tur.hdfcbk.xyz Open in urlscan Pro
103.136.68.163 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tur.hdfcbk.xyz/
Submission: On November 05 via api (November 5th 2024, 5:02:35 am UTC) from US — Scanned from DE

Summary HTTP 36 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 36 HTTP transactions. The main IP is 103.136.68.163, located in Bangladesh and belongs to ASNET, US. The main domain is tur.hdfcbk.xyz.
TLS certificate: Issued by R11 on November 5th 2024. Valid for: 3 months.

This is the only time tur.hdfcbk.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	103.136.68.163 103.136.68.163	26383 (ASNET) (ASNET)
4	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:34::15	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	35.192.151.63 35.192.151.63	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
36	7

20 103.136.68.163 (Bangladesh)

ASN26383 (ASNET, US)
PTR: 41-bullet.crusaderwearables.com

tur.hdfcbk.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::15 (United States)

ASN15169 (GOOGLE, US)

js.center.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.192.151.63 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.151.192.35.bc.googleusercontent.com

api.leadpages.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	hdfcbk.xyz tur.hdfcbk.xyz	331 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	6 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	80 KB
2	leadpages.io api.leadpages.io — Cisco Umbrella Rank: 49366	1 KB
2	center.io js.center.io — Cisco Umbrella Rank: 58864	5 KB
1	youtube.com www.youtube.com — Cisco Umbrella Rank: 77
0	lpages.co Failed mengyili148.lpages.co Failed
36	7

	Domain	Requested by
20	tur.hdfcbk.xyz	tur.hdfcbk.xyz
6	www.facebook.com	tur.hdfcbk.xyz
4	connect.facebook.net	tur.hdfcbk.xyz connect.facebook.net
2	api.leadpages.io	js.center.io
2	js.center.io	tur.hdfcbk.xyz js.center.io
1	www.youtube.com	tur.hdfcbk.xyz
0	mengyili148.lpages.co Failed	tur.hdfcbk.xyz
36	7

This site contains no links.

Subject Issuer	Validity	Valid
tur.hdfcbk.xyz R11	`2024-11-05` - `2025-02-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-14` - `2024-11-12`	3 months	crt.sh
js.center.io WR3	`2024-10-16` - `2025-01-14`	3 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.leadpages.io E5	`2024-10-29` - `2025-01-27`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://tur.hdfcbk.xyz/
Frame ID: B0E926B1236959A4B68776051DA7EAF8
Requests: 34 HTTP requests in this frame

Frame: https://www.youtube.com/embed/xUvQeY0VleA
Frame ID: 6C359364B8F07030830F71A55CB175CA
Requests: 1 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: 23290387BC2C6CC013AE86A0D231C257
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

chacha2801

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

36
Requests

97 %
HTTPS

50 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

424 kB
Transfer

917 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://mengyili148.lpages.co/chacha2801/undefined HTTP 302
https://mengyili148.lpages.co/chacha2801/undefined/

36 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
tur.hdfcbk.xyz/ 141 KB
30 KB 866ms
422ms Document
text/html 103.136.68.163
ASNET

General

Check archive.org

Show headers Download Go to

Full URL

https://tur.hdfcbk.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.136.68.163 , Bangladesh, ASN26383 (ASNET, US),

Reverse DNS

41-bullet.crusaderwearables.com

Software

nginx / XIAOCMS 20140525

Resource Hash

cd34ae43b00d25aefd275389137034737a354c4d5589e87a7327fc289ba67d8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 05 Nov 2024 05:02:28 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-powered-by: XIAOCMS 20140525

GET
H2 200 all.min.css
tur.hdfcbk.xyz/static/css/ 100 KB
25 KB 208ms
207ms Stylesheet
text/css 103.136.68.163
ASNET

General

Check archive.org

Show headers Download Go to

Full URL

https://tur.hdfcbk.xyz/static/css/all.min.css

Requested by

Host: tur.hdfcbk.xyz
URL: https://tur.hdfcbk.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.136.68.163 , Bangladesh, ASN26383 (ASNET, US),

Reverse DNS

41-bullet.crusaderwearables.com

Software

nginx /

Resource Hash

52e5873b8f6c398db213b77d7971d19be8ec4cd1c6ebe9d658615bf9c5bc614a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"672991fe-18ef9"
expires: Tue, 05 Nov 2024 17:02:29 GMT
date: Tue, 05 Nov 2024 05:02:29 GMT
content-type: text/css
last-modified: Tue, 05 Nov 2024 03:33:18 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 css.css
tur.hdfcbk.xyz/static/css/ 18 KB
1 KB 207ms
206ms Stylesheet
text/css 103.136.68.163
ASNET

General

Check archive.org

Show headers Download Go to

Full URL

https://tur.hdfcbk.xyz/static/css/css.css

Requested by

Host: tur.hdfcbk.xyz
URL: https://tur.hdfcbk.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.136.68.163 , Bangladesh, ASN26383 (ASNET, US),

