xn--12car7g7ac5aeu0ch.com Open in urlscan Pro Puny
กองสลากพลัส.com IDN
199.36.158.100 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://xn--12car7g7ac5aeu0ch.com/
Submission: On August 31 via manual (August 31st 2022, 9:47:46 am UTC) from IT — Scanned from IT

Summary HTTP 55 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 13 domains to perform 55 HTTP transactions. The main IP is 199.36.158.100, located in United States and belongs to FASTLY, US. The main domain is xn--12car7g7ac5aeu0ch.com. The Cisco Umbrella rank of the primary domain is 451020.
TLS certificate: Issued by R3 on August 10th 2022. Valid for: 3 months.

This is the only time xn--12car7g7ac5aeu0ch.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
30	199.36.158.100 199.36.158.100	54113 (FASTLY) (FASTLY)
3	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:27::... 2620:1ec:27::cafe:1746	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	20.96.88.162 20.96.88.162	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:813::2010	15169 (GOOGLE) (GOOGLE)
55	15

30 199.36.158.100 (United States)

ASN54113 (FASTLY, US)

xn--12car7g7ac5aeu0ch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.195 (United States)

ASN54113 (FASTLY, US)

cdn.firebase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:1746 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

asia-east2-kslplus.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.96.88.162 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

k.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	xn--12car7g7ac5aeu0ch.com xn--12car7g7ac5aeu0ch.com — Cisco Umbrella Rank: 451020	1 MB
5	googleapis.com www.googleapis.com — Cisco Umbrella Rank: 36 storage.googleapis.com — Cisco Umbrella Rank: 376	249 KB
5	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 527 c.clarity.ms — Cisco Umbrella Rank: 955 k.clarity.ms — Cisco Umbrella Rank: 5456	26 KB
4	cloudfunctions.net asia-east2-kslplus.cloudfunctions.net — Cisco Umbrella Rank: 469525	473 B
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 384	124 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	gstatic.com www.gstatic.com	42 KB
1	google.it www.google.it — Cisco Umbrella Rank: 21558	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	501 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 213	556 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 85	449 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 66	65 KB
1	firebase.com cdn.firebase.com — Cisco Umbrella Rank: 54374	42 KB
55	13

	Domain	Requested by
30	xn--12car7g7ac5aeu0ch.com	xn--12car7g7ac5aeu0ch.com
4	www.googleapis.com	xn--12car7g7ac5aeu0ch.com
4	asia-east2-kslplus.cloudfunctions.net	xn--12car7g7ac5aeu0ch.com
3	cdn.jsdelivr.net	xn--12car7g7ac5aeu0ch.com cdn.jsdelivr.net
2	c.clarity.ms	1 redirects
2	www.clarity.ms	xn--12car7g7ac5aeu0ch.com www.clarity.ms
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.gstatic.com	xn--12car7g7ac5aeu0ch.com
1	storage.googleapis.com
1	k.clarity.ms	www.clarity.ms
1	www.google.it
1	www.google.com
1	c.bing.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	xn--12car7g7ac5aeu0ch.com
1	cdn.firebase.com	xn--12car7g7ac5aeu0ch.com
55	16

This site contains links to these domains. Also see Links.

Domain
line.me
www.facebook.com

Subject Issuer	Validity	Valid
xn--hppy22-bua.wearehydra.agency R3	`2022-08-10` - `2022-11-08`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-21` - `2023-04-22`	a year	crt.sh
solarcell.graph.powerpick.co GTS CA 1D4	`2022-07-24` - `2022-10-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
misc.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google.it GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
storage.googleapis.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://xn--12car7g7ac5aeu0ch.com/
Frame ID: A925A7FAC828BE133082D00A7D0BFE1D
Requests: 51 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

กองสลากพลัส

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.]+)/)?firebase(?:\.min)?\.js
/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

55
Requests

98 %
HTTPS

75 %
IPv6

13
Domains

16
Subdomains

15
IPs

4
Countries

1684 kB
Transfer

4630 kB
Size

11
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://line.me/R/ti/p/@kslplus

Search URL Search Domain Scan URL

URL: https://www.facebook.com/kongsalakplus

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=4FE2EF6D228F4810A7ACDE0EE8C5B52C&RedC=c.clarity.ms&MXFR=303C5EB8B9D0661C35304CA9BDD068CF HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=4FE2EF6D228F4810A7ACDE0EE8C5B52C&MUID=26B9B3096AC36CC6164BA1186B796D3D

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
xn--12car7g7ac5aeu0ch.com/ 8 KB
3 KB 403ms
166ms Document
text/html 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--12car7g7ac5aeu0ch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

923d43fea4d07de2287b61f5ec312fc8dffdd0572af4aff5d3f10bda786635f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600
content-encoding: br
content-length: 2747
content-type: text/html; charset=utf-8
date: Wed, 31 Aug 2022 09:47:40 GMT
etag: "9d7673259eedff260f19ba0eeda6fa5a7d87ba4a88d71654bc2fbbe561578bba-br"
last-modified: Wed, 31 Aug 2022 07:57:59 GMT
strict-transport-security: max-age=31556926
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-mxp6954-MXP
x-timer: S1661939260.939367,VS0,VE142

GET
H2 200 style.css
xn--12car7g7ac5aeu0ch.com/css/ 88 KB
21 KB 26ms
24ms Stylesheet
text/css 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--12car7g7ac5aeu0ch.com/css/style.css?v=4.0.5

Requested by

Host: xn--12car7g7ac5aeu0ch.com
URL: https://xn--12car7g7ac5aeu0ch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0a29c4389ddc898e2658f2bd8b31b374690c893da5131284479922011fde30e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 31 Aug 2022 07:57:59 GMT
x-timer: S1661939260.110922,VS0,VE1
etag: "24e05873272d3939e523c4f66a153be563fab0f2ddf345a2fca9633863787254-br"
x-served-by: cache-mxp6954-MXP
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: max-age=3600
date: Wed, 31 Aug 2022 09:47:40 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21386
x-cache-hits: 1

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 152 KB
23 KB 105ms
29ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

Requested by

Host: xn--12car7g7ac5aeu0ch.com
URL: https://xn--12car7g7ac5aeu0ch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://xn--12car7g7ac5aeu0ch.com/
Origin: https://xn--12car7g7ac5aeu0ch.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 10679224
x-jsd-version: 5.0.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22977
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
x-served-by: cache-fra19178-FRA, cache-mxp6953-MXP
x-jsd-version-type: version
date: Wed, 31 Aug 2022 09:47:40 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.7.0/font/ 72 KB
11 KB 106ms
30ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.7.0/font/bootstrap-icons.css

