URL: https://wetyr.click/
Submission: On December 16 via api from US — Scanned from NL

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 27 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is wetyr.click.
TLS certificate: Issued by WE1 on December 15th 2024. Valid for: 3 months.
This is the only time wetyr.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 2a06:98c1:312... 13335 (CLOUDFLAR...)
5 172.67.73.116 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
5 157.240.253.1 32934 (FACEBOOK)
1 142.250.186.99 15169 (GOOGLE)
1 2600:1f14:107... 16509 (AMAZON-02)
8 157.240.252.35 32934 (FACEBOOK)
27 8
Apex Domain
Subdomains
Transfer
8 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
836 B
6 wetyr.click
wetyr.click
239 KB
5 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
163 KB
5 xfcart.com
static.xfcart.com
imgs.xfcart.com
182 KB
1 awsapprunner.com
jh23yymmgk.us-west-2.awsapprunner.com
518 B
1 gstatic.com
fonts.gstatic.com
12 KB
1 hdsai.top
asdfasv.hdsai.top
2 KB
27 7
Domain Requested by
8 www.facebook.com wetyr.click
6 wetyr.click wetyr.click
static.xfcart.com
5 connect.facebook.net wetyr.click
connect.facebook.net
4 static.xfcart.com wetyr.click
1 imgs.xfcart.com
1 jh23yymmgk.us-west-2.awsapprunner.com connect.facebook.net
1 fonts.gstatic.com wetyr.click
1 asdfasv.hdsai.top wetyr.click
27 8

This site contains no links.

Subject Issuer Validity Valid
wetyr.click
WE1
2024-12-15 -
2025-03-15
3 months crt.sh
xfcart.com
E6
2024-12-02 -
2025-03-02
3 months crt.sh
hdsai.top
WE1
2024-11-01 -
2025-01-30
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-09-24 -
2024-12-23
3 months crt.sh
*.gstatic.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.us-west-2.awsapprunner.com
Amazon RSA 2048 M02
2024-12-15 -
2026-01-13
a year crt.sh

This page contains 1 frames:

Primary Page: https://wetyr.click/
Frame ID: 0059A32F6272FF226FA7850C12CF53F0
Requests: 30 HTTP requests in this frame

Screenshot

Page Title

Bliss ROOTS

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

100 %
HTTPS

43 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

599 kB
Transfer

1530 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
wetyr.click/
354 KB
74 KB
Document
General
Full URL
https://wetyr.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00c18d633fee8ca4a9cea6b82e2972c36f73034e8cc93bafc8dfc48dc89230aa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f2f74e00b9079cd-AMS
content-encoding
zstd
content-type
text/html
date
Mon, 16 Dec 2024 14:45:20 GMT
last-modified
Mon, 16 Dec 2024 12:03:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VfW3GB6RfYYv8Rh3JZPFKtjuN%2Bb5nkhazk47dWtohVhD%2Fmo8EZMo%2B04A%2Fik%2FVKL76Fbq86vtFv09jaxI2DHr3h5kvqFrpPC8Rr2XLNi4LLbQ0TjiIw%2B1wWcQtsBUfKZzBt3czY98HUBg"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=17669&min_rtt=14610&rtt_var=8317&sent=9&recv=13&lost=0&retrans=0&sent_bytes=4254&recv_bytes=2286&delivery_rate=258951&cwnd=250&unsent_bytes=0&cid=35c27da8206b3d67&ts=643&x=0"
vary
Accept-Encoding
jquery-3.3.1.js
static.xfcart.com/public/assets/default/js/
265 KB
92 KB
Script
General
Full URL
https://static.xfcart.com/public/assets/default/js/jquery-3.3.1.js?v=2626
Requested by
Host: wetyr.click
URL: https://wetyr.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.116 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b908c396bbc02214d410d5fbf569262549a201eabe82e574de3a73baa7910567