Reverse DNS

41-bullet.crusaderwearables.com

Software

nginx /

Resource Hash

2fa5af97002250d91d625f0d590cad78c87d340d383050580138f6837b35e014

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tur.hdfcbk.xyz/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"672991fe-4865"
expires: Tue, 05 Nov 2024 17:02:29 GMT
date: Tue, 05 Nov 2024 05:02:29 GMT
content-type: text/css
last-modified: Tue, 05 Nov 2024 03:33:18 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 dO2S6pijNB1LbPSHGSPiMRdaTszmJ1RBHIV8lYt2cYYqqqPZS7pTpKXH8iL9lZCEyBNVNA7TB-XNrWzZF3mp7zznjezwBwGi6e5b=s0.png
tur.hdfcbk.xyz/static/picture/ 45 KB
45 KB 210ms
209ms Image
image/png 103.136.68.163
ASNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tur.hdfcbk.xyz/static/picture/dO2S6pijNB1LbPSHGSPiMRdaTszmJ1RBHIV8lYt2cYYqqqPZS7pTpKXH8iL9lZCEyBNVNA7TB-XNrWzZF3mp7zznjezwBwGi6e5b=s0.png

Requested by

Host: tur.hdfcbk.xyz
URL: https://tur.hdfcbk.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.136.68.163 , Bangladesh, ASN26383 (ASNET, US),

Reverse DNS

41-bullet.crusaderwearables.com

Software

nginx /

Resource Hash

94cd6e263833994c99681219d89b31aae54917f7c5ce8322241298550fc73882

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tur.hdfcbk.xyz/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "672991f7-b2c4"
expires: Thu, 05 Dec 2024 05:02:29 GMT
accept-ranges: bytes
content-length: 45764
date: Tue, 05 Nov 2024 05:02:29 GMT
content-type: image/png
last-modified: Tue, 05 Nov 2024 03:33:11 GMT
server: nginx

GET
H2 200 4eUDCnv2O9CUPYXfZoFzY22HkUk3Vo3RGNtKTp-0J7kH9TGx9DEmF1Yji-V8-lGAWC2GldKUF1keq9ZNw8L3S1HIeyGMb1Nx2g=s0.png
tur.hdfcbk.xyz/static/picture/ 40 KB
40 KB 402ms
400ms Image
image/png 103.136.68.163
ASNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tur.hdfcbk.xyz/static/picture/4eUDCnv2O9CUPYXfZoFzY22HkUk3Vo3RGNtKTp-0J7kH9TGx9DEmF1Yji-V8-lGAWC2GldKUF1keq9ZNw8L3S1HIeyGMb1Nx2g=s0.png

Requested by

Host: tur.hdfcbk.xyz
URL: https://tur.hdfcbk.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.136.68.163 , Bangladesh, ASN26383 (ASNET, US),

Reverse DNS

41-bullet.crusaderwearables.com

Software

nginx /

Resource Hash

234a69e05bdf05d2e0131774376a855bba0eb0aca030e4976b57b94538453734

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tur.hdfcbk.xyz/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "672991f7-9e2c"
expires: Thu, 05 Dec 2024 05:02:29 GMT
accept-ranges: bytes
content-length: 40492
date: Tue, 05 Nov 2024 05:02:29 GMT
content-type: image/png
last-modified: Tue, 05 Nov 2024 03:33:11 GMT
server: nginx

GET
H2 200 55DcP6oUFaIBBDuhuwBYk110R24y6_svt3_1zzqnP6ShmlbDkwFWip-RF_QixgaOCHqF8zpajFyssBoSU0yhW0BsrLpE5qkpJA=s0.png
tur.hdfcbk.xyz/static/picture/ 14 KB
15 KB 212ms
209ms Image
image/png 103.136.68.163
ASNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tur.hdfcbk.xyz/static/picture/55DcP6oUFaIBBDuhuwBYk110R24y6_svt3_1zzqnP6ShmlbDkwFWip-RF_QixgaOCHqF8zpajFyssBoSU0yhW0BsrLpE5qkpJA=s0.png

Requested by

Host: tur.hdfcbk.xyz
URL: https://tur.hdfcbk.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.136.68.163 , Bangladesh, ASN26383 (ASNET, US),

Reverse DNS

41-bullet.crusaderwearables.com

Software

nginx /

Resource Hash

f4ca4b17e5456d717c29ad5eced7331e739a5a4bca5618a5bba6f9e3e6f59c4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tur.hdfcbk.xyz/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "672991f8-3988"
expires: Thu, 05 Dec 2024 05:02:29 GMT
accept-ranges: bytes
content-length: 14728
date: Tue, 05 Nov 2024 05:02:29 GMT
content-type: image/png
last-modified: Tue, 05 Nov 2024 03:33:12 GMT
server: nginx

GET
H2 200 NwUYGaVcMhVPl55qEEh0_H2FAW5NqhNfDVNgIavv1W9JmpqoXr0auTXufBj9yhQEnfl97XqIXDyyTH3ro03YajdxDyHJIIIfNDHp=s0.png
tur.hdfcbk.xyz/static/picture/ 16 KB
16 KB 375ms
372ms Image
image/png 103.136.68.163
ASNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tur.hdfcbk.xyz/static/picture/NwUYGaVcMhVPl55qEEh0_H2FAW5NqhNfDVNgIavv1W9JmpqoXr0auTXufBj9yhQEnfl97XqIXDyyTH3ro03YajdxDyHJIIIfNDHp=s0.png