Requested by

Host: xn--12car7g7ac5aeu0ch.com
URL: https://xn--12car7g7ac5aeu0ch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

083e27ffe2bac2ef597b282d2c3a6fdd0a09ece3631e3bb2c980449f6418bbce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 2540196
x-jsd-version: 1.7.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10369
etag: W/"11e0a-qWq/juG6+a0vCIRW1zWhkONA0CI"
x-served-by: cache-fra19146-FRA, cache-mxp6957-MXP
x-jsd-version-type: version
date: Wed, 31 Aug 2022 09:47:40 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 anuphan.woff2
xn--12car7g7ac5aeu0ch.com/font/ 88 KB
88 KB 48ms
47ms Font
font/woff2 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--12car7g7ac5aeu0ch.com/font/anuphan.woff2

Requested by

Host: xn--12car7g7ac5aeu0ch.com
URL: https://xn--12car7g7ac5aeu0ch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

660f5714a881cdcf658b8f309fe628fcfba7fa81955d97fc65305ae398b50186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://xn--12car7g7ac5aeu0ch.com/
Origin: https://xn--12car7g7ac5aeu0ch.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Wed, 31 Aug 2022 07:57:59 GMT
x-timer: S1661939260.111301,VS0,VE1
etag: "2bbff89b9d833527ab14852a076e86d55b1b94d4347a87bfe8568bb757207143"
x-served-by: cache-mxp6954-MXP
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: font/woff2
cache-control: max-age=3600
date: Wed, 31 Aug 2022 09:47:40 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 90166
x-cache-hits: 1

GET
H2 200 firebase.js Show response
cdn.firebase.com/js/client/2.2.1/ 126 KB
42 KB 114ms
25ms Script
application/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.firebase.com/js/client/2.2.1/firebase.js

Requested by

Host: xn--12car7g7ac5aeu0ch.com
URL: https://xn--12car7g7ac5aeu0ch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

518b731b6199f76c37019787532becd97b039fac1c702f0796cee256b95755f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
etag: "3f28a52a4862dcf057748c28f09e4a9a6d501c1cdd4e794e84507a42f71378aa"
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 42203
x-served-by: cache-mxp6961-MXP
last-modified: Wed, 15 Jul 2020 22:46:44 GMT
x-timer: S1661939260.219475,VS0,VE0
date: Wed, 31 Aug 2022 09:47:40 GMT
vary: x-fh-requested-host, accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=432000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/8.1.2/ 20 KB
7 KB 125ms
36ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.1.2/firebase-app.js

Requested by

Host: xn--12car7g7ac5aeu0ch.com
URL: https://xn--12car7g7ac5aeu0ch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

434800d40123d00dc8260e19366d917930e6d984578f0b039f1fd2278908db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:24:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6546
x-xss-protection: 0
last-modified: Fri, 04 Dec 2020 02:12:18 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Aug 2023 09:24:09 GMT

GET
H2 200 firebase-analytics.js Show response
www.gstatic.com/firebasejs/8.1.2/ 35 KB
35 KB 128ms
39ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.1.2/firebase-analytics.js

Requested by

Host: xn--12car7g7ac5aeu0ch.com
URL: https://xn--12car7g7ac5aeu0ch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2148022def76b9fb894dda29d0fe31651e0492d59a87b3de6fad4ec69ae0a9be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 18:33:24 GMT
x-content-type-options: nosniff
age: 227656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35654
x-xss-protection: 0
last-modified: Fri, 04 Dec 2020 02:12:08 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Aug 2023 18:33:24 GMT

GET
H2 200 10.51b8f86c.chunk.js Show response
xn--12car7g7ac5aeu0ch.com/static/js/ 809 KB
186 KB 32ms
31ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--12car7g7ac5aeu0ch.com/static/js/10.51b8f86c.chunk.js

Requested by

Host: xn--12car7g7ac5aeu0ch.com
URL: https://xn--12car7g7ac5aeu0ch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3aed4aae895f1dfa094f930281c781612501a755a023e51b53d9dcc54ec453a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 31 Aug 2022 07:57:59 GMT
x-timer: S1661939260.111278,VS0,VE1
etag: "5ac882fdf597cc05d87196bb8653a1094927d42951db8a87d0944b486ebc4ecc-br"
x-served-by: cache-mxp6954-MXP
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 31 Aug 2022 09:47:40 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 190492
x-cache-hits: 1

GET
H2 200 main.60436c7e.chunk.js Show response
xn--12car7g7ac5aeu0ch.com/static/js/ 9 KB
2 KB 74ms
73ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--12car7g7ac5aeu0ch.com/static/js/main.60436c7e.chunk.js

Requested by

Host: xn--12car7g7ac5aeu0ch.com
URL: https://xn--12car7g7ac5aeu0ch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f7ffe0b25611d22b2d6207235bf4220e6a4d74c2f6f92b4c9f005f397221241a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 31 Aug 2022 07:57:59 GMT
x-timer: S1661939260.111486,VS0,VE1
etag: "f1e1099b05da310965bf1aec328aaa3aa8528110494976bd2539553745f909ba-br"
x-served-by: cache-mxp6954-MXP
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 31 Aug 2022 09:47:40 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1838
x-cache-hits: 1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 184 KB
65 KB 144ms
55ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TTFH2TT

Requested by

Host: xn--12car7g7ac5aeu0ch.com
URL: https://xn--12car7g7ac5aeu0ch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2d3d78fb84562cf0147dea613a5bc9ea32cb1cbcef05e3483813f72dc35d43c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:47:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65660
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 31 Aug 2022 09:47:40 GMT

GET
H3 200 9.4c53f015.chunk.css
xn--12car7g7ac5aeu0ch.com/static/css/ 9 KB
5 KB 25ms
24ms Stylesheet
text/css 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--12car7g7ac5aeu0ch.com/static/css/9.4c53f015.chunk.css

Requested by

Host: xn--12car7g7ac5aeu0ch.com
URL: https://xn--12car7g7ac5aeu0ch.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f9962e5fc19c6d85536e4db019cc77b1c71af6081963c1ae723ec10955d7968f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 31 Aug 2022 07:57:59 GMT
x-timer: S1661939260.336410,VS0,VE1
etag: "628bfc21e9d475988a018caa78cc199295ac750f8910fab0724c6d7a792d9755-br"
x-served-by: cache-mxp6928-MXP
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: max-age=3600
date: Wed, 31 Aug 2022 09:47:40 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4537
x-cache-hits: 1

GET
H3 200 9.c7601c09.chunk.js Show response
xn--12car7g7ac5aeu0ch.com/static/js/ 2 MB
332 KB 26ms
26ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--12car7g7ac5aeu0ch.com/static/js/9.c7601c09.chunk.js

