tgs3.newxchance.top Open in urlscan Pro
185.177.74.211 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://tgs3.newxchance.top/
Submission: On December 21 via api (December 21st 2024, 10:08:25 am UTC) from US — Scanned from ES

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 22 HTTP transactions. The main IP is 185.177.74.211, located in Spain and belongs to AMARUTU-TECHNOLOGY Amarutu Technology Ltd, SC. The main domain is tgs3.newxchance.top.

This is the only time tgs3.newxchance.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	185.177.74.211 185.177.74.211	206264 (AMARUTU-T...) (AMARUTU-TECHNOLOGY Amarutu Technology Ltd)
5	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
2	142.250.74.195 142.250.74.195	15169 (GOOGLE) (GOOGLE)
1	157.240.0.35 157.240.0.35	32934 (FACEBOOK) (FACEBOOK)
1	3.122.218.248 3.122.218.248	16509 (AMAZON-02) (AMAZON-02)
22	9

8 185.177.74.211 (Spain)

ASN206264 (AMARUTU-TECHNOLOGY Amarutu Technology Ltd, SC)

tgs3.newxchance.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.195 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.218.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-218-248.eu-central-1.compute.amazonaws.com

getyourapi.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	newxchance.top tgs3.newxchance.top	22 KB
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	108 KB
2	gstatic.com fonts.gstatic.com	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	75 KB
1	getyourapi.site getyourapi.site	570 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	16 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	136 KB
22	8

	Domain	Requested by
8	tgs3.newxchance.top	tgs3.newxchance.top
5	cdnjs.cloudflare.com	tgs3.newxchance.top cdnjs.cloudflare.com
2	fonts.gstatic.com	fonts.googleapis.com
2	connect.facebook.net	tgs3.newxchance.top connect.facebook.net
1	getyourapi.site	cdnjs.cloudflare.com
1	www.facebook.com	tgs3.newxchance.top
1	fonts.googleapis.com	tgs3.newxchance.top
1	cdn.jsdelivr.net	tgs3.newxchance.top
22	8

This site contains no links.

Subject Issuer	Validity	Valid
cdnjs.cloudflare.com WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
upload.video.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-29` - `2024-12-28`	3 months	crt.sh
*.gstatic.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
getyourapi.site E6	`2024-12-04` - `2025-03-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://tgs3.newxchance.top/
Frame ID: 1261DFF094F45FC582BF5D1C2A84B13D
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TRADING AI

Page URL History Show full URLs

http://tgs3.newxchance.top/ HTTP 307
https://tgs3.newxchance.top/ HTTP 307
http://tgs3.newxchance.top/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

22
Requests

59 %
HTTPS

25 %
IPv6

8
Domains

8
Subdomains

9
IPs

4
Countries

362 kB
Transfer

1473 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tgs3.newxchance.top/ HTTP 307
https://tgs3.newxchance.top/ HTTP 307
http://tgs3.newxchance.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
tgs3.newxchance.top/
Redirect Chain

http://tgs3.newxchance.top/
https://tgs3.newxchance.top/
http://tgs3.newxchance.top/

33 KB
9 KB

205ms
204ms

Document
text/html

185.177.74.211
AMARUTU-TECHNOLOG...

General

Check archive.org

Show headers Download Go to

Full URL: http://tgs3.newxchance.top/
Protocol: HTTP/1.1
Server: 185.177.74.211 , Spain, ASN206264 (AMARUTU-TECHNOLOGY Amarutu Technology Ltd, SC),
Reverse DNS
Software: openresty /
Resource Hash: 89f212f0815dfca2724223bff09e113f3540ad838a62cf208e81fe28bd93d6a5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 21 Dec 2024 10:07:56 GMT
Server: openresty
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding Accept-Encoding

Redirect headers

Location: http://tgs3.newxchance.top/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK style.css
tgs3.newxchance.top/css/ 11 KB
3 KB 292ms
234ms Stylesheet
text/css 185.177.74.211
AMARUTU-TECHNOLOG...