Requested by

Host: tur.hdfcbk.xyz
URL: https://tur.hdfcbk.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.136.68.163 , Bangladesh, ASN26383 (ASNET, US),

Reverse DNS

41-bullet.crusaderwearables.com

Software

nginx /

Resource Hash

aa09814a9132f5a5b2483d3a9536a16ce7e3cad6523d3f33329092e769bfa08c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tur.hdfcbk.xyz/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "672991f8-4024"
expires: Thu, 05 Dec 2024 05:02:29 GMT
accept-ranges: bytes
content-length: 16420
date: Tue, 05 Nov 2024 05:02:29 GMT
content-type: image/png
last-modified: Tue, 05 Nov 2024 03:33:12 GMT
server: nginx

GET
H2 200 yvxAfcyj2uWxQqUqtABhFor7Q1dCDH4qryOBQaMPnPzBJ42Ohd1nGisrbSl2BcUNBBp9xmX0zp-vmmwOx6ijOQ0nx6Zb7PBsV-g=s0.png
tur.hdfcbk.xyz/static/picture/ 16 KB
16 KB 378ms
376ms Image
image/png 103.136.68.163
ASNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tur.hdfcbk.xyz/static/picture/yvxAfcyj2uWxQqUqtABhFor7Q1dCDH4qryOBQaMPnPzBJ42Ohd1nGisrbSl2BcUNBBp9xmX0zp-vmmwOx6ijOQ0nx6Zb7PBsV-g=s0.png

Requested by

Host: tur.hdfcbk.xyz
URL: https://tur.hdfcbk.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.136.68.163 , Bangladesh, ASN26383 (ASNET, US),

Reverse DNS

41-bullet.crusaderwearables.com

Software

nginx /

Resource Hash

e004f0a93a26dd825015fdd4e4282372014bf8648e45994d8fd1b94222cab0a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tur.hdfcbk.xyz/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "672991f8-40eb"
expires: Thu, 05 Dec 2024 05:02:29 GMT
accept-ranges: bytes
content-length: 16619
date: Tue, 05 Nov 2024 05:02:29 GMT
content-type: image/png
last-modified: Tue, 05 Nov 2024 03:33:12 GMT
server: nginx

GET
H2 200 _JI2iCFVfynnJl6H6m-QoIG8hYgfU_IjXzPv6JxwKCBfBQ5oV0xEH7BzqYJQZ0vadcMuvDmvfBXgV_7SuQuqwMRjBeHb4TAHeg20=s0.png
tur.hdfcbk.xyz/static/picture/ 16 KB
17 KB 384ms
381ms Image
image/png 103.136.68.163
ASNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tur.hdfcbk.xyz/static/picture/_JI2iCFVfynnJl6H6m-QoIG8hYgfU_IjXzPv6JxwKCBfBQ5oV0xEH7BzqYJQZ0vadcMuvDmvfBXgV_7SuQuqwMRjBeHb4TAHeg20=s0.png

Requested by

Host: tur.hdfcbk.xyz
URL: https://tur.hdfcbk.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.136.68.163 , Bangladesh, ASN26383 (ASNET, US),

Reverse DNS

41-bullet.crusaderwearables.com

Software

nginx /

Resource Hash

a718c4b27d0cb25d70d66aa98be868dddbf23342e7cfd7076993a02e771e1df9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tur.hdfcbk.xyz/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "672991f8-41c3"
expires: Thu, 05 Dec 2024 05:02:29 GMT
accept-ranges: bytes
content-length: 16835
date: Tue, 05 Nov 2024 05:02:29 GMT
content-type: image/png
last-modified: Tue, 05 Nov 2024 03:33:12 GMT
server: nginx

GET
H2 200 yrSS1ZY0NoWoedRtO7O880ZoHhvmoVUjQXm9hjVJApXkNn0l8hkLuIRBr07NcBVsymx18NffLKfWiguOrNrK-4uzwZNxBLpCqQ=s0.png
tur.hdfcbk.xyz/static/picture/ 15 KB
15 KB 389ms
386ms Image
image/png 103.136.68.163
ASNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tur.hdfcbk.xyz/static/picture/yrSS1ZY0NoWoedRtO7O880ZoHhvmoVUjQXm9hjVJApXkNn0l8hkLuIRBr07NcBVsymx18NffLKfWiguOrNrK-4uzwZNxBLpCqQ=s0.png

Requested by

Host: tur.hdfcbk.xyz
URL: https://tur.hdfcbk.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.136.68.163 , Bangladesh, ASN26383 (ASNET, US),