Requested by

Host: xn--12car7g7ac5aeu0ch.com
URL: https://xn--12car7g7ac5aeu0ch.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4ad37a20f9b302a3f0022340fb5b2a99f0491d9747321e151cd9ac7c1299b943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 31 Aug 2022 07:57:59 GMT
x-timer: S1661939260.336583,VS0,VE1
etag: "fbea0a1f5ee9b7a4f37ea86bb90ac8f4d51c04d094227e848a0e32296a7b8fb8-br"
x-served-by: cache-mxp6928-MXP
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 31 Aug 2022 09:47:40 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 339959
x-cache-hits: 1

GET
H3 200 11.d34b657b.chunk.css
xn--12car7g7ac5aeu0ch.com/static/css/ 6 KB
2 KB 25ms
24ms Stylesheet
text/css 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--12car7g7ac5aeu0ch.com/static/css/11.d34b657b.chunk.css

Requested by

Host: xn--12car7g7ac5aeu0ch.com
URL: https://xn--12car7g7ac5aeu0ch.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

79903cdf9f9b5c21742cb8d33262dd4f7c4325e34d73f5d4b9242eea9d355725

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 31 Aug 2022 07:57:59 GMT
x-timer: S1661939260.336957,VS0,VE1
etag: "e3f4b890b65c64b7595b4984ba47e55c95215e07837531be640e61bf05971c61-br"
x-served-by: cache-mxp6928-MXP
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: max-age=3600
date: Wed, 31 Aug 2022 09:47:40 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1406
x-cache-hits: 1

GET
H3 200 11.c0fa6a14.chunk.js Show response
xn--12car7g7ac5aeu0ch.com/static/js/ 351 KB
60 KB 90ms
90ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--12car7g7ac5aeu0ch.com/static/js/11.c0fa6a14.chunk.js

Requested by

Host: xn--12car7g7ac5aeu0ch.com
URL: https://xn--12car7g7ac5aeu0ch.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b1d44e91e7d006b8bd1c9f6183a5317c211b2c5407291d451a0a3148b1a6d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 31 Aug 2022 07:57:59 GMT
x-timer: S1661939260.337104,VS0,VE1
etag: "a53c672649418a24ea7735988316f7bb4a070e9309f65301cce41190482b99ab-br"
x-served-by: cache-mxp6928-MXP
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 31 Aug 2022 09:47:40 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 61256
x-cache-hits: 1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 145ms
34ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTFH2TT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2740
date: Wed, 31 Aug 2022 09:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 31 Aug 2022 11:02:00 GMT

GET
H2 200 a1yw84etrf Show response
www.clarity.ms/tag/ 1 KB
2 KB 299ms
151ms Script
application/x-javascript 2620:1ec:27::cafe:1746
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/a1yw84etrf?ref=gtm2
Requested by: Host: xn--12car7g7ac5aeu0ch.com
URL: https://xn--12car7g7ac5aeu0ch.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1746 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 79d585b7ef3384e91a9127b1049997884f1ce815ab7321cf9be1406452449f0a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:47:40 GMT
x-powered-by: ASP.NET
x-azure-ref: 0PC4PYwAAAABSwcDXDEfxSrKZmPRZCA5LQ1BIMzBFREdFMDQxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
content-length: 1364
expires: -1

OPTIONS
H2 204 configs
asia-east2-kslplus.cloudfunctions.net/api/v1/contents/ 0
0 447ms
323ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://asia-east2-kslplus.cloudfunctions.net/api/v1/contents/configs?vip=null

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://xn--12car7g7ac5aeu0ch.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://xn--12car7g7ac5aeu0ch.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type: text/html
date: Wed, 31 Aug 2022 09:47:40 GMT
expect-ct: max-age=0
function-execution-id: g4wtjfcucl7r
referrer-policy: no-referrer
server: Google Frontend
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-cloud-trace-context: cf516224d3cde7eab661090aa255b93d
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H3 200 configs Show response
asia-east2-kslplus.cloudfunctions.net/api/v1/contents/ 545 B
384 B 398ms
338ms Fetch
application/json 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://asia-east2-kslplus.cloudfunctions.net/api/v1/contents/configs?vip=null

Requested by

Host: xn--12car7g7ac5aeu0ch.com
URL: https://xn--12car7g7ac5aeu0ch.com/static/js/11.c0fa6a14.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

a0a4693e4d8a9f7de8013409b6a638440d19c4afeb99732236a662e6ad17c688

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://xn--12car7g7ac5aeu0ch.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-encoding: gzip
etag: W/"221-UkEHN7DMuzlgD8XAXk6URdBNuOY"
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 354
x-xss-protection: 0
referrer-policy: no-referrer
server: Google Frontend
x-frame-options: SAMEORIGIN
date: Wed, 31 Aug 2022 09:47:41 GMT
expect-ct: max-age=0
vary: Origin
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://xn--12car7g7ac5aeu0ch.com
x-cloud-trace-context: 77b0a4515ccf782a539b925a3ea8f5d7
cache-control: private
function-execution-id: k4l2qajr8p9l
x-content-type-options: nosniff

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 131ms
48ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=595706817&t=pageview&_s=1&dl=https%3A%2F%2Fxn--12car7g7ac5aeu0ch.com%2F&ul=en-us&de=UTF-8&dt=%E0%B8%81%E0%B8%AD%E0%B8%87%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%E0%B8%9E%E0%B8%A5%E0%B8%B1%E0%B8%AA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=840299022&gjid=1872486139&cid=1470131269.1661939261&tid=UA-200532771-2&_gid=345196599.1661939261&_r=1&gtm=2wg8t0TTFH2TT&cd1=1470131269.1661939261&z=475100907

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://xn--12car7g7ac5aeu0ch.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 09:47:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xn--12car7g7ac5aeu0ch.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 signupNewUser Show response
www.googleapis.com/identitytoolkit/v3/relyingparty/ 1 KB
939 B 523ms
453ms XHR
application/json 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/identitytoolkit/v3/relyingparty/signupNewUser?key=AIzaSyAPjnSUNgWOBeyRAbtaeqBckTBoKup_wVI

Requested by

Host: xn--12car7g7ac5aeu0ch.com
URL: https://xn--12car7g7ac5aeu0ch.com/static/js/9.c7601c09.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9838a2f00ee4c9e3c941d9af6256076a7d4af162324a6e749dd96043ef45a379