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wetyr.click/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"66c2a0c8-42583"
age
140063
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mdy4%2FMp9keh9cEGYNBkl04UNUc0XxWveq5zw7AjgJcZ4%2FiIAUz%2BpCzEPofyqzQwtH%2BbnpgFl1J9rBMegPYk7MQIMojM%2B7UHvSaBJlq6m2RWdRk%2BzzlNks6qsBzpKp8SuGY3b"}],"group":"cf-nel","max_age":604800}
expires
Mon, 13 Jan 2025 09:36:41 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16415&min_rtt=15359&rtt_var=4104&sent=17&recv=10&lost=0&retrans=0&sent_bytes=10819&recv_bytes=4674&delivery_rate=41083&cwnd=12000&unsent_bytes=0&cid=b6a5be75319448ac&ts=54&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 16 Dec 2024 14:45:20 GMT
content-type
application/javascript
last-modified
Mon, 19 Aug 2024 01:32:56 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f2f74e52cdb6690-AMS
server
cloudflare
comfn.js
static.xfcart.com/public/assets/js/
14 KB
6 KB
Script
General
Full URL
https://static.xfcart.com/public/assets/js/comfn.js?v=2626
Requested by
Host: wetyr.click
URL: https://wetyr.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.116 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ad3bf8c18d88dd0320332a789fd1972b39b7f8756f83cfa309e701619949b70

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wetyr.click/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"675ce919-39d8"
age
104470
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1GGl8UrE96q8BHwHne%2Bov7v6aHgPnuIu0XRPkVGkw6dV8iZJZ9Z5z9EWce5OwYcOZ1JQp4E3ELH85kowywGTavmVkBwfFo8ohdQOx%2BraPFLRfI25Gv4k%2BX6hYzV0BsweiNma"}],"group":"cf-nel","max_age":604800}
expires
Mon, 13 Jan 2025 09:36:41 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16415&min_rtt=15359&rtt_var=4104&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4151&recv_bytes=4674&delivery_rate=41083&cwnd=12000&unsent_bytes=0&cid=b6a5be75319448ac&ts=53&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 16 Dec 2024 14:45:20 GMT
content-type
application/javascript
last-modified
Sat, 14 Dec 2024 02:10:33 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f2f74e52ce06690-AMS
server
cloudflare
currency.js
static.xfcart.com/public/assets/js/plugin/
22 KB
8 KB
Script
General
Full URL
https://static.xfcart.com/public/assets/js/plugin/currency.js?v=2626
Requested by
Host: wetyr.click
URL: https://wetyr.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.116 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfe94f838d1c91af0a5a5d47eebd1d4286565d44ec0a300d970a7a94f8eb2835

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wetyr.click/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"66c2a0c8-564a"
age
45366
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DI9gjRCYe8klF7vRXkWRehxNRl2PDzdq3dzsEhpqTbFAUbBXpLi0ocUvb28ZtYb2l06Whm%2Fu%2FVgOZYEbCRD3m1eO3TFlT1rQjP2WXRYDJrF5rebjLqkE3WvO5nh2lut2NVL1"}],"group":"cf-nel","max_age":604800}
expires
Mon, 13 Jan 2025 09:51:06 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16415&min_rtt=14865&rtt_var=115&sent=100&recv=47&lost=0&retrans=0&sent_bytes=107365&recv_bytes=6519&delivery_rate=3195788&cwnd=57600&unsent_bytes=0&cid=b6a5be75319448ac&ts=106&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 16 Dec 2024 14:45:20 GMT
content-type
application/javascript
last-modified
Mon, 19 Aug 2024 01:32:56 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f2f74e56d286690-AMS
server
cloudflare
index
asdfasv.hdsai.top//addon/
2 KB
2 KB
Script
General
Full URL
https://asdfasv.hdsai.top//addon/index?c=index&v=26202412
Requested by
Host: wetyr.click
URL: https://wetyr.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83010933fac9b1e05b19a8370d2da430559be2f357ffd8aa3d1c885c9efcc059

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wetyr.click/

Response headers

cache-control
no-store, no-cache, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k4wxJID%2BfmBf67zcqXJCeXp8v1p18r3UKeoP8iOLqBjAd3n65fRDZF%2FTz4r0QUtTl1Q673Avxd5nYkKQSRZCXopFIbN44T%2FU6xqpZKvc7sh39WjgZXor5LfEe9zIQNdtFI9xA4bH14AvtdbD2Wi5"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2f74e7ef36b986-AMS
expires
Thu, 19 Nov 1981 08:52:00 GMT
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=14653&min_rtt=14404&rtt_var=2460&sent=7&recv=12&lost=0&retrans=0&sent_bytes=3992&recv_bytes=2247&delivery_rate=266124&cwnd=253&unsent_bytes=0&cid=1d3cf3ee24b4b121&ts=493&x=0"
date
Mon, 16 Dec 2024 14:45:21 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
4b9d4f387d340.png
wetyr.click/themes/theme25/assets/image/
6 KB
7 KB
Image
General
Full URL
https://wetyr.click/themes/theme25/assets/image/4b9d4f387d340.png
Requested by
Host: wetyr.click
URL: https://wetyr.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d5dc65adc50b8a09feda5b2196050b858f571b042cd8064eda26aaf56eda022