General

Check archive.org

Show headers Download Go to

Full URL: http://tgs3.newxchance.top/css/style.css
Requested by: Host: tgs3.newxchance.top
URL: http://tgs3.newxchance.top/
Protocol: HTTP/1.1
Server: 185.177.74.211 , Spain, ASN206264 (AMARUTU-TECHNOLOGY Amarutu Technology Ltd, SC),
Reverse DNS
Software: openresty /
Resource Hash: c66d4f0e6c7724b3addef408c659196ad2abf08ca4d857555b0b3e2ebb9e41e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://tgs3.newxchance.top/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
Date: Sat, 21 Dec 2024 10:07:56 GMT
Content-Type: text/css
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Server: openresty
Connection: keep-alive

GET
H/1.1 200
OK form.css
tgs3.newxchance.top/css/ 6 KB
2 KB 22846ms
22788ms Stylesheet
text/css 185.177.74.211
AMARUTU-TECHNOLOG...

General

Check archive.org

Show headers Download Go to

Full URL: http://tgs3.newxchance.top/css/form.css
Requested by: Host: tgs3.newxchance.top
URL: http://tgs3.newxchance.top/
Protocol: HTTP/1.1
Server: 185.177.74.211 , Spain, ASN206264 (AMARUTU-TECHNOLOGY Amarutu Technology Ltd, SC),
Reverse DNS
Software: openresty /
Resource Hash: 455428a6c52a34189a2a81cc0f1b81d3834e1133c6dbb5c30d1dae75dd49ecf5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://tgs3.newxchance.top/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
Date: Sat, 21 Dec 2024 10:08:19 GMT
Content-Type: text/css
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Server: openresty
Connection: keep-alive

GET
H/1.1 200
OK stars.webp
tgs3.newxchance.top/images/content/ 490 B
678 B 174ms
116ms Image
image/webp 185.177.74.211
AMARUTU-TECHNOLOG...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tgs3.newxchance.top/images/content/stars.webp
Requested by: Host: tgs3.newxchance.top
URL: http://tgs3.newxchance.top/
Protocol: HTTP/1.1
Server: 185.177.74.211 , Spain, ASN206264 (AMARUTU-TECHNOLOGY Amarutu Technology Ltd, SC),
Reverse DNS
Software: openresty /
Resource Hash: 5b3c4f3e8ebf1c30c39f919e65bba4e7261d04c598ae5d4433d646c3f221492c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://tgs3.newxchance.top/

Response headers

Transfer-Encoding: chunked
Date: Sat, 21 Dec 2024 10:07:56 GMT
Content-Type: image/webp
Vary: Accept-Encoding
Server: openresty
Connection: keep-alive

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/ 85 KB
27 KB 102ms
50ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js

Requested by

Host: tgs3.newxchance.top
URL: http://tgs3.newxchance.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://tgs3.newxchance.top/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "64ed75bb-6b36"
age: 727986
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SwV%2BcdRrz83oJRJQnhnXdhaCnRgckVvB0zxljSdoiOl4kCtdrz20zDxFpesLVhv7tvaXYw9FIkOp%2F3pSIDZxiuF5ztg%2FRdrF1Uv7niJnyArxXZqr2pPoiWnFWFWhjy6%2FyUjYT6Xf"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 11 Dec 2025 10:07:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 21 Dec 2024 10:07:56 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 29 Aug 2023 04:36:11 GMT
vary: Accept-Encoding
priority: u=2,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f57116c9e56cf95-MAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27446
server: cloudflare

GET
H2 200 apexcharts Show response
cdn.jsdelivr.net/npm/ 557 KB
136 KB 156ms
51ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/apexcharts

Requested by

Host: tgs3.newxchance.top
URL: http://tgs3.newxchance.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cdc7944ec08a6bc6364aa8ea6632e389f5d00e7aacbca453993f1f4c8522c7fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://tgs3.newxchance.top/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"8b3c0-9B7uuCpvOFY3sc7l2d+1gjLCmAY"
age: 32212
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Sat, 21 Dec 2024 10:07:57 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220144-FRA, cache-mad2200142-MAD
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 138646
x-jsd-version: 4.3.0