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://xn--12car7g7ac5aeu0ch.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
X-Client-Version: Chrome/JsCore/8.10.1/FirebaseCore-web
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 09:47:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://xn--12car7g7ac5aeu0ch.com
access-control-expose-headers: date,vary,vary,vary,content-encoding,server,content-length
cache-control: no-cache, no-store, max-age=0, must-revalidate
vary: Origin, X-Origin, Referer
content-length: 914
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 signupNewUser
www.googleapis.com/identitytoolkit/v3/relyingparty/ 0
0 331ms
226ms Preflight
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/identitytoolkit/v3/relyingparty/signupNewUser?key=AIzaSyAPjnSUNgWOBeyRAbtaeqBckTBoKup_wVI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-client-version
Access-Control-Request-Method: POST
Origin: https://xn--12car7g7ac5aeu0ch.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-client-version
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://xn--12car7g7ac5aeu0ch.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 31 Aug 2022 09:47:40 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-e/s/0.6.39/ 53 KB
23 KB 147ms
146ms Script
application/javascript 2620:1ec:27::cafe:1746
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-e/s/0.6.39/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/a1yw84etrf?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1746 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: f083096f236cb98c87af2abc70707aef6a74bb105074919b0bdc3aeec6964c1d

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:47:40 GMT
content-encoding: br
etag: "1d8baf6c78cf4a1"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0PC4PYwAAAABgssc6IIYdS7PCTp7nYr31Q1BIMzBFREdFMDQxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
449 B 138ms
45ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-200532771-2&cid=1470131269.1661939261&jid=840299022&gjid=1872486139&_gid=345196599.1661939261&_u=YGBACEAABAAAAC~&z=1914718302

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://xn--12car7g7ac5aeu0ch.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 31 Aug 2022 09:47:40 GMT
content-type: text/plain
access-control-allow-origin: https://xn--12car7g7ac5aeu0ch.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=4FE2EF6D228F4810A7ACDE0EE8C5B52C&RedC=c.clarity.ms&MXFR=303C5EB8B9D0661C35304CA9BDD068CF
https://c.clarity.ms/c.gif?CtsSyncId=4FE2EF6D228F4810A7ACDE0EE8C5B52C&MUID=26B9B3096AC36CC6164BA1186B796D3D

42 B
368 B

61ms
60ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=4FE2EF6D228F4810A7ACDE0EE8C5B52C&MUID=26B9B3096AC36CC6164BA1186B796D3D
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 09:47:40 GMT
last-modified: Wed, 17 Aug 2022 23:56:46 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "de363c295b2d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 31 Aug 2022 09:47:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CFF985F5E7274BCB9E73A03AF51F8CE8 Ref B: ZRHEDGE1719 Ref C: 2022-08-31T09:47:41Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=4FE2EF6D228F4810A7ACDE0EE8C5B52C&MUID=26B9B3096AC36CC6164BA1186B796D3D
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 150ms
71ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-200532771-2&cid=1470131269.1661939261&jid=840299022&_u=YGBACEAABAAAAC~&z=729900140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 09:47:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.it/ads/ 42 B
501 B 162ms
70ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.it/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-200532771-2&cid=1470131269.1661939261&jid=840299022&_u=YGBACEAABAAAAC~&z=729900140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 09:47:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
k.clarity.ms/ 0
183 B 383ms
126ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-e/s/0.6.39/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://xn--12car7g7ac5aeu0ch.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-origin: https://xn--12car7g7ac5aeu0ch.com
date: Wed, 31 Aug 2022 09:47:40 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H3 200 1.10da0dd2.chunk.js Show response
xn--12car7g7ac5aeu0ch.com/static/js/ 33 KB
6 KB 25ms
24ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--12car7g7ac5aeu0ch.com/static/js/1.10da0dd2.chunk.js

Requested by

Host: xn--12car7g7ac5aeu0ch.com
URL: https://xn--12car7g7ac5aeu0ch.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9cb62a46782b27e75f78f63fb6e0ed73d7f9b36eec03f8fdba79d1e901fbea2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 31 Aug 2022 07:57:59 GMT
x-timer: S1661939262.500614,VS0,VE1
etag: "47417bd0542362d7a3080f370bfe16973bad3a3f1fa124b5a1cfb9dbaddb5b4e-br"
x-served-by: cache-mxp6928-MXP
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 31 Aug 2022 09:47:41 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5934
x-cache-hits: 1

GET
H3 200 29.57885f2c.chunk.js Show response
xn--12car7g7ac5aeu0ch.com/static/js/ 2 KB
933 B 24ms
24ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--12car7g7ac5aeu0ch.com/static/js/29.57885f2c.chunk.js

Requested by

Host: xn--12car7g7ac5aeu0ch.com
URL: https://xn--12car7g7ac5aeu0ch.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dc4f7fddac32e85fc986c4e728042795c0eb5f7f2b43b68580b61ccdbd844847

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 31 Aug 2022 07:57:59 GMT
x-timer: S1661939262.501702,VS0,VE1
etag: "360557d6de46e16a023c1703caa142dae5ffec12617da86fe68b09c837642944-br"
x-served-by: cache-mxp6928-MXP
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 31 Aug 2022 09:47:41 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 608
x-cache-hits: 1

GET
H3 200 23.15ef296a.chunk.js Show response
xn--12car7g7ac5aeu0ch.com/static/js/ 21 KB
5 KB 25ms
24ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--12car7g7ac5aeu0ch.com/static/js/23.15ef296a.chunk.js

Requested by

Host: xn--12car7g7ac5aeu0ch.com
URL: https://xn--12car7g7ac5aeu0ch.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a668d46822ed697c72c9f4c9e159137872469f1d30d34b1c4f7d9f7f5a1e7800

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 31 Aug 2022 07:57:59 GMT
x-timer: S1661939262.503660,VS0,VE1
etag: "b5cac0513eddf21a40e4eec52dbe7a2b0a5d534f180620c8dca3737030656537-br"
x-served-by: cache-mxp6928-MXP
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 31 Aug 2022 09:47:41 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4299
x-cache-hits: 1

GET
H3 200 kslplus-home2.png
xn--12car7g7ac5aeu0ch.com/img/new-ui/ 14 KB
12 KB 25ms
24ms Image
image/png 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--12car7g7ac5aeu0ch.com/img/new-ui/kslplus-home2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f6a50985e4c5bb3b44609b7f0cc8efe8d0af93fd094cd0dd343207890a1cb650

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Wed, 31 Aug 2022 07:57:59 GMT
x-timer: S1661939262.516300,VS0,VE1
etag: "87157b34fc6b0e94dfa8983e708a7fc0f9d2ed0c62036bbc645808ddcddf7474"
x-served-by: cache-mxp6928-MXP
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=3600
date: Wed, 31 Aug 2022 09:47:41 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12204
x-cache-hits: 1

GET
H3 200 LOGO_RedPheonix_final.png
xn--12car7g7ac5aeu0ch.com/img/new-ui/ 11 KB
11 KB 25ms
25ms Image
image/png 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--12car7g7ac5aeu0ch.com/img/new-ui/LOGO_RedPheonix_final.png