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wetyr.click/

Response headers

cf-cache-status
HIT
etag
"66c2a0c8-190a"
age
30627
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x9%2F75FMXrEBYlgbH9zgBox4KXp%2FWtvuI9qyrz2C9vQqsH1MOUzFvdFl%2FbOBffbAT5eMFbDTJeBJXEb5hBBUo02uH%2F%2Bu3HV8erBEKEn6T%2F%2BrBUdd9sZv5x5Ktdw6M"}],"group":"cf-nel","max_age":604800}
expires
Wed, 15 Jan 2025 06:14:53 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=14806&min_rtt=14239&rtt_var=355&sent=91&recv=59&lost=0&retrans=0&sent_bytes=82494&recv_bytes=2574&delivery_rate=5500649&cwnd=263&unsent_bytes=0&cid=35c27da8206b3d67&ts=829&x=0"
date
Mon, 16 Dec 2024 14:45:20 GMT
content-type
image/png
last-modified
Mon, 19 Aug 2024 01:32:56 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f2f74e4edd579cd-AMS
accept-ranges
bytes
content-length
6410
server
cloudflare
email-decode.min.js
wetyr.click/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://wetyr.click/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: wetyr.click
URL: https://wetyr.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wetyr.click/

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"675318bd-4d7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ucy5dpbKR6c7TcKcHpO2DWSco5PNM3yOPzs60Kjp7omB3Yg4OqWdq%2BldEZ6XjBAcx7yp%2BorUe8jkvGmKlCIbyjD4Y45kU8s4SIsxUqcfy6qNRWC%2Bg6prdrGCtSVKlY%2Fvspt2DBgSVAM9fg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8f2f74e4edde79cd-AMS
expires
Wed, 18 Dec 2024 14:45:20 GMT
date
Mon, 16 Dec 2024 14:45:20 GMT
content-type
application/javascript
last-modified
Fri, 06 Dec 2024 15:31:09 GMT
server
cloudflare
vary
Accept-Encoding
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: wetyr.click
URL: https://wetyr.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
240355f4e85792fb5c1e46a942e6d797a078d39f8717dfbab666e4e80cb4dd8d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-SEC1Swvd' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wetyr.click/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 14:45:20 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-SEC1Swvd' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=23, mss=1232, tbw=4504, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
YZr9H2XktlZhgt/rPVaeeHuAeHI4sSMVRh9DlLY/f3yOUc3QP79Azko6cFDAC/tDVfBUzoCe6QPrGhfLe6rYzw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62283
x-xss-protection
0
origin-agent-cluster
?1
truncated
/
106 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e36a560377ecac02ac51dc4c9479d6e931da0b7c0170723819d135f333331b6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43b1599ee71d4dfb38d207dd8cd1a0fe45cbe1c41ef596c88a3ff58e96f52c12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ba80fd0f4edf4c4538bca83444212e0e75f8936a7ee27bec3d56a396ca1491d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2
fonts.gstatic.com/s/robotoslab/v22/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotoslab/v22/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2
Requested by
Host: wetyr.click
URL: https://wetyr.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
c636cdf8f523ada818ad53ff012d37b57190cc6702fdf0e6a35a502fcd4f625f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://wetyr.click
Referer
https://wetyr.click/

Response headers

age
526412
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 12:31:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 12:31:49 GMT
last-modified
Thu, 03 Feb 2022 00:13:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
12488
x-xss-protection
0
server
sffe
7a0993b32.webp
wetyr.click/themes/theme25/assets/image/
155 KB
156 KB
Image
General
Full URL
https://wetyr.click/themes/theme25/assets/image/7a0993b32.webp
Requested by
Host: wetyr.click
URL: https://wetyr.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
716244a55af9afc5cc05acd8a5e5edb045ebce6e1e6ca78b2748179e547c62c9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wetyr.click/