Reverse DNS

41-bullet.crusaderwearables.com

Software

nginx /

Resource Hash

6c3c5552e96ed62ad3146b38d05cb8292e4d0fa21d1bd17e64a30676d5d46b89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tur.hdfcbk.xyz/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "672991f8-3b38"
expires: Thu, 05 Dec 2024 05:02:29 GMT
accept-ranges: bytes
content-length: 15160
date: Tue, 05 Nov 2024 05:02:29 GMT
content-type: image/png
last-modified: Tue, 05 Nov 2024 03:33:12 GMT
server: nginx

GET
H2 200 ou6s1jM-XZRfMcAOU90uMcf0Mz7LHqCodm2QADEpEO-3_xYIoC9TloE1n-YT5RGkMHQ0gDvyqHaRbMrrweceHWmuDc34uuTrCkI=w16.jpg
tur.hdfcbk.xyz/static/picture/ 476 B
682 B 392ms
390ms Image
image/jpeg 103.136.68.163
ASNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tur.hdfcbk.xyz/static/picture/ou6s1jM-XZRfMcAOU90uMcf0Mz7LHqCodm2QADEpEO-3_xYIoC9TloE1n-YT5RGkMHQ0gDvyqHaRbMrrweceHWmuDc34uuTrCkI=w16.jpg

Requested by

Host: tur.hdfcbk.xyz
URL: https://tur.hdfcbk.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.136.68.163 , Bangladesh, ASN26383 (ASNET, US),

Reverse DNS

41-bullet.crusaderwearables.com

Software

nginx /

Resource Hash

ebd8642a6c6b7a02491a97669f3ece52d090ad20972a3d33709955cb5ea22524

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tur.hdfcbk.xyz/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "672991f9-1dc"
expires: Thu, 05 Dec 2024 05:02:29 GMT
accept-ranges: bytes
content-length: 476
date: Tue, 05 Nov 2024 05:02:29 GMT
content-type: image/jpeg
last-modified: Tue, 05 Nov 2024 03:33:13 GMT
server: nginx

GET
H2 200 O3_22OnYmp4L-vPVOrKF9kMEAT8S01fJCnCSWCaRJsv-pfxv68whuRR-M7BM70P6CbpBsb_MgCZ1cktXjTjs40chbJuUFx8zW3Y=w16.jpg
tur.hdfcbk.xyz/static/picture/ 455 B
661 B 394ms
391ms Image
image/jpeg 103.136.68.163
ASNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tur.hdfcbk.xyz/static/picture/O3_22OnYmp4L-vPVOrKF9kMEAT8S01fJCnCSWCaRJsv-pfxv68whuRR-M7BM70P6CbpBsb_MgCZ1cktXjTjs40chbJuUFx8zW3Y=w16.jpg

Requested by

Host: tur.hdfcbk.xyz
URL: https://tur.hdfcbk.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.136.68.163 , Bangladesh, ASN26383 (ASNET, US),

Reverse DNS

41-bullet.crusaderwearables.com

Software

nginx /

Resource Hash

715cb56f4563134d253d7fe8336d8b6631a250f45a456116401070a982421164

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tur.hdfcbk.xyz/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "672991f9-1c7"
expires: Thu, 05 Dec 2024 05:02:29 GMT
accept-ranges: bytes
content-length: 455
date: Tue, 05 Nov 2024 05:02:29 GMT
content-type: image/jpeg
last-modified: Tue, 05 Nov 2024 03:33:13 GMT
server: nginx

GET
H2 200 wXSGWaF-zPsn4WaTTDdhe8nWj-ApiZQy6Td82yk7Re_54Car-bQHdTK-HjLy0-n2I9XIA_h-SaQffOdkKB9dKhwMj8qWLowCcHE=w16.jpg
tur.hdfcbk.xyz/static/picture/ 435 B
642 B 411ms
408ms Image
image/jpeg 103.136.68.163
ASNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tur.hdfcbk.xyz/static/picture/wXSGWaF-zPsn4WaTTDdhe8nWj-ApiZQy6Td82yk7Re_54Car-bQHdTK-HjLy0-n2I9XIA_h-SaQffOdkKB9dKhwMj8qWLowCcHE=w16.jpg

Requested by

Host: tur.hdfcbk.xyz
URL: https://tur.hdfcbk.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.136.68.163 , Bangladesh, ASN26383 (ASNET, US),

Reverse DNS

41-bullet.crusaderwearables.com

Software

nginx /

Resource Hash

37b5b0038b5b7904ab7b229eb234cbe6b69a3ea5142b66802dcd2bda28e61741

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tur.hdfcbk.xyz/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "672991f9-1b3"
expires: Thu, 05 Dec 2024 05:02:29 GMT
accept-ranges: bytes
content-length: 435
date: Tue, 05 Nov 2024 05:02:29 GMT
content-type: image/jpeg
last-modified: Tue, 05 Nov 2024 03:33:13 GMT
server: nginx

GET
H2 200 index.php Show response
tur.hdfcbk.xyz/ 21 B
278 B 412ms
409ms Script
text/html 103.136.68.163
ASNET

General

Check archive.org

Show headers Download Go to

Full URL

https://tur.hdfcbk.xyz/index.php?c=api&a=hits&id=41

Requested by

Host: tur.hdfcbk.xyz
URL: https://tur.hdfcbk.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.136.68.163 , Bangladesh, ASN26383 (ASNET, US),