Protocol

Security

QUIC, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2b1644a313215231bfa765fb2b02eeb6123684361d687c5cdc139810c12449f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 31 Aug 2022 07:57:59 GMT
x-timer: S1661939262.516502,VS0,VE1
etag: "c5bba62a5244849470754b66e04c306c1461ab0d97345f7822db7850ed698408-br"
x-served-by: cache-mxp6928-MXP
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=3600
date: Wed, 31 Aug 2022 09:47:41 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 11230
x-cache-hits: 1

POST
H3 200 getAccountInfo Show response
www.googleapis.com/identitytoolkit/v3/relyingparty/ 258 B
226 B 170ms
170ms XHR
application/json 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/identitytoolkit/v3/relyingparty/getAccountInfo?key=AIzaSyAPjnSUNgWOBeyRAbtaeqBckTBoKup_wVI

Requested by

Host: xn--12car7g7ac5aeu0ch.com
URL: https://xn--12car7g7ac5aeu0ch.com/static/js/9.c7601c09.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d65fc60bbf3e38b48a0b3034db31e03bbeb171d3e17c0c9972ea299f33f094f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://xn--12car7g7ac5aeu0ch.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
X-Client-Version: Chrome/JsCore/8.10.1/FirebaseCore-web
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 09:47:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://xn--12car7g7ac5aeu0ch.com
access-control-expose-headers: date,vary,vary,vary,content-encoding,server,content-length
cache-control: no-cache, no-store, max-age=0, must-revalidate
vary: Origin, X-Origin, Referer
content-length: 201
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 200 getAccountInfo
www.googleapis.com/identitytoolkit/v3/relyingparty/ 0
0 139ms
139ms Preflight
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/identitytoolkit/v3/relyingparty/getAccountInfo?key=AIzaSyAPjnSUNgWOBeyRAbtaeqBckTBoKup_wVI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-client-version
Access-Control-Request-Method: POST
Origin: https://xn--12car7g7ac5aeu0ch.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-client-version
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://xn--12car7g7ac5aeu0ch.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 31 Aug 2022 09:47:41 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 5.ad0fe690.chunk.js Show response
xn--12car7g7ac5aeu0ch.com/static/js/ 10 KB
3 KB 25ms
24ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--12car7g7ac5aeu0ch.com/static/js/5.ad0fe690.chunk.js

Requested by

Host: xn--12car7g7ac5aeu0ch.com
URL: https://xn--12car7g7ac5aeu0ch.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0da85b25c60473bdcfd5384babb4ebdd8edf55750b57af485e31c199afb525a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 31 Aug 2022 07:57:59 GMT
x-timer: S1661939262.586063,VS0,VE1
etag: "7ad02157776e764d260a5995fd15a83fc898e7af07721129e8dffd176979c3c6-br"
x-served-by: cache-mxp6928-MXP
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 31 Aug 2022 09:47:41 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2754
x-cache-hits: 1

GET
H3 200 6.ca8fa794.chunk.js Show response
xn--12car7g7ac5aeu0ch.com/static/js/ 12 KB
3 KB 25ms
24ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--12car7g7ac5aeu0ch.com/static/js/6.ca8fa794.chunk.js

Requested by

Host: xn--12car7g7ac5aeu0ch.com
URL: https://xn--12car7g7ac5aeu0ch.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7d11f02289fa5f2b164878de368c981f5c3325a327f5324da4a03f292c6afe6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 31 Aug 2022 07:57:59 GMT
x-timer: S1661939262.586873,VS0,VE1
etag: "d085bbbf6c67a64aa286c6d8fdba59bf9dbea35a268173cf707d57d4a980ec04-br"
x-served-by: cache-mxp6928-MXP
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 31 Aug 2022 09:47:41 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2309
x-cache-hits: 1

GET
H3 200 kslplus_logo.png
xn--12car7g7ac5aeu0ch.com/img/ 61 KB
60 KB 25ms
24ms Image
image/png 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--12car7g7ac5aeu0ch.com/img/kslplus_logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c73dadb385ae66387bf9ec3678055ab77dcb8bf014ed871091e39104066a590f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 31 Aug 2022 07:57:59 GMT
x-timer: S1661939262.589057,VS0,VE1
etag: "4f5fcfcaeb164705648d2ddbf412cc524642aae3fa794f355baded5b76ea5b99-br"
x-served-by: cache-mxp6928-MXP
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=3600
date: Wed, 31 Aug 2022 09:47:41 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 61610
x-cache-hits: 1

GET
H3 200 WhiteLogo.png
xn--12car7g7ac5aeu0ch.com/img/ 92 KB
91 KB 26ms
26ms Image
image/png 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--12car7g7ac5aeu0ch.com/img/WhiteLogo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d215b1d8f3ff90bef67299a87fcfb51593f3a919fd9fadfb94c1ccfe489b2047

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Wed, 31 Aug 2022 07:57:59 GMT
x-timer: S1661939262.589219,VS0,VE1
etag: "f0ab6ae1dfb054003e46d923c012599838682f2ea398c687d2542267ad9127c8"
x-served-by: cache-mxp6928-MXP
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=3600
date: Wed, 31 Aug 2022 09:47:41 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 93274
x-cache-hits: 1

GET
H3 200 Lucky_Box_11.png
xn--12car7g7ac5aeu0ch.com/ 4 KB
5 KB 25ms
24ms Image
image/png 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--12car7g7ac5aeu0ch.com/Lucky_Box_11.png

Protocol

Security

QUIC, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b35c6fd42f7a24191f88bb64b5981185bdcaa145b93d6542f0e97a27b726ccb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 31 Aug 2022 07:57:59 GMT
x-timer: S1661939262.595740,VS0,VE1
etag: "8b0cde460b730423bcdc708199f2b32a0971445849c976574c1808d7be030bdb-br"
x-served-by: cache-mxp6928-MXP
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=3600
date: Wed, 31 Aug 2022 09:47:41 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4429
x-cache-hits: 1

GET
H3 200 bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.7.0/font/fonts/ 90 KB
90 KB 60ms
28ms Font
font/woff2 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.7.0/font/fonts/bootstrap-icons.woff2?a97b3594ad416896e15824f6787370e0

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.7.0/font/bootstrap-icons.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c4902f4d5de34afa1a696e4eabef78b60563a227b941232f75898fc61149cc1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.7.0/font/bootstrap-icons.css
Origin: https://xn--12car7g7ac5aeu0ch.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 5482989
x-jsd-version: 1.7.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 91824
etag: W/"166b0-Tgj2It6uhqjeVgN8HzWMsRF0FLo"
x-served-by: cache-fra19165-FRA, cache-mxp6975-MXP
x-jsd-version-type: version
date: Wed, 31 Aug 2022 09:47:41 GMT
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