Response headers

cf-cache-status
HIT
etag
"66c2a0c8-26cb4"
age
30627
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8niueAHtAQONLRA9OrZLh42K83ItDM7uzm5o055ueFfLLbu5MwEernwa78wg95aP0btXjeP80pVYU5yND4UbZlOsBUT%2B4nszCSMPt7WcdrDTiUzxArLdcLjfmJVA"}],"group":"cf-nel","max_age":604800}
expires
Wed, 15 Jan 2025 06:14:53 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=14649&min_rtt=14239&rtt_var=299&sent=98&recv=64&lost=0&retrans=0&sent_bytes=89514&recv_bytes=2683&delivery_rate=5500649&cwnd=273&unsent_bytes=0&cid=35c27da8206b3d67&ts=1036&x=0"
date
Mon, 16 Dec 2024 14:45:21 GMT
content-type
image/webp
last-modified
Mon, 19 Aug 2024 01:32:56 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f2f74e62e8879cd-AMS
accept-ranges
bytes
content-length
158900
server
cloudflare
tasks
wetyr.click/home/
7 B
639 B
XHR
General
Full URL
https://wetyr.click/home/tasks?sctl=index&sact=index&userid=303f7b84ce294fadc96d9d71ef&uri=&t=1734360321011
Requested by
Host: static.xfcart.com
URL: https://static.xfcart.com/public/assets/default/js/jquery-3.3.1.js?v=2626
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ef64feaa530624f75f36afce3c8ad6c4a90926db31f9c7d120f17fa1588bf5e

Request headers

Referer
https://wetyr.click/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*/*

Response headers

cache-control
no-store, no-cache, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OjErRS2LkERi4IYkvNuEuMH8WtUXjACPmilPLi8c8ZGcPmXys%2F8f8DLqelRIDSLZF%2B0XKzpgMHDpAZduPGw2fSWhZ2O0Aw6Yw7JrEphCejd7WIxu%2Foh3H6fSpq3SQJqrFGLZiMN3Ae5c"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2f74e66ea279cd-AMS
expires
Thu, 19 Nov 1981 08:52:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=20250&min_rtt=14239&rtt_var=10363&sent=234&recv=134&lost=0&retrans=0&sent_bytes=250379&recv_bytes=2902&delivery_rate=5696283&cwnd=321&unsent_bytes=0&cid=35c27da8206b3d67&ts=2340&x=0"
date
Mon, 16 Dec 2024 14:45:22 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
us.svg
static.xfcart.com/public/assets//image/countrys/
648 B
1 KB
Image
General
Full URL
https://static.xfcart.com/public/assets//image/countrys/us.svg?v=2626
Requested by
Host: wetyr.click
URL: https://wetyr.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.116 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7be4240cf57987926673708f09233be1ab6bdf35acc7b86bd32a263f197a2a7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wetyr.click/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"66c2a0c8-288"
age
45366
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yCwwQYj%2FBL8tQ9evjDyGziQao5WQ4MYcg4ag%2FuTnkyMsv3IC8GKvINsF71nX2yDYGHT%2F3X5QK7M5a%2F1TzcU4NKq2LF9KcC9m510XQKdzvtR77FzW6A5MjRQ9Ct7pKmq%2BLF%2B8"}],"group":"cf-nel","max_age":604800}
expires
Mon, 13 Jan 2025 09:51:07 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15494&min_rtt=14613&rtt_var=274&sent=110&recv=60&lost=0&retrans=0&sent_bytes=116231&recv_bytes=7416&delivery_rate=1375148&cwnd=57600&unsent_bytes=0&cid=b6a5be75319448ac&ts=266&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 16 Dec 2024 14:45:21 GMT
content-type
image/svg+xml
last-modified
Mon, 19 Aug 2024 01:32:56 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f2f74e68e6e6690-AMS
server
cloudflare
count
wetyr.click/cart/
29 B
580 B
XHR
General
Full URL
https://wetyr.click/cart/count
Requested by
Host: static.xfcart.com
URL: https://static.xfcart.com/public/assets/default/js/jquery-3.3.1.js?v=2626
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52e2cb9e9d90ea88149df1292ee6c4fdc233c96bb8ed7b8025b31a8343b6e67d

Request headers

Referer
https://wetyr.click/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*/*