Reverse DNS

41-bullet.crusaderwearables.com

Software

nginx / XIAOCMS 20140525

Resource Hash

981e4d87d83f2c67f1f0a0c86a41e9321054c23974724a1890519f4e56735e13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tur.hdfcbk.xyz/

Response headers

strict-transport-security: max-age=31536000
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
pragma: no-cache
expires: Thu, 19 Nov 1981 08:52:00 GMT
date: Tue, 05 Nov 2024 05:02:29 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
server: nginx
x-powered-by: XIAOCMS 20140525

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 183ms
49ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tur.hdfcbk.xyz
URL: https://tur.hdfcbk.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-U7tabvsa' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tur.hdfcbk.xyz/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 05:02:29 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-U7tabvsa' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=23, mss=1232, tbw=4426, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: TSdINbxdQF61FrVsDfFGjVZggvO9/zbJp1mmtDu098b7ocjVCAEx066iAB/VJWhuh7eg177zFDefjXxe9b9xsQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62086
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 css.css
tur.hdfcbk.xyz/static/css/ 18 KB
0 1ms
1ms Stylesheet
text/css 103.136.68.163
ASNET

General

Check archive.org

Show headers Download Go to

Full URL: https://tur.hdfcbk.xyz/static/css/css.css
Requested by: Host: tur.hdfcbk.xyz
URL: https://tur.hdfcbk.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.136.68.163 , Bangladesh, ASN26383 (ASNET, US),
Reverse DNS: 41-bullet.crusaderwearables.com
Software: nginx /
Resource Hash: 2fa5af97002250d91d625f0d590cad78c87d340d383050580138f6837b35e014

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=43200
content-encoding: gzip
etag: W/"672991fe-4865"
expires: Tue, 05 Nov 2024 17:02:29 GMT
date: Tue, 05 Nov 2024 05:02:29 GMT
content-type: text/css
last-modified: Tue, 05 Nov 2024 03:33:18 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 center.js Show response
js.center.io/ 12 KB
5 KB 252ms
55ms Script
application/javascript 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: tur.hdfcbk.xyz
URL: https://tur.hdfcbk.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tur.hdfcbk.xyz/

Response headers

cache-control: public, max-age=300
content-encoding: gzip
etag: "OMWYXg"
age: 156
expires: Tue, 05 Nov 2024 05:04:53 GMT
content-length: 5417
date: Tue, 05 Nov 2024 04:59:53 GMT
x-cloud-trace-context: 778593e884f11787aac086ee922b0a36
content-type: application/javascript
server: Google Frontend

GET
H2 200 xUvQeY0VleA
www.youtube.com/embed/ Frame 6C35 0
0 260ms
131ms Document
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/xUvQeY0VleA

Requested by

Host: tur.hdfcbk.xyz
URL: https://tur.hdfcbk.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tur.hdfcbk.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Nov 2024 05:02:29 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET

/
mengyili148.lpages.co/chacha2801/undefined/
Redirect Chain

https://mengyili148.lpages.co/chacha2801/undefined
https://mengyili148.lpages.co/chacha2801/undefined/

0
0

GET
H2 200 1Ptug8zYS_SKggPNyCMIT5lu.woff2
tur.hdfcbk.xyz/static/font/ 30 KB
30 KB 279ms
267ms Font
font/woff2 103.136.68.163
ASNET

General

Check archive.org

Show headers Download Go to

Full URL

https://tur.hdfcbk.xyz/static/font/1Ptug8zYS_SKggPNyCMIT5lu.woff2

Requested by

Host: tur.hdfcbk.xyz
URL: https://tur.hdfcbk.xyz/static/css/css.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.136.68.163 , Bangladesh, ASN26383 (ASNET, US),

Reverse DNS

41-bullet.crusaderwearables.com

Software

nginx /

Resource Hash

2f0dc96a0b24cc9af003b43bc4f477639fced863f4f967dd2b5e451f621cd09d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://tur.hdfcbk.xyz
Referer: https://tur.hdfcbk.xyz/static/css/css.css

Response headers

strict-transport-security: max-age=31536000
etag: "672991fb-788c"
accept-ranges: bytes
content-length: 30860
date: Tue, 05 Nov 2024 05:02:29 GMT
content-type: font/woff2
last-modified: Tue, 05 Nov 2024 03:33:15 GMT
server: nginx

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
tur.hdfcbk.xyz/static/font/ 18 KB
18 KB 314ms
302ms Font
font/woff2 103.136.68.163
ASNET

General

Check archive.org

Show headers Download Go to

Full URL

https://tur.hdfcbk.xyz/static/font/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: tur.hdfcbk.xyz
URL: https://tur.hdfcbk.xyz/static/css/css.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.136.68.163 , Bangladesh, ASN26383 (ASNET, US),

Reverse DNS

41-bullet.crusaderwearables.com

Software

nginx /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://tur.hdfcbk.xyz
Referer: https://tur.hdfcbk.xyz/static/css/css.css