OPTIONS
H3 204 home
asia-east2-kslplus.cloudfunctions.net/searchLottery/ 0
0 331ms
331ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://asia-east2-kslplus.cloudfunctions.net/searchLottery/home

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://xn--12car7g7ac5aeu0ch.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://xn--12car7g7ac5aeu0ch.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type: text/html
date: Wed, 31 Aug 2022 09:47:41 GMT
expect-ct: max-age=0
function-execution-id: rfosiag20zz4
referrer-policy: no-referrer
server: Google Frontend
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-cloud-trace-context: 5113fd5e1d7025b77df8138d8a810e4e
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H3 200 home Show response
asia-east2-kslplus.cloudfunctions.net/searchLottery/ 67 B
89 B 406ms
406ms Fetch
application/json 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://asia-east2-kslplus.cloudfunctions.net/searchLottery/home

Requested by

Host: xn--12car7g7ac5aeu0ch.com
URL: https://xn--12car7g7ac5aeu0ch.com/static/js/11.c0fa6a14.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

db868cdfb4efb02836cd45d0b8590eb0205653afe01718bef7128b36c0078636

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://xn--12car7g7ac5aeu0ch.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-encoding: gzip
etag: W/"43-KXILmqadcmL3rXuRjMfBj+/tHgk"
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60
x-xss-protection: 0
referrer-policy: no-referrer
server: Google Frontend
x-frame-options: SAMEORIGIN
date: Wed, 31 Aug 2022 09:47:42 GMT
expect-ct: max-age=0
vary: Origin
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://xn--12car7g7ac5aeu0ch.com
x-cloud-trace-context: 1a0030f9d24be776c99d64d28058422f
cache-control: private
function-execution-id: f27c4mm7ikgq
x-content-type-options: nosniff

GET
H3 200 ic_analytics.svg
xn--12car7g7ac5aeu0ch.com/ 658 B
616 B 25ms
24ms Image
image/svg+xml 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--12car7g7ac5aeu0ch.com/ic_analytics.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aa7d39ae684b9dc29b319257ad078f97fd90350aa6ace71fc9cfb66eb316c045

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 31 Aug 2022 07:57:59 GMT
x-timer: S1661939262.617451,VS0,VE1
etag: "324f97a1ef01f2d07acc712f60ed6125f29ea5d0ed241bf335409ce1ac77fa07-br"
x-served-by: cache-mxp6928-MXP
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=3600
date: Wed, 31 Aug 2022 09:47:41 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 303
x-cache-hits: 1

GET
H3 200 logo_red_popup.webp
xn--12car7g7ac5aeu0ch.com/img/new-ui/ 1014 B
1 KB 25ms
25ms Image
image/webp 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--12car7g7ac5aeu0ch.com/img/new-ui/logo_red_popup.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0112d6f1a10eb85c9762fb1a03b0913b3f80d56dfb8273f4973b8077a93c3539

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
last-modified: Wed, 31 Aug 2022 07:57:59 GMT
x-timer: S1661939262.664616,VS0,VE1
etag: "49acc3d466b56db06b5e85fd7421a8d21ce80ca6ecadd8a9b06218d2c59d4f78"
x-served-by: cache-mxp6928-MXP
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/webp
cache-control: max-age=3600
date: Wed, 31 Aug 2022 09:47:41 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1014
x-cache-hits: 1

GET
H3 200 anuphan-semibold.woff2
xn--12car7g7ac5aeu0ch.com/font/ 93 KB
94 KB 26ms
25ms Font
font/woff2 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--12car7g7ac5aeu0ch.com/font/anuphan-semibold.woff2

Requested by

Host: xn--12car7g7ac5aeu0ch.com
URL: https://xn--12car7g7ac5aeu0ch.com/css/style.css?v=4.0.5

Protocol

Security

QUIC, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ec5acf01b108aac7cd2b00caf4eb43278e73643388f44b6612f2212335d46513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://xn--12car7g7ac5aeu0ch.com/css/style.css?v=4.0.5
Origin: https://xn--12car7g7ac5aeu0ch.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
last-modified: Wed, 31 Aug 2022 07:57:59 GMT
x-timer: S1661939262.671876,VS0,VE1
etag: "745c3974c6722c2b8e227889960deb542f8a5cda40947fdaa2cdd5414e8a41a1"
x-served-by: cache-mxp6928-MXP
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: font/woff2
cache-control: max-age=3600
date: Wed, 31 Aug 2022 09:47:41 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 95548
x-cache-hits: 1

GET
H3 200 anuphan-medium.woff2
xn--12car7g7ac5aeu0ch.com/font/ 92 KB
92 KB 28ms
27ms Font
font/woff2 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--12car7g7ac5aeu0ch.com/font/anuphan-medium.woff2

Requested by

Host: xn--12car7g7ac5aeu0ch.com
URL: https://xn--12car7g7ac5aeu0ch.com/css/style.css?v=4.0.5

Protocol

Security

QUIC, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d025f097a692069e18354ad62e0b6efa2368f5779146c49fc624142a4850daf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://xn--12car7g7ac5aeu0ch.com/css/style.css?v=4.0.5
Origin: https://xn--12car7g7ac5aeu0ch.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
last-modified: Wed, 31 Aug 2022 07:57:59 GMT
x-timer: S1661939262.672107,VS0,VE1
etag: "d8dd8dad11fbfb3c2f1ae9ff1df648a40bd0e4d3641155e83f79e351430af109"
x-served-by: cache-mxp6928-MXP
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: font/woff2
cache-control: max-age=3600
date: Wed, 31 Aug 2022 09:47:41 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 94080
x-cache-hits: 1

GET
H3 200 37.5405b0db.chunk.js Show response
xn--12car7g7ac5aeu0ch.com/static/js/ 6 KB
2 KB 25ms
25ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--12car7g7ac5aeu0ch.com/static/js/37.5405b0db.chunk.js

Requested by

Host: xn--12car7g7ac5aeu0ch.com
URL: https://xn--12car7g7ac5aeu0ch.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7566ff7ecde968a36c88798fa409f3b3e75d332a6e731530f475180cf8f2d000

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 31 Aug 2022 07:57:59 GMT
x-timer: S1661939262.354778,VS0,VE1
etag: "642f154986931abc9a040368cdcafdc20e557dce9bfcb54f7ac4c235921a78dd-br"
x-served-by: cache-mxp6928-MXP
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 31 Aug 2022 09:47:42 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1617
x-cache-hits: 1