Response headers

cache-control
no-store, no-cache, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=On%2B0wSixfYvkguOmx%2Fh%2FFI7GqU9c4o4B%2FRyFS1wYXPvaEJ6UHRzM6ZOp7rrfAwIXtuuvOm6rfy7gKARKWHdIJAmpA0dPd%2F39uTWSKzvG791%2F%2BBQh1dNEJzXMDi8JDBF3mAWKGCkO%2Bpjt"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2f74e69ec179cd-AMS
expires
Thu, 19 Nov 1981 08:52:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=15201&min_rtt=14239&rtt_var=44&sent=231&recv=132&lost=0&retrans=0&sent_bytes=249733&recv_bytes=2902&delivery_rate=5696283&cwnd=321&unsent_bytes=0&cid=35c27da8206b3d67&ts=1542&x=0"
date
Mon, 16 Dec 2024 14:45:21 GMT
content-type
application/json; charset=UTF-8
server
cloudflare
1590243691884239
connect.facebook.net/signals/config/
303 KB
93 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1590243691884239?v=2.9.179&r=stable&domain=wetyr.click&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
e3c076ffeacc4d02d6fd03d28098253122efdc7cc6ced99fd0a522c4da9926f6
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-ecbUYC5U' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wetyr.click/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 14:45:22 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-ecbUYC5U' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=0, c=77, mss=1232, tbw=70550, tp=66, tpl=0, uplat=1034, ullat=0
pragma
public
x-fb-debug
bCBUMDDyctBpjYvjfmbqw13YiDE5kKYXdVaJAManhruOv6S8QBt/ysRuYE4vK0IboVGE6NfdeA41QBGheK2/yg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
1482493179111552
connect.facebook.net/signals/config/
25 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1482493179111552?v=2.9.179&r=stable&domain=wetyr.click&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C159%2C227%2C228%2C226%2C180%2C139%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
f39738fb2c384e6de7dcf4690419a20427f1312889a560870f9410ab415b35db
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-B8Jhok0D' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wetyr.click/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 14:45:22 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-B8Jhok0D' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=5, c=108, mss=1232, tbw=174662, tp=157, tpl=5, uplat=47, ullat=0
pragma
public
x-fb-debug
9mqNr5Wbz328ScGjzTNm8Dkql8sPWNwl6lsIfDG7fg2zRmg3wXZu/SaCHXzFhvcJ+CJGgE7YHcUNdVPBt9HPLA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
8892866630794181
connect.facebook.net/signals/config/
25 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/8892866630794181?v=2.9.179&r=stable&domain=wetyr.click&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C159%2C227%2C228%2C226%2C180%2C139%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
138dc53125f9ab8f9b1ee53edb60b652f31c96954f5e13e5b670bdd35709014d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-CAEKgucw' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wetyr.click/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 14:45:22 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-CAEKgucw' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=24, rtx=5, c=112, mss=1232, tbw=178534, tp=163, tpl=5, uplat=83, ullat=0
pragma
public
x-fb-debug
bXbuRHA5shEg/CitoeDNDbVf9zcugTjT29DSy6OyLr0C5BnT4p5bIOtOzy1OkqYpQKAKcX2iNDjMPj2Vfh7MlQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
7552259378207961
connect.facebook.net/signals/config/
25 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/7552259378207961?v=2.9.179&r=stable&domain=wetyr.click&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C203%2C202%2C204%2C209%2C210%2C211%2C207%2C199%2C133%2C164%2C198%2C200%2C123%2C158%2C146%2C159%2C227%2C228%2C226%2C180%2C139%2C152%2C130%2C236%2C117%2C128%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
c6a9135d6e92b6daed54e43c5c18076b167030f13b3b5ae12f5a8197ec5d50b0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-jZ9ywJpg' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wetyr.click/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 14:45:22 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-jZ9ywJpg' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=5, c=115, mss=1232, tbw=182358, tp=168, tpl=5, uplat=51, ullat=0
pragma
public
x-fb-debug
Qtnyzyw/GB6Bbth8giQ5gm290FqRLic5nwwxdxfkuJTy+RUXj2oFZGzzTPyky/avI9cxNBXz47r7TKJIvYyjlQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?1
9892ac5fb92e996dfc92268b995c2ded1ee49d4656065fbeadbaaf876f593c97
jh23yymmgk.us-west-2.awsapprunner.com/events/
0
518 B
XHR
General
Full URL
https://jh23yymmgk.us-west-2.awsapprunner.com/events/9892ac5fb92e996dfc92268b995c2ded1ee49d4656065fbeadbaaf876f593c97
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/1590243691884239?v=2.9.179&r=stable&domain=wetyr.click&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:1075:9906:50fe:8d47:64c9:68e9 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://wetyr.click/