Response headers

strict-transport-security: max-age=31536000
etag: "672991fb-4868"
accept-ranges: bytes
content-length: 18536
date: Tue, 05 Nov 2024 05:02:29 GMT
content-type: font/woff2
last-modified: Tue, 05 Nov 2024 03:33:15 GMT
server: nginx

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
tur.hdfcbk.xyz/static/font/ 47 KB
47 KB 315ms
304ms Font
font/woff2 103.136.68.163
ASNET

General

Check archive.org

Show headers Download Go to

Full URL

https://tur.hdfcbk.xyz/static/font/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: tur.hdfcbk.xyz
URL: https://tur.hdfcbk.xyz/static/css/css.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.136.68.163 , Bangladesh, ASN26383 (ASNET, US),

Reverse DNS

41-bullet.crusaderwearables.com

Software

nginx /

Resource Hash

47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://tur.hdfcbk.xyz
Referer: https://tur.hdfcbk.xyz/static/css/css.css

Response headers

strict-transport-security: max-age=31536000
etag: "672991fb-bcd0"
accept-ranges: bytes
content-length: 48336
date: Tue, 05 Nov 2024 05:02:29 GMT
content-type: font/woff2
last-modified: Tue, 05 Nov 2024 03:33:15 GMT
server: nginx

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
tur.hdfcbk.xyz/static/font/ 12 KB
12 KB 319ms
308ms Font
font/woff2 103.136.68.163
ASNET

General

Check archive.org

Show headers Download Go to

Full URL

https://tur.hdfcbk.xyz/static/font/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: tur.hdfcbk.xyz
URL: https://tur.hdfcbk.xyz/static/css/css.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.136.68.163 , Bangladesh, ASN26383 (ASNET, US),

Reverse DNS

41-bullet.crusaderwearables.com

Software

nginx /

Resource Hash

685dd0a4dbede9c486deb28acfbd6a2337f8d796445757029b828c7221e4ced1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://tur.hdfcbk.xyz
Referer: https://tur.hdfcbk.xyz/static/css/css.css

Response headers

strict-transport-security: max-age=31536000
etag: "672991fb-30a8"
accept-ranges: bytes
content-length: 12456
date: Tue, 05 Nov 2024 05:02:29 GMT
content-type: font/woff2
last-modified: Tue, 05 Nov 2024 03:33:15 GMT
server: nginx

GET
H3 200 1258877685139275 Show response
connect.facebook.net/signals/config/ 67 KB
13 KB 141ms
141ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1258877685139275?v=2.9.176&r=stable&domain=tur.hdfcbk.xyz&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

11c837d3aea2ae2135693345febfb21c15d295f4d98e959e6de8b66a0beb915e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-M7hHIaYL' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tur.hdfcbk.xyz/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 05:02:29 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-M7hHIaYL' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=70, mss=1232, tbw=70250, tp=65, tpl=0, uplat=101, ullat=0
pragma: public
x-fb-debug: sLp1B1RnQbACQWvsPDktH3O/FYa/IcD6hrEqYTIZnFaJ6BnGAO+LKG+Roiu58z3pNa1+Wf83FxWFyFsRIkfGxA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 identify.html
js.center.io/ Frame 2329 0
0 190ms
49ms Document
text/html 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/identify.html
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Referer: https://tur.hdfcbk.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 102
cache-control: public, max-age=300
content-encoding: gzip
content-length: 2016
content-type: text/html
date: Tue, 05 Nov 2024 05:00:47 GMT
etag: "OMWYXg"
expires: Tue, 05 Nov 2024 05:05:47 GMT
server: Google Frontend
x-cloud-trace-context: 869b45722d92b365296c92932724a6c3

GET
H3 200 1049410563561307 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 100ms
100ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1049410563561307?v=2.9.176&r=stable&domain=tur.hdfcbk.xyz&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

f8f3d0c1bb75cf5ecdf3f0bfbd21cc1dfb2087daae976a3869f53d794ed5cbac

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-9Wnzyvxt' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tur.hdfcbk.xyz/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 05:02:29 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-9Wnzyvxt' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=82, mss=1232, tbw=84634, tp=80, tpl=0, uplat=59, ullat=0
pragma: public
x-fb-debug: n3/Gt/MS1b9bxpWuKq4dxm90Zx352mxfk9fcFJtgtaB83A5gQ/SW/FO2QcVl4bzgB/NX53RW9t6aFcYJsvEXOg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 1103791274709711 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 116ms
115ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1103791274709711?v=2.9.176&r=stable&domain=tur.hdfcbk.xyz&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

3339b7c3f79a075d1a5222ba196f79004b39840ebb3973a4d3152c5b6c657e7e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-CcdeKNXd' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tur.hdfcbk.xyz/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 05:02:30 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-CcdeKNXd' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=85, mss=1232, tbw=88506, tp=86, tpl=0, uplat=71, ullat=0
pragma: public
x-fb-debug: SRskJr2IptBuutMqs7EA5UlV7rreoV5+6PXQm7P2Zw+Zi083g17VH/pOvxi2Eh73toLcx7aXJt9wn5nyekpuhw==
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-CcdeKNXd' 'report-sample' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/events/ 35 B
674 B 517ms
152ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=A7h3rcXrQhgygxLrtQbCZj&v=&e=&st=&lc=de-DE&pid=N4hXYZS3oCJJopQezfhkK4-default-prop&uid=XLucmyNrfJpZmvQSfUYxQ4&sid=gBKKDQ6SxCv3Ke3VNMdtgu&cid=lp-A7h3rcXrQhgygxLrtQbCZj&uri=https%3A%2F%2Ftur.hdfcbk.xyz%2F&rf=&rx=1600&ry=1200&tz=%2B01%3A00
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tur.hdfcbk.xyz/