GET
H3 200 toastr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/ 5 KB
2 KB 153ms
152ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/toastr.min.js

Requested by

Host: tgs3.newxchance.top
URL: http://tgs3.newxchance.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: http://tgs3.newxchance.top
Referer

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ffe-1483"
age: 139037
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=15uTEyI%2Ba7xS2B35ANH8dPD%2BAqCYvdr51s2lcRo%2FgWd55ggUEfEkeF%2FocwJn%2FKCdsIheLOIPC0r3Z0HkeEhy99d70SmekSUW5IcU7HiKP2QCEAcUBwZoGa2PlVkRdRXzkjWBZEgk"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 11 Dec 2025 10:07:57 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 21 Dec 2024 10:07:57 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:17:02 GMT
vary: Accept-Encoding
priority: u=2,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f57116dcd9dec9d-MAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1763
server: cloudflare

GET
H/1.1 200
OK main.js Show response
tgs3.newxchance.top/js/ 20 KB
7 KB 223ms
222ms Script
application/javascript 185.177.74.211
AMARUTU-TECHNOLOG...

General

Check archive.org

Show headers Download Go to

Full URL: http://tgs3.newxchance.top/js/main.js
Requested by: Host: tgs3.newxchance.top
URL: http://tgs3.newxchance.top/
Protocol: HTTP/1.1
Server: 185.177.74.211 , Spain, ASN206264 (AMARUTU-TECHNOLOGY Amarutu Technology Ltd, SC),
Reverse DNS
Software: openresty /
Resource Hash: f0f592f52d9479f6ef460bd29cc0af628f90c4d1961664108ff21833d93794cb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://tgs3.newxchance.top/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
Date: Sat, 21 Dec 2024 10:07:57 GMT
Content-Type: application/javascript
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Server: openresty
Connection: keep-alive

GET
H3 200 intlTelInput.css
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/css/ 24 KB
3 KB 60ms
60ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/css/intlTelInput.css

Requested by

Host: tgs3.newxchance.top
URL: http://tgs3.newxchance.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9ae063d7bf400c91d4056a69889903b54205f2efd6cb224d6041eca58b92cca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://tgs3.newxchance.top/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "65a3eb4d-85b"
age: 3951300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fXTTyyGZEACzn1dW86vCIWFxDonadiNW2vn1x9fN%2BmUc7QY3gz8O8YGYA2UQNFl2fVL8%2BC9NMvPpwY5kVk%2B3KF66geyYpbm7sQqUUMbk21oakYbdvROh7wzoKO7Z5BZyE7KRRUiZ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 11 Dec 2025 10:07:57 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 21 Dec 2024 10:07:57 GMT
content-type: text/css; charset=utf-8
last-modified: Sun, 14 Jan 2024 14:10:21 GMT
vary: Accept-Encoding
priority: u=2,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f57116eb849cf95-MAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2139
server: cloudflare

GET
H3 200 intlTelInput.min.js Show response
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/ 30 KB
9 KB 55ms
55ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/js/intlTelInput.min.js

Requested by

Host: tgs3.newxchance.top
URL: http://tgs3.newxchance.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54bc983ea406933001939caacb25ec98a9f633b8f2d54aa5ca3180948d6fe389

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://tgs3.newxchance.top/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "65a3eb4d-223d"
age: 2003311
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8B8GFd16a1qGougKLw3cs43lFRw2MvIeVDhkuPlspX7ktEGobX4zpBrv7vYgHgc7kQhCF%2FLvcdT5FdrTqaqQd3saJCmZqtgxFSjXB2HmuqYDJe3SrpKqq3i776n7a43KurgU7Gw7"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 11 Dec 2025 10:07:57 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 21 Dec 2024 10:07:57 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 14 Jan 2024 14:10:21 GMT
vary: Accept-Encoding
priority: u=2,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f57116f189dcf95-MAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8765
server: cloudflare

GET
H/1.1 200
OK ModalPhoneError.js Show response
tgs3.newxchance.top/js/ 2 KB
1 KB 23046ms
23046ms Script
application/javascript 185.177.74.211
AMARUTU-TECHNOLOG...