GET
H3 200 logo_red_popup.webp
xn--12car7g7ac5aeu0ch.com/img/new-ui/ 1014 B
1 KB 25ms
25ms Image
image/webp 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--12car7g7ac5aeu0ch.com/img/new-ui/logo_red_popup.webp

Requested by

Host: xn--12car7g7ac5aeu0ch.com
URL: https://xn--12car7g7ac5aeu0ch.com/static/js/10.51b8f86c.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0112d6f1a10eb85c9762fb1a03b0913b3f80d56dfb8273f4973b8077a93c3539

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
last-modified: Wed, 31 Aug 2022 07:57:59 GMT
x-timer: S1661939262.356080,VS0,VE0
etag: "49acc3d466b56db06b5e85fd7421a8d21ce80ca6ecadd8a9b06218d2c59d4f78"
x-served-by: cache-mxp6928-MXP
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/webp
cache-control: max-age=3600
date: Wed, 31 Aug 2022 09:47:42 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1014
x-cache-hits: 2

GET
H3 200 Lucky_Box_11.png
xn--12car7g7ac5aeu0ch.com/ 4 KB
5 KB 25ms
25ms Image
image/png 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--12car7g7ac5aeu0ch.com/Lucky_Box_11.png

Requested by

Host: xn--12car7g7ac5aeu0ch.com
URL: https://xn--12car7g7ac5aeu0ch.com/static/js/10.51b8f86c.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b35c6fd42f7a24191f88bb64b5981185bdcaa145b93d6542f0e97a27b726ccb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 31 Aug 2022 07:57:59 GMT
x-timer: S1661939262.356354,VS0,VE0
etag: "8b0cde460b730423bcdc708199f2b32a0971445849c976574c1808d7be030bdb-br"
x-served-by: cache-mxp6928-MXP
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=3600
date: Wed, 31 Aug 2022 09:47:42 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4429
x-cache-hits: 2

GET
H3 200 ic_analytics.svg
xn--12car7g7ac5aeu0ch.com/ 658 B
616 B 25ms
24ms Image
image/svg+xml 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--12car7g7ac5aeu0ch.com/ic_analytics.svg

Requested by

Host: xn--12car7g7ac5aeu0ch.com
URL: https://xn--12car7g7ac5aeu0ch.com/static/js/10.51b8f86c.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aa7d39ae684b9dc29b319257ad078f97fd90350aa6ace71fc9cfb66eb316c045

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 31 Aug 2022 07:57:59 GMT
x-timer: S1661939262.387242,VS0,VE0
etag: "324f97a1ef01f2d07acc712f60ed6125f29ea5d0ed241bf335409ce1ac77fa07-br"
x-served-by: cache-mxp6928-MXP
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=3600
date: Wed, 31 Aug 2022 09:47:42 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 303
x-cache-hits: 2

GET
H3 200 BirdSorry.bdd57d3f.svg
xn--12car7g7ac5aeu0ch.com/static/media/ 69 KB
22 KB 26ms
25ms Image
image/svg+xml 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--12car7g7ac5aeu0ch.com/static/media/BirdSorry.bdd57d3f.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

146b7e00e916cf6dda8b51e396e95627f4d5750c87a3e2f081ec6cf68572f57f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 31 Aug 2022 07:57:59 GMT
x-timer: S1661939262.388001,VS0,VE1
etag: "8197655d8ecdb6f746957bd157c315d3707a95c143dd53f44ac51298e5542f38-br"
x-served-by: cache-mxp6928-MXP
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=3600
date: Wed, 31 Aug 2022 09:47:42 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22013
x-cache-hits: 1

GET
H2 200 empty_lotto_img.jpg
storage.googleapis.com/kslplus.appspot.com/others/ 247 KB
248 KB 110ms
35ms Image
image/jpeg 2a00:1450:4001:813::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/kslplus.appspot.com/others/empty_lotto_img.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ffbcdefcb6f4327b692898bca96f522d13714f70f3301af738988bfe5ddc0320

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:18:54 GMT
age: 1728
x-guploader-uploadid: ADPycdtBcIKZWrzrqWiMF45qpVewjq0m1bZ0lv9b1gWi4tAwUdpstfUQaQVlY55Rz38jCWZbly8Q3XtILsdSUETz9etPbOvYQv0e
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 253270
last-modified: Sun, 28 Aug 2022 14:02:22 GMT
server: UploadServer
etag: "f39fada18ef5a68fd8d640090f5f2bda"
x-goog-hash: crc32c=YzDggA==, md5=85+toY71po/Y1kAJD18r2g==
x-goog-generation: 1661695342465709
cache-control: public, max-age=3600
x-goog-stored-content-length: 253270
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 31 Aug 2022 10:18:54 GMT

GET
H3 200 IconLineCircle.fa474fcf.svg
xn--12car7g7ac5aeu0ch.com/static/media/ 1 KB
859 B 27ms
26ms Image
image/svg+xml 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--12car7g7ac5aeu0ch.com/static/media/IconLineCircle.fa474fcf.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

07c6121e750eff08e6e291a585e256a0837c912497d660f8447b48264e7d3dd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 31 Aug 2022 07:57:59 GMT
x-timer: S1661939262.388540,VS0,VE1
etag: "8807dfd72c3ec270a58a9ce9d745c517787b7294220855dad3a82006efbdd115-br"
x-served-by: cache-mxp6928-MXP
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=3600
date: Wed, 31 Aug 2022 09:47:42 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 545
x-cache-hits: 1

GET
H3 200 IconFacebookCircle.7fa2a1b9.svg
xn--12car7g7ac5aeu0ch.com/static/media/ 446 B
598 B 27ms
27ms Image
image/svg+xml 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--12car7g7ac5aeu0ch.com/static/media/IconFacebookCircle.7fa2a1b9.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

54ff05d5bfff6ca910d4f157d703f5c582b7ab291876f422bab5bccab48aaf88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://xn--12car7g7ac5aeu0ch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 31 Aug 2022 07:57:59 GMT
x-timer: S1661939262.388759,VS0,VE1
etag: "fe983c74a024bfd47170c90d63ea364f66d94daa9466821dd52af02f80934671-br"
x-served-by: cache-mxp6928-MXP
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=3600
date: Wed, 31 Aug 2022 09:47:42 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 283
x-cache-hits: 1