Response headers

access-control-allow-origin
https://wetyr.click
content-length
0
date
Mon, 16 Dec 2024 14:45:23 GMT
x-envoy-upstream-service-time
50
vary
origin
server
envoy
access-control-allow-credentials
true
/
www.facebook.com/tr/
0
19 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1590243691884239&ev=PageView&dl=https%3A%2F%2Fwetyr.click%2F&rl=&if=false&ts=1734360322543&cd[page]=index&cd[handle]=index&cd[xfid]=4771&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734360322540.635613462397960170&eid=ob3_plugin-set_c77e2d153fd925c46a6743670afdc72ef91f2dd700ebf0e6070687129b382e7d&ler=empty&cdl=API_unavailable&it=1734360321086&coo=false&rqm=GET
Requested by
Host: wetyr.click
URL: https://wetyr.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wetyr.click/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=23, mss=1232, tbw=4709, tp=14, tpl=0, uplat=1, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 16 Dec 2024 14:45:22 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
192 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1590243691884239&ev=PageView&dl=https%3A%2F%2Fwetyr.click%2F&rl=&if=false&ts=1734360322543&cd[page]=index&cd[handle]=index&cd[xfid]=4771&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734360322540.635613462397960170&eid=ob3_plugin-set_c77e2d153fd925c46a6743670afdc72ef91f2dd700ebf0e6070687129b382e7d&ler=empty&cdl=API_unavailable&it=1734360321086&coo=false&rqm=FGET
Requested by
Host: wetyr.click
URL: https://wetyr.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wetyr.click/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449020862507998495"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 14:45:22 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
dU1FpmO7w+Emx2nshaXnRa1V2/uZonJWY7Z6Ky9DzTKIu2JLQECHFM8j0oAEvzOtfaydMrlN35Dl3c5LRUxjYA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449020862507998495", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=24, mss=1232, tbw=8485, tp=28, tpl=0, uplat=158, ullat=1
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1482493179111552&ev=PageView&dl=https%3A%2F%2Fwetyr.click%2F&rl=&if=false&ts=1734360322548&cd[page]=index&cd[handle]=index&cd[xfid]=4771&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734360322540.635613462397960170&ler=empty&cdl=API_unavailable&it=1734360321086&coo=false&rqm=GET
Requested by
Host: wetyr.click
URL: https://wetyr.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wetyr.click/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=23, mss=1232, tbw=5029, tp=16, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 16 Dec 2024 14:45:22 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
192 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1482493179111552&ev=PageView&dl=https%3A%2F%2Fwetyr.click%2F&rl=&if=false&ts=1734360322548&cd[page]=index&cd[handle]=index&cd[xfid]=4771&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734360322540.635613462397960170&ler=empty&cdl=API_unavailable&it=1734360321086&coo=false&rqm=FGET
Requested by
Host: wetyr.click
URL: https://wetyr.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wetyr.click/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449020864222726203"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 14:45:22 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
ZzUK/bZ7O2oSS+A4YsRRtbA8gkgtXntwhArbpieE9ee0Mk32QNBrZpEWCCncqm39t0WaBQzQ2IVJQVNc2bhAbA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449020864222726203", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=24, mss=1232, tbw=9365, tp=29, tpl=0, uplat=158, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=8892866630794181&ev=PageView&dl=https%3A%2F%2Fwetyr.click%2F&rl=&if=false&ts=1734360322550&cd[page]=index&cd[handle]=index&cd[xfid]=4771&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734360322540.635613462397960170&ler=empty&cdl=API_unavailable&it=1734360321086&coo=false&rqm=GET
Requested by
Host: wetyr.click
URL: https://wetyr.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wetyr.click/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=23, mss=1232, tbw=5221, tp=18, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 16 Dec 2024 14:45:22 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
192 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=8892866630794181&ev=PageView&dl=https%3A%2F%2Fwetyr.click%2F&rl=&if=false&ts=1734360322550&cd[page]=index&cd[handle]=index&cd[xfid]=4771&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734360322540.635613462397960170&ler=empty&cdl=API_unavailable&it=1734360321086&coo=false&rqm=FGET
Requested by
Host: wetyr.click
URL: https://wetyr.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wetyr.click/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449020863540807572"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 14:45:22 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
F0sUlhusEKhTIN5wGQa06y4QxANIiy1wT0d+AEGAZ4Rv/MLzwafu5abeQ6Aw6PObLBimcAG62YgrGpV7Tsg2Bg==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449020863540807572", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=24, mss=1232, tbw=5749, tp=25, tpl=0, uplat=139, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=7552259378207961&ev=PageView&dl=https%3A%2F%2Fwetyr.click%2F&rl=&if=false&ts=1734360322552&cd[page]=index&cd[handle]=index&cd[xfid]=4771&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734360322540.635613462397960170&ler=empty&cdl=API_unavailable&it=1734360321086&coo=false&rqm=GET
Requested by
Host: wetyr.click
URL: https://wetyr.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wetyr.click/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=24, mss=1232, tbw=5509, tp=22, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 16 Dec 2024 14:45:22 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
193 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=7552259378207961&ev=PageView&dl=https%3A%2F%2Fwetyr.click%2F&rl=&if=false&ts=1734360322552&cd[page]=index&cd[handle]=index&cd[xfid]=4771&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734360322540.635613462397960170&ler=empty&cdl=API_unavailable&it=1734360321086&coo=false&rqm=FGET
Requested by
Host: wetyr.click
URL: https://wetyr.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wetyr.click/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449020862491749012"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 14:45:22 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
04WhA37LrBqAgnaeEgN52bwx9sXfZW5ArpHe6eY8M67V/Ximwi6kIuPNY7ClvZXoFOw+zmTeYj7QybdgFWIwyQ==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449020862491749012", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=27, mss=1232, tbw=10309, tp=30, tpl=0, uplat=160, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?1
433026370016237364.png
imgs.xfcart.com/upload/hdsai/asdfasv520/
73 KB
74 KB
Other
General
Full URL
https://imgs.xfcart.com/upload/hdsai/asdfasv520/433026370016237364.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.116 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f4d6c820d37cb22dbab026b897cb347adebd84f0ced48fb4e8f277cc070a207