General

Check archive.org

Show headers Download Go to

Full URL: http://tgs3.newxchance.top/js/ModalPhoneError.js
Requested by: Host: tgs3.newxchance.top
URL: http://tgs3.newxchance.top/
Protocol: HTTP/1.1
Server: 185.177.74.211 , Spain, ASN206264 (AMARUTU-TECHNOLOGY Amarutu Technology Ltd, SC),
Reverse DNS
Software: openresty /
Resource Hash: e168758e2cc34c4e58dbb825875ccce9611e08917f096cd2b6f2650275b4cc05

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://tgs3.newxchance.top/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
Date: Sat, 21 Dec 2024 10:08:20 GMT
Content-Type: application/javascript
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Server: openresty
Connection: keep-alive

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 230ms
90ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Flex:regular

Requested by

Host: tgs3.newxchance.top
URL: http://tgs3.newxchance.top/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2b17b38a641a5d9f8d1b51e8b3718278f674d06f2b5cd2ffd83ab608abe83a00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://tgs3.newxchance.top/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 21 Dec 2024 10:07:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 21 Dec 2024 10:07:57 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 21 Dec 2024 10:07:57 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 126ms
61ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tgs3.newxchance.top
URL: http://tgs3.newxchance.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-3121WfvV' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://tgs3.newxchance.top/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 21 Dec 2024 10:08:19 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-3121WfvV' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=62, rtx=0, c=23, mss=1232, tbw=4497, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: JOID4uzID+YCdorLq0IevpbnXC8mqwhhYBKDaT235Td1kb9lxG424vGlr1Dl3asC8lA0G8hpkPdqCd9W83AXDA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62282
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H/1.1 200
OK bg.webp
tgs3.newxchance.top/images/content/ 179 KB
0 202ms
202ms Image
image/webp 185.177.74.211
AMARUTU-TECHNOLOG...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tgs3.newxchance.top/images/content/bg.webp
Requested by: Host: tgs3.newxchance.top
URL: http://tgs3.newxchance.top/css/style.css
Protocol: HTTP/1.1
Server: 185.177.74.211 , Spain, ASN206264 (AMARUTU-TECHNOLOGY Amarutu Technology Ltd, SC),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://tgs3.newxchance.top/css/style.css

Response headers

Transfer-Encoding: chunked
Date: Sat, 21 Dec 2024 10:08:19 GMT
Content-Type: image/webp
Vary: Accept-Encoding
Server: openresty
Connection: keep-alive

GET
H3 200 NaNnepOXO_NexZs0b5QrzlOHb8wCikXpYqmZsWI-__OGbt8jZktqc2V3Zs0KvDLdBP8SBZtOs2IifRuUZQMsPJtUsR4DEK6cULNeUx9XgTnH37Ha_FIAp4Fm0PP1hw45DntW2x0wZGzhPmr1YNMYKYn9_1IQXGwJAiUJVUMdN5YUW4O8HtSoXjC1z3QSabshNFVe3...
fonts.gstatic.com/s/robotoflex/v26/ 14 KB
14 KB 133ms
61ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoflex/v26/NaNnepOXO_NexZs0b5QrzlOHb8wCikXpYqmZsWI-__OGbt8jZktqc2V3Zs0KvDLdBP8SBZtOs2IifRuUZQMsPJtUsR4DEK6cULNeUx9XgTnH37Ha_FIAp4Fm0PP1hw45DntW2x0wZGzhPmr1YNMYKYn9_1IQXGwJAiUJVUMdN5YUW4O8HtSoXjC1z3QSabshNFVe3e0O5j3ZjrZCu23Qd4G0EBysQNK-QKavMl1cKq3tHXtXi8mzLjaAcbaknQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Flex:regular

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

0ee5977d0d36edb5382a5cc8b9e914b58707e92c23db0c949687c8b721835839

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: http://tgs3.newxchance.top
Referer: https://fonts.googleapis.com/