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.xn--12car7g7ac5aeu0ch.com/	1970-01-20 07:48:35	Name: _gcl_au Value: 1.1.1520258357.1661939260
.xn--12car7g7ac5aeu0ch.com/	1970-01-20 15:14:59	Name: _ga Value: GA1.2.1470131269.1661939261
.xn--12car7g7ac5aeu0ch.com/	1970-01-20 05:40:25	Name: _gid Value: GA1.2.345196599.1661939261
.xn--12car7g7ac5aeu0ch.com/	1970-01-20 05:38:59	Name: _gat_UA-200532771-2 Value: 1
www.clarity.ms/	1970-01-20 14:24:35	Name: CLID Value: bde6a6b7d9504eb1ade38f4e09aeeff5.20220831.20230831
.xn--12car7g7ac5aeu0ch.com/	1970-01-20 14:24:35	Name: _clck Value: 1jmrfg4\|1\|f4h\|0
.c.bing.com/	1970-01-20 15:00:35	Name: SRM_B Value: 26B9B3096AC36CC6164BA1186B796D3D
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 15:00:35	Name: MUID Value: 26B9B3096AC36CC6164BA1186B796D3D
.c.clarity.ms/	1970-01-20 05:38:59	Name: ANONCHK Value: 0
.xn--12car7g7ac5aeu0ch.com/	1970-01-20 05:40:25	Name: _clsk Value: 1252pnv\|1661939261305\|1\|0\|k.clarity.ms/collect

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

asia-east2-kslplus.cloudfunctions.net
c.bing.com
c.clarity.ms
cdn.firebase.com
cdn.jsdelivr.net
k.clarity.ms
stats.g.doubleclick.net
storage.googleapis.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.it
www.googleapis.com
www.googletagmanager.com
www.gstatic.com
xn--12car7g7ac5aeu0ch.com
151.101.1.195
199.36.158.100
20.234.93.27
20.96.88.162
2001:4860:4802:36::36
2620:1ec:27::cafe:1746
2620:1ec:c11::200
2a00:1450:4001:806::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:812::2004
2a00:1450:4001:813::2010
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c06::9d
2a04:4e42:600::485
0112d6f1a10eb85c9762fb1a03b0913b3f80d56dfb8273f4973b8077a93c3539
07c6121e750eff08e6e291a585e256a0837c912497d660f8447b48264e7d3dd3
083e27ffe2bac2ef597b282d2c3a6fdd0a09ece3631e3bb2c980449f6418bbce
0a29c4389ddc898e2658f2bd8b31b374690c893da5131284479922011fde30e2
0da85b25c60473bdcfd5384babb4ebdd8edf55750b57af485e31c199afb525a5
146b7e00e916cf6dda8b51e396e95627f4d5750c87a3e2f081ec6cf68572f57f
2148022def76b9fb894dda29d0fe31651e0492d59a87b3de6fad4ec69ae0a9be
2b1644a313215231bfa765fb2b02eeb6123684361d687c5cdc139810c12449f9
2d3d78fb84562cf0147dea613a5bc9ea32cb1cbcef05e3483813f72dc35d43c5
3aed4aae895f1dfa094f930281c781612501a755a023e51b53d9dcc54ec453a8
434800d40123d00dc8260e19366d917930e6d984578f0b039f1fd2278908db12
4ad37a20f9b302a3f0022340fb5b2a99f0491d9747321e151cd9ac7c1299b943
518b731b6199f76c37019787532becd97b039fac1c702f0796cee256b95755f2
54ff05d5bfff6ca910d4f157d703f5c582b7ab291876f422bab5bccab48aaf88
660f5714a881cdcf658b8f309fe628fcfba7fa81955d97fc65305ae398b50186
7566ff7ecde968a36c88798fa409f3b3e75d332a6e731530f475180cf8f2d000
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
79903cdf9f9b5c21742cb8d33262dd4f7c4325e34d73f5d4b9242eea9d355725
79d585b7ef3384e91a9127b1049997884f1ce815ab7321cf9be1406452449f0a
7d11f02289fa5f2b164878de368c981f5c3325a327f5324da4a03f292c6afe6d
923d43fea4d07de2287b61f5ec312fc8dffdd0572af4aff5d3f10bda786635f3
9838a2f00ee4c9e3c941d9af6256076a7d4af162324a6e749dd96043ef45a379
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cb62a46782b27e75f78f63fb6e0ed73d7f9b36eec03f8fdba79d1e901fbea2e
a0a4693e4d8a9f7de8013409b6a638440d19c4afeb99732236a662e6ad17c688
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a668d46822ed697c72c9f4c9e159137872469f1d30d34b1c4f7d9f7f5a1e7800
aa7d39ae684b9dc29b319257ad078f97fd90350aa6ace71fc9cfb66eb316c045
b35c6fd42f7a24191f88bb64b5981185bdcaa145b93d6542f0e97a27b726ccb5
b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d
c4902f4d5de34afa1a696e4eabef78b60563a227b941232f75898fc61149cc1f
c73dadb385ae66387bf9ec3678055ab77dcb8bf014ed871091e39104066a590f
d025f097a692069e18354ad62e0b6efa2368f5779146c49fc624142a4850daf7
d215b1d8f3ff90bef67299a87fcfb51593f3a919fd9fadfb94c1ccfe489b2047
d65fc60bbf3e38b48a0b3034db31e03bbeb171d3e17c0c9972ea299f33f094f8
db868cdfb4efb02836cd45d0b8590eb0205653afe01718bef7128b36c0078636
dc4f7fddac32e85fc986c4e728042795c0eb5f7f2b43b68580b61ccdbd844847
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b1d44e91e7d006b8bd1c9f6183a5317c211b2c5407291d451a0a3148b1a6d9
ec5acf01b108aac7cd2b00caf4eb43278e73643388f44b6612f2212335d46513
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f083096f236cb98c87af2abc70707aef6a74bb105074919b0bdc3aeec6964c1d
f6a50985e4c5bb3b44609b7f0cc8efe8d0af93fd094cd0dd343207890a1cb650
f7ffe0b25611d22b2d6207235bf4220e6a4d74c2f6f92b4c9f005f397221241a
f9962e5fc19c6d85536e4db019cc77b1c71af6081963c1ae723ec10955d7968f
ffbcdefcb6f4327b692898bca96f522d13714f70f3301af738988bfe5ddc0320

xn--12car7g7ac5aeu0ch.com Open in urlscan Pro Puny กองสลากพลัส.com IDN 199.36.158.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

55 Requests

98 %HTTPS

75 %IPv6

13 Domains

16 Subdomains

15 IPs

4 Countries

1684 kBTransfer

4630 kBSize

11 Cookies

2 Outgoing links

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

xn--12car7g7ac5aeu0ch.com Open in urlscan Pro Puny
กองสลากพลัส.com IDN
199.36.158.100 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

98 %
HTTPS

75 %
IPv6

13
Domains

16
Subdomains

15
IPs

4
Countries

1684 kB
Transfer

4630 kB
Size

11
Cookies

55 HTTP transactions
0 data transactions