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://wetyr.click/

Response headers

content-md5
BsPYyy4rtV6i1XrC4iNkOQ==
x-ser
i8989_c7628, i59482_c11236, i1940271_c22417
access-control-expose-headers
X-Log, X-Reqid
x-reqid
4ooAAAByMa9xbRAY
cf-cache-status
HIT
etag
"FjVoC-411oRHxlmOARqmiX3UT6R3"
age
45365
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6SmYTYJu5LgjA5YXYlqjerC4JTaZVFjMnP%2FHDAk4TZ76gHRvFmaXllFp5Rby2Try6V6omJzWra5y0tjMYny8WYrWTrzYX%2BBpvS7%2Bdw86ma08nqWv34b8bxVtTEqbggTk%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-cache
HIT from i8989_c7628(cloudsvr)
server-timing
cfL4;desc="?proto=QUIC&rtt=15427&min_rtt=14613&rtt_var=338&sent=112&recv=62&lost=0&retrans=0&sent_bytes=117329&recv_bytes=7828&delivery_rate=32678&cwnd=57600&unsent_bytes=0&cid=b6a5be75319448ac&ts=2054&x=1", cfExtPri, cfHdrFlush;dur=0
content-type
image/webp
content-disposition
inline; filename="433026370016237364.webp"
last-modified
Thu, 12 Dec 2024 12:23:10 GMT
priority
u=1,i
cache-control
public, max-age=31536000
x-qiniu-zone
na0
x-m-log
QNM:dal51;QNM3
content-transfer-encoding
binary
accept-ranges
bytes
x-svr
IO
content-length
74638
server
cloudflare
access-control-max-age
2592000
cf-bgj
imgq:85,h2pri
x-qnm-cache
Hit
x-m-reqid
5JUAAE2DHz5ybRAY
cf-polished
origFmt=png, origSize=132597
date
Mon, 16 Dec 2024 14:45:22 GMT
vary
Accept
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f2f74f1bb286690-AMS
access-control-allow-origin
*
x-log
X-Log