Response headers

age: 175189
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 19 Dec 2025 09:28:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Dec 2024 09:28:30 GMT
last-modified: Wed, 28 Feb 2024 18:01:06 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14156
x-xss-protection: 0
server: sffe

GET
H3 200 NaNnepOXO_NexZs0b5QrzlOHb8wCikXpYqmZsWI-__OGbt8jZktqc2V3Zs0KvDLdBP8SBZtOs2IifRuUZQMsPJtUsR4DEK6cULNeUx9XgTnH37Ha_FIAp4Fm0PP1hw45DntW2x0wZGzhPmr1YNMYKYn9_1IQXGwJAiUJVUMdN5YUW4O8HtSoXjC1z3QSabshNFVe3...
fonts.gstatic.com/s/robotoflex/v26/ 6 KB
6 KB 135ms
63ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Flex:regular

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

05e09b44ddc56095c0bd792a8be5ce1ce162414a9004860d1f0206dc1fe33d05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: http://tgs3.newxchance.top
Referer: https://fonts.googleapis.com/

Response headers

age: 379393
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 17 Dec 2025 00:45:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 00:45:06 GMT
last-modified: Wed, 28 Feb 2024 17:52:12 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6024
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK coins-end.gif
tgs3.newxchance.top/images/content/ 122 KB
0 195ms
194ms Image
image/gif 185.177.74.211
AMARUTU-TECHNOLOG...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tgs3.newxchance.top/images/content/coins-end.gif
Requested by: Host: tgs3.newxchance.top
URL: http://tgs3.newxchance.top/
Protocol: HTTP/1.1
Server: 185.177.74.211 , Spain, ASN206264 (AMARUTU-TECHNOLOGY Amarutu Technology Ltd, SC),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://tgs3.newxchance.top/

Response headers

Transfer-Encoding: chunked
Date: Sat, 21 Dec 2024 10:08:19 GMT
Content-Type: image/gif
Vary: Accept-Encoding
Server: openresty
Connection: keep-alive

GET
H3 200 593259236626159 Show response
connect.facebook.net/signals/config/ 69 KB
14 KB 331ms
330ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/593259236626159?v=2.9.179&r=stable&domain=tgs3.newxchance.top&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

cdc5f88f37a91c74171fe0354e843e25156ff4e67c2a0f52596ff4f7a70b81f7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-6UvNeLaT' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://tgs3.newxchance.top/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 21 Dec 2024 10:08:20 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-6UvNeLaT' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=57, rtx=0, c=77, mss=1232, tbw=70513, tp=65, tpl=0, uplat=263, ullat=0
pragma: public
x-fb-debug: WRy2DrxYjlq9NtVX34k78HU3x8l0RPe+MXjksPHQ+7/WHv0yVenRacYMtEMJWVKUJAX98vvdJFHToVQPjb2J7Q==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 138ms
69ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=593259236626159&ev=PageView&dl=http%3A%2F%2Ftgs3.newxchance.top%2F&rl=&if=false&ts=1734775700168&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734775700167.6377965598480144&ler=empty&cdl=API_unavailable&it=1734775699818&coo=false&rqm=GET

Requested by

Host: tgs3.newxchance.top
URL: http://tgs3.newxchance.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://tgs3.newxchance.top/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=65, rtx=0, c=23, mss=1232, tbw=4544, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 21 Dec 2024 10:08:20 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 0
0

GET
H2 200 geolocation Show response
getyourapi.site/api/ 162 B
570 B 221ms
79ms XHR
application/json 3.122.218.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://getyourapi.site/api/geolocation
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.122.218.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-218-248.eu-central-1.compute.amazonaws.com
Software: openresty / Express
Resource Hash: a8dd83d78be1e444895a675dbba2da67a66a303056a2253577cd299bbe14ec3c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: http://tgs3.newxchance.top/

Response headers

access-control-max-age: 600
x-request-id: e2c9c4f4-a341-4cc1-a37e-07ddca0573b4
access-control-expose-headers: content-type, authorization, x-request-id
etag: W/"a2-Crk8+Ozuo7wc8imlTcHXNYlGYqY"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://tgs3.newxchance.top
content-length: 162
date: Sat, 21 Dec 2024 10:08:20 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
server: openresty
access-control-allow-headers: origin, content-type, accept, authorization