Response headers

Transfer-Encoding: chunked
access-control-max-age: 600
x-request-id: 02klo4f2scr7j95g12q0
access-control-expose-headers: LP-Security-Token
X-Forwarded-For: 80.255.7.106
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-origin: https://tur.hdfcbk.xyz
Date: Tue, 05 Nov 2024 05:02:30 GMT
Content-Type: image/gif
Server: Stargate

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 188ms
54ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1258877685139275&ev=PageView&dl=https%3A%2F%2Ftur.hdfcbk.xyz%2F&rl=&if=false&ts=1730782950180&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730782950177.727364654819701140&ler=empty&cdl=API_unavailable&it=1730782949719&coo=false&rqm=GET

Requested by

Host: tur.hdfcbk.xyz
URL: https://tur.hdfcbk.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tur.hdfcbk.xyz/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2967, tp=-1, tpl=-1, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 05 Nov 2024 05:02:30 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 369ms
236ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1258877685139275&ev=PageView&dl=https%3A%2F%2Ftur.hdfcbk.xyz%2F&rl=&if=false&ts=1730782950180&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730782950177.727364654819701140&ler=empty&cdl=API_unavailable&it=1730782949719&coo=false&rqm=FGET

Requested by

Host: tur.hdfcbk.xyz
URL: https://tur.hdfcbk.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src 'report-sample' .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tur.hdfcbk.xyz/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7433656168075093815"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 05:02:30 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: M+CCZaIC7cRoNrufcEp3XPP5EHd1Qlv2jaLG+rLnhIYPiE+lH6/EanDZ1uFAMg8upPXjC78BkisHCn7vWDQ/yg==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7433656168075093815", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=3349, tp=-1, tpl=-1, uplat=175, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 186ms
52ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1049410563561307&ev=PageView&dl=https%3A%2F%2Ftur.hdfcbk.xyz%2F&rl=&if=false&ts=1730782950182&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730782950177.727364654819701140&ler=empty&cdl=API_unavailable&it=1730782949719&coo=false&rqm=GET

Requested by

Host: tur.hdfcbk.xyz
URL: https://tur.hdfcbk.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tur.hdfcbk.xyz/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2967, tp=-1, tpl=-1, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 05 Nov 2024 05:02:30 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 472ms
339ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1049410563561307&ev=PageView&dl=https%3A%2F%2Ftur.hdfcbk.xyz%2F&rl=&if=false&ts=1730782950182&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730782950177.727364654819701140&ler=empty&cdl=API_unavailable&it=1730782949719&coo=false&rqm=FGET

Requested by

Host: tur.hdfcbk.xyz
URL: https://tur.hdfcbk.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src 'report-sample' .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tur.hdfcbk.xyz/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7433656167929890600"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 05:02:30 GMT
content-type: image/png
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7433656167929890600", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-debug: 0ZYJI6nvnaAB2+AvFNBzBU2Updh7+aD0gcy0rvHXkHeByAZEY5Mx69roIzZ623HKSt3wqqtVvehBFoG7PIElrQ==
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=46, rtx=0, c=10, mss=1297, tbw=7923, tp=-1, tpl=-1, uplat=285, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 187ms
54ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1103791274709711&ev=PageView&dl=https%3A%2F%2Ftur.hdfcbk.xyz%2F&rl=&if=false&ts=1730782950183&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730782950177.727364654819701140&ler=empty&cdl=API_unavailable&it=1730782949719&coo=false&rqm=GET

Requested by

Host: tur.hdfcbk.xyz
URL: https://tur.hdfcbk.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tur.hdfcbk.xyz/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2967, tp=-1, tpl=-1, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 05 Nov 2024 05:02:30 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
854 B 471ms
338ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1103791274709711&ev=PageView&dl=https%3A%2F%2Ftur.hdfcbk.xyz%2F&rl=&if=false&ts=1730782950183&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730782950177.727364654819701140&ler=empty&cdl=API_unavailable&it=1730782949719&coo=false&rqm=FGET

Requested by

Host: tur.hdfcbk.xyz
URL: https://tur.hdfcbk.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src 'report-sample' .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tur.hdfcbk.xyz/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7433656168388825165"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 05:02:30 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: klImLnhNyxBkB+Chur4k5NNZmB+BcXA+OVIoJ9PSNKvgFgDS3MTvlMxNDEfMtJcqoADS1G4vOz6TFhwDOGYLHA==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7433656168388825165", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=46, rtx=0, c=10, mss=1297, tbw=7047, tp=-1, tpl=-1, uplat=283, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 404 favicon.ico
tur.hdfcbk.xyz/ 548 B
611 B 202ms
202ms Other
text/html 103.136.68.163
ASNET