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery string| logid function| getRandomInt function| uniqueAa function| debouncex function| ispostMessage function| changeUrl function| setCookie function| getCookie function| load_pp_btn function| fc_tips_box function| show_tips function| show_alert function| fc_page_loading function| fc_loading_hide function| hide_tips function| pp_style function| load_paypal function| getUrlParam function| fcTracks function| getFckeys string| userid function| add_logs function| formatMoney string| recentlyViewName function| recentlyViews function| isMobile string| vconf string| base_id string| base_url string| base_name string| shop_url string| domain number| cur_rate string| cur_code string| cur_symbol string| cur_img string| nopic function| fbq function| _fbq object| CURRENCY_CONFIG object| SHOP_PARAMS number| breakpoint object| disabled_exts function| template object| lazySizesConfig object| lazySizes function| imgError function| imgload function| header_fix object| $slides function| closefcpopups function| tdfcpopups function| showfcpopups object| regeneratorRuntime

3 Cookies

Domain/Path Name / Value
.jh23yymmgk.us-west-2.awsapprunner.com/events/9892ac5fb92e996dfc92268b995c2ded1ee49d4656065fbeadbaaf876f593c97 Name: cee
Value: apCPKOWFjwUxqe85qf9VLr%2BwAggir8Lwh7pJ%2Bj4sIPw%3D.%7B%7D
wetyr.click/ Name: userid
Value: 303f7b84ce294fadc96d9d71ef
.wetyr.click/ Name: _fbp
Value: fb.1.1734360322540.635613462397960170

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

asdfasv.hdsai.top
connect.facebook.net
fonts.gstatic.com
imgs.xfcart.com
jh23yymmgk.us-west-2.awsapprunner.com
static.xfcart.com
wetyr.click
www.facebook.com
142.250.186.99
157.240.252.35
157.240.253.1
172.67.73.116
2600:1f14:1075:9906:50fe:8d47:64c9:68e9
2606:4700:20::681a:1f0
2a06:98c1:3121::3
00c18d633fee8ca4a9cea6b82e2972c36f73034e8cc93bafc8dfc48dc89230aa
138dc53125f9ab8f9b1ee53edb60b652f31c96954f5e13e5b670bdd35709014d
1f4d6c820d37cb22dbab026b897cb347adebd84f0ced48fb4e8f277cc070a207
240355f4e85792fb5c1e46a942e6d797a078d39f8717dfbab666e4e80cb4dd8d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
43b1599ee71d4dfb38d207dd8cd1a0fe45cbe1c41ef596c88a3ff58e96f52c12
4ad3bf8c18d88dd0320332a789fd1972b39b7f8756f83cfa309e701619949b70
4e36a560377ecac02ac51dc4c9479d6e931da0b7c0170723819d135f333331b6
52e2cb9e9d90ea88149df1292ee6c4fdc233c96bb8ed7b8025b31a8343b6e67d
5d5dc65adc50b8a09feda5b2196050b858f571b042cd8064eda26aaf56eda022
6ba80fd0f4edf4c4538bca83444212e0e75f8936a7ee27bec3d56a396ca1491d
716244a55af9afc5cc05acd8a5e5edb045ebce6e1e6ca78b2748179e547c62c9
83010933fac9b1e05b19a8370d2da430559be2f357ffd8aa3d1c885c9efcc059
9ef64feaa530624f75f36afce3c8ad6c4a90926db31f9c7d120f17fa1588bf5e
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b908c396bbc02214d410d5fbf569262549a201eabe82e574de3a73baa7910567
c636cdf8f523ada818ad53ff012d37b57190cc6702fdf0e6a35a502fcd4f625f
c6a9135d6e92b6daed54e43c5c18076b167030f13b3b5ae12f5a8197ec5d50b0
dfe94f838d1c91af0a5a5d47eebd1d4286565d44ec0a300d970a7a94f8eb2835
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c076ffeacc4d02d6fd03d28098253122efdc7cc6ced99fd0a522c4da9926f6
e7be4240cf57987926673708f09233be1ab6bdf35acc7b86bd32a263f197a2a7
f39738fb2c384e6de7dcf4690419a20427f1312889a560870f9410ab415b35db