GET
H3 200 flags.png
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/img/ 66 KB
66 KB 54ms
54ms Image
image/png 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/img/flags.png?1

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/css/intlTelInput.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3af394920236bdcab19b5514b8f67e06b194e29017368d6a9d83d598947f203b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/18.5.0/css/intlTelInput.css

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "65a3eb4d-1062f"
age: 213462
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wonjO4zIiezkbEfIo7UnoaXsoL07mJweNa4jfjelN2CVYSHekZrZwsFnLvVGgQIDkKTbrghJn0PH5IalJmnATLcIvtjeLhgS3XHqHCVnQx%2B4GZMUdIvkTNGb4XfkeZT9d6jJltM5"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 11 Dec 2025 10:08:20 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 21 Dec 2024 10:08:20 GMT
content-type: image/png; charset=utf-8
last-modified: Sun, 14 Jan 2024 14:10:21 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f5712013820cf95-MAD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 67119
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=593259236626159&ev=PageView&dl=http%3A%2F%2Ftgs3.newxchance.top%2F&rl=&if=false&ts=1734775700168&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1734775700167.6377965598480144&ler=empty&cdl=API_unavailable&it=1734775699818&coo=false&rqm=FGET

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.newxchance.top/	1970-01-21 04:02:31	Name: _fbp Value: fb.1.1734775700167.6377965598480144

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
getyourapi.site
tgs3.newxchance.top
www.facebook.com
www.facebook.com
104.17.25.14
142.250.74.195
157.240.0.35
157.240.0.6
185.177.74.211
2a00:1450:4001:801::200a
2a04:4e42:600::485
3.122.218.248
05e09b44ddc56095c0bd792a8be5ce1ce162414a9004860d1f0206dc1fe33d05
0ee5977d0d36edb5382a5cc8b9e914b58707e92c23db0c949687c8b721835839
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
2b17b38a641a5d9f8d1b51e8b3718278f674d06f2b5cd2ffd83ab608abe83a00
3af394920236bdcab19b5514b8f67e06b194e29017368d6a9d83d598947f203b
455428a6c52a34189a2a81cc0f1b81d3834e1133c6dbb5c30d1dae75dd49ecf5
54bc983ea406933001939caacb25ec98a9f633b8f2d54aa5ca3180948d6fe389
5b3c4f3e8ebf1c30c39f919e65bba4e7261d04c598ae5d4433d646c3f221492c
89f212f0815dfca2724223bff09e113f3540ad838a62cf208e81fe28bd93d6a5
a8dd83d78be1e444895a675dbba2da67a66a303056a2253577cd299bbe14ec3c
c66d4f0e6c7724b3addef408c659196ad2abf08ca4d857555b0b3e2ebb9e41e0
c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4
c9ae063d7bf400c91d4056a69889903b54205f2efd6cb224d6041eca58b92cca
cdc5f88f37a91c74171fe0354e843e25156ff4e67c2a0f52596ff4f7a70b81f7
cdc7944ec08a6bc6364aa8ea6632e389f5d00e7aacbca453993f1f4c8522c7fe
e168758e2cc34c4e58dbb825875ccce9611e08917f096cd2b6f2650275b4cc05
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0f592f52d9479f6ef460bd29cc0af628f90c4d1961664108ff21833d93794cb
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

tgs3.newxchance.top Open in urlscan Pro 185.177.74.211 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

59 %HTTPS

25 %IPv6

8 Domains

8 Subdomains

9 IPs

4 Countries

362 kBTransfer

1473 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

1 Cookies

Indicators

tgs3.newxchance.top Open in urlscan Pro
185.177.74.211 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

59 %
HTTPS

25 %
IPv6

8
Domains

8
Subdomains

9
IPs

4
Countries

362 kB
Transfer

1473 kB
Size

1
Cookies

22 HTTP transactions
0 data transactions