General

Check archive.org

Show headers Download Go to

Full URL: https://tur.hdfcbk.xyz/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.136.68.163 , Bangladesh, ASN26383 (ASNET, US),
Reverse DNS: 41-bullet.crusaderwearables.com
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tur.hdfcbk.xyz/

Response headers

content-length: 548
date: Tue, 05 Nov 2024 05:02:30 GMT
content-type: text/html
server: nginx

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
436 B 147ms
146ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=BASXSwXZnSwRDXKnt5Jyii&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=287,303.20000076293945,1,520.3999996185303
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tur.hdfcbk.xyz/

Response headers

Transfer-Encoding: chunked
access-control-max-age: 600
x-request-id: 02klo5fhmil799hgfo50
access-control-expose-headers: LP-Security-Token
X-Forwarded-For: 80.255.7.106
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-origin: https://tur.hdfcbk.xyz
Date: Tue, 05 Nov 2024 05:02:34 GMT
Content-Type: image/gif
Server: Stargate

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mengyili148.lpages.co
URL: https://mengyili148.lpages.co/chacha2801/undefined/

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.api.leadpages.io/analytics/v1/events/capture	1970-01-21 00:47:49	Name: view.N4hXYZS3oCJJopQezfhkK4-default-prop.A7h3rcXrQhgygxLrtQbCZj Value: 1730782951000
tur.hdfcbk.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: 4v0916uadc9399q8f4sl4jcjlm
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: _ECU3ESJWAo
.youtube.com/	1970-01-21 05:05:34	Name: VISITOR_INFO1_LIVE Value: K03aWDck9rU
.youtube.com/	1970-01-21 05:05:34	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgPQ%3D%3D
.hdfcbk.xyz/	1970-01-21 02:55:58	Name: _fbp Value: fb.1.1730782950177.727364654819701140

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://tur.hdfcbk.xyz/(Line 59) Message: Unrecognized feature: 'web-share'.
network	error	URL: https://tur.hdfcbk.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.leadpages.io
connect.facebook.net
js.center.io
mengyili148.lpages.co
tur.hdfcbk.xyz
www.facebook.com
www.youtube.com
mengyili148.lpages.co
103.136.68.163
157.240.0.6
2001:4860:4802:34::15
2a00:1450:4001:830::200e
2a03:2880:f176:181:face:b00c:0:25de
35.192.151.63
11c837d3aea2ae2135693345febfb21c15d295f4d98e959e6de8b66a0beb915e
234a69e05bdf05d2e0131774376a855bba0eb0aca030e4976b57b94538453734
2f0dc96a0b24cc9af003b43bc4f477639fced863f4f967dd2b5e451f621cd09d
2fa5af97002250d91d625f0d590cad78c87d340d383050580138f6837b35e014
3339b7c3f79a075d1a5222ba196f79004b39840ebb3973a4d3152c5b6c657e7e
37b5b0038b5b7904ab7b229eb234cbe6b69a3ea5142b66802dcd2bda28e61741
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
52e5873b8f6c398db213b77d7971d19be8ec4cd1c6ebe9d658615bf9c5bc614a
685dd0a4dbede9c486deb28acfbd6a2337f8d796445757029b828c7221e4ced1
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c3c5552e96ed62ad3146b38d05cb8292e4d0fa21d1bd17e64a30676d5d46b89
715cb56f4563134d253d7fe8336d8b6631a250f45a456116401070a982421164
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
94cd6e263833994c99681219d89b31aae54917f7c5ce8322241298550fc73882
981e4d87d83f2c67f1f0a0c86a41e9321054c23974724a1890519f4e56735e13
a718c4b27d0cb25d70d66aa98be868dddbf23342e7cfd7076993a02e771e1df9
aa09814a9132f5a5b2483d3a9536a16ce7e3cad6523d3f33329092e769bfa08c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
cd34ae43b00d25aefd275389137034737a354c4d5589e87a7327fc289ba67d8a
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
e004f0a93a26dd825015fdd4e4282372014bf8648e45994d8fd1b94222cab0a1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebd8642a6c6b7a02491a97669f3ece52d090ad20972a3d33709955cb5ea22524
f4ca4b17e5456d717c29ad5eced7331e739a5a4bca5618a5bba6f9e3e6f59c4a
f8f3d0c1bb75cf5ecdf3f0bfbd21cc1dfb2087daae976a3869f53d794ed5cbac

tur.hdfcbk.xyz Open in urlscan Pro 103.136.68.163 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

36 Requests

97 %HTTPS

50 %IPv6

7 Domains

7 Subdomains

7 IPs

3 Countries

424 kBTransfer

917 kBSize

6 Cookies

0 Outgoing links

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tur.hdfcbk.xyz Open in urlscan Pro
103.136.68.163 Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

97 %
HTTPS

50 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

424 kB
Transfer

917 kB
Size

6
Cookies

36 HTTP transactions
0 data transactions