getFbPid function| gtag_report_conversion object| _czc function| loadScript function| goDownload function| closeQR object| google_tag_manager object| google_tag_data object| GooglebQhCsO

5 Cookies

Domain/Path Name / Value
.mustang303.cyou/ Name: UM_distinctid
Value: 1915c018354581-0ed0d1000474e2-10462c6f-1d4c00-1915c018355384
mustang303.cyou/ Name: CNZZDATA1281337420
Value: 441095318-1723825489-%7C1723825489
.aqcrgg.xyz/ Name: _gcl_au
Value: 1.1.2077184945.1723825491
.aqcrgg.xyz/ Name: _fbp
Value: fb.1.1723825491237.1713114133996102
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

2 Console Messages

Source Level URL
Text
network error URL: https://mustang303.cyou/not-found-image.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://mustang303.cyou/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000